Aller au contenu

KiS 2

Membres
  • Compteur de contenus

    3
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Français

KiS 2's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Bonjours, et désolé d'avoir mis du temps a répondre. Bref.. la description du processus responsable (svchost.exe) est : Generic Host Process for win32 services en appuyant sur le (+) il apparait le wuauclt... puis disparait En arrêtant ce svchost, le thème Windows devient classique (genre Windows 98)
  2. Merci pour votre réponse rapide et claire En procédant exactement comme vous dite Anti-malware a détecté 2 objets inféctés... éliminé avec succes Voici le repport de ZHPFix : Rapport de ZHPFix 1.12.3377 par Nicolas Coolman, Update du 26/12/2011 Fichier d'export Registre : Run by saidani at 07/01/2012 11:04:04 Windows XP Professional Service Pack 3 (Build 2600) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\Elwofdd SUPPRIME Key: HKCU\Software\LdShih SUPPRIME Key: HKCU\Software\PopCap SUPPRIME Key: StartupReg: SpybotDeletingA1878 SUPPRIME Key: StartupReg: SpybotDeletingA4088 SUPPRIME Key: StartupReg: SpybotDeletingA6025 SUPPRIME Key: StartupReg: SpybotDeletingA8064 SUPPRIME Key: StartupReg: SpybotDeletingB1652 SUPPRIME Key: StartupReg: SpybotDeletingB7198 SUPPRIME Key: StartupReg: SpybotDeletingB8770 SUPPRIME Key: StartupReg: SpybotDeletingB9244 ========== Valeur(s) du Registre ========== ABSENT Valeur Standard Profile: FirewallRaz : Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ========== Elément(s) de donnée du Registre ========== REMPLACE Value AntiVirusOverride : Good (0) - Bad (1) REMPLACE Value AntiVirusDisableNotify : Good (0) - Bad (1) REMPLACE Value FirewallDisableNotify : Good (0) - Bad (1) REMPLACE Value FirewallOverride : Good (0) - Bad (1) REMPLACE Value UpdatesDisableNotify : Good (0) - Bad (1) REMPLACE Value UacDisableNotify : Good (0) - Bad (1) ========== Dossier(s) ========== SUPPRIME Flash Cookies: 1 SUPPRIME Temporaires Windows: : 72 ========== Fichier(s) ========== ABSENT File: d:\program files\mywebsearch\bar\1.bin\f3wallpp.dat ABSENT File: d:\program files\mywebsearch\bar\1.bin\m3plugin.dll ABSENT File: d:\program files\mywebsearch\bar\1.bin\m3medint.exe ABSENT File: d:\program files\mywebsearch\bar\1.bin\m3highin.exe SUPPRIME Flash Cookies: 0 SUPPRIME Temporaires Windows: : 16 ========== Récapitulatif ========== 11 : Clé(s) du Registre 2 : Valeur(s) du Registre 6 : Elément(s) de donnée du Registre 2 : Dossier(s) 6 : Fichier(s) End of clean in 01mn 39s ========== Chemin de fichier rapport ========== D:\ZHP\ZHPFix[R1].txt - 07/01/2012 11:04:04 [2085] ................................................... Seul souci : en lançant un programme la machine devien lente et le processus svchost.exe tourne a 100%
  3. Bonjours, j'ai fais analysé mon PC avec ZHP diag.. mais je ne sais pas comment proceder par la suite merci d'analyser mon log et m'indiquer quoi faire ------------------------------------------------------------------------------------------------------------------- Rapport de ZHPDiag v1.28.307 par Nicolas Coolman, Update du 06/01/2012 Run by saidani at 06/01/2012 16:33:38 Web site : ZHPDiag Outil de diagnostic Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 9.0.1 v9.0.1 GCIE: Google Chrome v16.0.912.63 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 502 MB (18% free) System Restore: Activé (Enable) System drive D: has 29 GB (66%) free of 44 GB ---\\ Logged in mode ~ Computer Name: HP ~ User Name: saidani ~ All Users Names: SUPPORT_388945a0, saidani, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : D:\ ~ %AppData% : D:\Documents and Settings\saidani\Application Data\ ~ %Desktop% : D:\Documents and Settings\saidani\Bureau\ ~ %Favorites% : D:\Documents and Settings\saidani\Favoris\ ~ %LocalAppData% : D:\Documents and Settings\saidani\Local Settings\Application Data\ ~ %StartMenu% : D:\Documents and Settings\saidani\Menu Démarrer\ ~ %Windir% : D:\WINDOWS\ ~ %System% : D:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 29 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 29 Go of 44 Go) E:\ CD-ROM drive (Not Inserted) G:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 20 Go) I:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.06/01/2012 - 19:34:04.) -- D:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) (.06/01/2012 - 19:34:22.) -- D:\WINDOWS\system32\rundll32.exe [33792] [MD5.B0DF02C2326381D64149F3EEFAE5E09D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/01/2012 - 20:13:29.) -- D:\WINDOWS\system32\wininet.dll [916992] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.06/01/2012 - 19:34:30.) -- D:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.06/01/2012 - 14:49:54.) -- D:\WINDOWS\system32\drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.06/01/2012 - 11:40:32.) -- D:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.06/01/2012 - 12:14:22.) -- D:\WINDOWS\system32\drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.06/01/2012 - 11:40:48.) -- D:\WINDOWS\system32\drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.06/01/2012 - 18:57:40.) -- D:\WINDOWS\system32\drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.06/01/2012 - 09:36:06.) -- D:\WINDOWS\system32\drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.06/01/2012 - 19:00:54.) -- D:\WINDOWS\system32\drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.06/01/2012 - 11:41:00.) -- D:\WINDOWS\system32\drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.06/01/2012 - 11:57:16.) -- D:\WINDOWS\system32\drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.06/01/2012 - 12:19:44.) -- D:\WINDOWS\system32\drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.06/01/2012 - 14:29:31.) -- D:\WINDOWS\system32\drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.06/01/2012 - 12:21:02.) -- D:\WINDOWS\system32\drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.06/01/2012 - 12:15:54.) -- D:\WINDOWS\system32\drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.06/01/2012 - 19:09:42.) -- D:\WINDOWS\system32\drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.06/01/2012 - 12:19:44.) -- D:\WINDOWS\system32\drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.06/01/2012 - 11:32:52.) -- D:\WINDOWS\system32\drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.06/01/2012 - 18:57:36.) -- D:\WINDOWS\system32\drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/01/2012 - 18:56:06.) -- D:\WINDOWS\system32\drivers\volsnap.sys [53376] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/9 ~ Mes musiques (My Musics) : 6/1707 ~ Mes Videos (My Videos) : 1/6 ~ Mes Favoris (My Favorites) : 2/9 ~ Mes Documents (My Documents) : 24/2184 ~ Mon Bureau (My Desktop) : 2/371 ~ Menu demarrer (Programs) : 6/51 ~ Scan Hidden Files in 00mn 04s ---\\ Processus lancés [MD5.8C9D57338B02D95C0FC7DB428C50A001] - (.Intel® Corporation - Intel® Wireless Management Service.) -- D:\Program Files\Intel\WiFi\bin\S24EvMon.exe [882960] [PID.] [MD5.AA3DC7CBBF0C5D97003D06BAE094370F] - (.Logitech - Logitech LVPrcSrv Module..) -- d:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [81920] [PID.] [MD5.8ED60797908FD394EEE0D6949F493224] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- D:\WINDOWS\system32\agrsmsvc.exe [12800] [PID.] [MD5.C7BB95CF9631AA401E4ADED1648F6AF7] - (.ESET - ESET Service.) -- D:\Program Files\ESET\ESET Smart Security\ekrn.exe [974944] [PID.] [MD5.52859724EDD0EE282522225E056B6EB3] - (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) -- D:\Program Files\Intel\WiFi\bin\EvtEng.exe [866576] [PID.] [MD5.9AA67569D5257462E230767510B0C815] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- D:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- D:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [PID.] [MD5.3B1A7CEA1E230103264405E0FB05532C] - (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) -- D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [481552] [PID.] [MD5.08C33341BED2E3EAA2C77A0B68EF9553] - (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- D:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248] [PID.2980] [MD5.0797714F98400D23E3951E33E709A4CE] - (.Agere Systems - SoftModem Messaging Applet.) -- D:\WINDOWS\AGRSMMSG.exe [88204] [PID.1228] [MD5.E44733C30F7FE6A1CE7A6B1D2B335CFC] - (.Intel Corporation - hkcmd Module.) -- D:\WINDOWS\system32\hkcmd.exe [159744] [PID.2996] [MD5.2022C54B3A79A51C9538CE47D1F50BC3] - (.Intel Corporation - persistence Module.) -- D:\WINDOWS\system32\igfxpers.exe [131072] [PID.3016] [MD5.C3ED032AF1C30F92546A698CC7173605] - (.ESET - ESET GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe [3080264] [PID.3028] [MD5.1D4F13DBB57C5152FC9A5DABBCFC78B4] - (.Intel Corporation - igfxsrvc Module.) -- D:\WINDOWS\system32\igfxsrvc.exe [249856] [PID.3068] [MD5.9315E6E806CFD11268E43524CD27CF8F] - (.Logitech - LVCom Server.) -- D:\WINDOWS\system32\LVCOMSX.EXE [225280] [PID.3072] [MD5.10075895F525648EA00B81AAC71A6099] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Config Servic.) -- D:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1407248] [PID.2744] [MD5.2F815421FDB250426FFD7B3FE1597D52] - (.Intel® Corporation - Intel® PROSet/Wireless Framework.) -- D:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [1210640] [PID.3100] [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe [955392] [PID.3124] [MD5.C171E287A16DD8C57D088BA79FC76A29] - (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe [3462552] [PID.3136] [MD5.11CCA710674739E3DB8F7450A5B650B6] - (.Mozilla Corporation - Firefox.) -- D:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.2488] [MD5.0619C9E7A3682C54BD226A831897CD06] - (.Mozilla Corporation - Plugin Container for Firefox.) -- D:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.2016] [MD5.765F011AADC5DBD2DD82AF284C4A4E45] - (.Nicolas Coolman - Diagnostic Tool.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [2209792] [PID.3868] ~ Scan Processes Running in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [ahcaniaehcjkignnobkmdgacafghkplh] Friendly Gaming Simplifier v.name: Friendly Gaming Simplifier, (Activé) G2 - GCE: Preference [user Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock v.2.5.9 (Activé) ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) D:\Documents and Settings\saidani\Application Data\Mozilla\Firefox\Profiles\qj5e0m0q.default\prefs.js D:\Documents and Settings\saidani\Application Data\Mozilla\Firefox\Profiles\qj5e0m0q.default\user.js M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M3 - MFPP: Plugins - [saidani] -- D:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml M0 - MFSP: prefs.js [saidani - qj5e0m0q.default] Google M2 - MFEP: prefs.js [saidani - qj5e0m0q.default\07n156@gmail(2).com] [] Megaupload Integration v1.1 (.PBreak, 07N156.) P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.06 for Firefox.) -- D:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- D:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- D:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- D:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- D:\WINDOWS\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_30 for Mozilla browsers.) -- D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- D:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- D:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- D:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- D:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19165 (longhorn_ie8_gdr.111021-1715)) -- D:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 02s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- D:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- D:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- D:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- D:\WINDOWS\AGRSMMSG.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- D:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- D:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- D:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech - LVCom Server.) -- D:\WINDOWS\system32\LVCOMSX.exe O4 - HKLM\..\Run: [intelZeroConfig] . (.Intel® Corporation - Intel® PROSet/Wireless Zero Config Servic.) -- D:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe O4 - HKLM\..\Run: [intelWireless] . (.Intel® Corporation - Intel® PROSet/Wireless Framework.) -- D:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe O4 - HKCU\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1708537768-963894560-725345543-1003\..\Run: [superCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-1708537768-963894560-725345543-1003\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-1708537768-963894560-725345543-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- D:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- D:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- D:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- D:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- D:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- D:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- D:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- D:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- D:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- D:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- D:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: D:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- D:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- D:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- D:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- D:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: D:\Documents And Settings\saidani\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- D:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- D:\Program Files\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: Télécharger avec IDM . (...) -- D:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Télécharger tous les liens avec IDM . (...) -- D:\Program Files\Internet Download Manager\IEGetAll.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- D:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (...) -- D:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- D:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- D:\Program Files\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- D:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1319899727062 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1319900881343 O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{C4967D0D-94C4-4FC9-A5B4-16048C9D5990}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{CFE8CB45-56DA-4314-9B78-C79456B13E3C}: NameServer = 41.221.20.4 213.140.2.12 O17 - HKLM\System\CS2\Services\Tcpip\..\{C4967D0D-94C4-4FC9-A5B4-16048C9D5990}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- D:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- D:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\WINDOWS\system32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.dll O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- D:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- D:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- D:\WINDOWS\system32\wiascr.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- D:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- D:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- D:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- D:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- D:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- D:\WINDOWS\system32\igfxdev.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- D:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- D:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- D:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- D:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- D:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- D:\WINDOWS\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - D:\WINDOWS\system32\agrsmsvc.exe O23 - Service: Avira Upgrade Service (AntiVirUpgradeService) . (...) - D:\DOCUME~1\saidani\LOCALS~1\Temp\AVSETUP_4a434603\basic\avupgsvc.exe (.not file.) O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - D:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - D:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - D:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - D:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech - Logitech LVPrcSrv Module..) - D:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - D:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) . (.Intel® Corporation - Intel® Wireless Management Service.) - D:\Program Files\Intel\WiFi\bin\S24EvMon.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - D:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003Core.job O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003UA.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003Core] (.Google Inc..) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1708537768-963894560-725345543-1003UA] (.Google Inc..) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ~ Scan Scheduled Task in 00mn 01s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- D:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media de Microsoft.) -- D:\WINDOWS\inf\unregmp2.exe O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- D:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- D:\WINDOWS\system32\iedkcs32.dll O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- D:\WINDOWS\system32\msjava.dll O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- D:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- D:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- D:\WINDOWS\system32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- D:\WINDOWS\INF\wmp11.inf O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- D:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- d:\WINDOWS\system32\mscories.dll O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r28.) -- D:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - D:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - D:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - D:\WINDOWS\system32\DRIVERS\ehdrv.sys O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - D:\WINDOWS\system32\Drivers\ElbyCDIO.sys O41 - Driver: (epfwtdi) . (.ESET - ESET Personal Firewall TDI filter.) - D:\WINDOWS\system32\DRIVERS\epfwtdi.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - D:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (IDMTDI) . (.Tonec Inc. - Internet Download Manager TDI Driver.) - D:\WINDOWS\system32\DRIVERS\idmtdi.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - D:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - D:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - D:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - D:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - D:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - D:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - D:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - D:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - D:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - D:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - D:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - D:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - D:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - D:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - D:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - D:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - D:\WINDOWS\system32\DRIVERS\wmiacpi.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: Acer OrbiCam Application - (.Acer.) [HKLM] -- {0F79C1B2-36B2-4B62-8221-42721CF54638} O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {BB65C393-C76E-4F06-9B0C-2124AA8AF97B} O42 - Logiciel: Adobe Reader 9.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A91000000001} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: AutoCAD 2008 - Français - (.Autodesk.) [HKLM] -- AutoCAD 2008 - Français O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM] -- {9A346205-EA92-4406-B1AB-50379DA3F057} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler O42 - Logiciel: EASEUS Partition Master 9.1.0 Home Edition - (.EASEUS.) [HKLM] -- EASEUS Partition Master Home Edition_is1 O42 - Logiciel: EPSON SX218 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX218 Series O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner O42 - Logiciel: FormatFactory 2.80 - (.Free Time.) [HKLM] -- FormatFactory O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} O42 - Logiciel: HP Deskjet Printer Driver Software 9.0 - (.HP.) [HKLM] -- {F5936267-D467-4e7b-8940-A7D9F0398EF3} O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP PSC & Officejet 5.3.B Corporate Edition - (.HP.) [HKLM] -- {49FB31C1-26EC-44c6-AB47-73C66E2BC41E} O42 - Logiciel: HP Photosmart Essential 2.01 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Intel PROSet Wireless - (.Pas de propriétaire.) [HKLM] -- ProInst O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI O42 - Logiciel: Intel® Integrated Performance Primitives 6.0 Update 2 for Windows* on Intel® IA-32 architecture - (.Intel Corporation.) [HKLM] -- {F52BAEF4-ED5E-49BC-856C-ABA3BD34DDBB} O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM] -- Internet Download Manager O42 - Logiciel: Java 6 Update 30 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player O42 - Logiciel: Logitech Video Enumerator - (.Logitech Inc..) [HKLM] -- {EA516024-D84D-41F1-814F-83175A6188F2} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 6.0 Parser - (.Microsoft Corporation.) [HKLM] -- {AEB9948B-4FF2-47C9-990E-47014492A0FE} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {1DEBA687-2E7D-4372-8285-F356B3FD1588} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033) O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700} O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Mozilla Firefox 9.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 9.0.1 (x86 fr) O42 - Logiciel: Nero 8 Lite 8.3.2.1 - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1 O42 - Logiciel: Ontrack EasyRecovery Professional - (.Kroll Ontrack Inc..) [HKLM] -- InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce - (.Microsoft Corporation.) [HKLM] -- KB909520 O42 - Logiciel: PhotoFiltre Studio X - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre Studio X O42 - Logiciel: Programme de gestion Acer OrbiCam - (.Pas de propriétaire.) [HKLM] -- AcerOrbiCamDrv O42 - Logiciel: REALTEK GbE & FE Ethernet PCI NIC Driver - (.Realtek.) [HKLM] -- {ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Windows Search 4 - KB963093 - (.Microsoft Corporation.) [HKLM] -- KB963093 O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2 O42 - Logiciel: System Requirements Lab for Intel - (.Husdawg, LLC.) [HKLM] -- {CD41B576-4787-4D5C-95EE-24A4ABD89CD3} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Management Framework Core - (.Microsoft Corporation.) [HKLM] -- KB968930 O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\ApplianTechnologies] [HKCU\Software\Autodesk] [HKCU\Software\Awkanaf] [HKCU\Software\Binary Noise] [HKCU\Software\BitComet] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\DT Soft] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DownloadManager] [HKCU\Software\EASEUS] [HKCU\Software\EPSON] [HKCU\Software\ESET] [HKCU\Software\Elaborate Bytes] [HKCU\Software\Elwofdd] [HKCU\Software\FreeTime] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Headlight] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\JollyBear] [HKCU\Software\LAventure] [HKCU\Software\Lavalys] [HKCU\Software\LdShih] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\Magical Jelly Bean Software] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Nadeo] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\PS2EMU] [HKCU\Software\PS2Eplugin] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PopCap] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Replay Media Catcher] [HKCU\Software\SFX TEAM] [HKCU\Software\SOFTWIN] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SecuROM] [HKCU\Software\Skype] [HKCU\Software\SpinTop] [HKCU\Software\Sysinternals] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR] [HKCU\Software\Winamp] [HKCU\Software\Zylom] [HKCU\Software\Zyrax Software] [HKCU\Software\bntrp] [HKCU\Software\cybelsoft] [HKCU\Software\elSoftware] [HKCU\Software\mmtest] [HKCU\Software\saidani914] [HKCU\Software\wrfke] [HKLM\Software\ACE Compression Software] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Ahead] [HKLM\Software\Autodesk] [HKLM\Software\AviSynth] [HKLM\Software\C07ft5Y] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\EPSON] [HKLM\Software\ESET] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Foreignword] [HKLM\Software\GNU] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\Intel Corporation] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\Logitech] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\Ontrack] [HKLM\Software\PGWARE] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\SOFTWIN] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Schlumberger] [HKLM\Software\Swearware] [HKLM\Software\The Silicon Realms Toolworks] [HKLM\Software\TrendMicro] [HKLM\Software\VideoLAN] [HKLM\Software\WiFi Hopper] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\cybelsoft] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 03/06/2009 - 13:30:14 - [2,951] ----D- D:\Program Files\7-Zip O43 - CFD: 27/12/2002 - 22:08:24 - [5,477] ----D- D:\Program Files\Acer O43 - CFD: 24/05/2009 - 18:13:48 - [227,415] ----D- D:\Program Files\Adobe O43 - CFD: 03/06/2002 - 18:59:32 - [529,252] ----D- D:\Program Files\AutoCAD 2008 O43 - CFD: 03/06/2002 - 18:56:12 - [36,713] ----D- D:\Program Files\Autodesk O43 - CFD: 02/01/2012 - 11:57:04 - [4,160] ----D- D:\Program Files\CCleaner O43 - CFD: 03/06/2008 - 17:24:50 - [0] ----D- D:\Program Files\ComPlus Applications O43 - CFD: 14/12/2011 - 10:56:36 - [4,421] ----D- D:\Program Files\Defraggler O43 - CFD: 01/06/2009 - 21:26:32 - [0,758] ----D- D:\Program Files\DIFX O43 - CFD: 09/12/2011 - 14:20:44 - [0,664] ----D- D:\Program Files\DivX O43 - CFD: 28/10/2011 - 18:08:46 - [36,830] ----D- D:\Program Files\EASEUS O43 - CFD: 28/10/2011 - 18:42:46 - [2,066] ----D- D:\Program Files\Elaborate Bytes O43 - CFD: 20/06/2011 - 21:12:02 - [7,941] ----D- D:\Program Files\epson O43 - CFD: 09/12/2011 - 15:11:52 - [70,541] ----D- D:\Program Files\ESET O43 - CFD: 09/12/2011 - 15:08:16 - [468,358] ----D- D:\Program Files\Fichiers communs O43 - CFD: 02/01/2012 - 23:49:06 - [114,229] ----D- D:\Program Files\FreeTime O43 - CFD: 29/10/2011 - 17:30:34 - [124,695] ----D- D:\Program Files\Google O43 - CFD: 04/12/2011 - 12:41:42 - [155,649] ----D- D:\Program Files\HP O43 - CFD: 02/11/2011 - 11:46:14 - [9,486] --H-D- D:\Program Files\InstallShield Installation Information O43 - CFD: 29/11/2011 - 21:39:06 - [1208,029] ----D- D:\Program Files\Intel O43 - CFD: 04/01/2012 - 09:59:34 - [13,410] ----D- D:\Program Files\Internet Download Manager O43 - CFD: 06/01/2012 - 12:29:46 - [4,570] ----D- D:\Program Files\Internet Explorer O43 - CFD: 16/12/2011 - 15:58:06 - [78,024] ----D- D:\Program Files\Java O43 - CFD: 08/04/2011 - 20:15:30 - [79,707] ----D- D:\Program Files\Kroll Ontrack O43 - CFD: 02/11/2011 - 13:01:54 - [6,211] ----D- D:\Program Files\ma-config.com O43 - CFD: 04/12/2011 - 12:41:20 - [0] ----D- D:\Program Files\MediaCoder O43 - CFD: 02/11/2011 - 17:02:12 - [2,053] ----D- D:\Program Files\Messenger O43 - CFD: 03/11/2011 - 16:44:32 - [0,764] ----D- D:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 03/06/2008 - 17:33:46 - [0] ----D- D:\Program Files\microsoft frontpage O43 - CFD: 27/11/2011 - 17:49:10 - [203,640] ----D- D:\Program Files\Microsoft Office O43 - CFD: 03/11/2011 - 17:01:08 - [36,633] ----D- D:\Program Files\Microsoft Silverlight O43 - CFD: 03/12/2002 - 21:24:36 - [0,014] ----D- D:\Program Files\Microsoft Visual Studio O43 - CFD: 03/11/2011 - 21:38:54 - [4,166] ----D- D:\Program Files\Microsoft Works O43 - CFD: 03/12/2002 - 21:24:22 - [0,125] ----D- D:\Program Files\Microsoft.NET O43 - CFD: 02/11/2011 - 16:46:32 - [9,894] ----D- D:\Program Files\Movie Maker O43 - CFD: 02/01/2012 - 00:47:36 - [39,045] ----D- D:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2011 - 17:18:02 - [0,025] ----D- D:\Program Files\MSBuild O43 - CFD: 23/06/2009 - 14:04:16 - [28,414] ----D- D:\Program Files\MSECache O43 - CFD: 30/07/2009 - 21:50:18 - [18,385] ----D- D:\Program Files\MSN O43 - CFD: 03/06/2008 - 17:24:24 - [8,341] ----D- D:\Program Files\MSN Gaming Zone O43 - CFD: 02/11/2011 - 16:44:48 - [0] ----D- D:\Program Files\MSXML 4.0 O43 - CFD: 27/09/2002 - 16:07:26 - [54,608] ----D- D:\Program Files\Nero O43 - CFD: 17/01/2003 - 14:48:50 - [3,133] ----D- D:\Program Files\NetMeeting O43 - CFD: 03/06/2008 - 17:24:34 - [0,002] ----D- D:\Program Files\Online Services O43 - CFD: 02/11/2011 - 16:47:08 - [4,176] ----D- D:\Program Files\Outlook Express O43 - CFD: 30/07/2009 - 21:50:08 - [0,182] ----D- D:\Program Files\PC Tools AntiVirus O43 - CFD: 03/01/2012 - 13:57:58 - [13,582] ----D- D:\Program Files\PhotoFiltre Studio X O43 - CFD: 02/11/2011 - 11:46:16 - [43,922] ----D- D:\Program Files\Realtek O43 - CFD: 02/11/2011 - 17:17:30 - [34,715] ----D- D:\Program Files\Reference Assemblies O43 - CFD: 03/06/2008 - 17:32:00 - [0,001] ----D- D:\Program Files\Services en ligne O43 - CFD: 04/01/2012 - 11:01:06 - [63,738] ----D- D:\Program Files\Spybot - Search & Destroy O43 - CFD: 28/11/2011 - 19:13:10 - [1,273] ----D- D:\Program Files\SuperCopier2 O43 - CFD: 02/11/2011 - 12:35:38 - [0,758] ----D- D:\Program Files\SystemRequirementsLab O43 - CFD: 02/05/2011 - 19:54:32 - [0,009] ----D- D:\Program Files\Trend Micro O43 - CFD: 30/07/2009 - 21:42:12 - [1,065] ----D- D:\Program Files\UltimateZip O43 - CFD: 03/06/2008 - 17:39:12 - [0] --H-D- D:\Program Files\Uninstall Information O43 - CFD: 03/09/2002 - 15:28:20 - [80,962] ----D- D:\Program Files\VideoLAN O43 - CFD: 03/01/2012 - 12:01:12 - [0,026] ----D- D:\Program Files\VideoReDoTVSuite4 O43 - CFD: 14/12/2011 - 13:23:56 - [0] ----D- D:\Program Files\Windows Desktop Search O43 - CFD: 04/01/2012 - 11:15:14 - [14,588] ----D- D:\Program Files\Windows Live O43 - CFD: 19/05/2009 - 21:36:06 - [0,234] ----D- D:\Program Files\Windows Live SkyDrive O43 - CFD: 03/11/2011 - 16:50:06 - [3,415] ----D- D:\Program Files\Windows Media Connect 2 O43 - CFD: 04/11/2011 - 16:10:38 - [20,903] ----D- D:\Program Files\Windows Media Player O43 - CFD: 17/01/2003 - 14:48:40 - [3,760] ----D- D:\Program Files\Windows NT O43 - CFD: 03/06/2008 - 17:32:06 - [0] --H-D- D:\Program Files\WindowsUpdate O43 - CFD: 03/09/2002 - 15:25:36 - [4,353] ----D- D:\Program Files\WinRAR O43 - CFD: 03/06/2008 - 17:33:46 - [0] ----D- D:\Program Files\xerox O43 - CFD: 06/01/2012 - 16:33:52 - [9,203] ----D- D:\Program Files\ZHPDiag O43 - CFD: 27/12/2002 - 22:08:40 - [31,556] ----D- D:\Program Files\Fichiers Communs\Acer O43 - CFD: 09/06/2009 - 19:32:36 - [4,448] ----D- D:\Program Files\Fichiers Communs\Adobe O43 - CFD: 03/06/2002 - 18:59:36 - [47,054] ----D- D:\Program Files\Fichiers Communs\Autodesk Shared O43 - CFD: 03/12/2002 - 21:24:54 - [0,189] ----D- D:\Program Files\Fichiers Communs\Designer O43 - CFD: 21/05/2009 - 23:02:24 - [1,352] ----D- D:\Program Files\Fichiers Communs\DFX O43 - CFD: 05/03/2003 - 20:31:56 - [0,013] ----D- D:\Program Files\Fichiers Communs\DirectX O43 - CFD: 17/06/2011 - 15:13:06 - [0,263] ----D- D:\Program Files\Fichiers Communs\EPSON O43 - CFD: 04/02/2003 - 21:45:24 - [0,436] ----D- D:\Program Files\Fichiers Communs\Hewlett-Packard O43 - CFD: 12/03/2011 - 11:35:26 - [4,768] ----D- D:\Program Files\Fichiers Communs\HP O43 - CFD: 03/06/2002 - 18:56:32 - [10,227] ----D- D:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 29/11/2011 - 21:39:06 - [9,524] ----D- D:\Program Files\Fichiers Communs\Intel O43 - CFD: 02/11/2011 - 11:45:42 - [1,201] ----D- D:\Program Files\Fichiers Communs\Java O43 - CFD: 05/11/2011 - 12:57:08 - [6,995] ----D- D:\Program Files\Fichiers Communs\Logitech O43 - CFD: 03/11/2010 - 22:50:10 - [0,622] ----D- D:\Program Files\Fichiers Communs\Macrovision Shared O43 - CFD: 22/11/2011 - 14:39:34 - [293,473] ----D- D:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 03/06/2008 - 17:26:18 - [0,271] ----D- D:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 27/09/2002 - 16:07:12 - [39,057] ----D- D:\Program Files\Fichiers Communs\Nero O43 - CFD: 03/06/2002 - 19:01:04 - [0] ----D- D:\Program Files\Fichiers Communs\ODBC O43 - CFD: 03/06/2008 - 17:26:22 - [0,008] ----D- D:\Program Files\Fichiers Communs\Services O43 - CFD: 09/12/2002 - 20:59:02 - [0,445] ----D- D:\Program Files\Fichiers Communs\Softwin O43 - CFD: 03/06/2002 - 19:01:00 - [3,612] ----D- D:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 24/05/2009 - 16:36:24 - [0] ----D- D:\Program Files\Fichiers Communs\SWF Studio O43 - CFD: 17/01/2003 - 14:48:34 - [12,845] ----D- D:\Program Files\Fichiers Communs\System O43 - CFD: 19/05/2009 - 21:02:22 - [0] ----D- D:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 27/10/2011 - 09:22:44 - [2,211] ----D- D:\Documents and Settings\saidani\Application Data\Adobe O43 - CFD: 03/06/2008 - 18:00:58 - [0] ----D- D:\Documents and Settings\saidani\Application Data\AdobeUM O43 - CFD: 03/12/2002 - 21:57:38 - [7,768] ----D- D:\Documents and Settings\saidani\Application Data\Autodesk O43 - CFD: 13/06/2011 - 21:45:28 - [0,001] ----D- D:\Documents and Settings\saidani\Application Data\BatteryBar O43 - CFD: 04/12/2011 - 12:41:14 - [0] ----D- D:\Documents and Settings\saidani\Application Data\Broad Intelligence O43 - CFD: 21/10/2011 - 11:16:40 - [0] ----D- D:\Documents and Settings\saidani\Application Data\DAEMON Tools Lite O43 - CFD: 01/06/2009 - 22:33:20 - [0,016] ----D- D:\Documents and Settings\saidani\Application Data\DivX O43 - CFD: 06/01/2012 - 16:17:36 - [0,020] ----D- D:\Documents and Settings\saidani\Application Data\DMCache O43 - CFD: 08/12/2009 - 15:36:14 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\dvdcss O43 - CFD: 17/06/2009 - 18:13:16 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\EmailNotifier(2) O43 - CFD: 03/11/2010 - 20:45:20 - [0] ----D- D:\Documents and Settings\saidani\Application Data\ESET O43 - CFD: 31/05/2009 - 17:13:40 - [0] ----D- D:\Documents and Settings\saidani\Application Data\FastStone O43 - CFD: 18/10/2009 - 16:43:56 - [0,014] ----D- D:\Documents and Settings\saidani\Application Data\Flood Light Games O43 - CFD: 03/11/2010 - 19:30:06 - [0,003] ----D- D:\Documents and Settings\saidani\Application Data\GetRightToGo O43 - CFD: 29/10/2011 - 17:31:48 - [0,074] ----D- D:\Documents and Settings\saidani\Application Data\Google O43 - CFD: 03/01/2012 - 14:00:22 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\Identities O43 - CFD: 01/01/2012 - 22:02:44 - [262,996] ----D- D:\Documents and Settings\saidani\Application Data\IDM O43 - CFD: 29/11/2011 - 21:40:42 - [0,026] ----D- D:\Documents and Settings\saidani\Application Data\Intel O43 - CFD: 15/06/2009 - 16:49:06 - [0,001] ----D- D:\Documents and Settings\saidani\Application Data\Macromedia O43 - CFD: 19/02/2010 - 20:35:30 - [4,865] -S--D- D:\Documents and Settings\saidani\Application Data\Microsoft O43 - CFD: 31/05/2009 - 15:46:46 - [20,430] ----D- D:\Documents and Settings\saidani\Application Data\Mozilla O43 - CFD: 04/07/2009 - 15:01:08 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\MSNInstaller O43 - CFD: 30/07/2009 - 21:50:20 - [0] ----D- D:\Documents and Settings\saidani\Application Data\NCH Swift Sound O43 - CFD: 27/09/2002 - 16:10:00 - [0,184] ----D- D:\Documents and Settings\saidani\Application Data\Nero O43 - CFD: 13/06/2009 - 19:30:26 - [0,030] ----D- D:\Documents and Settings\saidani\Application Data\ooVoo Details O43 - CFD: 18/06/2009 - 22:52:38 - [0,001] ----D- D:\Documents and Settings\saidani\Application Data\oovootb O43 - CFD: 03/09/2002 - 11:50:06 - [0,259] ----D- D:\Documents and Settings\saidani\Application Data\Opera O43 - CFD: 03/01/2012 - 14:22:44 - [0,000] ----D- D:\Documents and Settings\saidani\Application Data\PhotoFiltre Studio X O43 - CFD: 03/11/2010 - 19:55:52 - [0] ----D- D:\Documents and Settings\saidani\Application Data\skypePM O43 - CFD: 31/05/2009 - 17:55:14 - [1,271] ----D- D:\Documents and Settings\saidani\Application Data\Sun O43 - CFD: 02/11/2011 - 11:40:32 - [0,387] ----D- D:\Documents and Settings\saidani\Application Data\SystemRequirementsLab O43 - CFD: 23/03/2003 - 12:49:52 - [0,101] ----D- D:\Documents and Settings\saidani\Application Data\THQ O43 - CFD: 31/05/2009 - 18:02:00 - [0,019] ----D- D:\Documents and Settings\saidani\Application Data\VitySoft O43 - CFD: 07/04/2003 - 23:53:28 - [0,459] ----D- D:\Documents and Settings\saidani\Application Data\vlc O43 - CFD: 28/11/2011 - 18:14:12 - [0] ----D- D:\Documents and Settings\saidani\Application Data\Windows Search O43 - CFD: 09/12/2002 - 17:27:20 - [0] ----D- D:\Documents and Settings\saidani\Application Data\WinRAR O43 - CFD: 03/11/2010 - 19:49:42 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\360Amigo O43 - CFD: 02/06/2009 - 23:19:44 - [45,393] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Adobe O43 - CFD: 03/06/2002 - 18:57:08 - [2,818] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Autodesk O43 - CFD: 21/05/2009 - 23:03:42 - [0,004] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\DFX O43 - CFD: 18/06/2009 - 17:31:44 - [382,042] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\ESET O43 - CFD: 29/10/2011 - 17:31:46 - [301,863] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Google O43 - CFD: 13/06/2009 - 10:28:38 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Help O43 - CFD: 11/12/2011 - 19:13:48 - [0,198] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\HP O43 - CFD: 10/03/2003 - 16:05:14 - [0,289] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Identities O43 - CFD: 09/10/2009 - 11:27:52 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\JollyBear O43 - CFD: 03/01/2012 - 13:42:06 - [386,599] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Microsoft O43 - CFD: 31/05/2009 - 15:46:40 - [49,457] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Mozilla O43 - CFD: 05/03/2003 - 20:32:26 - [0,052] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\NFS Underground 2 O43 - CFD: 03/09/2002 - 11:50:06 - [0,587] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Opera O43 - CFD: 28/11/2011 - 17:48:28 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\PackageAware O43 - CFD: 01/09/2002 - 10:25:30 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\Panda Software O43 - CFD: 27/09/2002 - 16:08:44 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\PCHealth O43 - CFD: 01/04/2003 - 21:22:22 - [0] ----D- D:\Documents and Settings\saidani\Local Settings\Application Data\WMTools Downloaded Files ~ Scan Program Folder in 00mn 21s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.EDC794CB54B95A5A627D27E989AD718B] - 06/01/2012 - 16:21:39 ---A- . (...) -- D:\WINDOWS\WindowsUpdate.log [210426] O44 - LFC:[MD5.AB0E1F05EAE9CED65455010E26237828] - 06/01/2012 - 16:19:30 ---A- . (...) -- D:\WINDOWS\SchedLgU.Txt [32440] O44 - LFC:[MD5.0154D9AE4B1E7600F461199116A075ED] - 06/01/2012 - 16:13:56 ---A- . (...) -- D:\WINDOWS\wiadebug.log [263] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 12:48:07 ---A- . (...) -- D:\WINDOWS\0.log [0] O44 - LFC:[MD5.C555B0108B281FCA465C98A860BFDE35] - 06/01/2012 - 12:47:38 ---A- . (...) -- D:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 06/01/2012 - 12:47:05 -S-A- . (...) -- D:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.C65CA6F10C70A31AE4888977EBF94D4B] - 06/01/2012 - 12:46:57 ---A- . (...) -- D:\WINDOWS\system32\FNTCACHE.DAT [270984] O44 - LFC:[MD5.579A5BB41DF9B25F0E22800FE218D386] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\FaxSetup.log [49464] O44 - LFC:[MD5.35F5EB73D626D0DBF5D3D5480EC26919] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\KB2639417.log [13213] O44 - LFC:[MD5.563FCBD46489B63D3ACF9041B2F69424] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\MedCtrOC.log [3400] O44 - LFC:[MD5.BD0409A2D2EDF53B84DC324B7D625435] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\comsetup.log [16700] O44 - LFC:[MD5.0643240E2A5430C86B25A573FD78A837] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\iis6.log [52937] O44 - LFC:[MD5.8A7EC51500C693A2AAE92051CC00F8A8] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\imsins.log [1355] O44 - LFC:[MD5.8515BB2FE7FD8176514D6AF3C3E190EA] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\msgsocm.log [2472] O44 - LFC:[MD5.2916C57085C593442228A7A455DEE8CF] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\netfxocm.log [8664] O44 - LFC:[MD5.2EE184C8C55EFF730689A57782A3FD46] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\ntdtcsetup.log [10084] O44 - LFC:[MD5.BE74612E47B23DF7DE5E021F39508569] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\ocgen.log [23648] O44 - LFC:[MD5.783EB7A20F22DEB1AC33EFA34D2010C9] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\ocmsn.log [2736] O44 - LFC:[MD5.E8E08991A10B0AF88D1E65D1E8D1BDAA] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\tabletoc.log [2488] O44 - LFC:[MD5.0AFFCD648925EF8970ACB0DC93AE6569] - 06/01/2012 - 12:30:18 ---A- . (...) -- D:\WINDOWS\tsoc.log [22568] O44 - LFC:[MD5.70652CFFEE6FB37F98C4993A4BB6520C] - 06/01/2012 - 12:30:17 ---A- . (...) -- D:\WINDOWS\msmqinst.log [15112] O44 - LFC:[MD5.05CE57A8A2D89D8C043725D575BDB8CA] - 06/01/2012 - 12:30:09 ---A- . (...) -- D:\WINDOWS\KB2624667.log [12876] O44 - LFC:[MD5.F7A10895BB010701768C3D988ADD3B4A] - 06/01/2012 - 12:30:09 ---A- . (...) -- D:\WINDOWS\imsins.BAK [1355] O44 - LFC:[MD5.5FCF28F0E304A815561A9ED625D9A646] - 06/01/2012 - 12:30:07 ---A- . (...) -- D:\WINDOWS\updspapi.log [3648] O44 - LFC:[MD5.1842BBB5E936FB06444CCF3C3733FCBC] - 06/01/2012 - 12:30:01 ---A- . (...) -- D:\WINDOWS\KB2618444-IE8.log [16000] O44 - LFC:[MD5.5CF55030E341B8B5A86271AE87520172] - 06/01/2012 - 12:24:48 ---A- . (...) -- D:\WINDOWS\KB2633952.log [4094] O44 - LFC:[MD5.EAD739B048837549D7A36B37B1CF530D] - 06/01/2012 - 12:24:47 ---A- . (...) -- D:\WINDOWS\system32\TZLog.log [9740] O44 - LFC:[MD5.22DE99EAC588F775C2EFF284183E31AC] - 06/01/2012 - 12:22:41 ---A- . (...) -- D:\WINDOWS\KB2619339.log [7359] O44 - LFC:[MD5.A2137BF5E0C2D62D9B2086101CA242A3] - 06/01/2012 - 12:22:32 ---A- . (...) -- D:\WINDOWS\KB2618451.log [6730] O44 - LFC:[MD5.AC57DB7485DB7D56F7F2EC22AFAC234A] - 06/01/2012 - 12:21:40 ---A- . (...) -- D:\WINDOWS\KB2620712.log [7647] O44 - LFC:[MD5.348ABDBA7719CFED8783C09529430C8D] - 06/01/2012 - 12:21:11 ---A- . (...) -- D:\WINDOWS\KB2633171.log [9532] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 12:21:05 ---A- . (...) -- D:\WINDOWS\setupact.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 12:21:05 ---A- . (...) -- D:\WINDOWS\setuperr.log [0] O44 - LFC:[MD5.CF234D682894611A9384425A0E5BC13A] - 06/01/2012 - 12:12:42 ---A- . (...) -- D:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.165D475189B374CBDD733A6306A87122] - 05/01/2012 - 20:32:53 ---A- . (...) -- D:\WINDOWS\wininit.ini [478] O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 03/01/2012 - 11:30:57 ---A- . (...) -- D:\WINDOWS\NeroDigital.ini [69] O44 - LFC:[MD5.78A2145443852E9297D38D70C88AEC06] - 02/01/2012 - 23:52:27 ---A- . (.Progressive Networks - Pas de description.) -- D:\WINDOWS\system32\pncrt.dll [272896] O44 - LFC:[MD5.DD798E7D8F45FD2BB73150EABBB39E9F] - 16/12/2011 - 15:58:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\WINDOWS\system32\java.exe [149280] O44 - LFC:[MD5.F0003BBE2DDBC6A86BCD8BB3E59A459E] - 16/12/2011 - 15:58:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- D:\WINDOWS\system32\javaw.exe [149280] O44 - LFC:[MD5.7030C9615C98953C481553671DD7B9E5] - 16/12/2011 - 15:58:12 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- D:\WINDOWS\system32\javaws.exe [157472] O44 - LFC:[MD5.CCEA6FFAB3EA101FF65181FDC4C19C14] - 16/12/2011 - 15:58:05 ---A- . (...) -- D:\WINDOWS\system32\jupdate-1.6.0_30-b12.log [4292] O44 - LFC:[MD5.A7E4D2AAF4FC8F67AE0F5E4535BBF27D] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfc009.dat [71336] O44 - LFC:[MD5.B737F34153E119CC9E23D895762E0DA9] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfc00C.dat [85394] O44 - LFC:[MD5.D1D34DB4C2E66B78718D89CFDC2981B5] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfh009.dat [441018] O44 - LFC:[MD5.8AD5D6B58F334EB473F989FD163E2697] - 14/12/2011 - 13:23:54 ---A- . (...) -- D:\WINDOWS\system32\perfh00C.dat [510528] O44 - LFC:[MD5.D3A55C9E44420AD9264BC19FECB33A77] - 09/12/2011 - 15:16:17 ---A- . (...) -- D:\ComboFix.txt [419918] O44 - LFC:[MD5.8A3F39602B71B4D8B86C6B71F3187D6A] - 09/12/2011 - 15:13:18 ---A- . (...) -- D:\WINDOWS\system.ini [285] ~ Scan Files in 00mn 20s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- D:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- D:\WINDOWS\Network Diagnostic\xpnetdiag.exe ~ Scan Keys in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- D:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- D:\WINDOWS\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- D:\WINDOWS\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- D:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- D:\WINDOWS\system32\wdigest.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- D:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- D:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- D:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- D:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- D:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- D:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- D:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- D:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- D:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- D:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- D:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- D:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- D:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- D:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- D:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- D:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- D:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- D:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- D:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- D:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- D:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ MountPoints2 Shell Key (O51) (None) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- D:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- D:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- D:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- D:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- D:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="D:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- D:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="D:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- D:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- D:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"D:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- D:\WINDOWS\system32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\AcerOrbicamRibbon [Key] . (...) -- D:\Program Files\Acer\OrbiCam10\OrbiCam.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\CTFMON [Key] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\system32\wscript.exe O53 - SMSR:HKLM\...\startupreg\LogitechCommunicationsManager [Key] . (.Acer Inc. - Communications Manager.) -- D:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe O53 - SMSR:HKLM\...\startupreg\LVCOMSX [Key] . (.Logitech Inc. - LVCom Server.) -- D:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA1878 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT" (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA4088 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.dll (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA6025 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingA8064 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB1652 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT" (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB7198 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.dll (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB8770 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingB9244 [Key] . (...) -- command.com \c del "D:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC4791 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC5288 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC8319 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingC9349 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD5492 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD6903 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD7589 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotDeletingD9174 [Key] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- D:\WINDOWS\system32\cmd.exe O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\VirtualCloneDrive [Key] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- D:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- D:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- D:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "LinkResolveIgnoreLinkInfo"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoResolveSearch"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.38325C6AA8EAE011897D61CE48EC6435] - 06/01/2012 - 14:13:38 ---A- . (.Agere Systems - SoftModem Device Driver.) -- D:\WINDOWS\system32\drivers\AGRSM.sys [1202560] O58 - SDL:[MD5.551D52AA398392F427CE2538051DA947] - 06/01/2012 - 15:08:22 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- D:\WINDOWS\system32\drivers\avgntflt.sys [55640] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 06/01/2012 - 00:00:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\cdaudio.sys [18688] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 06/01/2012 - 01:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- D:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 06/01/2012 - 01:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- D:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.9309C5C9831203436E64CF2AE605C5D7] - 06/01/2012 - 14:24:52 ---A- . (.ESET - Amon monitor.) -- D:\WINDOWS\system32\drivers\eamon.sys [154136] O58 - SDL:[MD5.DEFF87F04AB5F6DD5EDF2B80853BBE10] - 06/01/2012 - 09:20:36 ---A- . (.ESET - ESET Helper driver.) -- D:\WINDOWS\system32\drivers\ehdrv.sys [118104] O58 - SDL:[MD5.D71233D7CCC2E64F8715A20428D5A33B] - 06/01/2012 - 23:57:57 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- D:\WINDOWS\system32\drivers\ElbyCDIO.sys [31088] O58 - SDL:[MD5.5BA193CA0AE31209AAA39939CE6736B2] - 06/01/2012 - 09:20:38 ---A- . (.ESET - ESET Personal Firewall driver.) -- D:\WINDOWS\system32\drivers\epfw.sys [147480] O58 - SDL:[MD5.75D3BCD3E0EDED0AB0F96D9A10FF01C9] - 06/01/2012 - 09:37:28 ---A- . (.ESET - ESET Personal Firewall NDIS filter.) -- D:\WINDOWS\system32\drivers\epfwndis.sys [39824] O58 - SDL:[MD5.DC64F26F35E32C9472BBF8ACD84060D3] - 06/01/2012 - 09:20:38 ---A- . (.ESET - ESET Personal Firewall TDI filter.) -- D:\WINDOWS\system32\drivers\epfwtdi.sys [61936] O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 06/01/2012 - 11:43:26 ---A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- D:\WINDOWS\system32\drivers\hpzid412.sys [51120] O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 06/01/2012 - 11:43:26 ---A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- D:\WINDOWS\system32\drivers\HPZipr12.sys [16496] O58 - SDL:[MD5.CF1B7951B4EC8D13F3C93B74BB2B461B] - 06/01/2012 - 11:43:28 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- D:\WINDOWS\system32\drivers\HPZius12.sys [21744] O58 - SDL:[MD5.BC1F1FF8D5800398937966CDB0A97FDC] - 06/01/2012 - 13:20:20 R--A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- D:\WINDOWS\system32\drivers\ialmnt5.sys [1353820] O58 - SDL:[MD5.330A6A0BAF4FD945BDE14C7B1D88D9B9] - 06/01/2012 - 16:14:42 ---A- . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- D:\WINDOWS\system32\drivers\idmtdi.sys [101616] O58 - SDL:[MD5.48846B31BE5A4FA662CCFDE7A1BA86B9] - 06/01/2012 - 12:12:06 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- D:\WINDOWS\system32\drivers\igxpmp32.sys [5854752] O58 - SDL:[MD5.FAB690AD3D3949B9ED227508734C8A85] - 06/01/2012 - 12:28:40 ---A- . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) -- D:\WINDOWS\system32\drivers\klim5.sys [24592] O58 - SDL:[MD5.B65359729BD5221F1DFE535199501F77] - 06/01/2012 - 02:36:12 ---A- . (.Logitech Inc. - USB Camera Driver.) -- D:\WINDOWS\system32\drivers\lv321av.sys [847392] O58 - SDL:[MD5.5492F579AD7BF7DD61BE35AD18FF0AD7] - 06/01/2012 - 20:45:10 ---A- . (...) -- D:\WINDOWS\system32\drivers\LVMVdrv.sys [2400128] O58 - SDL:[MD5.D8CF31431AA398C1D79931203A75332F] - 06/01/2012 - 20:45:10 ---A- . (...) -- D:\WINDOWS\system32\drivers\LVPrcMon.sys [16768] O58 - SDL:[MD5.05743FFFC2BC88CC8E426321BC6A762E] - 06/01/2012 - 06:23:16 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- D:\WINDOWS\system32\drivers\NETw5x32.sys [3636864] O58 - SDL:[MD5.72062B53186E4A3F5FCBC41EBB62B905] - 06/01/2012 - 05:11:38 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- D:\WINDOWS\system32\drivers\NETwLx32.sys [6609920] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 06/01/2012 - 01:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 06/01/2012 - 01:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- D:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 06/01/2012 - 01:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- D:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 06/01/2012 - 01:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- D:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.19EEDB7E20D269D547CE74AF90FEAE2D] - 06/01/2012 - 17:47:00 R---- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- D:\WINDOWS\system32\drivers\RtkHDAud.Sys [4241920] O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 06/01/2012 - 23:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- D:\WINDOWS\system32\drivers\RTL8139.sys [20992] O58 - SDL:[MD5.CF84B1F0E8B14D4120AAF9CF35CBB265] - 06/01/2012 - 14:29:52 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- D:\WINDOWS\system32\drivers\Rtnicxp.sys [130432] O58 - SDL:[MD5.27FC71DA659305E260ACBDA15A318399] - 06/01/2012 - 22:15:04 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- D:\WINDOWS\system32\drivers\s24trans.sys [13952] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 06/01/2012 - 09:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- D:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/01/2012 - 00:00:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\sptd.sys [721904] O58 - SDL:[MD5.654DFEA96BC82B4ACDA4F37E5E4A3BBF] - 06/01/2012 - 09:12:24 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- D:\WINDOWS\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 06/01/2012 - 15:05:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.9179E07503630D6FB2E4162FF0196191] - 06/01/2012 - 09:30:00 R--A- . (.Texas Instruments - tifm21.sys.) -- D:\WINDOWS\system32\drivers\tifm21.sys [162432] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 06/01/2012 - 01:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- D:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.FCE98C43B5C5DB8E0DA8EA0E2B45E044] - 06/01/2012 - 17:20:14 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- D:\WINDOWS\system32\drivers\VClone.sys [30208] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 06/01/2012 - 01:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- D:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.F07BA56B0235F15EFF8F10DC6389C42E] - 06/01/2012 - 13:54:56 ---A- . (...) -- D:\WINDOWS\system32\epmntdrv.sys [13192] O58 - SDL:[MD5.1F2F4AB15CE03ECC257FEB2F6DC5A013] - 06/01/2012 - 13:54:56 ---A- . (...) -- D:\WINDOWS\system32\EuGdiDrv.sys [8456] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 06/01/2012 - 03:46:56 ---A- . (...) -- D:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 06/01/2012 - 01:00:00 ---A- . (...) -- D:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 06/01/2012 - 03:45:26 ---A- . (...) -- D:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 06/01/2012 - 03:45:16 ---A- . (...) -- D:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 06/01/2012 - 03:45:12 ---A- . (...) -- D:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 06/01/2012 - 03:45:16 ---A- . (...) -- D:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 06/01/2012 - 03:45:14 ---A- . (...) -- D:\WINDOWS\system32\ntio804.sys [34560] ~ Scan Drivers in 00mn 05s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 11/12/2007 - D:\WINDOWS\system32\agrsmsvc.exe (AgereModemAudio) .(.Agere Systems - Agere Soft Modem Call Progress Service.) - LEGACY_AGEREMODEMAUDIO O64 - Services: CurCS - 03/06/2002 - D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe (Autodesk Licensing Service) .(.Autodesk - System Level Service Utility.) - LEGACY_AUTODESK_LICENSING_SERVICE O64 - Services: CurCS - ??\??\???? - (COMSysApp) .(. - .) - LEGACY_COMSYSAPP O64 - Services: CurCS - 18/12/2009 - D:\Program Files\systemRequirementsLab\cpudrv.sys - cpudrv (cpudrv) .(...) - LEGACY_CPUDRV O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\dmadmin.exe (dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\drivers\dmboot.sys (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 07/09/2002 - D:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - 09/08/2011 - D:\WINDOWS\system32\DRIVERS\eamon.sys (eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON O64 - Services: CurCS - 04/08/2011 - D:\WINDOWS\system32\DRIVERS\ehdrv.sys (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV O64 - Services: CurCS - 22/09/2011 - D:\Program Files\ESET\ESET Smart Security\ekrn.exe (ekrn) .(.ESET - ESET Service.) - LEGACY_EKRN O64 - Services: CurCS - 16/12/2010 - D:\WINDOWS\system32\Drivers\ElbyCDIO.sys (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - 04/08/2011 - D:\WINDOWS\system32\DRIVERS\epfw.sys (epfw) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFW O64 - Services: CurCS - 04/08/2011 - D:\WINDOWS\system32\DRIVERS\epfwtdi.sys (epfwtdi) .(.ESET - ESET Personal Firewall TDI filter.) - LEGACY_EPFWTDI O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - 22/06/2011 - D:\Program Files\Intel\WiFi\bin\EvtEng.exe (EvtEng) .(.Intel® Corporation - Intel® PROSet/Wireless Event Log Service.) - LEGACY_EVTENG O64 - Services: CurCS - 03/11/2010 - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service) .(.Macrovision Europe Ltd. - Activation Licensing Service.) - LEGACY_FLEXNET_LICENSING_SERVIC O64 - Services: CurCS - 29/10/2011 - D:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - 13/04/2008 - D:\WINDOWS\system32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - 06/07/2011 - D:\WINDOWS\system32\DRIVERS\idmtdi.sys (IDMTDI) .(.Tonec Inc. - Internet Download Manager TDI Driver.) - LEGACY_IDMTDI O64 - Services: CurCS - 10/11/2011 - D:\Program Files\Java\jre6\bin\jqs.exe (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 30/11/2005 - D:\WINDOWS\system32\drivers\LVPrcMon.sys - Logitech LVPrcMon Driver (LVPrcMon) .(...) - LEGACY_LVPRCMON O64 - Services: CurCS - 30/11/2005 - D:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe (LVPrcSrv) .(.Logitech - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - 17/10/2011 - D:\Program Files\ma-config.com\maconfservice.exe (maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - 29/09/2004 - D:\WINDOWS\system32\HPZipm12.exe (Pml Driver HPZ12) .(.HP - PML Driver.) - LEGACY_PML_DRIVER_HPZ12 O64 - Services: CurCS - 22/06/2011 - D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe (RegSrvc) .(.Intel® Corporation - Intel® PROSet/Wireless Registry Service.) - LEGACY_REGSRVC O64 - Services: CurCS - 22/06/2011 - D:\Program Files\Intel\WiFi\bin\S24EvMon.exe (S24EventMonitor) .(.Intel® Corporation - Intel® Wireless Management Service.) - LEGACY_S24EVENTMONITOR O64 - Services: CurCS - 19/05/2010 - D:\WINDOWS\system32\DRIVERS\s24trans.sys (s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS O64 - Services: CurCS - ??\??\???? - D:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 11/05/2009 - D:\WINDOWS\system32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- D:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- D:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- D:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\saidani\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - Bing ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- D:\WINDOWS\system32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- D:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- D:\WINDOWS\system32\browser.dll [77824] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- D:\WINDOWS\system32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- D:\WINDOWS\system32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- D:\WINDOWS\system32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- D:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- D:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (...) -- D:\WINDOWS\system32\hidserv.dll [0] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- D:\WINDOWS\system32\srvsvc.dll [99840] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- D:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- D:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- D:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- D:\WINDOWS\system32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- D:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- D:\WINDOWS\system32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- D:\WINDOWS\system32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- D:\WINDOWS\system32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- D:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- D:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- D:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- D:\WINDOWS\system32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- D:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- D:\WINDOWS\system32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- D:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- D:\WINDOWS\system32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- D:\WINDOWS\system32\wzcsvc.dll [483840] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- D:\WINDOWS\system32\advapi32.dll [685568] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- D:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- D:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- D:\WINDOWS\system32\xmlprov.dll [129024] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- D:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- D:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- D:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- D:\WINDOWS\system32\mspmsnsv.dll [27136] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- D:\WINDOWS\system32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- D:\WINDOWS\system32\kmsvc.dll [61440] ~ Scan Services in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.FCE23FBF8A4495ECC17CACFE11A2D544] [sPRF][26/08/2008] (.Inekman - Xtremsplit v1.2.) -- D:\Documents and Settings\saidani\Bureau\Xtremsplit.exe [305664] [MD5.92149D7FC2B90B189F8AEECC2F9DDCEE] [sPRF][12/02/2007] (.Autodesk, Inc. - Autodesk i-drop control.) -- D:\WINDOWS\Downloaded Program Files\IDropENU.dll [114792] [MD5.352035CA37302C43A0B028CFD416C859] [sPRF][16/02/2007] (.Autodesk, Inc. - Autodesk i-drop control.) -- D:\WINDOWS\Downloaded Program Files\IDropFRA.dll [114768] ~ Scan Files in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8933 - (06/01/2012) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\PopCap] =>Adware.PopCap ~ Scan Additionnel in 00mn 10s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 06/01/2012 12800 | (AgereModemAudio) . (.Agere Systems.) - D:\WINDOWS\system32\agrsmsvc.exe SS - | Auto 0 | (AntiVirUpgradeService) . (...) - D:\DOCUME~1\saidani\LOCALS~1\Temp\AVSETUP_4a434603\basic\avupgsvc.exe SS - | Demand 06/01/2012 85096 | (Autodesk Licensing Service) . (.Autodesk.) - D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe SS - | Demand 06/01/2012 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - D:\WINDOWS\system32\dmadmin.exe SR - | Auto 06/01/2012 974944 | (ekrn) . (.ESET.) - D:\Program Files\ESET\ESET Smart Security\ekrn.exe SS - | Demand 0 | (EverestDriver) . (...) - D:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt SR - | Auto 06/01/2012 866576 | (EvtEng) . (.Intel® Corporation.) - D:\Program Files\Intel\WiFi\bin\EvtEng.exe SS - | Demand 06/01/2012 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 06/01/2012 136176 | (gupdate) . (.Google Inc..) - D:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 06/01/2012 136176 | (gupdatem) . (.Google Inc..) - D:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 06/01/2012 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - D:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 06/01/2012 81920 | (LVPrcSrv) . (.Logitech.) - D:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe SS - | Demand 06/01/2012 311928 | (maconfservice) . (.CybelSoft.) - D:\Program Files\ma-config.com\maconfservice.exe SS - | Auto 06/01/2012 69632 | (Pml Driver HPZ12) . (.HP.) - D:\WINDOWS\system32\HPZipm12.exe SR - | Auto 06/01/2012 481552 | (RegSrvc) . (.Intel® Corporation.) - D:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe SR - | Auto 06/01/2012 882960 | (S24EventMonitor) . (.Intel® Corporation.) - D:\Program Files\Intel\WiFi\bin\S24EvMon.exe ~ Scan Services in 00mn 11s ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/01/2012 - 00:00:00 ---A- . (...) -- D:\WINDOWS\system32\drivers\sptd.sys [721904] ~ Scan Emulateurs in 00mn 11s End of the scan (1272 lines in 01mn 30s)(0)
×
×
  • Créer...