Ralentissement énorme PC

Section d'analyse de rapports et de désinfection : malwares en tous genre et autres indésirables. Demandes de nettoyage uniquement. Prise en charge restreinte : équipe spécialisée.

Modérateur: Modérateurs

Règles du forum :arrow: Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
:arrow: Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
:arrow: Un topic par machine, chacun crée le sien. ;)

Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 12:31

Bonjour à tous,

Bon j'ai un ralentissement que je juge énorme dans la mesure ou je n'arrive plus à écouter un son ou a voir une vidéo, enfin en morcelés !

J'ai défragmenté mon disque, j'ai fait de la place, j'ai fait du nettoyage avec Ccleaner, j'ai lancé une analyse avec Avast qui m'a trouvé 40 fichier infectés qu'il a mis en quarantaine (C'est beaucoup non ??), je sais plus quoi faire, je crois qu'il doit y avoir un souci !

J'ai lancé le scan comme indiqué dans les instructions :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:21:42, on 23/03/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.autocompletepro.com/?si=10203&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.autocompletepro.com/?si=10203&bi=400
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.autocompletepro.com/?si=10203&bi=400
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.autocompletepro.com/?si=10203&bi=400
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10203&bi=400
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
R3 - URLSearchHook: Radio Bar 2 Toolbar - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - C:\Program Files\Radio_Bar_2\tbRadi.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Radio Bar 2 Toolbar - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - C:\Program Files\Radio_Bar_2\tbRadi.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: Radio Bar 2 Toolbar - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - C:\Program Files\Radio_Bar_2\tbRadi.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-583907252-287218729-725345543-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'postgres')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars.be - {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files\PokerStars.BE\PokerStarsUpdate.exe
O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate1c999f2e4cfa59e) (gupdate1c999f2e4cfa59e) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 15827 bytes


Un grand merci pour votre aide,
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar nardino » 23 Mar 2011 14:50

Bonjour,
ImageTélécharge AD-Remover sur ton bureau.

Image Double clique sur AD-R.exe
Clique sur le bouton Nettoyer.
Image Poste le rapport qui va s'ouvrir en fin de scan.
Le rapport est sauvegardé sous C:\Ad-report-SCAN[1].txt
Puis ferme le programme par Quitter

Image Télécharge ZHPDiag de Nicolas Coolman sur ton bureau.

Image Clique sur Image pour lancer l'installation.
Image Clique sur Image pour lancer le programme.

Sous Vista et Sept , il faut cliquer droit dessus et dans le menu contextuel sur Exécuter en tant qu'administrateur.
Image Clique sur Image pour vérifier si une mise à jour du logiciel est disponible.
Image Clique sur Image pour lancer le scan.
Image Clique sur Image quand le scan sera terminé pour mettre le rapport dans le presse-papier.

Image Héberge ce dernier sur Cjoint.
Poste le lien obtenu.
Image Referme l'outil.
Image Le rapport sera enregistré sur le bureau. Image

@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 15:14

Alors voici le scan ad-remover dans un premier temps :

Un très grand merci pour ton aide,

======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 22/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 14:54:17 le 23/03/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Rida@RIDAN ( )

============== ACTION(S) ==============

Service: "Application Updater" Stoppé et supprimé

Dossier supprimé: C:\Program Files\Mozilla FireFox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Dossier supprimé: C:\Program Files\Mozilla FireFox\extensions\search@searchsettings.com
Fichier supprimé: C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\Mozilla\FireFox\Profiles\1tq65o8b.default\conduit
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\Mozilla\FireFox\Profiles\1tq65o8b.default\ConduitEngine
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\Mozilla\FireFox\Profiles\1tq65o8b.default\extensions\engine@conduit.com
Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Everest Poker
Dossier supprimé: C:\Program Files\Everest Poker
Dossier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Dossier supprimé: C:\Program Files\Application Updater
Dossier supprimé: C:\Program Files\AutocompletePro
Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ClickPotato
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\ClickPotatoLite
Dossier supprimé: C:\Program Files\ClickPotatoLite
Dossier supprimé: C:\Documents and Settings\All Users\Application Data\ClickPotatoLiteSA
Dossier supprimé: C:\Program Files\Family Toolbar
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\live-player
Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\live-player
Dossier supprimé: C:\Program Files\live-player
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\OpenCandy
Dossier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\OpenCandy
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\pdfforge
Dossier supprimé: C:\Program Files\pdfforge Toolbar
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\PriceGong
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\Search Settings
Dossier supprimé: C:\Program Files\Search Settings
Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer
Dossier supprimé: C:\Program Files\WebMediaPlayer
Dossier supprimé: C:\Documents and Settings\Rida\Application Data\OfferBox
Dossier supprimé: C:\Program Files\OfferBox
Fichier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\cpkyujf_nav.dat
Fichier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\cpkyujf.dat
Fichier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\cpkyujf_navps.dat
Fichier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\ebfdljg_nav.dat
Fichier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\ebfdljg.dat
Fichier supprimé: C:\Documents and Settings\Rida\Local Settings\Application Data\ebfdljg_navps.dat
Fichier supprimé: C:\Documents and Settings\All Users\Bureau\Everest Poker.fr.lnk

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\Rida\Application Data\Mozilla\FireFox\Profiles\1tq65o8b.default\Prefs.js --
Ligne supprimée: user_pref("CT2126963.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT212...
Ligne supprimée: user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 1174448/BE", "\"0\"...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 48/DEFAULT", "...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/BE", "\"0\"")...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... 14/DEFAULT", "\"...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2786678", ...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428543113243...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "63...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =11/8/20...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-service ... 8&octid=...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... octid=CT...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... T2786678...
Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"634...
Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "CT2786678");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Ligne supprimée: user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440);
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.myheritage.com/?orig=ds&q=...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2126963,ConduitEngine,CT2786678");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Dec 21 2010 16:22:27 GMT+0100");
Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Dec 21 2010 16:22:27 GMT+0100");
Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "7b4d2e19-af12-45c9-baf6-7f086a1f1d12");
Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Dec 21 2010 16:22:29 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.CTID", "ConduitEngine");
Ligne supprimée: user_pref("ConduitEngine.FirstServerDate", "11/24/2010 21");
Ligne supprimée: user_pref("ConduitEngine.FirstTime", true);
Ligne supprimée: user_pref("ConduitEngine.FirstTimeFF3", true);
Ligne supprimée: user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Ligne supprimée: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Ligne supprimée: user_pref("ConduitEngine.Initialize", true);
Ligne supprimée: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Ligne supprimée: user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Ligne supprimée: user_pref("ConduitEngine.InstalledDate", "Wed Nov 24 2010 20:54:12 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.IsMulticommunity", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Ligne supprimée: user_pref("ConduitEngine.IsOpenUninstallPage", false);
Ligne supprimée: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Dec 21 2010 16:22:28 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.LastLogin_3.2.3.3", "Tue Dec 21 2010 16:22:30 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Ligne supprimée: user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C...
Ligne supprimée: user_pref("ConduitEngine.SettingsLastCheckTime", "Tue Dec 21 2010 16:22:28 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.UserID", "UN88973517108622198");
Ligne supprimée: user_pref("ConduitEngine.engineLocale", "fr");
Ligne supprimée: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Dec 21 2010 16:22:28 GMT+0100");
Ligne supprimée: user_pref("ConduitEngine.initDone", true);
Ligne supprimée: user_pref("extensions.enabledItems", "ClickPotatoLite@ClickPotatoLite.com:10.0.542.0,engine@conduit....
Ligne supprimée: user_pref("family_toolbar.Var1", "%26todaySortedDate%3D201010240%26lastRefreshTime%3D16%3A13");
Ligne supprimée: user_pref("family_toolbar.Var10", "0");
Ligne supprimée: user_pref("family_toolbar.Var2", "FR");
Ligne supprimée: user_pref("family_toolbar.Var3", "0");
Ligne supprimée: user_pref("family_toolbar.Var4", "Yes");
Ligne supprimée: user_pref("family_toolbar.Var5", "1");
Ligne supprimée: user_pref("family_toolbar.Var6", "Yes");
Ligne supprimée: user_pref("family_toolbar.Var7", "1.288");
Ligne supprimée: user_pref("family_toolbar.Var8", "FF16-13-53-532");
Ligne supprimée: user_pref("family_toolbar.Var9", "0");
Ligne supprimée: user_pref("family_toolbar.cache.tbs_include_xml_008658", "13/16/24/9/110");
Ligne supprimée: user_pref("family_toolbar.firstlaunch", "0");
Ligne supprimée: user_pref("family_toolbar.guid", "%7B462776DC-D5E6-FDC4-D5EB-E8BC30126C63%7D");
Ligne supprimée: user_pref("family_toolbar.popupblockedcnt", "43");
Ligne supprimée: user_pref("family_toolbar.stored_historySearch_Combo", "////spotify%20france////facebook////youtube"...
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E}
Clé supprimée: HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Clé supprimée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Clé supprimée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé supprimée: HKLM\Software\Classes\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D}
Clé supprimée: HKLM\Software\Classes\Interface\{419EDA30-6DFF-432C-B534-E15D899ABEE4}
Clé supprimée: HKLM\Software\Classes\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Clé supprimée: HKLM\Software\Classes\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
Clé supprimée: HKLM\Software\Classes\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
Clé supprimée: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}
Clé supprimée: HKLM\Software\Classes\TypeLib\{814BAA91-DC22-4350-87D6-0C86E93F7F08}
Clé supprimée: HKLM\Software\Classes\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD}
Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAx.Info
Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAx.Info.1
Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles
Clé supprimée: HKLM\Software\Classes\ClickPotatoLiteAX.UserProfiles.1
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\MenuButtonIE.ButtonIE
Clé supprimée: HKLM\Software\Classes\MenuButtonIE.ButtonIE.1
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer
Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO
Clé supprimée: HKLM\Software\Classes\SearchSettings.BHO.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2126963
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2405727
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2786678
Clé supprimée: HKLM\Software\Classes\AppID\MenuButtonIE.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29}
Clé supprimée: HKLM\Software\OfferBox
Clé supprimée: HKLM\Software\Application Updater
Clé supprimée: HKLM\Software\ClickPotatoLite
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\Live-Player
Clé supprimée: HKLM\Software\pdfforge
Clé supprimée: HKLM\Software\Search Settings
Clé supprimée: HKLM\Software\WebMediaPlayer
Clé supprimée: HKCU\Software\OfferBox
Clé supprimée: HKCU\Software\Spointer
Clé supprimée: HKCU\Software\ClickPotatoLiteSA
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\fcn
Clé supprimée: HKCU\Software\Grand Virtual
Clé supprimée: HKCU\Software\Live-Player
Clé supprimée: HKCU\Software\pdfforge
Clé supprimée: HKCU\Software\PriceGong
Clé supprimée: HKCU\Software\Search Settings
Clé supprimée: HKCU\Software\WebMediaPlayer
Clé supprimée: HKCU\Software\AppDataLow\Software\pdfforge
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Everest Poker
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ClickPotato
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\live-player
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\WebMediaPlayer
Clé supprimée: HKLM\Software\Classes\Installer\Products\B8CF0B8BB96E5124FAA1B4FD2FD097B4
Clé supprimée: HKLM\Software\Classes\Installer\Products\D82C50F59AED6DA47AA360145789E8BA
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\B8CF0B8BB96E5124FAA1B4FD2FD097B4
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\D82C50F59AED6DA47AA360145789E8BA
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|clickpotatolite@clickpotatolite.com
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{B922D405-6D13-4A2B-AE89-08A030DA4402}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.13 (fr)] ****

Searchplugins\acpro.xml ( hxxp://search.autocompletepro.com?si=10203&amp;q={searchTerms}/)
Searchplugins\MyHeritage.xml (?)
Searchplugins\YouGoo.xml (<SearchPlugin xmlns=hxxp://www.mozilla.org/2006/browser/search/<ShortNameYouGoo</ShortName<DescriptionMéta-annuaire YouGoo</Description<InputEncodingISO-8859-1</InputEncoding<Image width=16 height=16data:image/x-icon,%00%00%01%00%01%00%10%10%00%00%01%00%20%00h%04%00%00%16%00%00%00(%00%00%00%10%00%00%00%20%00%00%00%01%00%20%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%B5%B5%B5%05%1C%1C%1C%15%00%00%00%1A%00%00%00%1A%00%00%00%16%00%00%00%0F%00%00%00%16%04%00%00%1B%02%00%00%1A%00%00%00%17%00%00%00%19%00%00%00%19%00%00%00%1A%00%00%00%1A%0D%0D%0D%18%8E%8E%8E%09%26%26%26%0F%00%00%00%14%00%00%00%13%00%00%00%0D%0C%02%01%1DX%15%10x%9C%2B*%B9%AD2%2C%C4%9B%2C%2C%B1c%1A%18%7C%18%05%02%2C%03%01%00%14%00%00%00%12%00%00%00%13%00%00%00%14%07%07%07%12%14%14%14%0D%00%00%00%0E%00%00%00%0B%13%04%01%16%B2%2F%2F%C5%ED%3FB%FF%AE4%2B%B1n%25%1Dif%23%20b%9731%9A%9E-%2C%C1%20%07%05%3D%01%01%00%10%00%00%00%0D%00%00%00%0E%00%00%00%0E%17%17%17%09%00%00%00%0A%00%00%00%00%5B)%23X%FFVN%FFs%1D%1D%8F%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%8F76%94%7C%1D%1B%BA%03%00%00%15%00%00%00%08%00%00%00%0A%00%00%00%0A%17%17%17%06%00%00%00%07%00%00%00%00V%3E7M%FCzu%FF%3B%05%01f%01%02%00%02%00%00%00%04%00%00%00%04%00%00%00%00%8D%2F%26%89%AF%2C'%ED%0B%01%00%1D%00%00%00%04%00%00%00%07%00%00%00%07%11%11%11%04%00%00%00%04%00%00%00%03%06%04%00%08%B8mY%B4%B9%3F%3F%E1L%0E%0B%5C'%06%03%25%14%04%00%10%5E%18%1Ai%F0CE%FC%9E%24%1F%C5%01%00%00%08%00%00%00%03%00%00%00%04%00%00%00%04333%02%1E%1E%1E%02%1F%1F%1F%03%00%00%00%00)(%25%04%95%5BXg%D0_%5E%AA%C6KI%B0%B2-(%D4%EA%3FE%FF%E4%3CD%F1Y%25%25%3B%00%00%00%00%1F%1F%1F%02%1F%1F%1F%02%1F%1F%1F%02%EF%EF%EF%04%ED%ED%ED%04%ED%ED%ED%04%ED%ED%ED%04%EA%EB%EB%02%00%00%00%00%00%00%00%00%B5%87%82A%FETP%FF%C626%DB%A2ut6%00%00%00%00%ED%EE%EE%04%ED%ED%ED%04%ED%ED%ED%04%ED%ED%ED%04%FF%FF%FF%09%FF%FF%FF%0A%FF%FF%FF%0A%FF%FF%FF%0B%FF%FF%FF%04%C9%B8%B7%1C%7C5%2Cw%B2JH%C2%FEwv%FF~%22!%9Dkli%09%F1%F1%F1%0A%FF%FF%FF%0A%FF%FF%FF%0A%FF%FF%FF%0A%FF%FF%FF%0A%FF%FF%FF%11%FF%FF%FF%13%FF%FF%FF%13%FF%FF%FF%0F%F4%E4%E2%1E%D1FH%D1%CF)%2F%FF%D7%92%92x%FE%E4%E0K%E0op%CE%5E%1E%1C%8E%8B%89%88%20%FD%FD%FE%11%FF%FF%FF%13%FF%FF%FF%13%FF%FF%FF%13%FF%FF%FF%19%FF%FF%FF%1B%FF%FF%FF%1B%FF%FF%FF%0E%FB%B7%AEv%EB4)%FF%A3SS%93%DF%EB%EB%09%FF%FF%FF%02%FF%D7%D7j%AB%24%25%FFdMLW%ED%EF%EF%18%FF%FF%FF%1A%FF%FF%FF%1B%FF%FF%FF%1B%FF%FF%FF!%FF%FF%FF%24%FF%FF%FF%24%FF%FF%FF%16%FF%D0%CC%93%D3B%40%FF%90rn%5B%FB%FF%FF%1D%FF%FF%FF%16%FE%C8%C7u%D461%FF%84XUy%EF%F3%F3%1D%FF%FF%FF%23%FF%FF%FF%24%FF%FF%FF%24%FF%FF%FF(%FF%FF%FF-%FF%FF%FF%2C%FF%FF%FF%23%FF%F0%E6d%DAaZ%FF%8Ekie%E2%EA%E9%24%F1%F2%F2%22%F0q%60%C5%D31'%FB%B7%9D%9BW%FF%FF%FF%26%FF%FF%FF%2C%FF%FF%FF%2C%FF%FF%FF%2C%FF%FF%FF0%FF%FF%FF5%FF%FF%FF4%FF%FF%FF3%FF%FF%FF.%FB%BB%B2%A8%C6XY%CA%B5%7F%7Fu%D2ss%B2%EF%3F7%FF%BC96%DC%A6%8A%86%60%E4%E1%E09%FF%FF%FF3%FF%FF%FF4%FF%FF%FF5%FF%FF%FF%2B%FF%FF%FF%3D%FF%FF%FF%3A%FF%FF%FF%3A%FF%FF%FF8%FF%FF%FF3%FF%D3%D2o%F7%A1%A1%A4%FD%B4%B4%BA%FD%B8%B9%B3%EE%8E%8B%B0%DA%8A%88%A0%ED%E3%E3J%FF%FF%FF7%FF%FF%FF%3C%FF%FF%FF3%FF%FF%FF%0A%FF%FF%FF1%FF%FF%FF%3E%FF%FF%FF%3D%FF%FF%FF%3D%FF%FF%FF%3D%FF%FF%FF4%FF%FF%FF1%FF%FF%FF1%FF%FF%FF1%FF%FF%FF1%FF%FF%FF5%FF%FF%FF%3C%FF%FF%FF%3E%FF%FF%FF7%FF%FF%FF%12%00%00%00%00%00%00%00%00%00%00%00%00%23%C0%00%00%20%40%00%00%00%00%00%00%10%08%00%00%06%10%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00%00</Imagehxxp://www.yougoo.fr/meteo <Param name=q value={searchTerms}/ <Param name=search value=/</Url<SearchFormhxxp://www.yougoo.fr/meteo</SearchForm</SearchPlugin)
HKLM_Extensions|{23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
HKLM_Extensions|{6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa

-- C:\Documents and Settings\Rida\Application Data\Mozilla\FireFox\Profiles\1tq65o8b.default --
Extensions\{8e7da7e7-9f7e-426e-b964-be9f1cbc9d79} (Download-FR Toolbar)
Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (uTorrentBar Community Toolbar)
Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} (Hotspot Shield Toolbar)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Rida\\Bureau
Prefs.js - browser.search.selectedEngine, Chercher
Prefs.js - browser.startup.homepage, hxxp://search.myheritage.com/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.0.19
Prefs.js - keyword.URL, hxxp://search.myheritage.com/?orig=ds&q=

========================================

**** Google Chrome Version [Impossible d'obtenir la version] ****

Extension\fnjbmmemklcjgepojigaapkoodmkgbae (C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx) (?)
Extension\nneajnkjbffgblleaoojgaacokifdkhm (C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx) (?)

-- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://search.autocompletepro.com?si=10203
Preferences - homepage_is_newtabpage: false
Plugin - ClickPotatoLite Firefox Plugin (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll) (x)
Plugin - Windows Genuine Advantage (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll)
Plugin - Office Genuine Advantage (Activé: true) (C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll)
Plugin - Veetle TV Player (Activé: true) (C:\Program Files\Veetle\Player\npvlc.dll) (x)
Plugin - Veetle TV Core (Activé: true) (C:\Program Files\Veetle\plugins\npVeetle.dll) (x)
Plugin - "OfferboxChromePlugin Dynamic Link Library" (Activé: true)
Plugin - "Windows Genuine Advantage" (Activé: true)
Plugin - "Office Genuine Advantage" (Activé: true)
Plugin - "Veetle TV Core" (Activé: true)
Plugin - "ClickPotatoLite Firefox Plugin" (Activé: true)
Plugin - "Veetle TV Player" (Activé: true)

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - "Radio Bar 2 Toolbar" (C:\Program Files\Radio_Bar_2\tbRadi.dll)
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - "uTorrentBar Toolbar" (C:\Program Files\uTorrentBar\tbuTo1.dll)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "Web Search" (hxxp://search.autocompletepro.com/?si=10203&bi=400&q={searchTerms})
HKCU_SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} - "Chercher" (hxxp://search.myheritage.com?orig=ds&q={searchTerms})
HKLM_SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} - "Chercher" (hxxp://search.myheritage.com?orig=ds&q={searchTerms})
HKCU_Toolbar\ShellBrowser|{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} (x)
HKCU_Toolbar\WebBrowser|{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} (x)
HKCU_Toolbar\WebBrowser|{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} (x)
HKCU_Toolbar\WebBrowser|{9BB815EB-3F9F-4E11-9150-CB70E29B40FC} (C:\Program Files\Radio_Bar_2\tbRadi.dll)
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (C:\Program Files\uTorrentBar\tbuTo1.dll)
HKLM_Toolbar|{9bb815eb-3f9f-4e11-9150-cb70e29b40fc} (C:\Program Files\Radio_Bar_2\tbRadi.dll)
HKLM_Toolbar|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (C:\Program Files\uTorrentBar\tbuTo1.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (x)
HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKLM_ElevationPolicy\06a9cb90-ef68-423a-84b1-22dd573e46d9 - C:\Program Files\Download-FR\Download-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\1bd9d29d-4ddb-4c61-8ea8-d4c156062fb6 - C:\Program Files\Download-FR\Download-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\1c0fd74c-834d-4b25-b61c-df8d689ca31d - C:\Program Files\Download-FR\Download-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\fb4d9bb0-b965-43c9-968c-fd2dbf86bc41 - C:\Program Files\Download-FR\Download-FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\{40B4844A-692C-4DC6-B94A-6EAD9C015072} - C:\Program Files\uTorrentBar\uTorrentBarToolbarHelper.exe (?)
HKLM_ElevationPolicy\{56607983-8513-40B4-B5FB-689BC71C27B9} - C:\Program Files\Radio_Bar_2\Radio_Bar_2ToolbarHelper.exe (?)
HKLM_ElevationPolicy\{5F17E524-3447-4c7d-8E5F-4EFF31CDE3B7} - C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
HKLM_ElevationPolicy\{64903E32-AE0B-408D-909C-09A08791F28D} - C:\Program Files\DivX\DivX Plus Web Player\dwpBroker.exe (DivX, LLC)
HKLM_ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88} - C:\Program Files\DivX\DivX OVS Helper\OVSHelperBroker.exe (DivX, LLC.)
HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKLM_Extensions\{878AC5FC-BE78-4bae-896C-7F75B790A71E} - "PokerStars.be" (C:\Program Files\PokerStars.BE\main.ico)
HKLM_Extensions\{90EAE591-7E7E-434a-8E28-ECFD00071806} - "PokerStars.fr" (C:\Program Files\PokerStars.FR\main.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{326E768D-4182-46FD-9C16-1449A49795F4} - "DivX Plus Web Player HTML5 <video>" (C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll)
BHO\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} - "DivX HiQ" (C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
BHO\{9bb815eb-3f9f-4e11-9150-cb70e29b40fc} - "Radio Bar 2 Toolbar" (C:\Program Files\Radio_Bar_2\tbRadi.dll)
BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll)
BHO\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - "uTorrentBar Toolbar" (C:\Program Files\uTorrentBar\tbuTo1.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 236 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 23/03/2011 14:54:39 (28948 Octet(s))

Fin à: 14:59:53, 23/03/2011

============== E.O.F ==============
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 15:23

Ci dessous le second scan par ZHPDiag de Nicolas Coolman partie 1 :


Rapport de ZHPDiag v1.27.182 par Nicolas Coolman, Update du 21/03/2011
Run by Rida at 23/03/2011 15:17:47
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html
Contact : nicolascoolman@yahoo.fr


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702

---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 13 Stepping 8, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1022 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 17 GB (35%) free of 49 GB

---\\ Logged in mode
Computer Name: RIDAN
User Name: Rida
All Users Names: SUPPORT_388945a0, Rida, postgres, HelpAssistant, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Documents and Settings\Rida\Application Data
%LocalAppData%=C:\Documents and Settings\Rida\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\Rida\Menu Démarrer

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 49 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Hard drive, Flash drive, Thumb drive (Free 30 Go of 44 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 20:15:53.) -- C:\Windows\System32\drivers\ntfs.sys [574976]



---\\ Processus lancés
[MD5.12B0134BB2F5E482128F901E34E7138E] - (.Intel Corporation - EvtEng Module.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [86016]
[MD5.02B4B912D7AD5ED9F2F37EAC6A68D4AF] - (.Intel Corporation - Event Monitor - Supports driver extensions.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [372809]
[MD5.2695E3E9497BF72ABB44B5010EC5DA16] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3451496]
[MD5.57D8C4ED26DFD7EF0E2CB196FB8BFB54] - (.DivX, LLC - DivX Download Manager Service.) -- C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [63360]
[MD5.CB7CA3DC268CA9D3FC1349A60EA48211] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1230704]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072]
[MD5.93EEFBC237ADFC406F52EE56D97F784B] - (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe [32768]
[MD5.4B9C4018690BF6BE6346199FE3FEC2AC] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [14720000]
[MD5.5C6450EAAFD24E5B416E29700452F385] - (.Sony Corporation - SPM Module.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [184320]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
[MD5.4B5F60169F872E6033F09A52BCA791EA] - (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [151552]
[MD5.47CA2F039FDB67697EE60C260CB8083C] - (.Google - Google Talk.) -- C:\Program Files\Google\Google Talk\googletalk.exe [3297280]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.A2FB43EDBAA0F2EB24A316A4DC2843D5] - (.Nitro PDF Software - Solid Spool Service.) -- C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [196912]
[MD5.A3469A25100D510EEF5B8A65A890286F] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 77.43.) -- C:\WINDOWS\system32\nvsvc32.exe [127044]
[MD5.A1DD33D16F277CE34124EE52AB2C0F14] - (...) -- C:\WINDOWS\system32\PnkBstrA.exe [75064]
[MD5.38CDA1E493C6589910A3FBE81ECCD354] - (...) -- C:\WINDOWS\system32\PnkBstrB.exe [189480]
[MD5.B9732EAAEF554978E61DC97D15A1C877] - (.Intel Corporation - RegSrvc Module.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [139264]
[MD5.2B0EAC2B6E5F1C5E007DABAE101028B0] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [153600]
[MD5.49489CD0ED2C1F16E3DBB7102A8558D8] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [1010232]
[MD5.2DCC5C800F51D487178814CA9EADA181] - (.Microsoft Corporation - Bloc-notes.) -- C:\WINDOWS\system32\NOTEPAD.EXE [70656]
[MD5.1191D84C20F70BB4D84AE689E3E57F07] - (...) -- C:\Program Files\WinRAR\WinRAR.exe [968704]
[MD5.D601A903A38C0754A052B6CE0A727B22] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642048]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\acpro.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\MyHeritage.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
M3 - MFPP: Plugins - [Rida] -- C:\Program Files\Mozilla FireFox\searchplugins\YouGoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.9.0009.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npLegitCheckPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 1.6.0028.1.) -- C:\Program Files\Mozilla Firefox\Plugins\npOGAPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX OVS Helper,version=1.0.0] - (.DivX, LLC. - DivX OVS Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
M0 - MFSP: prefs.js [Rida - 1tq65o8b.default] http://search.myheritage.com/
M2 - MFEP: prefs.js [Rida - 1tq65o8b.default\searchrecs@veoh.com] [] Veoh Video Compass v1.5.2 (.Veoh Networks, Inc..)
M2 - MFEP: prefs.js [Rida - 1tq65o8b.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [Rida - 1tq65o8b.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.1.20091029021655 (.Yahoo!.)
M2 - MFEP: prefs.js [Rida - 1tq65o8b.default\{8e7da7e7-9f7e-426e-b964-be9f1cbc9d79}] [] Download-FR Toolbar v2.7.2.0 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Rida - 1tq65o8b.default\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [] uTorrentBar Community Toolbar v3.2.3.3 (.Conduit Ltd..)
M2 - MFEP: prefs.js [Rida - 1tq65o8b.default\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] [] Hotspot Shield Toolbar v2.7.2.0 (.Conduit Ltd..)



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.autocompletepro.com
G2 - GCE: Preference [User Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.0.900 (Activé)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Radio Bar 2 Toolbar - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (.Conduit Ltd. - Conduit Toolbar.) (6.1.0.7) -- C:\Program Files\Radio_Bar_2\tbRadi.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.7.3) -- C:\Program Files\uTorrentBar\tbuTo1.dll



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.0.900.) -- C:\Program Files\DivX\DivX Plus We
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Radio Bar 2 Toolbar - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Radio_Bar_2\tbRadi.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Radio Bar 2 Toolbar - {9bb815eb-3f9f-4e11-9150-cb70e29b40fc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Radio_Bar_2\tbRadi.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentBar\tbuTo1.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Pas de propriétaire - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\Windows\ALCMTR.exe
O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Select.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [DivX Download Manager] . (.DivX, LLC - DivX Download Manager Service.) -- C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\RTHDCPL.exe
O4 - HKLM\..\Run: [SonyPowerCfg] . (.Sony Corporation - SPM Module.) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [VAIO Update 2] . (.Sony Corporation - Pas de description.) -- C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
O4 - HKLM\..\Run: [TrojanScanner] . (.Simply Super Software - Trojan Scanner.) -- C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [googletalk] . (.Google - Google Talk.) -- C:\Program Files\Google\Google Talk\googletalk.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-583907252-287218729-725345543-1004-583907252-287218729-725345543-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Démarrage\OneNote 2007 Screen Clipper and Launcher.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A91000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Nitro PDF Reader.lnk . (...) -- C:\WINDOWS\Installer\{4213B968-D534-42C5-8EDD-936ED9C912F4}\Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Post-it® Software Notes Lite.lnk . (.3M.) -- C:\Program Files\3M\PSNLite\PsnLite.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\VAIO Control Center.lnk . (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Control Center\VAIO Control Center.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Ecouter la radio.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Meteo.lnk - Clé orpheline
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Navigateur OfferBox.lnk . (...) -- C:\Program Files\OfferBox\OfferBoxLauncher.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Network Stumbler.lnk . (...) -- C:\Program Files\Network Stumbler\NetStumbler.exe
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {878AC5FC-BE78-4bae-896C-7F75B790A71E} . (.not file.) - C:\Program Files\PokerStars.BE\main.ico
O9 - Extra 'Tools' menuitem: S&end to OneNote - {90EAE591-7E7E-434a-8E28-ECFD00071806} . (.not file.) - C:\Program Files\PokerStars.FR\main.ico
O9 - Extra button: S&end to OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{97357926-17AE-461F-A356-90233D9F008F}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{97357926-17AE-461F-A356-90233D9F008F}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{97357926-17AE-461F-A356-90233D9F008F}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{97357926-17AE-461F-A356-90233D9F008F}: DhcpDomain = Belkin
O17 - HKLM\System\CS1\Services\Tcpip\..\{97357926-17AE-461F-A356-90233D9F008F}: DhcpDomain = Belkin
O17 - HKLM\System\CS3\Services\Tcpip\..\{97357926-17AE-461F-A356-90233D9F008F}: DhcpDomain = Belkin
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: VESWinlogon . (.Sony Corporation - VAIO Event Service (Winlogon Notification M.) -- C:\Windows\System32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (EvtEng) . (.Intel Corporation - EvtEng Module.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: (gupdate1c999f2e4cfa59e) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (Macromedia Licensing Service) . (.Pas de propriétaire - System Level Service Utilty.) - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: (MSCSPTISRV) . (.Sony Corporation - MSCSPTISRV Module.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: (NitroReaderDriverReadSpool) . (.Nitro PDF Software - Solid Spool Service.) - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 77.43.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: (PACSPTISVR) . (.Pas de propriétaire - PACSPTISVR Module.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: (PnkBstrA) . (...) - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: (PnkBstrB) . (...) - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: (RegSrvc) . (.Intel Corporation - RegSrvc Module.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc. - Remote Packet Capture Daemon.) - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: (S24EventMonitor) . (.Intel Corporation - Event Monitor - Supports driver extensions.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: (SonicStage Back-End Service) . (.Sony Corporation - SonicStage Back-End Service Module.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: (SPTISRV) . (.Sony Corporation - SPTISRV Module.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: (SSScsiSV) . (.Sony Corporation - SonicStage Scsi I/F Server.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-287218729-725345543-1003Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-583907252-287218729-725345543-1003UA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for Rida.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{DC72525F-B6B3-47F4-8B9C-47D458AB05B4}.job
[MD5.5467F1FF0AF264566740F67E8B810735] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskUserS-1-5-21-583907252-287218729-725345543-1003Core] (.Google Inc..) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskUserS-1-5-21-583907252-287218729-725345543-1003UA] (.Google Inc..) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[MD5.AA6DB1D357B0DB08B969D14889D9C9CA] [APT] [Norton Security Scan for Rida] (.Symantec Corporation.) -- C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
[MD5.EC9B420801D3D7F82388267D13D0F89B] [APT] [OGALogon] (.Pas de propriétaire.) -- C:\WINDOWS\system32\OGAexeC.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (DMICall) . (.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) - C:\Windows\System32\DRIVERS\DMICall.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/03/2011 - 17:43:48 - [0] ----D- C:\Program Files\1-More Scanner
O43 - CFD: 12/05/2009 - 22:33:46 - [3669537] ----D- C:\Program Files\3M
O43 - CFD: 03/01/2011 - 23:57:44 - [259573] ----D- C:\Program Files\Acunetix
O43 - CFD: 23/03/2011 - 14:53:38 - [112021139] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 19/03/2009 - 00:20:36 - [158573932] ----D- C:\Program Files\Adobe
O43 - CFD: 28/10/2010 - 17:34:20 - [7573699] ----D- C:\Program Files\adslTV
O43 - CFD: 18/04/2010 - 11:30:26 - [149105881] ----D- C:\Program Files\Alwil Software
O43 - CFD: 22/03/2011 - 19:07:32 - [9226504] ----D- C:\Program Files\Auslogics
O43 - CFD: 17/02/2009 - 21:54:04 - [17765] ----D- C:\Program Files\Canal
O43 - CFD: 28/10/2010 - 18:04:32 - [3020912] ----D- C:\Program Files\CCleaner
O43 - CFD: 16/03/2009 - 22:49:04 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 17/02/2009 - 21:21:50 - [9180430] ----D- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 07/02/2011 - 21:16:26 - [99984766] ----D- C:\Program Files\DivX
O43 - CFD: 23/12/2010 - 10:24:24 - [4507970] ----D- C:\Program Files\DOSBox-0.74
O43 - CFD: 19/02/2009 - 17:57:56 - [685279524] ----D- C:\Program Files\EA GAMES
O43 - CFD: 26/10/2010 - 18:02:34 - [27333873] ----D- C:\Program Files\El Juky
O43 - CFD: 28/10/2010 - 17:35:24 - [0] ----D- C:\Program Files\ElcomSoft
O43 - CFD: 22/03/2011 - 18:03:58 - [7990136548] ----D- C:\Program Files\eMule
O43 - CFD: 23/03/2011 - 14:31:42 - [21602832] ----D- C:\Program Files\Everest Poker.fr
O43 - CFD: 22/03/2011 - 18:46:16 - [826452292] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 28/10/2010 - 17:47:04 - [8974336] ----D- C:\Program Files\Free Video Converter
O43 - CFD: 22/03/2011 - 18:04:24 - [69111] ----D- C:\Program Files\GanttProject
O43 - CFD: 25/09/2010 - 20:25:34 - [97506206] ----D- C:\Program Files\Google
O43 - CFD: 20/12/2009 - 15:27:20 - [0] ----D- C:\Program Files\Hotspot_Shield
O43 - CFD: 22/03/2011 - 18:42:06 - [12862873] ----D- C:\Program Files\Image-Line
O43 - CFD: 23/06/2010 - 20:29:16 - [0] ----D- C:\Program Files\ING
O43 - CFD: 28/10/2010 - 17:47:40 - [151472427] ----D- C:\Program Files\Inkscape
O43 - CFD: 28/10/2010 - 18:13:16 - [46608818] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 16/03/2009 - 23:50:02 - [15824005] ----D- C:\Program Files\Intel
O43 - CFD: 03/01/2011 - 23:33:34 - [294298] ----D- C:\Program Files\IntelliTamper
O43 - CFD: 24/08/2009 - 19:03:48 - [332] ----D- C:\Program Files\Internet Download Manager
O43 - CFD: 11/02/2011 - 00:09:20 - [5189606] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 16/03/2011 - 14:10:56 - [81053210] ----D- C:\Program Files\Java
O43 - CFD: 15/05/2010 - 21:59:08 - [178608660] ----D- C:\Program Files\Macromedia
O43 - CFD: 18/05/2009 - 20:45:28 - [3103763] ----D- C:\Program Files\MagicISO
O43 - CFD: 01/11/2010 - 18:55:16 - [9454922] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 02/01/2011 - 20:11:22 - [15113363] ----D- C:\Program Files\MediaFeed
O43 - CFD: 18/03/2010 - 20:45:34 - [7366368] ----D- C:\Program Files\Megaupload
O43 - CFD: 17/03/2009 - 14:55:50 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 19/11/2009 - 23:32:20 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 16/03/2009 - 22:53:32 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 17/02/2009 - 21:31:56 - [647745457] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 17/02/2009 - 21:31:36 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 14/12/2009 - 23:59:22 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 13/08/2010 - 17:09:18 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 26/01/2011 - 22:47:18 - [32801562] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 18/02/2009 - 02:02:16 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 20/06/2009 - 16:43:48 - [21446345] ----D- C:\Program Files\MSN
O43 - CFD: 16/03/2009 - 22:48:32 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 17/03/2009 - 01:54:40 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 28/10/2010 - 17:54:10 - [254992] ----D- C:\Program Files\MyHeritage
O43 - CFD: 17/03/2009 - 14:50:22 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 08/02/2011 - 21:31:34 - [890520] ----D- C:\Program Files\Network Stumbler
O43 - CFD: 18/02/2011 - 19:38:32 - [63464403] ----D- C:\Program Files\Nitro PDF
O43 - CFD: 28/08/2010 - 01:48:50 - [12269272] ----D- C:\Program Files\Norton Security Scan
O43 - CFD: 28/08/2010 - 01:48:46 - [8446131] ----D- C:\Program Files\NortonInstaller
O43 - CFD: 13/07/2010 - 20:48:00 - [1900870] ----D- C:\Program Files\Nsasoft
O43 - CFD: 16/03/2009 - 22:48:44 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 15/12/2010 - 22:24:32 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 18/02/2011 - 19:35:46 - [3620877] ----D- C:\Program Files\Outsim
O43 - CFD: 16/06/2009 - 18:16:34 - [49916541] ----D- C:\Program Files\Passware
O43 - CFD: 17/03/2009 - 01:26:18 - [20406230] ----D- C:\Program Files\PDFCreator
O43 - CFD: 23/09/2009 - 22:43:44 - [5790685] ----D- C:\Program Files\pdfsam
O43 - CFD: 28/10/2010 - 17:54:58 - [2537] ----D- C:\Program Files\PokerStars
O43 - CFD: 19/03/2011 - 13:04:14 - [60841089] ----D- C:\Program Files\PokerStars.BE
O43 - CFD: 19/03/2011 - 13:03:56 - [62476358] ----D- C:\Program Files\PokerStars.FR
O43 - CFD: 06/03/2011 - 01:25:32 - [71877479] ----D- C:\Program Files\PokerTracker 3
O43 - CFD: 06/03/2011 - 00:40:02 - [424569564] ----D- C:\Program Files\PostgreSQL
O43 - CFD: 29/09/2010 - 20:03:02 - [4081227] ----D- C:\Program Files\Radio_Bar_2
O43 - CFD: 17/03/2009 - 00:35:12 - [34704461] ----D- C:\Program Files\Realtek
O43 - CFD: 18/02/2009 - 01:58:38 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 21/03/2011 - 23:26:16 - [7625724] ----D- C:\Program Files\Samsung
O43 - CFD: 16/03/2009 - 22:51:28 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 17/03/2009 - 01:20:02 - [4605362] ----D- C:\Program Files\SLD Codec Pack
O43 - CFD: 01/02/2011 - 21:52:12 - [27595035] ----D- C:\Program Files\Solegis
O43 - CFD: 16/03/2009 - 23:57:14 - [51525344] ----D- C:\Program Files\Sony
O43 - CFD: 30/01/2010 - 17:47:42 - [162] ----D- C:\Program Files\TechSmith
O43 - CFD: 28/10/2010 - 17:56:36 - [27328703] ----D- C:\Program Files\trademanager
O43 - CFD: 23/03/2011 - 12:20:08 - [403925] ----D- C:\Program Files\Trend Micro
O43 - CFD: 22/03/2011 - 18:22:10 - [11035350] ----D- C:\Program Files\Trojan Remover
O43 - CFD: 20/03/2011 - 21:49:36 - [1556] ----D- C:\Program Files\TubeMaster++
O43 - CFD: 16/03/2009 - 23:16:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 23/11/2010 - 19:33:06 - [395128] ----D- C:\Program Files\uTorrent
O43 - CFD: 02/01/2011 - 22:37:24 - [8036982] ----D- C:\Program Files\uTorrentBar
O43 - CFD: 09/04/2010 - 21:30:32 - [31445051] ----D- C:\Program Files\Veoh Networks
O43 - CFD: 01/04/2010 - 19:31:56 - [3680755] ----D- C:\Program Files\VirtualDub
O43 - CFD: 18/02/2011 - 19:37:26 - [5351424] ----D- C:\Program Files\VstPlugins
O43 - CFD: 10/06/2009 - 23:33:52 - [5418300] ----D- C:\Program Files\Windows Desktop Search
O43 - CFD: 19/11/2009 - 23:32:14 - [45806173] ----D- C:\Program Files\Windows Live
O43 - CFD: 19/11/2009 - 23:32:00 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 17/02/2009 - 15:28:40 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 30/09/2009 - 19:15:12 - [10066263] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 17/03/2009 - 14:50:18 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 16/03/2009 - 22:51:34 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 03/01/2011 - 22:48:14 - [237571] ----D- C:\Program Files\WinPcap
O43 - CFD: 14/05/2009 - 20:18:52 - [3525705] ----D- C:\Program Files\WinRAR
O43 - CFD: 08/11/2009 - 22:51:16 - [1808231] ----D- C:\Program Files\X'nBeep 1.1
O43 - CFD: 16/03/2009 - 22:53:32 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 19/02/2009 - 11:02:48 - [175] --H-D- C:\Program Files\Zero G Registry
O43 - CFD: 23/03/2011 - 15:18:14 - [5466421] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 27/04/2009 - 23:37:16 - [4672638] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 17/02/2009 - 21:53:36 - [31787256] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 17/02/2009 - 21:31:36 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 27/08/2010 - 22:48:24 - [24006656] ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD: 28/10/2010 - 17:47:12 - [8073467] ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD: 16/03/2009 - 23:30:56 - [11513720] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 16/03/2011 - 14:13:22 - [1247175] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 15/05/2010 - 22:00:50 - [221184] ----D- C:\Program Files\Fichiers Communs\Macromedia
O43 - CFD: 15/05/2010 - 22:01:42 - [68096] ----D- C:\Program Files\Fichiers Communs\Macromedia Shared
O43 - CFD: 18/04/2010 - 01:03:36 - [175972261] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 16/03/2009 - 22:50:34 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 18/02/2011 - 19:38:32 - [16539614] ----D- C:\Program Files\Fichiers Communs\Nitro PDF
O43 - CFD: 19/01/2001 - 14:57:10 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 02/02/2011 - 19:54:28 - [0] ----D- C:\Program Files\Fichiers Communs\PC SOFT
O43 - CFD: 16/03/2009 - 22:50:38 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 16/03/2009 - 23:55:14 - [56905532] ----D- C:\Program Files\Fichiers Communs\Sony Shared
O43 - CFD: 19/01/2001 - 14:57:08 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 29/01/2011 - 15:55:20 - [390147167] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 14/12/2009 - 23:56:28 - [40967761] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 19/11/2009 - 23:17:12 - [60157294] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 12/05/2009 - 22:34:06 - [2457600] ----D- C:\Documents and Settings\Rida\Application Data\3M
O43 - CFD: 03/05/2010 - 21:17:22 - [6082271] ----D- C:\Documents and Settings\Rida\Application Data\Adobe
O43 - CFD: 19/07/2009 - 22:59:18 - [259279909] ----D- C:\Documents and Settings\Rida\Application Data\Apple Computer
O43 - CFD: 22/03/2011 - 19:07:50 - [1087489] ----D- C:\Documents and Settings\Rida\Application Data\Auslogics
O43 - CFD: 26/10/2010 - 18:09:18 - [1993953] ----D- C:\Documents and Settings\Rida\Application Data\Bump Technologies, Inc
O43 - CFD: 29/05/2010 - 18:13:36 - [2007] ----D- C:\Documents and Settings\Rida\Application Data\Convertisseur PDF Pro
O43 - CFD: 25/09/2010 - 17:46:24 - [9296] ----D- C:\Documents and Settings\Rida\Application Data\CrazyLoader
O43 - CFD: 17/02/2009 - 21:22:42 - [0] ----D- C:\Documents and Settings\Rida\Application Data\DAEMON Tools
O43 - CFD: 17/02/2009 - 21:24:26 - [3048] ----D- C:\Documents and Settings\Rida\Application Data\DAEMON Tools Lite
O43 - CFD: 17/02/2009 - 21:22:42 - [0] ----D- C:\Documents and Settings\Rida\Application Data\DAEMON Tools Pro
O43 - CFD: 13/09/2010 - 21:22:08 - [150528] ----D- C:\Documents and Settings\Rida\Application Data\DivX
O43 - CFD: 24/08/2009 - 17:53:32 - [208896] ----D- C:\Documents and Settings\Rida\Application Data\DMCache
O43 - CFD: 18/03/2010 - 07:49:16 - [359] ----D- C:\Documents and Settings\Rida\Application Data\dvdcss
O43 - CFD: 19/02/2011 - 13:35:20 - [14412] ----D- C:\Documents and Settings\Rida\Application Data\FileZilla
O43 - CFD: 25/08/2009 - 21:36:44 - [637] ----D- C:\Documents and Settings\Rida\Application Data\FreeCall
O43 - CFD: 01/04/2010 - 20:36:22 - [666] ----D- C:\Documents and Settings\Rida\Application Data\FreeVideoConverter
O43 - CFD: 28/02/2009 - 23:26:16 - [33609] ----D- C:\Documents and Settings\Rida\Application Data\Google
O43 - CFD: 17/09/2010 - 16:55:26 - [168] ----D- C:\Documents and Settings\Rida\Application Data\gtk-2.0
O43 - CFD: 19/02/2009 - 17:56:24 - [0] ----D- C:\Documents and Settings\Rida\Application Data\Help
O43 - CFD: 12/05/2009 - 11:21:04 - [3638] ----D- C:\Documents and Settings\Rida\Application Data\Icone
O43 - CFD: 16/03/2009 - 23:16:32 - [0] ----D- C:\Documents and Settings\Rida\Application Data\Identities
O43 - CFD: 24/08/2009 - 19:02:38 - [48859515] ----D- C:\Documents and Settings\Rida\Application Data\IDM
O43 - CFD: 23/09/2009 - 21:53:44 - [20623] ----D- C:\Documents and Settings\Rida\Application Data\Inkscape
O43 - CFD: 16/03/2009 - 23:31:58 - [0] ----D- C:\Documents and Settings\Rida\Application Data\InstallShield
O43 - CFD: 07/02/2011 - 21:16:24 - [13722793] ----D- C:\Documents and Settings\Rida\Application Data\Local
O43 - CFD: 15/05/2010 - 22:21:08 - [1950903] ----D- C:\Documents and Settings\Rida\Application Data\Macromedia
O43 - CFD: 18/03/2010 - 20:46:44 - [418722] ----D- C:\Documents and Settings\Rida\Application Data\Megaupload
O43 - CFD: 13/09/2010 - 18:46:52 - [17401986] -S--D- C:\Documents and Settings\Rida\Application Data\Microsoft
O43 - CFD: 17/03/2009 - 01:20:12 - [12571245] ----D- C:\Documents and Settings\Rida\Application Data\Mozilla
O43 - CFD: 01/09/2010 - 19:23:14 - [0] ----D- C:\Documents and Settings\Rida\Application Data\MyHeritage
O43 - CFD: 03/03/2011 - 11:13:48 - [3964] ----D- C:\Documents and Settings\Rida\Application Data\Nitro PDF
O43 - CFD: 25/06/2010 - 19:57:28 - [308] ----D- C:\Documents and Settings\Rida\Application Data\Office Genuine Advantage
O43 - CFD: 16/06/2009 - 18:17:00 - [4611] ----D- C:\Documents and Settings\Rida\Application Data\Passware
O43 - CFD: 28/10/2010 - 18:13:16 - [0] ----D- C:\Documents and Settings\Rida\Application Data\Samsung
O43 - CFD: 22/03/2011 - 18:21:48 - [3761072] ----D- C:\Documents and Settings\Rida\Application Data\Simply Super Software
O43 - CFD: 03/03/2011 - 11:12:10 - [209745] ----D- C:\Documents and Settings\Rida\Application Data\SolidDocuments
O43 - CFD: 22/02/2009 - 22:27:14 - [0] ----D- C:\Documents and Settings\Rida\Application Data\Sony Corporation
O43 - CFD: 12/08/2009 - 18:09:26 - [27420779] ----D- C:\Documents and Settings\Rida\Application Data\Sports Interactive
O43 - CFD: 17/03/2009 - 20:43:02 - [8986340] ----D- C:\Documents and Settings\Rida\Application Data\Sun
O43 - CFD: 30/09/2009 - 19:15:16 - [2252229] ----D- C:\Documents and Settings\Rida\Application Data\Todae
O43 - CFD: 20/02/2011 - 01:44:46 - [2325485] ----D- C:\Documents and Settings\Rida\Application Data\uTorrent
O43 - CFD: 28/10/2010 - 17:34:08 - [395041] ----D- C:\Documents and Settings\Rida\Application Data\vlc
O43 - CFD: 14/05/2009 - 23:48:40 - [196] ----D- C:\Documents and Settings\Rida\Application Data\Windows Desktop Search
O43 - CFD: 24/04/2009 - 14:46:42 - [0] ----D- C:\Documents and Settings\Rida\Application Data\Windows Search
O43 - CFD: 14/05/2009 - 20:19:06 - [0] ----D- C:\Documents and Settings\Rida\Application Data\WinRAR
O43 - CFD: 29/05/2010 - 18:14:02 - [51313972] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Adobe
O43 - CFD: 12/05/2009 - 22:24:22 - [0] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Apple
O43 - CFD: 14/05/2009 - 20:32:12 - [361033] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Apple Computer
O43 - CFD: 26/10/2010 - 18:10:02 - [0] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Bump Technologies, Inc
O43 - CFD: 28/10/2010 - 17:34:44 - [16856] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\crazyloader Air
O43 - CFD: 25/02/2009 - 17:37:12 - [96431] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Criterion Games
O43 - CFD: 11/12/2010 - 23:06:48 - [10973] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\DOSBox
O43 - CFD: 25/02/2009 - 17:35:38 - [16808211] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 13/09/2010 - 18:05:40 - [736330144] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Google
O43 - CFD: 19/02/2009 - 17:56:24 - [0] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Help
O43 - CFD: 14/05/2009 - 23:48:44 - [223752] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Identities
O43 - CFD: 15/05/2010 - 22:00:50 - [71852669] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Macromedia
O43 - CFD: 31/03/2010 - 23:18:38 - [1109569814] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Microsoft
O43 - CFD: 17/02/2009 - 21:25:54 - [0] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Microsoft Help
O43 - CFD: 17/03/2009 - 01:20:12 - [30704993] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Mozilla
O43 - CFD: 03/03/2011 - 21:52:22 - [244853] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\P5
O43 - CFD: 15/09/2009 - 22:33:24 - [189480] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\PunkBuster
O43 - CFD: 29/09/2010 - 20:03:50 - [467420] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Radio_Bar_2
O43 - CFD: 22/03/2011 - 04:31:18 - [0] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Temp
O43 - CFD: 02/01/2011 - 22:37:00 - [1167592] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\uTorrentBar
O43 - CFD: 02/02/2011 - 19:54:32 - [174] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\WDSetup
O43 - CFD: 31/03/2010 - 23:22:08 - [0] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\WMTools Downloaded Files
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 15:25

partie 2 :

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.58EF1300F915817C00FCFD7F2CF01300] - 23/03/2011 - 15:08:28 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1476560]
O44 - LFC:[MD5.7F97B0C91743DD2D877B3387FB1027ED] - 23/03/2011 - 15:07:32 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [13646]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/03/2011 - 15:06:45 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.58EF1300F915817C00FCFD7F2CF01300] - 23/03/2011 - 15:06:45 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.58EF1300F915817C00FCFD7F2CF01300] - 23/03/2011 - 15:06:43 ---A- . (...) -- C:\WINDOWS\wiaservc.log [0]
O44 - LFC:[MD5.A1DB1EE9320B079A7E68783232DDEAE1] - 23/03/2011 - 15:05:09 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [22745]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 23/03/2011 - 15:03:54 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.58EF1300F915817C00FCFD7F2CF01300] - 23/03/2011 - 15:00:19 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32452]
O44 - LFC:[MD5.CD59EAD037C304CEE604B6F206624355] - 23/03/2011 - 14:59:54 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [29476]
O44 - LFC:[MD5.D6E06ADCB9DF6EDC23741EAB5CF9B264] - 23/03/2011 - 14:28:28 ---A- . (...) -- C:\WINDOWS\win.ini [1773]
O44 - LFC:[MD5.9501CE82389A3B51720E7B8A4B614216] - 23/03/2011 - 08:46:24 ---A- . (...) -- C:\WINDOWS\System32\CONFIG.NT [3121]
O44 - LFC:[MD5.9ED6F51623284801BEDFEC4ED6234E61] - 22/03/2011 - 18:50:22 ---A- . (...) -- C:\WINDOWS\setupapi.log [7082]
O44 - LFC:[MD5.3A9A54E9FF21A4825E9B40A89674F085] - 22/03/2011 - 17:39:39 ---A- . (...) -- C:\WINDOWS\setupact.log [60]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/03/2011 - 17:39:39 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.C5EAFB405EF44A9ABD1EC587139CD6C9] - 20/03/2011 - 21:50:04 ---A- . (...) -- C:\WINDOWS\wmsetup.log [322]
O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 16/03/2011 - 14:10:59 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [145184]
O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 16/03/2011 - 14:10:59 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [145184]
O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 16/03/2011 - 14:10:59 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [157472]
O44 - LFC:[MD5.FB4080124F35176910134417D3F5C7CB] - 16/03/2011 - 14:10:54 ---A- . (...) -- C:\WINDOWS\System32\jupdate-1.6.0_24-b07.log [3228]
O44 - LFC:[MD5.0439C6170F7F6355BB5275C9CAA6050F] - 23/02/2011 - 16:04:21 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\WINDOWS\avastSS.scr [40648]
O44 - LFC:[MD5.C6E1D434F1F3A5226B0DDFDF84B12677] - 23/02/2011 - 16:04:17 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\WINDOWS\System32\aswBoot.exe [190016]
O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 23/02/2011 - 15:56:55 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\System32\drivers\aswSnx.sys [371544]
O44 - LFC:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 23/02/2011 - 15:56:45 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\System32\drivers\aswSP.sys [301528]
O44 - LFC:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 23/02/2011 - 15:55:49 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\System32\drivers\aswTdi.sys [49240]
O44 - LFC:[MD5.452D0ECD14FA02F9B061F42C8A30DD49] - 23/02/2011 - 15:55:47 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\System32\drivers\aswmon2.sys [102232]
O44 - LFC:[MD5.687BB5CCB764C2E3DA9F1D4892E50327] - 23/02/2011 - 15:55:44 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\System32\drivers\aswmon.sys [96344]
O44 - LFC:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 23/02/2011 - 15:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\System32\drivers\aswRdr.sys [25432]
O44 - LFC:[MD5.83631291ADF2887CFFC786D034D3FA15] - 23/02/2011 - 15:54:57 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for W.) -- C:\WINDOWS\System32\drivers\aavmker4.sys [30680]
O44 - LFC:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 23/02/2011 - 15:54:55 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [19544]
O44 - LFC:[MD5.EEA6103D96B51E41C058AD2676CDF53E] - 25/05/2006 - 14:52:46 ---A- . (...) -- C:\WINDOWS\System32\ztvunrar36.dll [162304]
O44 - LFC:[MD5.DE02C4D04088B69E64ECC30A3D9E22E5] - 26/08/2005 - 00:50:00 ---A- . (...) -- C:\WINDOWS\System32\ztvunace26.dll [77312]
O44 - LFC:[MD5.5A495E481BF7F5FEAFC8238DFF493AF5] - 02/02/2003 - 19:06:02 ---A- . (...) -- C:\WINDOWS\System32\UNRAR3.dll [153088]
O44 - LFC:[MD5.7FE66F3BD9CBB998D56EF60D511FF06F] - 06/03/2002 - 00:00:00 ---A- . (...) -- C:\WINDOWS\System32\unacev2.dll [75264]



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\eMule.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\eMule\eMule.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Activision\Call of Duty - World at War\CoDWaW_LANFixed.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Activision\Call of Duty - World at War\CoDWaW_LANFixed.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Activision\Call of Duty - World at War\CoDWaW 1.1 Lanfix Final.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Activision\Call of Duty - World at War\CoDWaW 1.1 Lanfix Final.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\PnkBstrA.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PnkBstrA.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\PnkBstrB.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\PnkBstrB.exe
O47 - AAKE:Key Export SP - "E:\CSS\srcds.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- E:\CSS\srcds.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe (.not file.
O47 - AAKE:Key Export SP - "C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe (.not f
O47 - AAKE:Key Export SP - "C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe" [Enabled] .(.Pas de propriétaireC:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe (.not file.
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Program Files\adslTV\adsltv.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\adslTV\adsltv.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\adslTV\vlc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\adslTV\vlc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\trademanager\AliIM.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\trademanager\AliIM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\TVAnts\Tvants.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\TVAnts\Tvants.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [Enabled] .(.Google Inc..) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome
O47 - AAKE:Key Export SP - "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [Enabled] .(.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpvsetup.exe" [Enabled] .(.Microsoft Corporation - Microsoft DirectPlay Voice Test.) -- C:\WINDOWS\system32\dpvsetup.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\rundll32.exe" [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - "C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\Sports Interactive\Football Manager 2009\fm.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Talk\googletalk.exe" [Enabled] .(.Google - Google Talk.) -- C:\Program Files\Google\Google Talk\googletalk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\CrazyLoader\crazyloader.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\CrazyLoader\crazyloader.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\javaw.exe" [Enabled] .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\javaws.exe" [Enabled] .(.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Program Files\Java\jre6\bin\javaws.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\launch4j-tmp\crazyloader.exe" [Enabled] .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\launch4j-tmp\crazyloader.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Rida\Local Settings\Temp\jdic_0_9_5\IeEmbed.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Rida\Local Settings\Temp\jdic_0_9_5\IeEmbed.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ntvdm.exe" [Enabled] .(.Microsoft Corporation - NTVDM.EXE.) -- C:\WINDOWS\system32\ntvdm.exe
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\SopCast.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\SopCast\SopCast.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\SopCast\adv\SopAdver.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) -- C:\Program Files\SopCast\adv\SopAdver.exe (.not file.)
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="Ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\Ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="Ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\Ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="Ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.11.) -- C:\WINDOWS\System32\Ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\System32\l3codecp.acm
O52 - TDSD: \Drivers32\"VIDC.dvsd"="C:\PROGRA~1\FICHIE~1\SONYSH~1\VideoLib\sonydv.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.VP60"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\System32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.VP61"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\System32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.VP62"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\System32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.iv40"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Inde" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo 5.11 codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"iac25_32.ax"="Indeo® Audio Software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\System32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo 4.5 codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\System32\vorbis.acm



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\VeohPlugin [Key] . (.Veoh Networks - Veoh Web Player Beta.) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.83631291ADF2887CFFC786D034D3FA15] - 23/02/2011 - 15:54:57 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30680]
O58 - SDL:[MD5.2C5C22990156A1063E19AD162191DC1D] - 16/03/2009 - 23:50:53 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [17801]
O58 - SDL:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 23/02/2011 - 15:54:55 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.687BB5CCB764C2E3DA9F1D4892E50327] - 23/02/2011 - 15:55:44 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344]
O58 - SDL:[MD5.452D0ECD14FA02F9B061F42C8A30DD49] - 23/02/2011 - 15:55:47 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102232]
O58 - SDL:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 23/02/2011 - 15:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 23/02/2011 - 15:56:55 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [371544]
O58 - SDL:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 23/02/2011 - 15:56:45 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [301528]
O58 - SDL:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 23/02/2011 - 15:55:49 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [49240]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 19/08/2004 - 18:37:47 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 19/08/2004 - 18:37:47 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.526192BF7696F72E29777BF4A180513A] - 05/12/2000 - 16:18:02 ---A- . (.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) -- C:\WINDOWS\system32\drivers\DMICall.sys [3952]
O58 - SDL:[MD5.5C940A174DFB2C42B9F6BA6EDC2BAA0B] - 28/11/2006 - 14:15:32 ---A- . (.Intel Corporation - Intel(R) PRO/100 Adapter NDIS 5.1 driver.) -- C:\WINDOWS\system32\drivers\e100b325.sys [165760]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 19/08/2004 - 18:37:47 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.B48DC6ABCD3AEFF8618350CCBDC6B09A] - 25/06/2010 - 18:07:14 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys [35088]
O58 - SDL:[MD5.0A71BC580C55DC6FEC466D8533569E66] - 09/06/2005 - 18:56:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 77.43.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3192192]
O58 - SDL:[MD5.069B93A5E079F700BAE7CAC0242BE5F6] - 15/09/2009 - 22:08:39 ---A- . (...) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys [139152]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 19/08/2004 - 18:45:18 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 19/08/2004 - 18:37:47 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 19/08/2004 - 18:37:47 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.5F2657F8781376892035976CF8122A2D] - 29/06/2005 - 16:35:10 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [3173888]
O58 - SDL:[MD5.208491A652C79871737EDFE629DE2C45] - 03/05/2005 - 07:03:54 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- C:\WINDOWS\system32\drivers\s24trans.sys [11354]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.1A992C8136C015453E82041C35B299DA] - 17/08/2001 - 21:51:20 ---A- . (.Sony Corporation - Sony Notebook Control driver.) -- C:\WINDOWS\system32\drivers\SonyNC.sys [20752]
O58 - SDL:[MD5.58EF1300F915817C00FCFD7F2CF01300] - 17/02/2009 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [717296]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 16:05:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.34F1BCB847A924A161422F106A79B9FF] - 22/07/2009 - 20:13:20 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\system32\drivers\tap0901.sys [28592]
O58 - SDL:[MD5.0C3B2A9C4BD2DD9A6C2E4084314DD719] - 12/11/2009 - 22:42:16 ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\system32\drivers\taphss.sys [32768]
O58 - SDL:[MD5.27A2C318CD28CFB3EB2200FD96AF1E58] - 26/10/2006 - 09:48:38 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\system32\drivers\tapvpn.sys [27136]
O58 - SDL:[MD5.2CFE4945E30455E5AD692FFA8593297F] - 28/02/2007 - 14:42:00 ---A- . (.Texas Instruments - tifmsony.sys.) -- C:\WINDOWS\system32\drivers\tifmsony.sys [80896]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 19/08/2004 - 18:37:47 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 19/08/2004 - 18:37:47 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.67CAA926EF06E07F2D31056B39F51C54] - 30/04/2005 - 16:01:56 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\WINDOWS\system32\drivers\w29n51.sys [3281408]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 19/08/2004 - 18:36:23 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 19/08/2004 - 18:37:12 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 19/08/2004 - 18:38:29 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 19/08/2004 - 18:39:33 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 19/08/2004 - 18:39:34 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.53F7546E8DAEFB3A0813F5E19C4613C9] - 24/03/2004 - 03:12:34 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - NetStumbler NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\nsndis5.sys [17280]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 19/08/2004 - 18:43:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 19/08/2004 - 18:43:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 19/08/2004 - 18:43:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 19/08/2004 - 18:43:51 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 19/08/2004 - 18:43:51 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 19/08/2004 - 18:43:53 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 19/08/2004 - 18:43:53 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 19/08/2004 - 18:43:53 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 19/08/2004 - 18:43:54 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 19/08/2004 - 18:43:54 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 15:25

Partie 3 :


---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\AAVMKER4.sys - (.not file.) - avast! Asynchronous Virus Monitor (Aavmker4) .(...) - LEGACY_AAVMKER4
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.2.0.3 (AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\afd.sys - AFD (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - C:\WINDOWS\System32\alg.exe - Service de la passerelle de la couche Application (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestion d'applications (AppMgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_APPMGMT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\arp1394.sys - Protocole client ARP 1394 (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWMON2.sys - (.not file.) - avast! Standard Shield Support (aswMon2) .(...) - LEGACY_ASWMON2
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(...) - LEGACY_ASWSP
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Audio Windows (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - avast! Antivirus (avast! Antivirus) .(.AVAST Software - avast! Service.) - LEGACY_AVAST!_ANTIVIRUS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\BEEP.sys - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de transfert intelligent en arrière-plan (BITS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Explorateur d'ordinateur (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\CDFS.sys - cdfs (cdfs) .(...) - LEGACY_CDFS
O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATI
O64 - Services: CurCS - (.not file.) - (.not file.) - Application système COM+ (COMSysApp) .(...) - LEGACY_COMSYSAPP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Services de cryptographie (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - (.not file.) - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(...) - LEGACY_DCOMLAUNCH
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DHCP (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
O64 - Services: CurCS - C:\Windows\System32\drivers\dmboot.sys - dmboot (dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\DMICall.sys - Sony DMI Call service (DMICall) .(.Sony Corporation - Windows 2000 DMI Call Kernel Driver.) - LEGACY_DMICALL
O64 - Services: CurCS - C:\Windows\System32\drivers\dmload.sys - dmload (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Gestionnaire de disque logique (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client DNS (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys (.not file.) - DSDrv4 (DSDrv4) .(...) - LEGACY_DSDRV4
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Service de rapport d'erreurs (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Système d'événements de COM+ (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - EvtEng (EvtEng) .(.Intel Corporation - EvtEng Module.) - LEGACY_EVTENG
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FASTFAT.sys - fastfat (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Compatibilité avec le Changement rapide d'utilisateur (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FIPS.sys - Fips (Fips) .(...) - LEGACY_FIPS
O64 - Services: CurCS - C:\Windows\System32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msgpc.sys - Classificateur de paquets générique (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate1c999f2e4cfa59e) (gupdate1c999f2e4cfa59e) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE1C999F2E4CFA59E
O64 - Services: CurCS - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater (gusvc) .(.Google - gusvc.) - LEGACY_GUSVC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Aide et support (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC
O64 - Services: CurCS - C:\Windows\System32\Drivers\HTTP.sys - HTTP (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - HTTP SSL (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER
O64 - Services: CurCS - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager (IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT
O64 - Services: CurCS - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - Windows CardSpace (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC
O64 - Services: CurCS - C:\WINDOWS\system32\imapi.exe - Service COM de gravage de CD IMAPI (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipnat.sys - Traducteur d'adresses réseau IP (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ipsec.sys - Pilote IPSEC (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\KSECDD.sys - ksecdd (ksecdd) .(...) - LEGACY_KSECDD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Serveur (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Station de travail (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Assistance TCP/IP NetBIOS (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS
O64 - Services: CurCS - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe - Macromedia Licensing Service (Macromedia Licensing Service) .(.Pas de propriétaire - System Level Service Utilty.) - LEGACY_MACROMEDIA_LICENSI
O64 - Services: CurCS - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe - McAfee Security Scan Component Host Service (McComponentHostService) .(.McAfee, Inc. - Component Host Service.) - LEGACY_MCCOMPONENTHOSTSERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MNMDD.sys - mnmdd (mnmdd) .(...) - LEGACY_MNMDD
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MOUNTMGR.sys - (.not file.) - mountmgr (mountmgr) .(...) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxdav.sys - Redirecteur client WebDav (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\mrxsmb.sys - MRXSMB (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\WINDOWS\system32\msdtc.exe - Distributed Transaction Coordinator (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\WINDOWS\system32\msiexec.exe - Windows Installer (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\MUP.sys - (.not file.) - Mup (Mup) .(...) - LEGACY_MUP
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDIS.sys - (.not file.) - Pilote système NDIS (NDIS) .(...) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndistapi.sys - Pilote TAPI NDIS d'accès distant (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ndisuio.sys - NDIS mode utilisateur E/S Protocole (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - Interface NetBIOS (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbt.sys - NetBIOS sur TCP/IP (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexions réseau (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
O64 - Services: CurCS - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe - NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) .(.Nitro PDF Software - Solid Spool Service.) - LEGACY_NITROREADERDRIVERREADSPOOL
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - NLA (Network Location Awareness) (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA
O64 - Services: CurCS - C:\Windows\System32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NTFS.sys - ntfs (ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 77.43.) - LEGACY_NVSVC
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARTMGR.sys - (.not file.) - PartMgr (PartMgr) .(...) - LEGACY_PARTMGR
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PARVDM.sys - ParVdm (ParVdm) .(...) - LEGACY_PARVDM
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PCIIDE.sys - PCIIde (PCIIde) .(...) - LEGACY_PCIIDE
O64 - Services: CurCS - (.not file.) - (.not file.) - PostgreSQL Database Server 8.3 (pgsql-8.3) .(...) - LEGACY_PGSQL-8.3
O64 - Services: CurCS - C:\WINDOWS\system32\PnkBstrA.exe - PnkBstrA (PnkBstrA) .(...) - LEGACY_PNKBSTRA
O64 - Services: CurCS - C:\WINDOWS\system32\PnkBstrB.exe - PnkBstrB (PnkBstrB) .(...) - LEGACY_PNKBSTRB
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Services IPSEC (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Emplacement protégé (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rasacd.sys - Pilote de connexion automatique d'accès distant (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexion automatique d'accès distant (RasAuto) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASAUTO
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Gestionnaire de connexions d'accès distant (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rdbss.sys - Rdbss (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(...) - LEGACY_RDPNP
O64 - Services: CurCS - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - RegSrvc (RegSrvc) .(.Intel Corporation - RegSrvc Module.) - LEGACY_REGSRVC
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Accès à distance au Registre (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY
O64 - Services: CurCS - (.not file.) - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(...) - LEGACY_RPCSS
O64 - Services: CurCS - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - Spectrum24 Event Monitor (S24EventMonitor) .(.Intel Corporation - Event Monitor - Supports driver extensions.) - LEGACY_S24EVENTMONITOR
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\s24trans.sys - Transport RLAN (s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS
O64 - Services: CurCS - C:\WINDOWS\system32\lsass.exe - Gestionnaire de comptes de sécurité (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Planificateur de tâches (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\secdrv.sys - Secdrv (Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Connexion secondaire (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Notification d'événement système (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\SERIAL.sys - Serial (Serial) .(...) - LEGACY_SERIAL
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Pare-feu Windows / Partage de connexion Internet (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Détection matériel noyau (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - C:\WINDOWS\system32\spoolsv.exe - Spouleur d'impression (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\sr.sys - Pilote de filtre de restauration système (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de restauration système (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srv.sys - Srv (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Service de découvertes SSDP (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\STAROPEN.sys - StarOpen (StarOpen) .(...) - LEGACY_STAROPEN
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Acquisition d'image Windows (WIA) (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Téléphonie (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tcpip.sys - Pilote du protocole TCP/IP (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - (.not file.) - (.not file.) - Services Terminal Server (TermService) .(...) - LEGACY_TERMSERVICE
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Thèmes (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Client de suivi de lien distribué (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\UDFS.sys - Udfs (Udfs) .(...) - LEGACY_UDFS
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Hôte de périphérique universel Plug-and-Play (upnphost) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_UPNPHOST
O64 - Services: CurCS - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe - VAIO Event Service (VAIO Event Service) .(.Sony Corporation - VAIO Event Service (Service Module).) - LEGACY_VAIO_EVENT_SERVICE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VGA.sys - vga (vga) .(...) - LEGACY_VGA
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\VOLSNAP.sys - VolSnap (VolSnap) .(...) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Horloge Windows (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wanarp.sys - Pilote ARP IP d'accès distant (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - WebClient (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Infrastructure de gestion Windows (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT
O64 - Services: CurCS - C:\WINDOWS\system32\wbem\wmiapsrv.exe - Carte de performance WMI (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV
O64 - Services: CurCS - C:\WINDOWS\system32\drivers\ws2ifsl.sys - Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) .(.Microsoft Corporation - Winsock2 IFS Layer.) - LEGACY_WS2IFSL
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Centre de sécurité (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC
O64 - Services: CurCS - C:\WINDOWS\system32\SearchIndexer.exe - Windows Search (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH
O64 - Services: CurCS - C:\WINDOWS\system32\svchost.exe - Mises à jour automatiques (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV
O64 - Services: CurCS - C:\WINDOWS\System32\svchost.exe - Configuration automatique sans fil (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Rida\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.autocompletepro.com
O69 - SBI: SearchScopes [HKCU] {BE28C22E-F666-424d-B5FD-125C4AFEE34E} - (Chercher) - http://search.myheritage.com
O69 - SBI: SearchScopes [HKCU] {D10BF99E-D6CF-49EC-A456-BD5C2132D57B} - (Yahoo! Search) - http://fr.search.yahoo.com



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.069B93A5E079F700BAE7CAC0242BE5F6] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Rida\Application Data\PnkBstrK.sys [139152]



---\\ Scan Additionnel (O88)
Database Version : 24190 - (21/03/2011)

[HKCR\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C}] =>Adware.ClickPotato
[HKCU\Software\Microsoft\Internet Explorer\searchscopes\{171debeb-c3d4-40b7-ac73-056a5eba4a7e}] =>Adware.AskSBar
[HKCU\Software\Microsoft\Internet Explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBar
[HKLM\Software\Classes\AppID\{11c27351-716b-4052-9361-e3b0a3f8221c}] =>Adware.AskSBar
[HKLM\Software\Classes\CLSID\{47c6c527-6204-4f91-849d-66e234dee015}] =>PUP.Dealio
[HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}] =>PUP.Dealio
[HKLM\Software\Classes\CLSID\{b791a095-a4ac-4312-8894-5b7e8ff5b3cd}] =>PUP.Dealio
[HKLM\Software\Classes\comobject.deskbarenabler] =>
[HKLM\Software\Classes\comobject.deskbarenabler] =>
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>
[HKLM\Software\Classes\interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Rogue.SmartSecurity
[HKLM\Software\Classes\interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Rogue.SmartSecurity
[HKLM\Software\Classes\interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Rogue.SmartSecurity
[HKLM\Software\Classes\interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Rogue.SmartSecurity
[HKLM\Software\Classes\TypeLib\{eca4e801-17ae-4863-9f5c-af4047aabee0}] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\ext\preapproved\{1602f07d-8bf3-4c08-bdd6-dddb1c48aedc}] =>Adware.ClickPotato
[HKLM\Software\Microsoft\Windows\CurrentVersion\ext\preapproved\{ac6d819e-aa8f-4418-a3bb-d165c1b18bb5}] =>Adware.ClickPotato
[HKLM\SYSTEM\ControlSet001\Enum\Root\Legacy_npf\0000\control]:activeservice =>Trojan.FakeAlert
[HKLM\SYSTEM\currentControlSet\Enum\Root\Legacy_npf\0000\control]:activeservice =>Trojan.FakeAlert



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SR - | Auto 03/06/2005 86016 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
SS - | Auto 28/02/2009 133104 | (gupdate1c999f2e4cfa59e) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 25/03/2009 183280 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Auto 02/02/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SS - | Demand 15/05/2010 68096 | (Macromedia Licensing Service) . (...) - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
SS - | Demand 15/01/2010 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SS - | Demand 14/12/2006 45056 | (MSCSPTISRV) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
SR - | Auto 04/02/2011 196912 | (NitroReaderDriverReadSpool) . (.Nitro PDF Software.) - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
SR - | Auto 09/06/2005 127044 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Demand 14/12/2006 57344 | (PACSPTISVR) . (...) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
SR - | Auto 15/09/2009 75064 | (PnkBstrA) . (...) - C:\WINDOWS\system32\PnkBstrA.exe
SR - | Auto 15/09/2009 189480 | (PnkBstrB) . (...) - C:\WINDOWS\system32\PnkBstrB.exe
SR - | Auto 03/06/2005 139264 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
SS - | Demand 25/06/2010 117264 | Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe
SR - | Auto 03/06/2005 372809 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
SS - | Demand 05/02/2007 112184 | (SonicStage Back-End Service) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
SS - | Demand 14/12/2006 69632 | (SPTISRV) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
SS - | Demand 05/02/2007 75320 | (SSScsiSV) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
SR - | Auto 20/05/2005 153600 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
Run by Rida at 23/03/2011 15:20:17

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spyz.sys >>UNKNOWN [0x8678C938]<<
spyz.sys
1 ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Harddisk0\DR0[0x8674AAB8]
3 CLASSPNP[0xF7670FD7] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\0000007d[0x8674C9E8]
5 ACPI[0xF73CE620] -> ntkrnlpa!IofCallDriver[0x804EE130] -> \Device\Ide\IdeDeviceP0T0L0-4[0x8674CD98]
kernel: MBR read successfully
user & kernel MBR OK



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Rida at 23/03/2011 15:20:19
Use the desktop link 'MBRCheck' to have full report
Dump file Name : C:\PhysicalDisk0_MBR.bin



---\\ Liste des émulateurs de CD/DVD (Hook du MBR)
O58 - SDL:[MD5.58EF1300F915817C00FCFD7F2CF01300] - 17/02/2009 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [717296]



End of the scan (1044 lines in 02mn 32s)(0)
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 15:29

Merde, j'ai fait dans l'ordre, bon je poste quand meme le lien ^^ dsl !

http://cjoint.com/?1dxpC5boAb8

Un grand merci de nouveau
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar nardino » 23 Mar 2011 16:25

Bonjour,

Lance ZHPFix par l'icône sur le bureau
Le tutoriel http://rue-du-montceau.pagesperso-orang ... hpfix.html
Coche les lignes suivantes :

G0 - GCSP: Preference [User Data\Default][HomePage] http://search.autocompletepro.com
O4 - Global Startup: C:\Documents And Settings\Rida\Menu Démarrer\Programmes\Navigateur OfferBox.lnk . (...) -- C:\Program Files\OfferBox\OfferBoxLauncher.exe (.not file.)
O43 - CFD: 28/10/2010 - 17:34:44 - [16856] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\crazyloader Air
O43 - CFD: 22/03/2011 - 04:31:18 - [0] ----D- C:\Documents and Settings\Rida\Local Settings\Application Data\Temp
O64 - Services: CurCS - C:\Windows\System32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.autocompletepro.com
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}]

Clique sur le bouton Nettoyer .
Poste le rapport obtenu.

@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 16:38

Voila, j'ai zappé la O4 que je met ensuite

Rapport de ZHPFix 1.12.3262 par Nicolas Coolman, Update du 21/03/2011
Fichier d'export Registre : C:\ZHPExportRegistry-23-03-2011-16-38-00.txt
Run by Rida at 23/03/2011 16:38:00
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html
Contact : nicolascoolman@yahoo.fr

========== Clé(s) du Registre ==========
O64 - Services: CurCS - C:\Windows\System32\drivers\npf.sys - NetGroup Packet Filter Driver (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF => Clé supprimée avec succès
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Web Search) - http://search.autocompletepro.com => Clé supprimée avec succès
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} => Clé supprimée avec succès
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} => Clé supprimée avec succès
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} => Clé supprimée avec succès
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} => Clé supprimée avec succès

========== Dossier(s) ==========
C:\Documents and Settings\Rida\Local Settings\Application Data\crazyloader Air => Supprimé et mis en quarantaine
C:\Documents and Settings\Rida\Local Settings\Application Data\Temp => Supprimé et mis en quarantaine


========== Récapitulatif ==========
6 : Clé(s) du Registre
2 : Dossier(s)


End of the scan
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 16:40

Rapport de ZHPFix 1.12.3262 par Nicolas Coolman, Update du 21/03/2011
Fichier d'export Registre : C:\ZHPExportRegistry-23-03-2011-16-38-00.txt
Run by Rida at 23/03/2011 16:40:22
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html
Contact : nicolascoolman@yahoo.fr

========== Fichier(s) ==========
c:\documents and settings\rida\menu démarrer\programmes\navigateur offerbox.lnk => Supprimé et mis en quarantaine
c:\program files\offerbox\offerboxlauncher.exe => Fichier absent


========== Récapitulatif ==========
2 : Fichier(s)


End of the scan
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar nardino » 23 Mar 2011 17:01

Bonjour
Quel est le résultat de l'opération sur ton problème de vidéos ?
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: Ralentissement énorme PC

Messagepar daribluff » 23 Mar 2011 17:07

Bonjour,

Dois je redémarrer mon PC ? Les vidéos et les musiques n'ont pas changés ! Impossible de les voir, enfin à part en mode échantillonné !

Et petite précision qui pourrais être utile, tout mon ordi est en mode ralenti, même ma souris qui saccade comme le 120MHz que j'avais il y a 10 ans ! Je tape mon texte avec un petit décalage aussi !

Un grand merci par avance
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar nardino » 23 Mar 2011 22:37

Bonsoir,
Il faut envisager une panne du hardware (matériel)
Commence par tester la mémoire.
http://www.memtest86.com/
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: Ralentissement énorme PC

Messagepar daribluff » 24 Mar 2011 13:37

Bonjour,

J'ai réussit à m'en sortir, pass complete, no errors ! Pas de souci à priori au niveau de ma mémoire ! Bonne nouvelle ! :)

Aurais tu une autre piste ?

Un grand merci par avance
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar nardino » 24 Mar 2011 13:46

Bonjour
As-tu la possibilité de tester une autre carte graphique ?
@+
Image
Avatar de l’utilisateur
nardino
Super Libellulien
Super Libellulien
 
Messages: 1103
Inscription: 03 Avr 2009 22:02

Re: Ralentissement énorme PC

Messagepar daribluff » 24 Mar 2011 13:53

Malheureusement non ! J'ai un portable je n'ai pas de carte graphique à disposition !

Juste pour info, ce problème m'est déjà arrivé il y a deux ans je dirai, j'ai formaté mon disque, je ne m'y connais pas du tout donc je vais m'abstiendrai d’être pédant, mais à l'époque c'était un problème de virus (ssss), de mémoire.

Mon PC te semble clean de ce coté la ?
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar daribluff » 24 Mar 2011 13:56

Ah oui autre info, il m'arrive en ouvrant des fichiers sur mon second disque E, d'avoir le message "Windows doit femer le programme suivant par mesure de sécurite : Explorer.exe" dans ce cas, explorer se ferme puis se réouvre, je ne sais pas si ça peut servir ton raisonnement
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24

Re: Ralentissement énorme PC

Messagepar daribluff » 24 Mar 2011 14:04

Via le lien suivant, le message d'erreur, dans ce cas j'ai été obligé de relancé explorer manuellement, c'est tout nouveau ça !

http://cjoint.com/?1dyodXOrZHW
daribluff
 
Messages: 13
Inscription: 23 Mar 2011 12:24


Retourner vers Désinfections et demandes d'analyse

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 0 invités