Bonjour,
<config>Windows Vista / Firefox 4.0.1</config>
il me semble que j'ai du attraper un virus car mon ordi est ultra lent j'ai lancer un rapport zhpdiag mais je ne sais pas le lire aidez moi s'il vous plait ...
Rapport de ZHPDiag v1.28.1321 par Nicolas Coolman, Update du 09/08/2011
Run by nana at 10/08/2011 08:45:59
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
---\\ Web Browser
MSIE: Internet Explorer v7.0.6002.18005
MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut)
---\\ Windows Product Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 6J37M
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 6 Model 14 Stepping 8, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013 MB (24% free)
System Restore: Activé (Enable)
System drive C: has 6 GB (18%) free of 30 GB
---\\ Logged in mode
~ Computer Name: PC-DE-NANA
~ User Name: nana
~ All Users Names: nana, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\nana\AppData\Roaming\
~ %Desktop% : C:\Users\nana\Desktop\
~ %Favorites% : C:\Users\nana\Favorites\
~ %LocalAppData% : C:\Users\nana\AppData\Local\
~ %StartMenu% : C:\Users\nana\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 6 Go of 30 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 78 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 3 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.21/10/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.13/06/2008 - 08:33:37.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.17413EF7D95632D892B4C914CD7E66F9] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 17:04:00.) -- C:\Windows\system32\wininet.dll [834048]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/10/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/10/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/10/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]
[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.13/06/2008 - 08:34:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/110
~ Mes Favoris (My Favorites) : 2/19
~ Mes Documents (My Documents) : 8/68
~ Mon Bureau (My Desktop) : 1/26
~ Menu demarrer (Programs) : 7/28
~ Scan Hidden Files in 00mn 00s
---\\ Processus lancés
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288]
[MD5.896A1DB9A972AD2339C2E8569EC926D1] - (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088]
[MD5.E616A6A6E91B0A86F2F6217CDE835FFE] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.3B2CC09944488DB5ED5DFDC315C9AB57] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.B6A214BACD0C5BE45C4D093032DD884B] - (...) -- D:\WINRAR\WinRAR.exe [1037312]
[MD5.C354A712DCCA3E4AC3C4B8C6A9BD28A0] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368]
[MD5.1CF3866E09FFE13CF280D4DDFA9F7DCF] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360]
[MD5.0D630405311E1AE574BC2EC6681E485E] - (.TuneUp Software GmbH - TuneUp Drive Defrag-Dienst.) -- C:\Windows\System32\TuneUpDefragService.exe [355584]
~ Scan Processes Running in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\nana\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\nana\AppData\Roaming\Mozilla\Firefox\Profiles\wkefotbn.default\prefs.js
M3 - MFPP: Plugins - [nana] -- C:\Users\nana\AppData\Roaming\Mozilla\Firefox\Profiles\wkefotbn.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [nana] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [nana - wkefotbn.default] www.google.fr
M2 - MFEP: prefs.js [nana - wkefotbn.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [nana - wkefotbn.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)
M2 - MFEP: prefs.js [nana - wkefotbn.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20110512W (.Google Inc..)
M2 - MFEP: prefs.js [nana - wkefotbn.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.3.11.20110727115843 (.Yahoo!.)
M2 - MFEP: prefs.js [nana - wkefotbn.default\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [] uTorrentBar Community Toolbar v3.3.3.2 (.Conduit Ltd..)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.7.0059.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.1".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@google.com/npPicasa2,version=2.0.0] - (...) -- C:\Program Files\Picasa2\npPicasa2.dll (.not file.)
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (...) -- C:\Program Files\Picasa2\npPicasa3.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foozir.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foozir.com
R0 - HKUS\S-1-5-21-3228371953-1481652662-294528152-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foozir.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-3228371953-1481652662-294528152-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (...) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (...) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} Clé orpheline
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} Clé orpheline
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (...) -- (.not file.)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-3228371953-1481652662-294528152-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-3228371953-1481652662-294528152-1000\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-3228371953-1481652662-294528152-1000\..\Run: [ccleaner] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKUS\S-1-5-21-3228371953-1481652662-294528152-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\nana\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\nana\Desktop\Editeur KaraFun.lnk . (.RECISIO.) -- C:\Program Files\KaraFun\KaraFun.exe
O4 - Global Startup: C:\Users\nana\Desktop\KaraFun.lnk . (.RECISIO.) -- C:\Program Files\KaraFun\KaraFun.exe
O4 - Global Startup: C:\Users\nana\Desktop\LimeWire 5.6.2.lnk . (.Lime Wire, LLC.) -- C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: C:\Users\nana\Desktop\Mes Documents.lnk . (...) -- D:\Mes Documents
O4 - Global Startup: C:\Users\nana\Desktop\Ordinateur - Raccourci.lnk - Clé orpheline
O4 - Global Startup: C:\Users\nana\Desktop\Paint.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\mspaint.exe
O4 - Global Startup: C:\Users\nana\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk . (.Microsoft Corporation.) -- C:\Windows\ehome\ehshell.exe
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\nana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B87F4CB-831D-4B85-9CD3-6C5CC6C8859B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4B87F4CB-831D-4B85-9CD3-6C5CC6C8859B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{4B87F4CB-831D-4B85-9CD3-6C5CC6C8859B}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.dll
~ Scan AppInit DLL in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Maintenance en 1 clic.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{83F25CE0-EEDC-49CD-8BBA-E336808FEAF6}.job
[MD5.5467F1FF0AF264566740F67E8B810735] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.A38CEE5E5EDD5FC75FC3D98A4C370324] [APT] [Maintenance en 1 clic] (.TuneUp Software GmbH.) -- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
~ Scan Scheduled Task in 00mn 03s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: CCleaner (remove only) - (.Pas de propriétaire.) [HKLM] -- CCleaner
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propriétaire.) [HKLM] -- HDMI
O42 - Logiciel: KaraFun 1.18 - (.Recisio.) [HKLM] -- KaraFun_is1
O42 - Logiciel: Les Sims™ 3 - (.Electronic Arts.) [HKLM] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8}
O42 - Logiciel: LimeWire 5.6.2 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Switch - (.NCH Swift Sound.) [HKLM] -- Switch
O42 - Logiciel: Uninstall 1.0.0.0 - (.Pas de propriétaire.) [HKLM] -- Uninstall_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VAIO Data Restore Tool - (.Pas de propriétaire.) [HKLM] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: VLC media player 0.9.6 - (.VideoLAN Team.) [HKLM] -- VLC media player
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AdvancedEnhancer]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\conduitEngine]
[HKCU\Software\AppDataLow\Software\uTorrentBar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avira]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Electronic Arts]
[HKCU\Software\GoldWave]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Netscape]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\PCTools]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RECISIO]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\eMule]
[HKLM\Software\Adobe]
[HKLM\Software\Arobas Music]
[HKLM\Software\Avira]
[HKLM\Software\CA561B]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Conexant]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FullCircle]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Licenses]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NCH Swift Sound]
[HKLM\Software\Nero]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\PCTools]
[HKLM\Software\Policies]
[HKLM\Software\RECISIO]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sims]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Corporation]
[HKLM\Software\Symantec]
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\ahead]
[HKLM\Software\conduitEngine]
[HKLM\Software\mozilla.org]
[HKLM\Software\uTorrentBar]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/10/2010 - 21:14:02 - [244067451] ----D- C:\Program Files\Adobe
O43 - CFD: 27/02/2011 - 15:02:48 - [1618] ----D- C:\Program Files\Ask.com
O43 - CFD: 05/01/2010 - 22:38:24 - [183092119] ----D- C:\Program Files\Avira
O43 - CFD: 19/01/2009 - 22:10:40 - [2312914] ----D- C:\Program Files\CCleaner
O43 - CFD: 22/07/2010 - 11:02:42 - [371956267] ----D- C:\Program Files\Common Files
O43 - CFD: 24/12/2010 - 16:37:26 - [0] ----D- C:\Program Files\Electronic Arts
O43 - CFD: 16/01/2008 - 23:37:34 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 27/02/2011 - 15:28:08 - [55092862] ----D- C:\Program Files\Google
O43 - CFD: 24/12/2010 - 16:42:38 - [12116509] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/06/2011 - 03:20:16 - [2250694] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 12/05/2008 - 22:27:10 - [81463824] ----D- C:\Program Files\Java
O43 - CFD: 04/12/2010 - 14:50:52 - [22473238] ----D- C:\Program Files\KaraFun
O43 - CFD: 13/11/2010 - 20:02:52 - [85767136] ----D- C:\Program Files\LimeWire
O43 - CFD: 31/12/2009 - 21:37:26 - [4177864] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 07/05/2011 - 03:02:04 - [9362570] ----D- C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 12/03/2008 - 02:32:24 - [72160046] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 17/05/2008 - 18:37:50 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/12/2010 - 19:50:38 - [979309] ----D- C:\Program Files\Microsoft WSE
O43 - CFD: 27/06/2010 - 03:03:08 - [15715] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 16/08/2010 - 03:21:06 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 05/06/2011 - 23:12:32 - [36372519] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 20/07/2008 - 15:48:00 - [1452384] ----D- C:\Program Files\NCH Swift Sound
O43 - CFD: 29/03/2009 - 20:32:16 - [6631497] ----D- C:\Program Files\Notepad++
O43 - CFD: 20/07/2008 - 16:04:30 - [22115418] ----D- C:\Program Files\Real
O43 - CFD: 25/05/2008 - 15:39:36 - [12516561] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 10/02/2010 - 19:03:44 - [25623420] R---D- C:\Program Files\Skype
O43 - CFD: 17/04/2008 - 20:45:08 - [3031002] ----D- C:\Program Files\Sony
O43 - CFD: 27/02/2011 - 15:06:02 - [54784511] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 31/12/2009 - 12:46:16 - [34079991] ----D- C:\Program Files\TuneUp Utilities 2008
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 30/11/2008 - 20:46:32 - [50490183] ----D- C:\Program Files\VideoLAN
O43 - CFD: 02/01/2010 - 17:06:52 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 02/01/2010 - 17:06:48 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 02/01/2010 - 17:06:36 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 02/01/2010 - 17:06:48 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 24/12/2010 - 16:32:42 - [17120822] ----D- C:\Program Files\Windows Live
O43 - CFD: 17/06/2011 - 03:02:34 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 13/10/2010 - 03:23:18 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 16/01/2008 - 23:37:34 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 02/01/2010 - 17:06:44 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/01/2010 - 04:20:38 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 02/01/2010 - 17:06:50 - [6527558] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 08/01/2010 - 22:09:22 - [3921448] ----D- C:\Program Files\WinRAR
O43 - CFD: 10/08/2011 - 08:46:28 - [3998909] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 21/10/2010 - 21:14:40 - [6281214] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 06/11/2010 - 23:00:56 - [5407744] ----D- C:\Program Files\Common Files\Ahead
O43 - CFD: 12/03/2008 - 02:33:22 - [86016] ----D- C:\Program Files\Common Files\Designer
O43 - CFD: 25/12/2009 - 18:06:06 - [6242421] ----D- C:\Program Files\Common Files\DVDVideoSoft
O43 - CFD: 25/05/2008 - 15:39:20 - [3192663] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 12/05/2008 - 22:25:04 - [35046297] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 24/12/2010 - 16:32:42 - [223324184] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/07/2010 - 11:02:28 - [0] ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 02/01/2010 - 16:03:16 - [2927616] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 02/01/2010 - 17:06:44 - [12585938] ----D- C:\Program Files\Common Files\System
O43 - CFD: 26/01/2008 - 13:18:18 - [20371625] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 31/12/2009 - 12:44:26 - [15033856] ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 04/12/2009 - 18:12:02 - [352256] ----D- C:\Program Files\Common Files\xing shared
O43 - CFD: 21/10/2010 - 21:14:40 - [83074495] ----D- C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 05/01/2010 - 22:38:24 - [101630403] ----D- C:\ProgramData\Avira
O43 - CFD: 16/01/2008 - 23:37:34 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 22/07/2010 - 11:02:42 - [1502423] ----D- C:\ProgramData\DivX
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 24/12/2010 - 14:11:52 - [78518] ----D- C:\ProgramData\Electronic Arts
O43 - CFD: 24/03/2011 - 22:26:16 - [639752] ----D- C:\ProgramData\eSellerate
O43 - CFD: 16/01/2008 - 23:37:34 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 19/11/2009 - 16:34:38 - [530137] ----D- C:\ProgramData\Google
O43 - CFD: 09/08/2011 - 13:20:16 - [14094] ----D- C:\ProgramData\Google Updater
O43 - CFD: 31/12/2009 - 21:20:10 - [3643198] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 16/01/2008 - 23:37:34 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 06/11/2010 - 23:09:48 - [140758821] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 16/01/2008 - 23:37:34 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 02/02/2008 - 16:34:40 - [1764555] ----D- C:\ProgramData\Mozilla
O43 - CFD: 04/12/2009 - 18:12:50 - [0] ----D- C:\ProgramData\Real
O43 - CFD: 04/12/2010 - 14:50:50 - [3097579] ----D- C:\ProgramData\Recisio
O43 - CFD: 10/02/2010 - 19:03:40 - [19451154] ----D- C:\ProgramData\Skype
O43 - CFD: 08/08/2011 - 12:44:52 - [29415] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 20/02/2009 - 20:57:52 - [111] ---AD- C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 31/12/2009 - 12:45:56 - [8621] ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 05/01/2010 - 23:01:14 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 02/02/2008 - 16:45:28 - [2291726] ----D- C:\Users\nana\AppData\Roaming\Adobe
O43 - CFD: 17/05/2008 - 10:21:18 - [1786] ----D- C:\Users\nana\AppData\Roaming\Ahead
O43 - CFD: 20/07/2010 - 21:24:12 - [98304] ----D- C:\Users\nana\AppData\Roaming\DivX
O43 - CFD: 27/07/2011 - 19:31:50 - [199] ----D- C:\Users\nana\AppData\Roaming\dvdcss
O43 - CFD: 01/07/2008 - 23:52:52 - [34513] ----D- C:\Users\nana\AppData\Roaming\Google
O43 - CFD: 16/01/2008 - 23:42:02 - [0] ----D- C:\Users\nana\AppData\Roaming\Identities
O43 - CFD: 31/05/2011 - 20:08:02 - [91299083] ----D- C:\Users\nana\AppData\Roaming\LimeWire
O43 - CFD: 20/01/2008 - 20:49:30 - [456] ----D- C:\Users\nana\AppData\Roaming\Macromedia
O43 - CFD: 31/12/2009 - 21:20:12 - [1047] ----D- C:\Users\nana\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\nana\AppData\Roaming\Media Center Programs
O43 - CFD: 20/01/2008 - 22:57:28 - [76] ----D- C:\Users\nana\AppData\Roaming\Media Player Classic
O43 - CFD: 06/11/2010 - 23:09:48 - [421897] -S--D- C:\Users\nana\AppData\Roaming\Microsoft
O43 - CFD: 12/03/2008 - 02:32:24 - [0] ----D- C:\Users\nana\AppData\Roaming\Microsoft Web Folders
O43 - CFD: 21/08/2010 - 09:22:02 - [56246136] ----D- C:\Users\nana\AppData\Roaming\Mozilla
O43 - CFD: 25/12/2008 - 11:20:20 - [3530] ----D- C:\Users\nana\AppData\Roaming\MP-Manager
O43 - CFD: 25/12/2008 - 10:46:42 - [0] ----D- C:\Users\nana\AppData\Roaming\MPMAN
O43 - CFD: 20/07/2008 - 15:35:08 - [2686976] ----D- C:\Users\nana\AppData\Roaming\NCH Software
O43 - CFD: 07/06/2008 - 15:06:06 - [0] ----D- C:\Users\nana\AppData\Roaming\NCH Swift Sound
O43 - CFD: 29/03/2009 - 20:34:54 - [95756] ----D- C:\Users\nana\AppData\Roaming\Notepad++
O43 - CFD: 20/07/2008 - 15:59:42 - [0] ----D- C:\Users\nana\AppData\Roaming\PC Tools
O43 - CFD: 02/01/2010 - 16:03:08 - [447] ----D- C:\Users\nana\AppData\Roaming\Real
O43 - CFD: 25/12/2009 - 17:58:00 - [10583] R-H-D- C:\Users\nana\AppData\Roaming\SecuROM
O43 - CFD: 11/02/2011 - 00:10:18 - [13174] ----D- C:\Users\nana\AppData\Roaming\Skype
O43 - CFD: 02/02/2008 - 16:36:52 - [39273] ----D- C:\Users\nana\AppData\Roaming\Talkback
O43 - CFD: 31/12/2009 - 12:46:32 - [3788] ----D- C:\Users\nana\AppData\Roaming\TuneUp Software
O43 - CFD: 13/11/2010 - 17:40:38 - [667987] ----D- C:\Users\nana\AppData\Roaming\uTorrent
O43 - CFD: 30/11/2008 - 20:57:54 - [445336] ----D- C:\Users\nana\AppData\Roaming\vlc
O43 - CFD: 08/01/2010 - 22:10:18 - [12] ----D- C:\Users\nana\AppData\Roaming\WinRAR
O43 - CFD: 06/11/2010 - 20:45:26 - [216847344] ----D- C:\Users\nana\AppData\Local\Adobe
O43 - CFD: 20/07/2008 - 15:44:30 - [2009172] ----D- C:\Users\nana\AppData\Local\Ahead
O43 - CFD: 16/01/2008 - 23:41:52 - [0] -SH-D- C:\Users\nana\AppData\Local\Application Data
O43 - CFD: 24/12/2010 - 14:12:04 - [1434] ----D- C:\Users\nana\AppData\Local\Electronic Arts
O43 - CFD: 26/01/2008 - 13:18:08 - [259092] ----D- C:\Users\nana\AppData\Local\eMule
O43 - CFD: 27/02/2011 - 15:03:06 - [516670181] ----D- C:\Users\nana\AppData\Local\Google
O43 - CFD: 16/01/2008 - 23:41:52 - [0] -SH-D- C:\Users\nana\AppData\Local\Historique
O43 - CFD: 25/12/2009 - 17:59:22 - [136199739] ----D- C:\Users\nana\AppData\Local\Microsoft
O43 - CFD: 13/08/2008 - 18:03:20 - [722809] ----D- C:\Users\nana\AppData\Local\Microsoft Games
O43 - CFD: 20/01/2008 - 20:47:48 - [33238] ----D- C:\Users\nana\AppData\Local\MigWiz
O43 - CFD: 02/02/2008 - 16:36:24 - [369807841] ----D- C:\Users\nana\AppData\Local\Mozilla
O43 - CFD: 10/08/2011 - 08:45:34 - [5105775] ----D- C:\Users\nana\AppData\Local\Temp
O43 - CFD: 16/01/2008 - 23:41:52 - [0] -SH-D- C:\Users\nana\AppData\Local\Temporary Internet Files
O43 - CFD: 13/08/2008 - 10:21:32 - [2433546] ----D- C:\Users\nana\AppData\Local\VirtualStore
O43 - CFD: 06/06/2009 - 16:41:34 - [1093] ----D- C:\Users\nana\AppData\Local\WMA-MP3.com
~ Scan Program Folder in 00mn 16s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FC240A68B56CD3ECA36F44F930467B03] - 10/08/2011 - 07:08:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [206608]
O44 - LFC:[MD5.EF1349DEAE52B042F49365C5E19F5C9B] - 10/08/2011 - 07:07:47 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.63ABE2A0A16E2ED2F5283DCDE2CFF0A9] - 08/08/2011 - 19:01:27 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [126626]
O44 - LFC:[MD5.3F41E73B7EDC2BDFE877CF277B836600] - 08/08/2011 - 19:01:27 ---A- . (...) -- C:\Windows\system32\perfh009.dat [595996]
O44 - LFC:[MD5.1CBEECCB8AA523E4112E3EEA88745E3E] - 08/08/2011 - 19:01:27 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [679042]
O44 - LFC:[MD5.BA038786C7D5BBED7E2497350546D341] - 08/08/2011 - 19:01:26 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.C094C002721F58FD839C2A33CC05FD7C] - 08/08/2011 - 19:01:26 ---A- . (...) -- C:\Windows\system32\perfc009.dat [104070]
O44 - LFC:[MD5.49BFFE027E74C55C6C6F9774D311F9FD] - 08/08/2011 - 19:00:07 ---A- . (...) -- C:\Windows\setupact.log [695]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 08/08/2011 - 19:00:02 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 01/08/2011 - 22:14:55 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [137656]
O44 - LFC:[MD5.5B959C05D24350C3D65DFA2C1DC4E6AA] - 18/07/2011 - 02:23:14 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [247272]
~ Scan Files in 00mn 03s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{21769113-b209-11df-a12e-00197d2590d8}\AutoRun\command - Clé orpheline
O51 - MPSK:{25bed812-d260-11dd-b83b-00197d2590d8}\AutoRun\command. (...) -- C:\Windows\system32\cmd \C launch.bat (.not file.)
O51 - MPSK:{7f73f86a-2581-11e0-8e95-a8db62dddcba}\AutoRun\command. (...) -- K:\WD SmartWare.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\system32\lvcodec2.dll
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.VP60"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.VP61"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048]
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952]
O58 - SDL:[MD5.3CB8E72B7C9887B42B90000E8CB1E7BE] - 13/01/2006 - 15:35:34 ---A- . (.Atheros Communications, Inc. - Driver for Atheros AR5001 Wireless Network Adapter.) -- C:\Windows\system32\drivers\ar5211.sys [470048]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688]
O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 05/01/2010 - 11:09:08 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960]
O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 05/01/2010 - 22:14:55 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [137656]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520]
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480]
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040]
O58 - SDL:[MD5.A4FBA5B34E69E46315A7C5223A470A17] - 13/12/2006 - 18:32:20 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [1478144]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.FF9F262494FC23D77A6148D49D87D2DE] - 12/11/2008 - 03:06:13 ---A- . (.PCTools Research Pty Ltd. - File Security Device Driver.) -- C:\Windows\system32\drivers\ikfilesec.sys [40840]
O58 - SDL:[MD5.7E359671FD9595ECB1B0A33FB4184B19] - 12/11/2008 - 03:06:14 ---A- . (.PCTools Research Pty Ltd. - System Filter Device Driver.) -- C:\Windows\system32\drivers\iksysflt.sys [66952]
O58 - SDL:[MD5.A44CB3CF3AF266665261A6E6C9CAC27C] - 12/11/2008 - 03:06:14 ---A- . (.PCTools Research Pty Ltd. - System Security Device Driver.) -- C:\Windows\system32\drivers\iksyssec.sys [81288]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.8CB1AEA5CC79397319B139171DF877A0] - 11/11/2008 - 15:19:24 ---A- . (.PCTools Research Pty Ltd. - Pas de description.) -- C:\Windows\system32\drivers\kcom.sys [29576]
O58 - SDL:[MD5.68C783468E1B7F0A953C60E2C9A47C2D] - 06/06/2009 - 14:24:28 ---A- . (.Windows (R) Codename Longhorn DDK provider - LitexMedia Virtual Audio Cable miniport driver.) -- C:\Windows\system32\drivers\lmvac.sys [25616]
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640]
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640]
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640]
O58 - SDL:[MD5.5BD2C6D982481D548107C602E7CCFBBC] - 31/01/2005 - 09:20:04 ---A- . (.Logitech Inc. - Logitech Elch 2 Video Driver.) -- C:\Windows\system32\drivers\LV561AV.SYS [211712]
O58 - SDL:[MD5.A730FC8671A60666D6E877C544DD7CD4] - 31/01/2005 - 09:12:46 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBSta.sys [22016]
O58 - SDL:[MD5.1B051BE823DF7F37E1EB653A5EB93D93] - 31/12/2009 - 14:54:58 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [19160]
O58 - SDL:[MD5.81BE7762CB0134060D0743B8179E9016] - 31/12/2009 - 14:55:24 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680]
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040]
O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 20/07/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872]
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.F17713D108ACA124A139FDE877EEF68A] - 16/04/2008 - 13:51:56 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\system32\drivers\RimUsb.sys [22784]
O58 - SDL:[MD5.C61B3B87F3856CEF0C9F204028C6860D] - 25/05/2008 - 12:41:34 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [1668456]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504]
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784]
O58 - SDL:[MD5.BE6038E0A7D2E2FE69107E41A0265831] - 10/11/2000 - 02:15:08 ---A- . (.Sony Corporation - Sony Notebook Control driver.) -- C:\Windows\system32\drivers\SonyNC.sys [48896]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 05/01/2010 - 13:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.7C7445B4C2BD46C56ABB3499DA52B75C] - 25/05/2008 - 13:56:04 ---A- . (.Texas Instruments - ti21sony.sys.) -- C:\Windows\system32\drivers\ti21sony.sys [227328]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512]
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232]
O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 02/11/2006 - 08:41:49 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704]
O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 02/11/2006 - 08:41:48 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336]
O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 02/11/2006 - 08:41:50 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648]
O58 - SDL:[MD5.7D1F3B131D503EF43EE594B5A2B9B427] - 02/11/2006 - 08:30:56 ---A- . (.Marvell - Pilote miniport NDIS6.0 pour contrôleur Ethernet Marvell Yukon.) -- C:\Windows\system32\drivers\yk60x86.sys [194048]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]
~ Scan Drivers in 00mn 09s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 13/02/2009 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO
O64 - Services: CurCS - 04/02/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 01/08/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 12/11/2008 - C:\Windows\system32\drivers\ikfilesec.sys - File Security Driver(IKFileSec) .(.PCTools Research Pty Ltd. - File Security Device Driver.) - LEGACY_IKFILESEC
O64 - Services: CurCS - 12/11/2008 - C:\Windows\system32\drivers\iksysflt.sys - System Filter Driver(IKSysFlt) .(.PCTools Research Pty Ltd. - System Filter Device Driver.) - LEGACY_IKSYSFLT
O64 - Services: CurCS - 12/11/2008 - C:\Windows\system32\drivers\iksyssec.sys - System Security Driver(IKSysSec) .(.PCTools Research Pty Ltd. - System Security Device Driver.) - LEGACY_IKSYSSEC
O64 - Services: CurCS - 17/06/2010 - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
~ Scan Services in 00mn 02s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\nana\AppData\Roaming\Mozilla\Firefox\Profiles\wkefotbn.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [nana - wkefotbn.default] user_pref("CT2786678.SearchEngine", "Search||http://search.conduit.com/Results.aspx?
O69 - SBI: prefs.js [nana - wkefotbn.default] user_pref("CT2786678.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://supertoolbar.ask.com
O69 - SBI: SearchScopes [HKCU] {4C3DC639-1BBA-4385-B490-0B1602243AC3} [DefaultScope] - (Google) - http://www.google.fr
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=7ikaRA24 ... B5x_3MM?q={searchTerms}
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.EEA1AEEDA39AFE77A33BE60C00C0A308] [SPRF][24/03/2011] (...) -- C:\Users\nana\AppData\Roaming\lakerda1967.sys [137]
[MD5.9A91B5D0193F0ED73F3A693A0A3001B3] [SPRF][04/11/2009] (...) -- C:\Users\nana\Desktop\avira_antivir_personal_free.exe [30143928]
[MD5.97D8A2F0ABF1E3FC8BB4F6A36C6371B6] [SPRF][02/01/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player Plugin Installer.) -- C:\Users\nana\Desktop\install_flash_player.exe [1924200]
[MD5.EA107742DC18FA504DFF2E081BB78928] [SPRF][04/12/2010] (.Recisio - KaraFun Setup.) -- C:\Users\nana\Desktop\karafun_118.exe [5063603]
[MD5.DC5684CD7A31D964FE75D07263CB2C07] [SPRF][17/05/2008] (.Microsoft Corporation - Fichier exécutable du programme d'installation client Windows Live.) -- C:\Users\nana\Desktop\WLinstaller.exe [2402832]
[MD5.01D8AC42A8A5DA221E93189C7B015CE1] [SPRF][08/01/2010] (...) -- C:\Users\nana\Desktop\wrar390fr.exe [1443065]
~ Scan Files in 00mn 01s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{35DA60DD-687E-4C88-AC43-BC76550DC80F}C:\program files\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{24B228FA-C4D6-4810-A1E7-464EAC14EE5A}C:\program files\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.)
O87 - FAEL: "{1EE8E28A-97B4-4BDA-8D1B-9133AA9B6E34}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O87 - FAEL: "{18557D6B-7E46-4477-87DE-51799CC32FB4}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Windows Live\Messenger\livecall.exe (.not file.)
O87 - FAEL: "TCP Query User{E0A41932-97BB-47A4-BA73-F0B54BE1D118}C:\program files\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.)
O87 - FAEL: "UDP Query User{B26C49D2-063A-4867-B897-5500182BA215}C:\program files\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.)
O87 - FAEL: "{C50FF100-0D8B-4CDB-B266-8941329C9B82}" | In - Private - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe
O87 - FAEL: "{B7859231-051B-4498-9E3C-9C4E8B3CEDCD}" | In - Private - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe
O87 - FAEL: "TCP Query User{19627C6B-D468-456E-A638-2D52B1F763C4}C:\program files\limewire\limewire.exe" | In - Public - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "UDP Query User{D751D576-D2CA-4CEF-B0DF-073344FD4FA2}C:\program files\limewire\limewire.exe" | In - Public - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "{40748D1C-105D-480A-963C-0FE3BF761CEA}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{E2977FD4-DD34-45DA-B7F6-DFF9ABEC6EFF}" |In - None - P6 - TRUE | .(...) -- C:\Program Files\uTorrent\uTorrent.exe (.not file.)
O87 - FAEL: "{A8D44054-D2D2-48F2-B514-485621E96F6F}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\uTorrent\uTorrent.exe (.not file.)
O87 - FAEL: "TCP Query User{1F51462C-85DE-4E81-9787-6629F22551AF}C:\program files\electronic arts\eadm\core.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "UDP Query User{7085BE12-79D9-49E3-9BF6-4995A99CB064}C:\program files\electronic arts\eadm\core.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\electronic arts\eadm\core.exe (.not file.)
O87 - FAEL: "TCP Query User{D451BE7B-5E30-4458-A6E2-3527CB2A91AC}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe
O87 - FAEL: "UDP Query User{EC84EE72-12D6-48E8-9590-558618A5901A}C:\program files\mozilla firefox\plugin-container.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe
~ Scan Firewall in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 8614 - (09/08/2011)
Clés trouvées (Keys found) : 12
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 7
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2786678] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8a0dcbda-6e20-489c-9041-c1e8a0352e75}] =>Adware.Mirar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar
C:\Program Files\Ask.com =>Toolbar.AskBar
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z =>Adware.PlayMP3Z.biz
C:\Users\nana\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\nana\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit
C:\Users\nana\AppData\Roaming\Mozilla\Firefox\Profiles\wkefotbn.default\Conduit =>Toolbar.Conduit
C:\Users\nana\AppData\Roaming\Mozilla\Firefox\Profiles\wkefotbn.default\ConduitEngine =>Toolbar.Conduit
C:\Users\nana\AppData\Roaming\Mozilla\Firefox\Profiles\wkefotbn.default\Extensions\engine@conduit.com =>Toolbar.Conduit
~ Scan Additionnel in 00mn 10s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : neufbox
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 74.125.39.104
74.125.39.99
74.125.39.147
74.125.39.106
74.125.39.103
74.125.39.105
Aliases: www.google.fr
www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 05/01/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 05/01/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SS - | Demand 16/11/2009 30192 | Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 28/03/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 27/02/2011 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SS - | Demand 30/12/1899 0 | (sdAuxService) . (...) - C:\Program Files\Spyware Doctor\pctsAuxs.exe
SS - | Demand 30/12/1899 0 | (sdCoreService) . (...) - C:\Program Files\Spyware Doctor\pctsSvc.exe
SR - | Demand 31/12/2009 355584 | C:\Windows\System32\TuneUpDefragService.exe (TuneUp.Defrag) . (.TuneUp Software GmbH.) - C:\Windows\System32\TuneUpDefragService.exe
SR - | Auto 13/06/2008 21504 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software GmbH.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/06/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 06s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 08s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by nana at 10/08/2011 08:47:39
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 11s
End of the scan (1019 lines in 01mn 39s)(0)
Antivirus- Antispywares & Antimalwares
- Pare-feu
- Nettoyeurs fichiers & registre
- Navigateurs & Clients mail
Tutoriel Hijackthis- Tutoriel Malwarebytes
- Tutoriel RSIT
- Tutoriel CCleaner
- Tutoriel GlaryUtilities
- Tutoriel UsbFix
- Tutoriel AD-Remover
- Astuce Navipromo
- Astuce rogues
- Désactiver l'UAC sous
 |
 |
 |
 |
 |
 |
-
- Publicité
mon ordi est ultra lent
6 messages
• Page 1 sur 1
• Copier l’adresse BBCode de la page
Publicité
Re: mon ordi est ultra lent
de shion-ares » 12 Aoû 2011 08:50
Bonjour
Un peu d'infection activité P2P rien de bien méchant
suis exactement la procédure STP
Tutoriel pour t'aider
Un peu d'infection activité P2P rien de bien méchant
suis exactement la procédure STP - Télécharge AD-Remover (de C_XX) sur ton Bureau.
- Clique sur TÉLÉCHARGER et enregistre-le sur ton bureau.
-
Déconnecte toi et ferme toutes les applications en cours - Double-clique sur l'icône AD-Remover, le programme s'installera automatiquement.
- Sous Vista et Windows 7 : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
- Au menu principal, clique sur "Nettoyer".
- Confirme le lancement de l'analyse et laisse l'outil travailler.
- Une fois le nettoyage terminé, AD-Remover te demandera de redémarrer l'ordinateur pour finaliser le nettoyage.. Clique sur Oui.
- Ensuite poste le rapport qui est sauvegardé à cet endroit
C:\Ad-Report-CLEAN[1].txt
Tutoriel pour t'aider
-
shion-ares 
- Messages: 1266
- Age: 42
- Inscription: 15 Juil 2009 09:00
- Localisation: herbignac
- Sexe:
Point(s) : 6890- Donner
- Nombre de réponses utiles: 67
Re: mon ordi est ultra lent
de alex73730 » 12 Aoû 2011 14:09
voila le rapport
====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:06:03 le 12/08/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
nana@PC-DE-NANA (Sony Corporation VGN-N21E_W)
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
Fichier trouvé: C:\Program Files\Mozilla FireFox\regxpcom.exe
Dossier trouvé: C:\Program Files\Ask.com
Dossier trouvé: C:\Users\nana\AppData\LocalLow\Conduit
Dossier trouvé: C:\Users\nana\AppData\LocalLow\ConduitEngine
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2786678
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2461CE7E-A15F-4E2D-90AA-D21AE9F22504}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FBrowsingAdvisor_is1
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlayMP3
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Internet Explorer Version [7.0.6002.18005] ****
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://www.foozir.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.foozir.com/
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://supertoolbar.ask.com/redirect?cl ... src=crm&q={searchTerm...)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_Toolbar|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (x)
HKLM_ElevationPolicy\{2461CE7E-A15F-4E2D-90AA-D21AE9F22504} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
HKLM_ElevationPolicy\{94C4B5BB-AAD6-4C61-B694-B4DC17D1D51E} - C:\Program Files\uTorrentBar\uTorrentBarToolbarHelper.exe (x)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll)
BHO\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 12/08/2011 14:06:17 (3947 Octet(s))
Fin à: 14:07:22, 12/08/2011
============== E.O.F ==============
====== RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:06:03 le 12/08/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
nana@PC-DE-NANA (Sony Corporation VGN-N21E_W)
============== RECHERCHE ==============
Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
Fichier trouvé: C:\Program Files\Mozilla FireFox\regxpcom.exe
Dossier trouvé: C:\Program Files\Ask.com
Dossier trouvé: C:\Users\nana\AppData\LocalLow\Conduit
Dossier trouvé: C:\Users\nana\AppData\LocalLow\ConduitEngine
Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2786678
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2461CE7E-A15F-4E2D-90AA-D21AE9F22504}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FBrowsingAdvisor_is1
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlayMP3
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Internet Explorer Version [7.0.6002.18005] ****
HKCU_Main|Search bar - hxxp://www.google.com/ie
HKCU_Main|Search Page - hxxp://www.google.com
HKCU_Main|Start Page - hxxp://www.foozir.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://www.foozir.com/
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://supertoolbar.ask.com/redirect?cl ... src=crm&q={searchTerm...)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_Toolbar|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (x)
HKLM_ElevationPolicy\{2461CE7E-A15F-4E2D-90AA-D21AE9F22504} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
HKLM_ElevationPolicy\{94C4B5BB-AAD6-4C61-B694-B4DC17D1D51E} - C:\Program Files\uTorrentBar\uTorrentBarToolbarHelper.exe (x)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll)
BHO\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 12/08/2011 14:06:17 (3947 Octet(s))
Fin à: 14:07:22, 12/08/2011
============== E.O.F ==============
-
alex73730 
- Progression vers le rang suivant:
- Messages: 3
- Age: 21
- Inscription: 11 Aoû 2011 14:29
- Sexe:
Point(s) : 30- Donner
Re: mon ordi est ultra lent
de shion-ares » 12 Aoû 2011 15:31
relance Ad-remover puis sélectionne nettoyage ou suppression ensuite poste moi le rapport
puis fait ceci
- Télécharges UsbFix (créé par El Desaparecido & C_XX) et enregistres-le sur ton bureau
- tutoriel recherche
- Ne fais pas la suppression tant que je ne te l'ai pas demandé
- Double-cliques sur UsbFix présent sur ton bureau, l'installation se fera automatiquement
- Branches tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir
- Clique sur le bouton Recherche
- Laisses travailler l'outil
- Ensuite postes le rapport UsbFix.txt qui apparaîtra
- Note : le rapport UsbFix.txt est sauvegardé à la racine du disque
-
shion-ares - Messages: 1266
- Age: 42
- Inscription: 15 Juil 2009 09:00
- Localisation: herbignac
- Sexe:
Point(s) : 6890- Donner
- Nombre de réponses utiles: 67
Re: mon ordi est ultra lent
de alex73730 » 13 Aoû 2011 10:17
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 10:13:10 le 13/08/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
nana@PC-DE-NANA (Sony Corporation VGN-N21E_W)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
**** Google Chrome Version [13.0.782.112] ****
-- C:\Users\nana\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/
Preferences - homepage_is_newtabpage: false
========================================
**** Internet Explorer Version [7.0.6002.18005] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_Toolbar|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
HKLM_ElevationPolicy\{94C4B5BB-AAD6-4C61-B694-B4DC17D1D51E} - C:\Program Files\uTorrentBar\uTorrentBarToolbarHelper.exe (x)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll)
BHO\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 6 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 31 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 12/08/2011 14:10:45 (4074 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 13/08/2011 10:13:16 (2609 Octet(s))
C:\Ad-Report-SCAN[1].txt - 12/08/2011 14:06:17 (4085 Octet(s))
Fin à: 10:16:04, 13/08/2011
============== E.O.F ==============
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 10:13:10 le 13/08/2011, Mode normal
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
nana@PC-DE-NANA (Sony Corporation VGN-N21E_W)
============== ACTION(S) ==============
(!) -- Fichiers temporaires supprimés.
============== SCAN ADDITIONNEL ==============
**** Google Chrome Version [13.0.782.112] ****
-- C:\Users\nana\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/
Preferences - homepage_is_newtabpage: false
========================================
**** Internet Explorer Version [7.0.6002.18005] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_Toolbar|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (x)
HKLM_ElevationPolicy\{94C4B5BB-AAD6-4C61-B694-B4DC17D1D51E} - C:\Program Files\uTorrentBar\uTorrentBarToolbarHelper.exe (x)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} (?)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll)
BHO\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (?)
========================================
C:\Program Files\Ad-Remover\Quarantine: 6 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 31 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 12/08/2011 14:10:45 (4074 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 13/08/2011 10:13:16 (2609 Octet(s))
C:\Ad-Report-SCAN[1].txt - 12/08/2011 14:06:17 (4085 Octet(s))
Fin à: 10:16:04, 13/08/2011
============== E.O.F ==============
-
alex73730 - Progression vers le rang suivant:
- Messages: 3
- Age: 21
- Inscription: 11 Aoû 2011 14:29
- Sexe:
Point(s) : 30- Donner
Re: mon ordi est ultra lent
de shion-ares » 13 Aoû 2011 16:02
Bonjour
ok mais pourrais tu me transmettre celui ci STP
C:\Ad-Report-CLEAN[1].txt j'attends le rapport de usbfix
ok mais pourrais tu me transmettre celui ci STP
C:\Ad-Report-CLEAN[1].txt j'attends le rapport de usbfix
-
shion-ares - Messages: 1266
- Age: 42
- Inscription: 15 Juil 2009 09:00
- Localisation: herbignac
- Sexe:
Point(s) : 6890- Donner
- Nombre de réponses utiles: 67
6 messages
• Page 1 sur 1
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 2 invités
Qui a vu ce sujet 
Publicités par Advertisement Management