Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011 Run by Jean Luc at 14/09/2011 08:28:38 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 (Defaut) MFIE: Mozilla Firefox v3.5.7 (fr) ---\\ Windows Product Information Windows XP Home Edition Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : KO ---\\ System Information ~ Processor: x86 Family 15 Model 2 Stepping 9, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1535 MB (39% free) System Restore: Activé (Enable) System drive C: has 14 GB (25%) free of 54 GB ---\\ Logged in mode ~ Computer Name: LUCKY ~ User Name: Jean Luc ~ All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, Jean Luc, HelpAssistant, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\Jean Luc\Application Data\ ~ %Desktop% : C:\Documents and Settings\Jean Luc\Bureau\ ~ %Favorites% : C:\Documents and Settings\Jean Luc\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Jean Luc\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Jean Luc\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 54 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 10 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 20 Go) G:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 20 Go) H:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 137 Go) I:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 16 Go) J:\ CD-ROM drive (Not Inserted) K:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.11/09/2011 - 19:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.01/05/2011 - 19:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.01/05/2011 - 04:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.01/05/2011 - 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.01/05/2011 - 11:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.01/05/2011 - 12:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ~ Scan Generic Processes in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 14/103 ~ Mes musiques (My Musics) : 1/9 ~ Mes Videos (My Videos) : 1/11 ~ Mes Favoris (My Favorites) : 4/358 ~ Mes Documents (My Documents) : 39/1848 ~ Mon Bureau (My Desktop) : 3/138 ~ Menu demarrer (Programs) : 5/161 ~ Scan Hidden Files in 00mn 17s ---\\ Processus lancés [MD5.F45DD1E1365D857DD08BC23563370D0E] - (.Microsoft Corporation - Service Executable.) -- C:\Program Files\Windows Defender\MsMpEng.exe [13592] [PID.] [MD5.226D6068A955635259A3ABEF2F13827C] - (.SANDBOXIE L.T.D - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [72936] [PID.] [MD5.0629361FAC4576BA48AB39F4903DCE9E] - (.Lavasoft - Ad-Aware 2007 Service.) -- C:\Program Files\Ad-Aware\aawservice.exe [587096] [PID.] [MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\Avast5\AvastSvc.exe [44768] [PID.] [MD5.06A1ECB63DF139EC639E084D4AB3C9D7] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\windows\system\hpsysdrv.exe [52736] [PID.240] [MD5.4A95F15B706B8FD9EC8715B6401EAB7B] - (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.EXE [61440] [PID.272] [MD5.8D8BD6155A97AEAC818BDDD70C1FBC8E] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [315392] [PID.356] [MD5.C277BA82F9D41397878E2696CEEEA387] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\VirtualCloneDrive\VCDDaemon.exe [94208] [PID.412] [MD5.7EBFAE0A6D73D2D9C9A970A80935FD8F] - (.Microsoft® Corporation - Détection Microsoft® Works Update.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe [28672] [PID.452] [MD5.0554F379355BF29C73FD5ACF82C6D0A6] - (.Nero AG - Nero SecurDisc Host.) -- C:\Program Files\Nero\Nero8\InCD\NBHGui.exe [2049320] [PID.480] [MD5.5531946ACDAEB90294709D9A24790381] - (.Nero AG - InCD.) -- C:\Program Files\Nero\Nero8\InCD\InCD.exe [1083176] [PID.488] [MD5.77C03BF23AE56B0A31AE4D5BB4B3D0AC] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [866584] [PID.524] [MD5.064805A7893898CBF058086832217771] - (...) -- C:\WINDOWS\StartupMonitor.exe [86016] [PID.532] [MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\Avast5\avastUI.exe [3722416] [PID.552] [MD5.80FD4D46B0E9B620CF757A9A5C789329] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [577536] [PID.564] [MD5.03163BAF3A5DBF8742804093931D7D32] - (.Hewlett-Packard Co. - HP OfficeJet COM Device Objects.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [147456] [PID.1156] [MD5.A564A22308A3F55235BA2478EE82992D] - (.Hewlett-Packard - hpotdd01.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [28672] [PID.1176] [MD5.18D428E20307FB829A0624D4AFF054DA] - (.TechSmith Corporation - SnagIt 8.) -- C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [5517312] [PID.1328] [MD5.F60A4F6DFF4AC13AAE505BE723F7ABA1] - (.Creative Technology Ltd - Creative Launcher.) -- C:\Program Files\Creative\Launcher\CTLauncher.exe [245760] [PID.1372] [MD5.16CCD27EDBD86270970E8EE9FCD114D6] - (.Lavasoft AB - Ad-Watch Realtime Malware Protection.) -- C:\Program Files\Ad-Aware\Ad-Watch2007.exe [2684280] [PID.] [MD5.F67A873093DFC0B5945770F957843C14] - (.TechSmith Corporation - TechSmith HTML Help Helper.) -- C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe [26112] [PID.2788] [MD5.3786555153E28AA2A239B2352E657970] - (.Hewlett-Packard Co. - HP OfficeJet COM Event Manager.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe [286720] [PID.3272] [MD5.A52E0EBF719F379EFD178C402B1AD7BB] - (.Diskeeper Corporation - Diskeeper Service.) -- C:\Program Files\Diskeeper\DkService.exe [1094936] [PID.] [MD5.B983D62CA4AC7C1B68089AE05FDE6888] - (.Nero AG - incdsrv.) -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe [1440552] [PID.] [MD5.09417134F248DFCEEA15C72BCC87F592] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.] [MD5.40D7D0A208EE863BCA8D89E299216F15] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.] [MD5.3929C15875CC58FAA1048B231FB3E041] - (.Nero AG - Nero Registry InCD Service.) -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [53032] [PID.] [MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920] [PID.] [MD5.ED417815F3010801DB220383FE69EA35] - (.Microsoft Corporation - QSHELF MFC Application.) -- C:\Program Files\Microsoft Reference\Bibliorom Larousse 2.0\QShlf2f.exe [110592] [PID.1252] [MD5.9617ED95D177636848988A8B513F2571] - (.Hewlett-Packard Co. - HP OfficeJet Status.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe [311296] [PID.2904] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.3512] [MD5.A7AAE26100ED1BD3755E36449635D61E] - (.PortableApps.com - Virtual Magnifying Glass Portable.) -- C:\00.Utilitaire\Loupe\VirtualMagnifyingGlass.exe [61648] [PID.956] [MD5.9C912F4CBC7091BDA898581E62D82402] - (.open sourc - Virtual Magnifying Glas.) -- C:\00.Utilitaire\Loupe\App\magnifyingglass\magnifier.exe [202240] [PID.692] [MD5.B4A8CA9A1EEEE32A4DC5D323A002ED3F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [908248] [PID.3380] [MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.2368] [MD5.C81B8635DEE0D3EF5F64B3DD643023A5] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\System32\wdfmgr.exe [38912] [PID.] [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.] ~ Scan Processes Running in 00mn 11s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Jean Luc\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G0 - GCSP: Preference [User Data\Default][HomePage] file:///C:/00.Data/00.Liens.htm ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Jean Luc\Application Data\Mozilla\Firefox\Profiles\adph2abd.default\prefs.js C:\Documents and Settings\Jean Luc\Application Data\Mozilla\Firefox\Profiles\adph2abd.default\user.js (.not file.) M3 - MFPP: Plugins - [Jean Luc] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Jean Luc] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Jean Luc] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Jean Luc] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Jean Luc] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Jean Luc] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Jean Luc - adph2abd.default] C:\\00.Data\\00.Liens.htm M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\capturefoxmovie@advancity.net] [] Capture Fox v0.7.0 (.Zafer Gurel.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\ClickCutterFFAutoCopy@clickcutter.com] [] ClickCutter AutoCopy v1.3 (.Clickcutter.com.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\deezersearch@neofyt.com] [] Deezer Search v1.2.5 (.NeoFyt.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\elemhidehelper@adblockplus.org] [] Element Hiding Helper for Adblock Plus v1.1.1 (.Wladimir Palant.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\flashcatch-amo@flashcatch.com] [] FlashCatch v1.0.4.1 (.Level 9 Technology, Inc. All Rights Reserved.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\pagehacker-nico@nc] [] Page Hacker v1.0.4.1 (.nico@nc.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{1280606b-2510-4fe0-97ef-9b5a22eafe30}] [] ç€è¦½é çµ„管ç†å“¡ v0.7.5 (.Morac.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{1392b8d2-5c05-419f-a8f6-b9f15a596612}] [] Freecorder Toolbar v2.5.6.0 (.Conduit Ltd..) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{3d7eb24f-2740-49df-8937-200b1cc08f8a}] [] Flashblock v1.5.15.1 (.The Flashblock Team.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}] [febe] FEBE v6.3.3.2 (.Chuck Baker.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{71328583-3CA7-4809-B4BA-570A85818FBB}] [cacheviewer] CacheViewer v0.6.3 (.The Tiny BENKI.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{AA6F0803-145A-4200-8E5E-68898D02B5B3}] [] Right-Click-Link v1.1.5 (.Rickard Andersson.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.5 (.Michel Gutierrez.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus v1.3.9 (.Wladimir Palant.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}] [] MetaProducts Integration v1.5 (.MetaProducts corp..) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{eecba28f-b68b-4b3a-b501-6ce12e6b8696}] [] ViewSourceWith v0.7.4 (.Davide Ficano.) M2 - MFEP: prefs.js [Jean Luc - adph2abd.default\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}] [] UnMHT v5.7.0 (.arai.) P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\libdivx.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\ssldivx.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX7\DivX Web Player\npdivx32.dll P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX7\DivX Player\npDivxPlayerPlugin.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.0.3] - (.the VideoLAN Team - Version 1.0.3, copyright 1996-2009 The VideoLAN Team
Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21456] O58 - SDL:[MD5.1D1F2578FA5E76D235A1CD41336572D9] - 01/05/2011 - 05:51:00 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys [167296] O58 - SDL:[MD5.74D90B523ECB88A1347B9068B074A49C] - 01/05/2011 - 05:50:10 ---A- . (.Conexant Systems, Inc. - WinACHSF driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys [619776] O58 - SDL:[MD5.367907064870157FA4772E4688EA6E52] - 01/05/2011 - 05:49:02 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys [1068032] O58 - SDL:[MD5.17F39A1916733ED228EB46AD67C35426] - 01/05/2011 - 08:14:16 ---A- . (.Intel Corporation - Intel Graphics Chipset (KCH) Driver for Windows 2000(R) & Windo.) -- C:\WINDOWS\system32\drivers\ialmkchw.sys [78496] O58 - SDL:[MD5.A79029861CB69CD3CF4EAB9EBFEE32DD] - 01/05/2011 - 08:13:04 ---A- . (.Intel Corporation - Controller Hub for Intel Graphics Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys [90395] O58 - SDL:[MD5.3EE36328E860FBF102B54608A055C6BE] - 01/05/2011 - 08:14:28 ---A- . (.Intel Corporation - Intel Graphics Platform (SoftBIOS) Driver for Windows 2000(R) &.) -- C:\WINDOWS\system32\drivers\ialmsbw.sys [112288] O58 - SDL:[MD5.1E90556B48615D7DFECB857C56E89222] - 01/05/2011 - 16:21:08 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys [11304] O58 - SDL:[MD5.A24DD16FCAF1B68C7CF3B17A6EF52B43] - 01/05/2011 - 16:21:08 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys [132904] O58 - SDL:[MD5.C2F53DE752F47794BB33507F28A1AC18] - 01/05/2011 - 13:03:48 ---A- . (.Nero AG - InCD File System Driver.) -- C:\WINDOWS\system32\drivers\InCDfs.sys [128424] O58 - SDL:[MD5.5595B3C501917D409842D4E87188E37D] - 01/05/2011 - 13:03:58 ---A- . (.Nero AG - Nero InCD RW Filter Driver.) -- C:\WINDOWS\system32\drivers\InCDPass.sys [38952] O58 - SDL:[MD5.B0A7FF11D73A4E4CA68BB0898F294719] - 01/05/2011 - 13:03:58 ---A- . (.Nero AG - Nero InCD File System Recognizer.) -- C:\WINDOWS\system32\drivers\InCDrec.sys [17448] O58 - SDL:[MD5.BF54A431B10899B67C9057682CBD2A9A] - 01/05/2011 - 13:03:58 ---A- . (.Nero AG - Nero MRW Filter Driver.) -- C:\WINDOWS\system32\drivers\InCDRm.sys [40360] O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 01/05/2011 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 01/05/2011 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.B72D7EA394D5F1C5053368783AD7F7ED] - 01/05/2011 - 00:22:06 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [11044] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 01/05/2011 - 06:37:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.6623E51595C0076755C29C00846C4EB2] - 01/05/2011 - 08:13:10 ---A- . (.CACE Technologies - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\system32\drivers\npf.sys [34064] O58 - SDL:[MD5.05BDD706A847BBFA9FD5948CD636EB1A] - 01/05/2011 - 12:56:58 ---A- . (.Lavasoft AB - Driver for Ad-Watch network monitoring.) -- C:\WINDOWS\system32\drivers\NSDriver.sys [9344] O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 01/05/2011 - 09:34:32 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [1897408] O58 - SDL:[MD5.DB36442C20793C53B4128EB85F9A3D32] - 01/05/2011 - 01:24:00 ---A- . (.NVIDIA Corporation - NVIDIA nForce AGP Filter.) -- C:\WINDOWS\system32\drivers\nv_agp.SYS [13568] O58 - SDL:[MD5.477030E70F8EB2A6FDAC1C4D8E4F98CA] - 01/05/2011 - 04:17:00 ---A- . (.Tall Emu - OA Helper Driver.) -- C:\WINDOWS\system32\drivers\OADriver.sys [200784] O58 - SDL:[MD5.6A976A0472A03C96AFB5C8BD3FB996FC] - 01/05/2011 - 04:17:14 ---A- . (.Tall Emu - TDI Helper Driver.) -- C:\WINDOWS\system32\drivers\OAmon.sys [24656] O58 - SDL:[MD5.492D372D6FF633EEADEFAC333C2A49B0] - 01/05/2011 - 05:04:40 ---A- . (.Tall Emu Pty Ltd - OA Helper Driver.) -- C:\WINDOWS\system32\drivers\OAnet.sys [29776] O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 01/05/2011 - 10:28:54 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\WINDOWS\system32\drivers\pcouffin.sys [47360] O58 - SDL:[MD5.ED2E7F396B4098608C95BC3806BDF6FC] - 01/05/2011 - 09:22:32 ---A- . (.Padus, Inc. - Padus(R) ASPI Shell.) -- C:\WINDOWS\system32\drivers\pfc.sys [9856] O58 - SDL:[MD5.87D211BA1E9759E26B6296E625A31CE8] - 01/05/2011 - 17:07:24 ---A- . (.PowerQuest Corporation - PowerQuest Boot Mode Driver..) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys [4228] O58 - SDL:[MD5.BFFDB363485501A38F0BCA83AEC810DB] - 01/05/2011 - 21:00:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [14112] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 01/05/2011 - 07:50:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.E205C313417DA6FA7AFE85912A310A65] - 01/05/2011 - 01:56:49 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\WINDOWS\system32\drivers\RegKill.sys [11984] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 01/05/2011 - 06:37:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 01/05/2011 - 06:37:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.AAF37CD1CEA154F776479AB5095815F0] - 01/05/2011 - 20:23:54 ---A- . (.Resplendence Software Projects Sp. - Resplendence Sanity Check.) -- C:\WINDOWS\system32\drivers\rspSanity32.sys [30136] O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 01/05/2011 - 09:35:40 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\rtl8139.sys [20992] O58 - SDL:[MD5.19E1CC285F736616B7379A7462FC438A] - 01/05/2011 - 10:31:44 R--A- . (.Realtek Semiconductor Corporation - Realtek RTL8192S USB NDIS Driver.) -- C:\WINDOWS\system32\drivers\RTL8192su.sys [584832] O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 01/05/2011 - 09:34:34 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys [166912] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 01/05/2011 - 09:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.8DFBC5AA688CAA1B7EEBC704250FC06E] - 01/05/2011 - 05:09:48 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\SISAGPX.SYS [30848] O58 - SDL:[MD5.3B37B6CDD8CCC24F294B9914CC54DBA0] - 01/05/2011 - 02:19:50 ---A- . (.Silicon Integrated Systems Corporation - SiS Compatible Super VGA Driver.) -- C:\WINDOWS\system32\drivers\sisgrp.sys [260736] O58 - SDL:[MD5.31E67B274F3E011B860DED488847C4F3] - 01/05/2011 - 19:10:50 ---A- . (.Ray Hinchliffe - System Information Viewer X32 Driver.) -- C:\WINDOWS\system32\drivers\SIVX32.sys [49784] O58 - SDL:[MD5.A5CF31080E99718949BCC38C83F13452] - 01/05/2011 - 20:20:42 ---A- . (.StorageCraft - StorageCraft Volume Snap-Shot.) -- C:\WINDOWS\system32\drivers\symsnap.sys [138592] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 01/05/2011 - 06:37:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.8EDEAEA4DB89FA8001C65F0F286F212F] - 01/05/2011 - 14:48:40 ---A- . (.Sun Microsystems, Inc. - VirtualBox Support Driver.) -- C:\WINDOWS\system32\drivers\VBoxDrv.sys [116368] O58 - SDL:[MD5.5D0A9C1F410A35B1E07B00D18A12785E] - 01/05/2011 - 14:48:42 ---A- . (.Sun Microsystems, Inc. - VirtualBox USB Monitor Driver.) -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys [41424] O58 - SDL:[MD5.6FC96D8F888E6EAD06CE73634063032A] - 01/05/2011 - 08:14:02 ---A- . (.Intel Corporation - Intel(R) Video Controller Hub (VCH) Minidriver.) -- C:\WINDOWS\system32\drivers\vch.sys [20021] O58 - SDL:[MD5.1A131C2CA1B99542F9B0DD0C901F6587] - 01/05/2011 - 20:59:21 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\VClone.sys [24320] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 01/05/2011 - 06:37:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.0E3E3FAE3A0A58B8D936A8E841A17D16] - 01/05/2011 - 18:41:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS [26880] O58 - SDL:[MD5.B67632451F760797BB183E1FB99F4B39] - 01/05/2011 - 14:22:00 ---A- . (.RDV Soft - VNC Communication.) -- C:\WINDOWS\system32\drivers\vnccom.SYS [6016] O58 - SDL:[MD5.4EC979B157D1AA075330362ACB5424E5] - 01/05/2011 - 14:22:00 ---A- . (.RDV Soft - Ultravnc Mirror Driver.) -- C:\WINDOWS\system32\drivers\vncdrv.sys [4736] O58 - SDL:[MD5.EF3506B04EB9124240B35148EAACBAA5] - 01/05/2011 - 20:40:14 ---A- . (.Symantec Corporation - VProEventMonitor.Sys - Event Monitoring driver.) -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys [15096] O58 - SDL:[MD5.A84641DE5053420FA94714D59581A099] - 01/05/2011 - 08:13:12 ---A- . (.Intel Corporation - Ch7009 Minidriver.) -- C:\WINDOWS\system32\drivers\wa301a.sys [32823] O58 - SDL:[MD5.A84641DE5053420FA94714D59581A099] - 01/05/2011 - 08:13:12 ---A- . (.Intel Corporation - Ch7009 Minidriver.) -- C:\WINDOWS\system32\drivers\wa301b.sys [32823] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 01/05/2011 - 07:09:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 01/05/2011 - 06:59:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.F07BA56B0235F15EFF8F10DC6389C42E] - 01/05/2011 - 12:45:10 ---A- . (...) -- C:\WINDOWS\system32\epmntdrv.sys [13192] O58 - SDL:[MD5.1F2F4AB15CE03ECC257FEB2F6DC5A013] - 01/05/2011 - 16:55:00 ---A- . (...) -- C:\WINDOWS\system32\EuGdiDrv.sys [8456] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 01/05/2011 - 09:51:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 01/05/2011 - 07:52:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 01/05/2011 - 07:52:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.53F7546E8DAEFB3A0813F5E19C4613C9] - 01/05/2011 - 03:12:34 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - NetStumbler NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\nsndis5.sys [17280] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 01/05/2011 - 07:26:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 01/05/2011 - 07:26:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 01/05/2011 - 07:26:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 01/05/2011 - 07:26:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 01/05/2011 - 07:26:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 01/05/2011 - 09:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 01/05/2011 - 09:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 01/05/2011 - 09:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 01/05/2011 - 09:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 01/05/2011 - 09:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ~ Scan Drivers in 00mn 14s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: HijackThis 1.99.1 - (.Soeperman Enterprises Ltd..) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: OTL - (.OldTimer.) ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - 22vytr(22vytr) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_22VYTR O64 - Services: CurCS - 31/07/2008 - C:\Program Files\a-squared Free\a2service.exe - a-squared Free Service(a2free) .(.Emsi Software GmbH - a-squared Service.) - LEGACY_A2FREE O64 - Services: CurCS - 04/01/2008 - C:\Program Files\Ad-Aware\aawservice.exe - Ad-Aware 2007 Service(aawservice) .(.Lavasoft - Ad-Aware 2007 Service.) - LEGACY_AAWSERVICE O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - AGPTaO(AGPTaO) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_AGPTAO O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - cBw71h(cBw71h) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_CBW71H O64 - Services: CurCS - 16/10/2007 - C:\Program Files\Diskeeper\DkService.exe - Diskeeper(Diskeeper) .(.Diskeeper Corporation - Diskeeper Service.) - LEGACY_DISKEEPER O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 21/01/2003 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 30/08/2010 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - No object(No service) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - 26/09/2009 - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver(ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO O64 - Services: CurCS - 26/08/2009 - C:\WINDOWS\system32\epmntdrv.sys - epmntdrv (epmntdrv) .(...) - LEGACY_EPMNTDRV O64 - Services: CurCS - 16/09/2009 - C:\WINDOWS\system32\EuGdiDrv.sys - EuGdiDrv (EuGdiDrv) .(...) - LEGACY_EUGDIDRV O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - gX4FNW(gX4FNW) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_GX4FNW O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - GzdfnY(GzdfnY) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_GZDFNY O64 - Services: CurCS - 14/11/2005 - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT O64 - Services: CurCS - 28/02/2008 - C:\WINDOWS\system32\drivers\InCDFs.sys - Nero InCD File System(InCDfs) .(.Nero AG - InCD File System Driver.) - LEGACY_INCDFS O64 - Services: CurCS - 28/02/2008 - C:\WINDOWS\system32\drivers\InCDRec.sys - Nero InCD File System Recognizer(InCDRec) .(.Nero AG - Nero InCD File System Recognizer.) - LEGACY_INCDREC O64 - Services: CurCS - 28/02/2008 - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe - InCD Helper(InCDsrv) .(.Nero AG - incdsrv.) - LEGACY_INCDSRV O64 - Services: CurCS - 08/07/2008 - C:\WINDOWS\system32\DRIVERS\15372906.sys - is-1DPAJdrv(is-1DPAJdrv) .(.Kaspersky Lab - Klif Mini-Filter.) - LEGACY_IS-1DPAJDRV O64 - Services: CurCS - 03/04/2010 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - jtgqkr(jtgqkr) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_JTGQKR O64 - Services: CurCS - 12/09/2010 - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service(maconfservice) .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE O64 - Services: CurCS - 12/12/2002 - C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys - mdmxsdk(mdmxsdk) .(.Conexant - Diagnostic Interface DRIVER.) - LEGACY_MDMXSDK O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - mkIRbC(mkIRbC) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_MKIRBC O64 - Services: CurCS - 28/02/2008 - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe - Nero Registry InCD Service(NeroRegInCDSrv) .(.Nero AG - Nero Registry InCD Service.) - LEGACY_NEROREGINCDSRV O64 - Services: CurCS - 28/02/2008 - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe - NMIndexingService(NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE O64 - Services: CurCS - 01/06/2008 - C:\WINDOWS\system32\drivers\npf.sys - NetGroup Packet Filter Driver(npf) .(.CACE Technologies - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - 04/03/2003 - C:\WINDOWS\System32\nvsvc32.exe - NVIDIA Driver Helper Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 43.03.) - LEGACY_NVSVC O64 - Services: CurCS - 07/09/2002 - C:\WINDOWS\system32\DRIVERS\nv_agp.sys - NVIDIA nForce AGP Bus Filter(nv_agp) .(.NVIDIA Corporation - NVIDIA nForce AGP Filter.) - LEGACY_NV_AGP O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - p6R2xW(p6R2xW) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_P6R2XW O64 - Services: CurCS - 07/03/2009 - C:\WINDOWS\system32\DRIVERS\rspSanity32.sys - rspSanity(rspSanity) .(.Resplendence Software Projects Sp. - Resplendence Sanity Check.) - LEGACY_RSPSANITY O64 - Services: CurCS - 24/03/2011 - C:\Program Files\Sandboxie\SbieDrv.sys - SbieDrv(SbieDrv) .(.SANDBOXIE L.T.D - Sandboxie Kernel Mode Driver.) - LEGACY_SBIEDRV O64 - Services: CurCS - 24/03/2011 - C:\Program Files\Sandboxie\SbieSvc.exe - Sandboxie Service(SbieSvc) .(.SANDBOXIE L.T.D - Sandboxie Service.) - LEGACY_SBIESVC O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - SbZnRh(SbZnRh) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_SBZNRH O64 - Services: CurCS - 25/12/2002 - C:\WINDOWS\system32\DRIVERS\SISAGPX.sys - SiS AGP Filter(SISAGP) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP O64 - Services: CurCS - 02/09/2009 - C:\WINDOWS\system32\Drivers\SIVX32.sys - SIV Kernel Driver(SIVDRIVER) .(.Ray Hinchliffe - System Information Viewer X32 Driver.) - LEGACY_SIVDRIVER O64 - Services: CurCS - 21/09/2009 - C:\WINDOWS\system32\DRIVERS\symsnap.sys - Symantec Volume Snap Shot Driver(symsnap) .(.StorageCraft - StorageCraft Volume Snap-Shot.) - LEGACY_SYMSNAP O64 - Services: CurCS - 21/09/2009 - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe - SymSnapService(SymSnapService) .(.Symantec - Symantec Snapshot Service.) - LEGACY_SYMSNAPSERVICE O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - tdeHOZ(tdeHOZ) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_TDEHOZ O64 - Services: CurCS - 02/05/2008 - C:\Program Files\Unlocker\UnlockerDriver5.sys - UnlockerDriver5 (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5 O64 - Services: CurCS - 29/10/2009 - C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys - VirtualBox Service(VBoxDrv) .(.Sun Microsystems, Inc. - VirtualBox Support Driver.) - LEGACY_VBOXDRV O64 - Services: CurCS - 29/10/2009 - C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys - VirtualBox USB Monitor Driver(VBoxUSBMon) .(.Sun Microsystems, Inc. - VirtualBox USB Monitor Driver.) - LEGACY_VBOXUSBMON O64 - Services: CurCS - 27/12/2002 - C:\WINDOWS\system32\DRIVERS\viaagp1.sys - VIA AGP Filter(viaagp1) .(.VIA Technologies, Inc. - VIA NT AGP Filter.) - LEGACY_VIAAGP1 O64 - Services: CurCS - 26/06/2004 - C:\WINDOWS\system32\Drivers\vnccom.sys - vnccom(vnccom) .(.RDV Soft - VNC Communication.) - LEGACY_VNCCOM O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - WyCvo2(WyCvo2) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_WYCVO2 O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - zfnMXW(zfnMXW) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_ZFNMXW O64 - Services: CurCS - 05/09/2009 - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe - ZKKWAN(ZKKWAN) .(.CPUID - PC Wizard NTLM Password Library.) - LEGACY_ZKKWAN ~ Scan Services in 00mn 14s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- U:\LiberKey\Apps\Firefox\FirefoxLKL.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Jean Luc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com ~ Scan Keys in 00mn 00s ---\\ Internet Feature Controls (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.5B6C11DE7E839C05248CED8825470FEF] [SPRF][31/08/2009] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Documents and Settings\Jean Luc\Application Data\pcouffin.sys [47360] [MD5.1A04D52906FEF98B94C44A8C242FA21A] [SPRF][10/04/2010] (...) -- C:\Documents and Settings\Jean Luc\Bureau\Copie Fichiers.bat [935] [MD5.0F28C28D57CC9C6B4DBEE48ADDC33465] [SPRF][04/11/2009] (...) -- C:\Documents and Settings\Jean Luc\Bureau\Delete Fichier -.tmp.bat [823] [MD5.4A2FF3087DB9B7486A66CF9C4CAFB56D] [SPRF][13/06/2008] (...) -- C:\Documents and Settings\Jean Luc\Bureau\Delete Fichier Prefetch.bat [750] [MD5.03A9565A0798F743E2C49963398AC5FB] [SPRF][19/04/2009] (...) -- C:\Documents and Settings\Jean Luc\Bureau\Delete Fichier wbk---.tmp.bat [800] [MD5.CE1A668E0B22B8B4B78852C9527B9921] [SPRF][30/09/2008] (...) -- C:\Documents and Settings\Jean Luc\Bureau\Delete Temp Sauf MessCache.bat [1981] [MD5.B3D998092DCD1BC0E65230685D19ACAE] [SPRF][24/03/2010] (...) -- C:\Documents and Settings\Jean Luc\Bureau\Déplacement Fichiers.bat [750] [MD5.B56310DCEC32C925ED987947B9EB9FD1] [SPRF][27/01/2011] (.OldTimer Tools - Pas de description.) -- C:\Documents and Settings\Jean Luc\Bureau\OTL.exe [602624] [MD5.E4653C3C44E66450D2A4AF71C7E4FA8F] [SPRF][19/08/2009] (.Gabest - SubMux.) -- C:\Documents and Settings\Jean Luc\Bureau\submux.exe [122880] [MD5.94C91F1A3D350CE6039EA0E3FC12FE28] [SPRF][19/08/2009] (.Gabest - Subresync.) -- C:\Documents and Settings\Jean Luc\Bureau\subresync.exe [159744] [MD5.5CAAFF20C5695611F08ABD954E58DEA2] [SPRF][13/09/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Jean Luc\Bureau\ZHPDiag2.exe [2582227] [MD5.29CFE9ED23C55E55838A789EB1182A9B] [SPRF][04/10/2008] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1887080] [MD5.9215729889BAFB10152218F5A6968744] [SPRF][11/03/2009] (.Akamai Technologies, Inc. - Download Manager ActiveX Control.) -- C:\WINDOWS\Downloaded Program Files\Manager.exe [689536] ~ Scan Files in 00mn 06s ---\\ Scan Additionnel (O88) Database Version : 8621 - (29/08/2011) Clés trouvées (Keys found) : 3 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 4 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar [HKCU\Software\Totem] =>Adware.VirtualGirl [HKLM\Software\Totem] =>Adware.VirtualGirl C:\Documents and Settings\Jean Luc\Application Data\Adobe\plugs =>Trojan.FakeAlert C:\Program Files\vghd =>Adware.VirtualGirl C:\Documents and Settings\Jean Luc\Application Data\log =>Worm.Silly C:\Documents and Settings\Jean Luc\Application Data\vghd =>Adware.VirtualGirl ~ Scan Additionnel in 00mn 31s ---\\ Recherche détournement de DNS routeur (O89) Serveur : dns1.proxad.net Address: 212.27.40.240 Nom : www.l.google.com Addresses: 74.125.39.103, 74.125.39.104, 74.125.39.106, 74.125.39.105 74.125.39.99, 74.125.39.147 Aliases: www.google.fr, www.google.com ~ Scan DNS in 00mn 03s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 09/01/2010 53248 | (22vytr) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 01/05/2011 380536 | C:\Program Files\a-squared Free\a2service.exe (a2free) . (.Emsi Software GmbH.) - C:\Program Files\a-squared Free\a2service.exe SR - | Auto 01/05/2011 587096 | (aawservice) . (.Lavasoft.) - C:\Program Files\Ad-Aware\aawservice.exe SS - | Demand 09/01/2010 53248 | (AGPTaO) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SR - | Auto 06/09/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Avast5\AvastSvc.exe SS - | Demand 09/01/2010 53248 | (cBw71h) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SR - | Auto 01/05/2011 1094936 | (Diskeeper) . (.Diskeeper Corporation.) - C:\Program Files\Diskeeper\DkService.exe SS - | Demand 01/05/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Demand 01/05/2011 1571336 | (GenericMount Helper Service) . (.Symantec.) - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe SS - | Demand 09/01/2010 53248 | (gX4FNW) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 09/01/2010 53248 | (GzdfnY) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 01/05/2011 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe SR - | Auto 01/05/2011 1440552 | (InCDsrv) . (.Nero AG.) - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe SR - | Auto 01/05/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SS - | Demand 09/01/2010 53248 | (jtgqkr) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 01/05/2011 251248 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SS - | Demand 09/01/2010 53248 | (mkIRbC) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SR - | Auto 01/05/2011 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SR - | Auto 01/05/2011 53032 | (NeroRegInCDSrv) . (.Nero AG.) - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe SS - | Demand 01/05/2011 529704 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe SS - | Disabled 01/05/2011 4584288 | (Norton Ghost) . (.Symantec Corporation.) - C:\Program Files\Norton Ghost\Agent\VProSvc.exe SS - | Auto 01/05/2011 65536 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\nvsvc32.exe SS - | Demand 09/01/2010 53248 | (p6R2xW) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SR - | Auto 01/05/2011 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe SS - | Demand 01/05/2011 65795 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\System32\HPZipm12.exe SR - | Auto 01/05/2011 72936 | (SbieSvc) . (.SANDBOXIE L.T.D.) - C:\Program Files\Sandboxie\SbieSvc.exe SS - | Demand 09/01/2010 53248 | (SbZnRh) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 01/05/2011 1964528 | (SymSnapService) . (.Symantec.) - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe SS - | Demand 09/01/2010 53248 | (tdeHOZ) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 09/01/2010 53248 | (WyCvo2) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 09/01/2010 53248 | (zfnMXW) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe SS - | Demand 09/01/2010 53248 | (ZKKWAN) . (.CPUID.) - F:\Mes Logiciels\PC Wizard fr\PC Wizard 2010 1.92 fr\00.Data\Data\pcwizntl.exe ~ Scan Services in 00mn 08s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Jean Luc at 13/09/2011 21:04:17 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS ~ Scan MBR in 00mn 11s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Jean Luc at 14/09/2011 08:35:19 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 13s End of the scan (1833 lines in 05mn 41s)(0)