Forums Zebulon.fr: rapport zhpdiag svp - Forums Zebulon.fr

<RESOLU> bonjour a tous je suis tout nouveau dans ce forum et merci de m'accueillir,
voila j'ai un problème avec un cheval de Troie voici le rapport de zhpdiag merci de votre aide


Rapport de ZHPDiag v1.27.09 par Nicolas Coolman, Update du 04/11/2010
Run by mo at 01/09/2010 07:35:40
Web site : ZHPDiag Outil de diagnostic
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox (3.6.12)

---\\ System Information
Windows 7 Ultimate Edition, 32-bit (Build 7600)
Processor: x86 Family 6 Model 30 Stepping 5, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3063 MB (50% free)
System drive C: has 402 GB (86%) free of 466 GB

---\\ Logged in mode
Computer Name: PC
User Name: mo
All Users Names: mo, Guest, Administrator,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 402 Go of 466 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 564 Go of 931 Go)
E:\ CD-ROM drive (Free 0 Go of 4 Go)
G:\ CD-ROM drive (Not Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
I:\ Hard drive, Flash drive, Thumb drive (Free 170 Go of 466 Go)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK


---\\ Recherche particulière de fichiers génériques
[MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.31/10/2009 23:00:00.) -- C:\Windows\Explorer.exe [2614272]
[MD5.00000000000000000000000000000000] - (.Pas de propriétaire - Pas de description.) (.14/07/2009 23:00:00.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\System32\drivers\atapi.sys [21584]


---\\ Processus lancés
[MD5.0D06000000000000000000000CEF1200] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\Explorer.EXE [2614272]
[MD5.9CA037D9931896ABDDC41A214012314E] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Six Engine\SixEngine.exe [6038016]
[MD5.3D1D1D1BBE3D60DBDA44C1441A372173] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe [719688]
[MD5.D73B38AE415ED63BD89946D71D14B482] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2054360]
[MD5.8BF167D30A11F4F06FB14BC6874192B2] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1164584]
[MD5.1A759052B9DB9DC7AFA2FE279279F49E] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1474560]
[MD5.B4BF928DBA5E42E3329ADA9B5DBB8065] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\TurboV\TurboV.exe [5391872]
[MD5.C25FA7C105FF151783CCEFE4215E7CEE] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe [1768960]
[MD5.53A0E3AF3637C41C5F0352391D7B1145] - (.AllAnonymity - IP Hider.) -- C:\Program Files\IP Hider\IP Hider.exe [1560576]
[MD5.697E07302EC965393ABC85AD5C2C8D53] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797008]
[MD5.251F10B000F0A032D00399D706DF3BBA] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe [1778064]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.17B7EE982055EE0660A3C512D07E5111] - (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [788880]
[MD5.E1AB298BAFC8ECCA8C322A29C5FDC68C] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]
[MD5.6F7ECB12B6782A2122DEBE9EC9DF2C5D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.03ECCA8FADBB71694A49B7D505636A9C] - (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe [89088]
[MD5.F8500F11D9BAAF31A93EBCBDB93A3F96] - (.Megaupload Limited - Mega Manager.) -- C:\Program Files\Megaupload\Mega Manager\MegaManager.exe [2052608]
[MD5.6FB2760F706B4D918EF3B401F4A71242] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [616960]


---\\ Page de démarrage de Mozilla Firefox (M0)
M0 - MFSP: prefs.js [mo - jfan4znq.default] google.fr


---\\ Programmes d'extension pour Mozilla Firefox (M2)
M2 - MFEP: prefs.js [mo - jfan4znq.default\DeviceDetection@logitech.com] [] ????????? ????????? Logitech 1.20.0.66 (.Logitech, Inc..)
M2 - MFEP: prefs.js [mo - jfan4znq.default\pbreak.br@gmail.com] [] Megaupload SX.3.2 3.2 (.PBreak.)
M2 - MFEP: prefs.js [mo - jfan4znq.default\toolbar@ask.com] [] Ask Toolbar 3.9.1.14019 (.Ask.com.)
M2 - MFEP: prefs.js [mo - jfan4znq.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration 1.1 (.Megaupload Limited.)
M2 - MFEP: prefs.js [mo - jfan4znq.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus 1.2.2 (.Wladimir Palant.)


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 2.0.3.4.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer™ LiveConnect-Enabled Plug-In.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.4] - (.the VideoLAN Team - Version 1.1.4, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Users\mo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe


---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Pas de propriétaire - AcroIEHelper Module.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Run: [TurboV] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\TurboV\TurboV.exe
O4 - HKLM\..\Run: [Turbo Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\ASUS\Turbo Key\TurboKey.exe
O4 - HKLM\..\Run: [IPHider] . (.AllAnonymity - IP Hider.) -- C:\Program Files\IP Hider\IP Hider.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKLM\..\Run: [itype] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
O4 - HKCU\..\Run: [FreeMi UPnP Media Server] . (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\mo\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [tcactive] . (.MooSoft Development Inc - TCActive! GUI.) -- C:\Program Files\The Cleaner\tcap.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [FreeMi UPnP Media Server] . (.Pas de propriétaire - FreeMi UPnP Media Server.) -- C:\Program Files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe
O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\mo\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-363704617-1961234646-957867529-1000\..\Run: [tcactive] . (.MooSoft Development Inc - TCActive! GUI.) -- C:\Program Files\The Cleaner\tcap.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mise à jour des licences ESET.lnk . (.GuillerSoft.) -- C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\mo\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Documents And Settings\mo\Desktop\emule.lnk . (.Pas de propriétaire.) -- C:\Program Files\eMule\Incoming
O4 - Global Startup: C:\Documents And Settings\mo\Desktop\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\mo\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\mo\Desktop\emule.lnk . (.Pas de propriétaire.) -- C:\Program Files\eMule\Incoming
O4 - Global Startup: C:\Users\mo\Desktop\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk . (.Lavasoft.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IP Hider.lnk . (.AllAnonymity.) -- C:\Program Files\IP Hider\IP Hider.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\mo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Envoyer à OneNote - (.not file.) - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll
O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr
O8 - Extra context menu item: Convertir en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la sélection en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir les liens sélectionnés en Adobe PDF . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant . (.Adobe Systems Incorporated - Adobe IE plugin.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O8 - Extra context menu item: Download Link Using Mega Manager... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{11FAA008-C052-4382-9CA7-8A8FEBBC2C63}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: BlueSoleil Hid Service (BlueSoleil Hid Service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (.not file.)
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: The Cleaner 2011 Helper Service (moohelp) . (.MooSoft Development LLC - MooSoft Helper Service.) - C:\Program Files\The Cleaner\mhelper.exe
O23 - Service: NMSAccessU (NMSAccessU) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (.not file.)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MemOptimizer-02BB2F56CB964deb8996194DE7EB5275.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r85.) -- C:\Windows\system32\Macromed\Flash\Flash10k.ocx


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: AsIO (AsIO) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\AsIO.sys
O41 - Driver: ehdrv (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\system32\DRIVERS\ehdrv.sys
O41 - Driver: ElbyCDIO Driver (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - C:\Windows\system32\Drivers\ElbyCDIO.sys
O41 - Driver: ISO DVD\CD-ROM Device Driver (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: AMD DnD V1.0.19 - (.AMD.) [HKLM] -- {87BB78C4-F36D-4D93-A7C7-F80F18219848}
O42 - Logiciel: ATI AVIVO Codecs - (.ATI Technologies Inc..) [HKLM] -- {DD6E44E7-0319-2868-F1D9-07ECD2A1A94C}
O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware
O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
O42 - Logiciel: Adobe Acrobat 5.0 - (.Pas de propriétaire.) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Acrobat 7.0 Professional - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- Adobe Acrobat 7.0 Professional - EFG
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {8D7133DE-27D2-47E5-B248-4180278D32AA}
O42 - Logiciel: CloneDVD2 - (.Elaborate Bytes.) [HKLM] -- CloneDVD2
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DeskSpace 1.5.6.3 - (.Otaku Software Pty Ltd.) [HKCU] -- DeskSpace
O42 - Logiciel: EPU-6 Engine - (.Pas de propriétaire.) [HKLM] -- {56B83336-FBC1-4C46-8613-90A9E3B440D6}
O42 - Logiciel: ESET Antivirus License Finder (MiNODLogin) - (.GuillerSoft.) [HKLM] -- MiNODLogin
O42 - Logiciel: Express Gate - (.DeviceVM, Inc..) [HKLM] -- {99AD9D6D-A456-49EE-8360-F22EE7AA1272}
O42 - Logiciel: FileZilla Client 3.3.2.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client
O42 - Logiciel: FreeMi UPnP Media Server - (.Stéphane Mitermite.) [HKLM] -- FreeMi UPnP Media Server
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM] -- {CA7D1914-153C-6FD9-4B80-9F5BF3B760E1}
O42 - Logiciel: IP Hider 4.9 - (.AllAnonymity.) [HKLM] -- IP Hider 4.9_is1
O42 - Logiciel: ImgBurn 2.3.2.0 Fr - (.Pas de propriétaire.) [HKLM] -- {75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1
O42 - Logiciel: IsoBuster 1.4 - (.Smart Projects.) [HKLM] -- IsoBuster_is1
O42 - Logiciel: Java™ 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: K-Lite Mega Codec Pack 5.5.1 - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: L'Encyclopédie pratique du Bricolage - (.Pas de propriétaire.) [HKLM] -- {9F58CF55-92CD-48DC-AA26-EAAF9BF1A500}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {7EACD74C-147F-478C-9389-F9F52EE3C88A}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Mozilla Firefox (3.6.12) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.12)
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM] -- PowerISO
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {EB900AF8-CC61-4E15-871B-98D1EA3E8025}
O42 - Logiciel: Quicksys RegDefrag 2.8 - (.Pas de propriétaire.) [HKLM] -- {5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1
O42 - Logiciel: R-Studio Emergency Startup Media Creator 5.1 - (.R-Tools Technology Inc..) [HKLM] -- R-Studio Emergency Startup Media Creator 5.1NSIS
O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Scooby-Doo™, Affaire n°1 - Le monstre du musée - (.Pas de propriétaire.) [HKLM] -- Scooby-Doo™, Affaire n°1 - Le monstre du musée
O42 - Logiciel: Scooby-Doo™, Le Secret du Sphinx - (.Pas de propriétaire.) [HKLM] -- Scooby-Doo™, Le Secret du Sphinx
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB2288953) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B772E1C-7C05-42D2-839D-3EC2D39EFF22}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Sony Ericsson Media Manager 1.2 - (.Sony Ericsson.) [HKLM] -- {8CD0B297-122D-4718-9CE1-B72E796F7B21}
O42 - Logiciel: Sony Ericsson PC Suite - (.Sony Ericsson.) [HKLM] -- {2FFE93F0-BB72-4E52-8761-354D1AAA9387}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: TeraCopy 1.22 - (.Code Sector Inc..) [HKLM] -- TeraCopy_is1
O42 - Logiciel: The Cleaner 2011 - (.MooSoft Development LLC.) [HKLM] -- The Cleaner_is1
O42 - Logiciel: Turbo Key - (.Pas de propriétaire.) [HKLM] -- {B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}
O42 - Logiciel: TurboV - (.Pas de propriétaire.) [HKLM] -- {A31951C5-DCD8-4DFE-A525-CFC701F54792}
O42 - Logiciel: UltraISO Premium V9.3 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb2410711) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BB5A2EB0-4515-4C6B-A618-A6F6B0AB7BAA}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}
O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinUtilities 9.81 Professional Edition - (.YL Computing, Inc.) [HKLM] -- {FC274982-5AAD-4C20-848D-4424A5043009}_is1
O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- {F3D70E4A-6F7E-8806-790E-7887E8242B20}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {2902F983-B4C1-44BA-B85D-5C6D52E2C441}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {A498D9EB-927B-459B-85D6-DD6EF8C2C564}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AMD]
[HKCU\Software\ASProtect]
[HKCU\Software\ASUS]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AllAnonymity]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Ask.com]
[HKCU\Software\AutocompletePro]
[HKCU\Software\BitTorrent]
[HKCU\Software\CBS Software]
[HKCU\Software\CDDB]
[HKCU\Software\Calculador 10]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes.crx]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Code Sector]
[HKCU\Software\Cookie Crumble]
[HKCU\Software\CoreVorbis]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\ESET]
[HKCU\Software\EasyBoot Systems]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Enigma Protector]
[HKCU\Software\Flock]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\ImgBurn]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavasoft]
[HKCU\Software\Leadertech]
[HKCU\Software\LightScribe]
[HKCU\Software\Logitech]
[HKCU\Software\MONOGRAM]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\Megaupload]
[HKCU\Software\MooSoft Development]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Otaku Software]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PowerISO]
[HKCU\Software\R-TT]
[HKCU\Software\RealNetworks]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\SenBit]
[HKCU\Software\SlySoft]
[HKCU\Software\Smart Projects]
[HKCU\Software\Sony Creative Software]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\Sysinternals]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Virtual Plastic Surgery Software - VPSS]
[HKCU\Software\Widcomm]
[HKCU\Software\WideStream]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\cybelsoft]
[HKCU\Software\eMule]
[HKCU\Software\madFlac]
[HKCU\Software\yahoo]
[HKLM\Software\AMD]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alcohol Soft]
[HKLM\Software\Alienware]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Audible]
[HKLM\Software\BSProductManage]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\DeviceVM]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\ESET]
[HKLM\Software\EasyBoot Systems]
[HKLM\Software\Elaborate Bytes]
[HKLM\Software\FileZilla 3]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\HighCriteria]
[HKLM\Software\IPHider]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Lavasoft]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\MAXSOFT-OCRON]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Megaupload Limited]
[HKLM\Software\Megaupload]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\QSound Labs, Inc.]
[HKLM\Software\Quicksys]
[HKLM\Software\R-TT]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\SlySoft]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Creative Software]
[HKLM\Software\Sony Media Software]
[HKLM\Software\The Learning Company]
[HKLM\Software\Toshiba]
[HKLM\Software\Trad-FR]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WIDCOMM]
[HKLM\Software\WidCommUpdate]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]


---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alcohol Soft
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\Ask.com
O43 - CFD:Common File Directory ----D- C:\Program Files\ASUS
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\CDBurnerXP
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\DAP
O43 - CFD:Common File Directory ----D- C:\Program Files\DeskSpace
O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\Download Direct
O43 - CFD:Common File Directory ----D- C:\Program Files\Downloaded Installations
O43 - CFD:Common File Directory ----D- C:\Program Files\DVD Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Elaborate Bytes
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\ESET
O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client
O43 - CFD:Common File Directory ----D- C:\Program Files\FreeMi UPnP Media Server
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\ImgBurn
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\IP Hider
O43 - CFD:Common File Directory ----D- C:\Program Files\IVT Corporation
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD:Common File Directory ----D- C:\Program Files\Lavasoft
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Megaupload
O43 - CFD:Common File Directory ----D- C:\Program Files\Micro Application
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliPoint
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliType Pro
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Mindscape
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\Nokia
O43 - CFD:Common File Directory ----D- C:\Program Files\PowerISO
O43 - CFD:Common File Directory ----D- C:\Program Files\Quicksys
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\R-Studio Emergency
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Recuva
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\SlySoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Smart Projects
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony
O43 - CFD:Common File Directory ----D- C:\Program Files\Sony Ericsson
O43 - CFD:Common File Directory ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD:Common File Directory ----D- C:\Program Files\TeraCopy
O43 - CFD:Common File Directory ----D- C:\Program Files\The Cleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory ----D- C:\Program Files\TuneUp Utilities 2010
O43 - CFD:Common File Directory ----D- C:\Program Files\UltraISO
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\uTorrent
O43 - CFD:Common File Directory ----D- C:\Program Files\VIA
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\WBFS
O43 - CFD:Common File Directory ----D- C:\Program Files\WIDCOMM
O43 - CFD:Common File Directory ----D- C:\Program Files\Winamax Poker
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WinUtilities
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\EZB Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Adobe Systems
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple
O43 - CFD:Common File Directory ----D- C:\ProgramData\Apple Computer
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Application Data
O43 - CFD:Common File Directory ----D- C:\ProgramData\ASUS OC Profiles
O43 - CFD:Common File Directory ----D- C:\ProgramData\ATI
O43 - CFD:Common File Directory ----D- C:\ProgramData\Avira
O43 - CFD:Common File Directory ----D- C:\ProgramData\Bluetooth
O43 - CFD:Common File Directory ----D- C:\ProgramData\BVRP Software
O43 - CFD:Common File Directory ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Desktop
O43 - CFD:Common File Directory ----D- C:\ProgramData\DivX
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Documents
O43 - CFD:Common File Directory ----D- C:\ProgramData\ESET
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Favorites
O43 - CFD:Common File Directory ----D- C:\ProgramData\Google
O43 - CFD:Common File Directory ----D- C:\ProgramData\Installations
O43 - CFD:Common File Directory ----D- C:\ProgramData\Lavasoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\LightScribe
O43 - CFD:Common File Directory ----D- C:\ProgramData\Logishrd
O43 - CFD:Common File Directory ----D- C:\ProgramData\ma-config.com
O43 - CFD:Common File Directory ----D- C:\ProgramData\Malwarebytes
O43 - CFD:Common File Directory -S--D- C:\ProgramData\Microsoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Microsoft Help
O43 - CFD:Common File Directory ----D- C:\ProgramData\moosoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nero
O43 - CFD:Common File Directory ----D- C:\ProgramData\Nokia
O43 - CFD:Common File Directory ----D- C:\ProgramData\NokiaMusic
O43 - CFD:Common File Directory ----D- C:\ProgramData\OviInstallerCache
O43 - CFD:Common File Directory ----D- C:\ProgramData\PC Suite
O43 - CFD:Common File Directory ----D- C:\ProgramData\SlySoft
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sony
O43 - CFD:Common File Directory ----D- C:\ProgramData\Sony Ericsson
O43 - CFD:Common File Directory ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Start Menu
O43 - CFD:Common File Directory ---AD- C:\ProgramData\TEMP
O43 - CFD:Common File Directory -SH-D- C:\ProgramData\Templates
O43 - CFD:Common File Directory ----D- C:\ProgramData\TOSHIBA
O43 - CFD:Common File Directory ----D- C:\ProgramData\TuneUp Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\EZB Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nero
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Nokia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Sony Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7300000000000000000000000CEF1200] - 14/02/2705 - 08:13:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\explorer.exe [2614272]
O44 - LFC:[MD5.72AECF54AAC22B20956D08610972B5A1] - 03/11/2010 - 22:38:38 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [93360]
O44 - LFC:[MD5.713CD5267ABFB86FE90A72E384E82A38] - 03/11/2010 - 21:53:51 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\System32\drivers\Lbd.sys [64288]
O44 - LFC:[MD5.1DA93C4B323B34E38F5E7F43D9C65788] - 03/11/2010 - 21:52:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\lsdelete.exe [15880]
O44 - LFC:[MD5.03FB7D95E32F9975615840F4B7516765] - 03/11/2010 - 18:40:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\ntbtlog.txt [188446]
O44 - LFC:[MD5.6BF6EA91B1FE4DA6BFF7771D6C165A5A] - 31/10/2010 - 22:47:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\msnfix.txt [189]
O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 31/10/2010 - 15:14:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagerr.xml [1908]
O44 - LFC:[MD5.D1E75542EC8D1B4851765A57AC63618E] - 31/10/2010 - 15:14:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\diagwrn.xml [1908]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/11/2010 - 09:14:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.01015964991C16E31F869ECBCFAAAFEE] - 28/10/2010 - 19:52:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\_WKERNEL.SYL [101]
O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 23/10/2010 - 17:35:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\pùÊ [20]
O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 23/10/2010 - 17:18:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\¸ù’ [20]
O44 - LFC:[MD5.9FFE5D1BB29E37D74897DABFCD087530] - 23/10/2010 - 06:49:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [410040]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2010 - 06:27:32 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Msft_Kernel_point32_01009.Wdf [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/10/2010 - 06:26:03 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01009.Wdf [0]
O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 20/10/2010 - 06:01:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\(ô‡ [20]
O44 - LFC:[MD5.4CC27406C0045974AE6D805475B5DA1B] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.dll [258048]
O44 - LFC:[MD5.B79D3D6A4E9E2CD739660E2AD9734D58] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.exe [2740224]
O44 - LFC:[MD5.D2C0FC5DD6EA00505A8846A1675F2EC9] - 16/10/2010 - 18:01:01 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\RegisterLSP.exe [471040]
O44 - LFC:[MD5.2A41794807AC53FCE19AF0EF2900525A] - 16/10/2010 - 13:08:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\VistaInfo32.dll [73728]
O44 - LFC:[MD5.2C5977F4FCC7F67E51954F292E909369] - 09/10/2010 - 18:41:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\tmp_docprotector.ini [524]
O44 - LFC:[MD5.B3C51A5995751A48AA8DE4B82BE9C83E] - 07/10/2010 - 18:15:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Ascd_log.ini [33994]
O44 - LFC:[MD5.70509087597627A322EA5882512958EC] - 07/10/2010 - 18:12:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setup.iss [670]
O44 - LFC:[MD5.212F87EE837B4E35E43A93BBFC44E7A7] - 07/10/2010 - 18:11:57 R--A- . (.Pas de propriétaire - AsIO DLL.) -- C:\Windows\System32\AsIO.dll [24576]
O44 - LFC:[MD5.2B4E66FAC6503494A2C6F32BB6AB3826] - 07/10/2010 - 18:11:57 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsIO.sys [12400]
O44 - LFC:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 07/10/2010 - 18:11:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsInsHelp32.sys [10216]
O44 - LFC:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 07/10/2010 - 18:11:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\drivers\AsInsHelp64.sys [11832]
O44 - LFC:[MD5.802B396DA15FA19B9E61A79FE72AFA7A] - 07/10/2010 - 18:03:29 ---A- . (.QSound Labs, Inc. - Pas de description.) -- C:\Windows\System32\nQPropPageExt.dll [76288]
O44 - LFC:[MD5.2D22147613929641BDB2A35A4CB36C2D] - 07/10/2010 - 18:03:29 ---A- . (.QSound Labs, Inc. - nQ APO.) -- C:\Windows\System32\nQAPO.dll [71680]
O44 - LFC:[MD5.C7C2A6B64608FF71B87CAB42375D6F1B] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - DTS Surround Sensation Control Page.) -- C:\Windows\System32\Dts2PropPageExt.dll [75776]
O44 - LFC:[MD5.A6CAB31A6CFCD41E5213A924B2413EF1] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\viahduaa.sys [1067008]
O44 - LFC:[MD5.BA9CD6445E1A0A4535D7E49333FB674E] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP Component.) -- C:\Windows\System32\VIASysFx.dll [491008]
O44 - LFC:[MD5.0F2279ED94156039E6F947F8D408555B] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies, Inc. - VIA LFX/GFX DSP UI component.) -- C:\Windows\System32\VIAPropPageExt.dll [856064]
O44 - LFC:[MD5.09A3B9A29F8239ACEB3526238735E97A] - 07/10/2010 - 18:03:29 ---A- . (.VIA Technologies,Inc. - VIA APO for MicArray Applications..) -- C:\Windows\System32\ViaMicArrayPropPageExt.dll [68608]
O44 - LFC:[MD5.5E25D0897393859D30EB86F63CAC9C30] - 07/10/2010 - 18:03:29 ---A- . (.Windows ® Codename Longhorn DDK provider - DTS2 APO.) -- C:\Windows\System32\Dts2APO.dll [211456]
O44 - LFC:[MD5.663E670F8E335FAE30F462546F278B32] - 07/10/2010 - 18:03:29 ---A- . (.Windows ® Codename Longhorn DDK provider - ViaMicArray APO.) -- C:\Windows\System32\ViaMicArrayAPO.dll [181248]
O44 - LFC:[MD5.4F1B4CCA1572C6B67311FD86476375CD] - 07/10/2010 - 18:01:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Ascd_tmp.ini [22682]
O44 - LFC:[MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - 07/10/2010 - 18:01:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\Language_trs.ini [1769]
O44 - LFC:[MD5.93723774872D9FB903266A46ED1E0BC2] - 21/09/2010 - 13:03:14 ---A- . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.DLL [208768]
O44 - LFC:[MD5.D7EF348243211296F0A7E38AC96EAB2A] - 01/09/2010 - 06:23:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PCProxyOff.ini [16]
O44 - LFC:[MD5.BE8BA33597CE967BF07E268CA115CE19] - 01/09/2010 - 06:23:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PrivacyProvider.ini [1952]
O44 - LFC:[MD5.AADFD9E4C32C9EFF933A64A5FE9D7F78] - 01/09/2010 - 06:17:03 --H-- . (.Pas de propriétaire - Pas de description.) -- C:\dvmexp.idx [177]
O44 - LFC:[MD5.44B6E7FF5850BB9688168266FD203585] - 01/09/2010 - 06:14:21 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20768]
O44 - LFC:[MD5.44B6E7FF5850BB9688168266FD203585] - 01/09/2010 - 06:14:21 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20768]
O44 - LFC:[MD5.C756130463679FD9DAA95AB5CB7CC481] - 01/09/2010 - 06:06:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [560]
O44 - LFC:[MD5.BEED3ACBB68180DE52D95C78A3454898] - 01/09/2010 - 06:06:55 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.2900000000000000000000000CEF1200] - 01/09/2010 - 06:05:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1326343]
O44 - LFC:[MD5.0AF7946AD9B2E82058C6421EEC960FCF] - 11/08/2010 - 16:18:17 ---A- . (.Intel® Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll [197632]
O44 - LFC:[MD5.17A4BE67FB6B9219A802F39C263AC8AC] - 11/08/2010 - 16:18:17 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [82944]
O44 - LFC:[MD5.2B2D0010FE955BAA4726B5086313D1A1] - 10/08/2010 - 04:15:58 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\Windows\System32\QuickTime.qts [69632]
O44 - LFC:[MD5.36948F7FEFB02B8817E7F81633AB4121] - 10/08/2010 - 04:15:58 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\Windows\System32\QuickTimeVR.qtx [94208]
O44 - LFC:[MD5.B9C2EB1291BACAF8D979D7DF06D1E4EE] - 07/08/2010 - 15:38:20 ---A- . (.Neil Banfield - Animation Core.) -- C:\Windows\System32\anim.dll [33968]
O44 - LFC:[MD5.CF295F9A323B1EC8B196E598636E78E4] - 07/08/2010 - 15:38:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\shfolder.inf [439]
O44 - LFC:[MD5.4BAF561A4819F0EDF96C6FD903A5694F] - 07/08/2010 - 15:38:20 ---A- . (.Stardock Corporation - WindowBlinds : DirectSkin.) -- C:\Windows\System32\wbocx.ocx [544768]
O44 - LFC:[MD5.7BDB3B1F1303F0370D7E4CE82AD73D37] - 07/08/2010 - 15:38:20 ---A- . (.Stardock.Net, Inc - WindowBlinds Helper DLL.) -- C:\Windows\System32\wbhelp2.dll [56496]
O44 - LFC:[MD5.8E6BF8E8B78BA958B30B0C0E83C86C87] - 04/08/2010 - 01:21:44 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [6096384]
O44 - LFC:[MD5.C20B3F98C05A85590645377135C8AC6F] - 04/08/2010 - 00:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atiapfxx.blb [71096]
O44 - LFC:[MD5.B4CAEDA66D83498CB5876BD02CF07D52] - 04/08/2010 - 00:55:02 ---A- . (.Advanced Micro Devices, Inc. - atiapfxx Application.) -- C:\Windows\System32\atiapfxx.exe [143360]
O44 - LFC:[MD5.84759F7436CCF37552621B2846FE1744] - 04/08/2010 - 00:54:52 ---A- . (.ATI Technologies Inc. - aticfx32.dll.) -- C:\Windows\System32\aticfx32.dll [519680]
O44 - LFC:[MD5.9E3019AF0CD29367B6CFCEE074672F4A] - 04/08/2010 - 00:52:06 ---A- . (.Advanced Micro Devices, Inc. - Graphics DEM.) -- C:\Windows\System32\ATIDEMGX.dll [450560]
O44 - LFC:[MD5.89A79E165D6BB2E9848882B2C03AB2F5] - 04/08/2010 - 00:51:38 ---A- . (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [380928]
O44 - LFC:[MD5.2A6C17DCF9138DE28CE141794484B128] - 04/08/2010 - 00:51:12 ---A- . (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [176128]
O44 - LFC:[MD5.B06E97F66D49682685858041F26C0E84] - 04/08/2010 - 00:50:08 ---A- . (.AMD - TMM Clone Control Module.) -- C:\Windows\System32\atitmmxx.dll [159744]
O44 - LFC:[MD5.4BE7F9FDBCFC375FC8CC02CABC4ADCA8] - 04/08/2010 - 00:49:52 ---A- . (.ATI Technologies, Inc. - ATI Desktop CWDDEDI DLL.) -- C:\Windows\System32\atipdlxx.dll [356352]
O44 - LFC:[MD5.41285186D6647DBD57A04BC603FE2891] - 04/08/2010 - 00:49:50 ---A- . (.Advanced Micro Devices, Inc. - ATI OpenGL driver.) -- C:\Windows\System32\atioglxx.dll [15845888]
O44 - LFC:[MD5.1CF0F811EF5AEB46F9239BF249B3654A] - 04/08/2010 - 00:49:42 ---A- . (.ATI Technologies, Inc. - ATI Driver Interface DLL.) -- C:\Windows\System32\Oemdspif.dll [278528]
O44 - LFC:[MD5.D9227881A32415B36E152EBCA3BCBCE6] - 04/08/2010 - 00:49:36 ---A- . (.AMD - Multi-language DPPE DLL.) -- C:\Windows\System32\atimuixx.dll [11776]
O44 - LFC:[MD5.FAE6C8E11AF14655E40BB171BB677D63] - 04/08/2010 - 00:49:28 ---A- . (.ATI Technologies, Inc. - ati2edxx.) -- C:\Windows\System32\ati2edxx.dll [43520]
O44 - LFC:[MD5.22F8EFCA8E4CACD3FA90CDB323992F50] - 04/08/2010 - 00:46:34 ---A- . (.ATI Technologies Inc. - atidxx32.dll.) -- C:\Windows\System32\atidxx32.dll [3899392]
O44 - LFC:[MD5.DC5B876E02BCEEDCC4F0667C5A2BA583] - 04/08/2010 - 00:28:28 ---A- . (.ATI Technologies Inc. - atiumdag.dll.) -- C:\Windows\System32\atiumdag.dll [4021760]
O44 - LFC:[MD5.B3B1E8C978EF8BBCBAA8B8D523B37A09] - 04/08/2010 - 00:26:02 ---A- . (.Advanced Micro Devices Inc. - ATI CAL runtime.) -- C:\Windows\System32\aticalrt.dll [46080]
O44 - LFC:[MD5.6B4B88F6BDF5664FB1B65F35CB922194] - 04/08/2010 - 00:25:52 ---A- . (.Advanced Micro Devices Inc. - ATI CAL compiler runtime.) -- C:\Windows\System32\aticalcl.dll [44032]
O44 - LFC:[MD5.ED9DACC7A4B3CA1EFB9DAC71BAAB902E] - 04/08/2010 - 00:24:36 ---A- . (.Advanced Micro Devices Inc. - ATI CAL DD.) -- C:\Windows\System32\aticaldd.dll [4341248]
O44 - LFC:[MD5.EDDDD74EE748FA00C666A77314B51B8D] - 04/08/2010 - 00:23:44 ---A- . (.AMD - CoInstaller DLL.) -- C:\Windows\System32\coinst.dll [65536]
O44 - LFC:[MD5.3E7E840BF361ECE88662E8C7A5E529C5] - 04/08/2010 - 00:21:40 ---A- . (.Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) -- C:\Windows\System32\atiumdva.dll [3324416]
O44 - LFC:[MD5.FD929ADE0294D068D0263FD2958DFAA2] - 04/08/2010 - 00:21:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atiumdva.cap [523968]
O44 - LFC:[MD5.AE76C0223C0BAFBADAED79969C08CCE4] - 04/08/2010 - 00:16:08 ---A- . (.Advanced Micro Devices, Inc. - ADL.) -- C:\Windows\System32\atiadlxx.dll [241664]
O44 - LFC:[MD5.90BA86D735B42505DB5E5001BC0C927C] - 04/08/2010 - 00:15:56 ---A- . (.Advanced Micro Devices, Inc. - atiglpxx.dll.) -- C:\Windows\System32\atiglpxx.dll [12800]
O44 - LFC:[MD5.D13DE37DEBE2DAF982AFBBEDA4EB8CEF] - 04/08/2010 - 00:15:50 ---A- . (.Advanced Micro Devices, Inc. - atigktxx.dll.) -- C:\Windows\System32\atigktxx.dll [16896]
O44 - LFC:[MD5.31DE9B1CEAA9E25B141232F7F1443239] - 04/08/2010 - 00:15:30 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [214016]
O44 - LFC:[MD5.71BFF0E03957F59A50A87C0CD40F3E1A] - 04/08/2010 - 00:15:04 ---A- . (.Advanced Micro Devices, Inc. - atiuxpag.dll.) -- C:\Windows\System32\atiuxpag.dll [30208]
O44 - LFC:[MD5.0AE1AE9D94540F2201C841835A94A9BB] - 04/08/2010 - 00:14:50 ---A- . (.Advanced Micro Devices, Inc. - atiu9pag.dll.) -- C:\Windows\System32\atiu9pag.dll [27648]
O44 - LFC:[MD5.4517B8DD31854C85E18E6AE9402C5574] - 04/08/2010 - 00:14:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\atitmpxx.dll [23040]
O44 - LFC:[MD5.3C6565BF11A6DF8069E067AB14C04CC7] - 04/08/2010 - 00:14:14 ---A- . (.ATI Technologies Inc. - eRecord Message Resource File.) -- C:\Windows\System32\drivers\ati2erec.dll [53248]
O44 - LFC:[MD5.57026A11BE27683B7C4D11DB25F5A18F] - 04/08/2010 - 00:09:24 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\System32\amdpcom32.dll [52736]
O44 - LFC:[MD5.57026A11BE27683B7C4D11DB25F5A18F] - 04/08/2010 - 00:09:24 ---A- . (.Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) -- C:\Windows\System32\atimpc32.dll [52736]


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll


---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{9c913428-268a-11df-9683-002618f2e45c}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\LaunchU3.exe


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"VIDC.YV12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm
O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 7.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O53 - SMSR:HKLM\...\startupreg\IntelliPoint [Key] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
O53 - SMSR:HKLM\...\startupreg\ITSecMng [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
O53 - SMSR:HKLM\...\startupreg\itype [Key] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O53 - SMSR:HKLM\...\startupreg\Malwarebytes' Anti-Malware [Key] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O53 - SMSR:HKLM\...\startupreg\PC Suite Tray [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O53 - SMSR:HKLM\...\startupreg\updateMgr [Key] . (.Adobe Systems Incorporated - Adobe Update Manager.) -- C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoActiveDesktop"=0


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys
O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys
O58 - SDL:[MD5.F0B673589B3D371008A1539F9AE13EF4] - 08/12/2009 - 16:06:09 ---A- . (.SlySoft, Inc. - AnyDVD Filter Driver.) -- C:\Windows\system32\drivers\AnyDVD.sys
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.CBE71C122434805CB73FFB6619F60598] - 16/07/2009 - 04:36:30 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys
O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 04/01/2008 - 12:34:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsInsHelp32.sys
O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 04/01/2008 - 12:34:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsInsHelp64.sys
O58 - SDL:[MD5.2B4E66FAC6503494A2C6F32BB6AB3826] - 17/12/2007 - 10:14:06 R--A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\AsIO.sys
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02/04/2009 - 13:30:14 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\ASUSHWIO.SYS
O58 - SDL:[MD5.40A07E6916AC098E31A9E39AC202B8A1] - 30/09/2009 - 15:33:56 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys
O58 - SDL:[MD5.8E6BF8E8B78BA958B30B0C0E83C86C87] - 04/08/2010 - 01:21:44 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys
O58 - SDL:[MD5.31DE9B1CEAA9E25B141232F7F1443239] - 04/08/2010 - 00:15:30 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys
O58 - SDL:[MD5.14FE36D8F2C6A2435275338D061A0B66] - 05/03/2010 - 19:40:01 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.0F249BE872F618AABA8D641E81AA3D21] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\system32\drivers\btaudio.sys
O58 - SDL:[MD5.CE441CCD98C5ECB10CB12FCAF97322EC] - 08/01/2009 - 23:39:36 ---A- . (.IVT Corporation. - Bluetooth HID BUS Driver.) -- C:\Windows\system32\drivers\BtHidBus.sys
O58 - SDL:[MD5.D84166D41A05F66D9084039427E5025B] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Bus Enumerator.) -- C:\Windows\system32\drivers\btkrnl.sys
O58 - SDL:[MD5.D3C277A51EF9E2EC972D6221F99C0B6D] - 07/12/2008 - 12:44:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\btnetBus.sys
O58 - SDL:[MD5.07F0A66CFA550B13AD0674AE09E3CBA0] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth BTPORT Driver for Windows 2000.) -- C:\Windows\system32\drivers\btport.sys
O58 - SDL:[MD5.B1D350F3F13CF340FCE93912D2BA1EBF] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth LAN Access Server Driver.) -- C:\Windows\system32\drivers\btwdndis.sys
O58 - SDL:[MD5.1BCC81071C25C34DE0621FFD8C4F925E] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Bluetooth Virtual HID Minidriver.) -- C:\Windows\system32\drivers\btwhid.sys
O58 - SDL:[MD5.A01FD9851406DE0870C23759E2F7B6EA] - 07/08/2009 - 04:29:16 ---A- . (.Broadcom Corporation. - Driver for Bluetooth USB Devices.) -- C:\Windows\system32\drivers\btwusb.sys
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.AF82DC664E3D8E2CBA3B95E68F6448A7] - 16/11/2009 - 08:56:12 ---A- . (.ESET - Amon monitor.) -- C:\Windows\system32\drivers\eamon.sys
O58 - SDL:[MD5.686A799C1BF1B18941994DAF9F45DB06] - 16/11/2009 - 09:03:36 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\system32\drivers\ehdrv.sys
O58 - SDL:[MD5.76CAD4F1291990FC47824B845032E997] - 26/09/2009 - 18:57:34 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\system32\drivers\ElbyCDIO.sys
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.8700EADC8BDFA27D948FCC43EE0AE434] - 18/12/2009 - 15:02:26 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\drivers\epfwwfpr.sys
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys
O58 - SDL:[MD5.007AEA2E06E7CEF7372E40C277163959] - 11/07/2010 - 16:07:24 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver Filter.) -- C:\Windows\system32\drivers\ggflt.sys
O58 - SDL:[MD5.C73DE35960CA75C5AB4AE636B127C64E] - 11/07/2010 - 16:07:24 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver.) -- C:\Windows\system32\drivers\ggsemc.sys
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys
O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.71E1FC547CC488D5CD7BF0860C96F5AF] - 02/07/2008 - 14:58:48 ---A- . (.IVT Corporation. - IVT Bluetooth Bus Device Driver.) -- C:\Windows\system32\drivers\IvtBtBus.sys
O58 - SDL:[MD5.151D8C22A57025D0619D9ED452A4F1FF] - 18/03/2010 - 10:00:56 ---A- . (.Logitech, Inc. - Logitech PS2 Keyboard Filter Driver..) -- C:\Windows\system32\drivers\L8042Kbd.sys
O58 - SDL:[MD5.732AFC2D2643916CFA135130D2ADBC20] - 18/03/2010 - 10:01:04 ---A- . (.Logitech, Inc. - Logitech PS/2 Mouse Filter Driver..) -- C:\Windows\system32\drivers\L8042mou.Sys
O58 - SDL:[MD5.713CD5267ABFB86FE90A72E384E82A38] - 23/09/2009 - 13:55:23 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys
O58 - SDL:[MD5.B68309F25C5787385DA842EB5B496958] - 18/03/2010 - 10:01:52 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys
O58 - SDL:[MD5.63D3B1D3CD267FCC186A0146B80D453B] - 18/03/2010 - 10:02:08 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys
O58 - SDL:[MD5.46F0396649101C27968089D127395980] - 18/03/2010 - 10:02:24 ---A- . (.Logitech, Inc. - Logitech Filter Driver for Mouse Class..) -- C:\Windows\system32\drivers\LMouKE.Sys
O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 12/07/2010 - 16:44:30 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\system32\drivers\LNonPnP.sys
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys
O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys
O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:[MD5.E205C313417DA6FA7AFE85912A310A65] - 16/02/2007 - 01:56:49 ---A- . (.Elaborate Bytes AG - Elby Delay Lower Filter Driver.) -- C:\Windows\system32\drivers\RegKill.sys
O58 - SDL:[MD5.D5EDE44CA85899E0478208C8413C1C31] - 23/06/2010 - 08:10:54 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys
O58 - SDL:[MD5.7B7A157D6CC1EB77BC43E2AA23DAE600] - 19/04/2010 - 15:55:40 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys
O58 - SDL:[MD5.594FF5620661D1386475406E78CB6F2F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 Driver.) -- C:\Windows\system32\drivers\s0017bus.sys
O58 - SDL:[MD5.3FA76516F21FC7CF04689834B2B7325E] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017cm.sys
O58 - SDL:[MD5.3FA76516F21FC7CF04689834B2B7325E] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017cmnt.sys
O58 - SDL:[MD5.5B1078D9E27DF63656C39449492AE3E9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation (WDM class reg.) -- C:\Windows\system32\drivers\s0017cr.sys
O58 - SDL:[MD5.7258F550419D543BC5C8E80C578A5D54] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\s0017mdfl.sys
O58 - SDL:[MD5.1DE4F6607FEB17A15DBD4F1B139E6D2F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\s0017mdm.sys
O58 - SDL:[MD5.9814E6BACC06D2526CD52981C7EEEDF0] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\s0017mgmt.sys
O58 - SDL:[MD5.2C62CD58225973F26682CD4F783DDEDE] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation (NDIS 5 Minipo.) -- C:\Windows\system32\drivers\s0017nd5.sys
O58 - SDL:[MD5.F87C3422E84B2FB1B43E0A26247AD5A5] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB WMC OBEX Interface Device Driver.) -- C:\Windows\system32\drivers\s0017obex.sys
O58 - SDL:[MD5.DF5E7360A0AFA5956BF75DA683D0679F] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Sony Ericsson Device 0017 USB Ethernet Emulation.) -- C:\Windows\system32\drivers\s0017unic.sys
O58 - SDL:[MD5.985E0A43CF844A573FF254C847AD0BA9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017wh.sys
O58 - SDL:[MD5.985E0A43CF844A573FF254C847AD0BA9] - 21/10/2008 - 08:22:48 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s0017whnt.sys
O58 - SDL:[MD5.1C5C2CB892553D2CF3F45A4BB323FCD6] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 Driver.) -- C:\Windows\system32\drivers\s1018bus.sys
O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cm.sys
O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cmnt.sys
O58 - SDL:[MD5.38F5EA219593F19B6B3A1B9C169E3B61] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\s1018mdfl.sys
O58 - SDL:[MD5.666AF6B64FC7DF92D3CA4819EA91631D] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\s1018mdm.sys
O58 - SDL:[MD5.F4CEDA6E2DDFF2AF8BD745615A7CA9C0] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\s1018mgmt.sys
O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018wh.sys
O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 15:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018whnt.sys
O58 - SDL:[MD5.72AECF54AAC22B20956D08610972B5A1] - 03/11/2010 - 22:38:38 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys
O58 - SDL:[MD5.16B1ABE7F3E35F21DAC57592B6C5D464] - 09/11/2009 - 04:21:18 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:[MD5.E5B56569A9F79B70314FEDE6C953641E] - 11/07/2010 - 16:08:28 ---A- . (.Sony Ericsson Mobile Communications - seehcri Driver.) -- C:\Windows\system32\drivers\seehcri.sys
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 12:48:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\StarOpen.sys
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys
O58 - SDL:[MD5.2C15B4856F929AC7DD144044D8334B54] - 25/03/2008 - 12:54:02 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys
O58 - SDL:[MD5.6750328AB04AE5FAF01403A575D66978] - 06/10/2008 - 16:56:38 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys
O58 - SDL:[MD5.45A0FD8D566E7C44B2FC340CBD6672D0] - 03/03/2009 - 14:42:56 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys
O58 - SDL:[MD5.C281D231BA7BC7955D39EA9E21374EFF] - 19/02/2009 - 15:20:10 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys
O58 - SDL:[MD5.592CD9C8AB08EF02EA53905D30FB157E] - 05/03/2009 - 10:03:16 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys
O58 - SDL:[MD5.0F3FD4F55175CAEDDCE9EFD6C5CA45D3] - 12/03/2009 - 10:33:08 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys
O58 - SDL:[MD5.5C4DDC4C3596DDB742E5BADEEE914EA0] - 03/03/2009 - 14:43:58 ---A- . (.TOSHIBA Corporation - Bluetooth Audio Driver (WDM).) -- C:\Windows\system32\drivers\TosRfSnd.sys
O58 - SDL:[MD5.8688938B6D2A7EC8037A8B3AE1ADCE2B] - 10/03/2009 - 15:31:52 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys
O58 - SDL:[MD5.A6CAB31A6CFCD41E5213A924B2413EF1] - 10/07/2009 - 04:04:42 ---A- . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\viahduaa.sys
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys
O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\giveio.sys
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS
O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 24/09/2006 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\Windows\system32\speedfan.sys
O58 - SDL:[MD5.58997182304759F46902A62128D44D5C] - 16/12/2009 - 22:29:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\WinVd32.sys


---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1


---\\ Observateur d'évènement d'application (OEA) (O66)
O66 - EventLog: ID=1000 (Application Error) - (.Megaupload Limited - Mega Manager.) -- C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - Pas de description.) -- C:\Windows\Explorer.EXE
O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Communications Platform.) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
O66 - EventLog: ID=1000 (Application Error) - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\VideoLAN\VLC\vlc.exe
O66 - EventLog: ID=1000 (Application Error) - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe


---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\mo\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe


---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.cbid", "QC");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.first-launch-url", "http://g.msn.com/5mefr_fr/11");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.fresh-install", false);
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.l", "dis");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.last-config-req", "1288811956305");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.locale", "fr_FR");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.o", "102408");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.options-lang", "fr");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.options-locale", "UK");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.qsrc", "2871");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.r", "2");
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.search-suggestions-enabled", true);
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing
O69 - SBI: SearchScopes [HKCU] {AE7F6473-3AA7-4289-8D63-8BF32144F511} [DefaultScope] - (Google) - Google
O69 - SBI: SearchScopes [HKCU] {E9ED43AD-DA41-4cdc-8FE9-D8C5B8443976} - (SpeedBit Search) - SpeedBit Search


---\\ Recherche des services démarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [168448]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [591360]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [667136]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473088]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [285184]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows™.) -- C:\Windows\System32\tapisrv.dll [241664]
O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [30024]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [543232]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1912832]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [589312]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [497152]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [46592]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [162816]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [743424]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [99328]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102400]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]


---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 29/11/2009 69632 | C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 04/08/2010 176128 | C:\Windows\system32\atiesrxx.exe (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
SR - | Auto 02/04/2009 90112 | C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (AsSysCtrlService) . (.Pas de propriétaire.) - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
SS - | Auto 02/04/2009 0 | C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (BlueSoleil Hid Service) . (.Pas de propriétaire.) - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
SR - | Auto 11/11/2006 266295 | C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
SS - | Demand 16/11/2009 20680 | C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
SR - | Auto 16/11/2009 735960 | C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
SS - | Auto 24/02/2010 135664 | C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/12/2009 182768 | C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 03/11/2010 1181328 | C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Ad-Aware Service) . (.Lavasoft.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
SR - | Auto 20/11/2009 73728 | C:\Program Files\Common Files\LightScribe\LSSrvc.exe (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 12/09/2010 251248 | C:\Program Files\ma-config.com\maconfservice.exe (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SR - | Auto 29/04/2010 304464 | C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Auto 16/03/2010 813056 | C:\Program Files\The Cleaner\mhelper.exe (moohelp) . (.MooSoft Development LLC.) - C:\Program Files\The Cleaner\mhelper.exe
SS - | Disabled 23/09/2009 935208 | C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 06/09/2009 71096 | C:\Program Files\CDBurnerXP\NMSAccessU.exe (NMSAccessU) . (.Pas de propriétaire.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SR - | Auto 30/04/2009 90112 | C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (OMSI download service) . (.Pas de propriétaire.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
SR - | Demand 26/01/2010 2740224 | C:\Windows\system32\PrivacyProvider.exe (PrivacyProvider) . (.Pas de propriétaire.) - C:\Windows\system32\PrivacyProvider.exe
SS - | Auto 26/01/2010 0 | C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWindServiceAE) . (.Pas de propriétaire.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
SS - | Demand 26/01/2010 0 | C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp.Defrag) . (.Pas de propriétaire.) - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
SR - | Auto 20/04/2010 1050440 | C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe


---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover
Run by mo at 01/09/2010 07:36:50

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x83075458] -> \Device\Harddisk0\DR0[0x86634030]
3 CLASSPNP[0x8B77F59E] -> ntkrnlpa!IofCallDriver[0x83075458] -> [0x864E2918]
5 ACPI[0x8B2BB3B2] -> ntkrnlpa!IofCallDriver[0x83075458] -> \Device\Ide\IdeDeviceP2T0L0-2[0x864D5030]
kernel: MBR read successfully
user & kernel MBR OK


---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
MBRCheck, version 1.2.3 by ad13, http://ad13.geekstog
Run by mo at 01/09/2010 07:36:54
Dump file Name : C:\Program Files\ZHPDiag\MBRDump_09-01-10_07-36-54_PhysicalDrive0.bin


---\\ Infection BT - BHO/Toolbar (Possible)
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE}
[HKCU\Software\Ask.com]
O69 - SBI: prefs.js [mo - jfan4znq.default] user_pref("extensions.asktb.default-channel-url-mask", "http://fr.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");



End of the scan (1254 lines in 01mn 13s)(0)

Ce message a été modifié par rapetou83 - 06 novembre 2010 - 12:34 .

Bonjour,

1) Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

Ad-Remover : Telechargement

Ferme toutes les applications ouvertes pour l'installer.

Sous Vista/7: Désactiver provisoirement l'UAC comme expliqué ICI

Sous XP: Double-clique, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône placée sur le bureau.

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

Clique sur Scanner.



Le rapport se trouve aussi sous C:\Ad-Report.
Copie/colle-le dans ta réponse stp.

-----------------------------------------------------------------------------------------------

2) Double-clique pour XP, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône Ad-R placée sur le bureau.

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

Clique sur Nettoyer.

Le bureau va disparaitre, c'est normal!

Le rapport se trouve aussi sous C:\Ad-Report Clean.
Copie/colle-le dans ta réponse stp.

Réactiver l'UAC de Vista/7. (Si Vista/7 bien sûr!).

La page d'accueil sera peut-être changée; il suffit de remettre sa page habituelle via les options internet.


*** Poste les deux rapports stp.

@++

bonsoir et merci apollo de ton aide voici déjà le premier rapport
======= REPORT FROM AD-REMOVER 2.0.0.2,B | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 25/10/10 at 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 16:52:17 on 01/09/2010, Normal boot

Microsoft Windows 7 Édition Intégrale (X86)
mo@PC (System manufacturer System Product Name)

============== SEARCH ==============


File found: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
Folder found: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\extensions\toolbar@ask.com
Folder found: C:\Program Files\Ask.com
Folder found: C:\Users\mo\AppData\LocalLow\AskToolbar

-- File opened: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --
Line found: user_pref("extensions.asktb.cbid", "QC");
Line found: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}...
Line found: user_pref("extensions.asktb.first-launch-url", "hxxp://g.msn.com/5mefr_fr/11");
Line found: user_pref("extensions.asktb.fresh-install", false);
Line found: user_pref("extensions.asktb.l", "dis");
Line found: user_pref("extensions.asktb.last-config-req", "1288811956305");
Line found: user_pref("extensions.asktb.locale", "fr_FR");
Line found: user_pref("extensions.asktb.o", "102408");
Line found: user_pref("extensions.asktb.options-lang", "fr");
Line found: user_pref("extensions.asktb.options-locale", "UK");
Line found: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line found: user_pref("extensions.asktb.qsrc", "2871");
Line found: user_pref("extensions.asktb.r", "2");
Line found: user_pref("extensions.asktb.search-suggestions-enabled", true);
Line found: user_pref("extensions.enabledItems", "DeviceDetection@logitech.com:1.20.0.66,{d10d0bf8-f5b5-c8b4-a8b...
-- File closed --


Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key found: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO
Key found: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key found: HKCU\Software\Ask.com
Key found: HKCU\Software\AppDataLow\AskToolbarInfo
Key found: HKCU\Software\AppDataLow\Software\AskToolbar
Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key found: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

** Mozilla Firefox Version [3.6.12 (fr)] **

-- C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --
browser.download.dir, C:\\Users\\mo\\Documents\\Downloads
browser.download.lastDir, C:\\Users\\mo\\Desktop
browser.startup.homepage, google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://search.speedbit.com/searchresults.asp?src=default&q=

========================================

** Internet Explorer Version [8.0.7600.16385] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: YES
Local Page: C:\Windows\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://www.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: hxxp://search.speedbit.com/tab/
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files\Ad-Remover\Backup: 1 File(s)

C:\Ad-Report-SCAN[1].txt - 01/09/2010 (5230 Byte(s))

End at: 16:52:49, 01/09/2010

============== E.O.F ==============


ET VOICI LE SECOND RAPPORT



======= REPORT FROM AD-REMOVER 2.0.0.2,B | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 25/10/10 at 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 18:12:31 on 01/09/2010, Normal boot

Microsoft Windows 7 Édition Intégrale (X86)
mo@PC (System manufacturer System Product Name)

============== ACTION(S) ==============


File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar
Folder deleted: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\extensions\toolbar@ask.com
Folder deleted: C:\Program Files\Ask.com
Folder deleted: C:\Users\mo\AppData\LocalLow\AskToolbar

(!) -- Temporary files deleted.


-- File opened: C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --
Line deleted:
Line deleted:
Line deleted: user_pref("extensions.asktb.cbid", "QC");
Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}...
Line deleted: user_pref("extensions.asktb.first-launch-url", "hxxp://g.msn.com/5mefr_fr/11");
Line deleted: user_pref("extensions.asktb.fresh-install", false);
Line deleted: user_pref("extensions.asktb.l", "dis");
Line deleted: user_pref("extensions.asktb.last-config-req", "1288811956305");
Line deleted: user_pref("extensions.asktb.locale", "fr_FR");
Line deleted: user_pref("extensions.asktb.o", "102408");
Line deleted: user_pref("extensions.asktb.options-lang", "fr");
Line deleted: user_pref("extensions.asktb.options-locale", "UK");
Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line deleted: user_pref("extensions.asktb.qsrc", "2871");
Line deleted: user_pref("extensions.asktb.r", "2");
Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true);
Line deleted: user_pref("extensions.enabledItems", "DeviceDetection@logitech.com:1.20.0.66,{d10d0bf8-f5b5-c8b4-a8b...
-- File closed --


Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key deleted: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO
Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key deleted: HKCU\Software\Ask.com
Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo
Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar
Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

** Mozilla Firefox Version [3.6.12 (fr)] **

-- C:\Users\mo\AppData\Roaming\Mozilla\FireFox\Profiles\jfan4znq.default\Prefs.js --
browser.download.dir, C:\\Users\\mo\\Documents\\Downloads
browser.download.lastDir, C:\\Users\\mo\\Desktop
browser.startup.homepage, google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://search.speedbit.com/searchresults.asp?src=default&q=

========================================

** Internet Explorer Version [8.0.7600.16385] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: YES
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\System32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 165 File(s)
C:\Program Files\Ad-Remover\Backup: 16 File(s)

C:\Ad-Report-CLEAN[1].txt - 01/09/2010 (5673 Byte(s))
C:\Ad-Report-SCAN[1].txt - 01/09/2010 (5359 Byte(s))

End at: 18:13:20, 01/09/2010

============== E.O.F ==============

Ce message a été modifié par rapetou83 - 04 novembre 2010 - 06:24 .

Re,

Préfère faire un nouveau post car si tu édites, je ne reçois pas de notification email.

Désinstalle Ad-Remover par son interface.

Rends toi sur ce lien : Virus Total

• Clique sur le bouton Parcourir...
  
• Parcours tes dossiers jusque à ce fichier, si tu le trouves :

C:\Windows\System32\Wininit.exe

• Clique sur Envoyer le fichier, et si VirusTotal dit que le fichier a déjà été analysé, clique sur le bouton Reanalyse le fichier maintenant.
  
• Laisse le site travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  
• Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. Dans ce cas, il te faudra patienter sans réactualiser la page.
  
• Lorsque l'analyse est terminée copie le lien qui se trouve dans la barre de navigateur et colle-le dans ta réponse stp.

*** Fais-en de même avec ce fichier-ci: C:\Windows\Explorer.exe

@++

re-bonsoir apollo,
j'ai fais ce que tu m'as dit mais il me dit que je n'ai pas l'autorisation d'accès pour les deux donc je peux pas les analyser

Bonjour,

ComboFix ne doit pas être utilisé comme un outil de diagnostic, il ne doit être employé que sur demande expresse d'un conseiller formé à cet outil et sous son contrôle. Cet outil peut être dangereux!

Désactiver les protections (antivirus, firewall, antispyware).
Si vous ne savez pas comment faire, reportez-vous à cet article.

Connecter les supports amovibles (clé usb et autres) avant de procéder.

TUTO Officiel

Fais un clic droit ICI

• Dans le menu qui se déroule, choisis "Enregistrer la cible du lien sous" (si tu utilises Firefox) et "Enregistrer la cible sous" (si tu utilises Internet Explorer)
  
• Une fenêtre va s'ouvrir: dans le champs Nom du fichier (en bas ), tape ceci plop
  
  exemple:
  
  
• On va enregistrer ce fichier sur le Bureau: pour cela, sur le panneau de gauche, clique sur le Bureau.
  
  
• Clique enfin sur le bouton Enregistrer en bas de page à droite.
  
• Assure toi que tous les programmes sont fermés avant de lancer le fix!
  
• Fait un double clique sur plop.
  
• Si la console de récupération n'est pas installée sur un XP, ComboFix va proposer de l'installer: Accepte!
  
  
  
  
• Clique sur Oui au message de Limitation de Garantie qui s'affiche.
  
• Il est possible que ton parefeu te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sure: accepte!
  
• Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
  
• Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message.

Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.

NB: Si malgré tout, tu ne parviens pas à réparer la connexion, lis ce sujet stp.

Si le message: "Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression".
apparaissait, redémarrer le pc.



@++

bonsoir apollo voici le fichier demandé

ComboFix 10-11-05.01 - mo 05/11/2010 17:48:28.1.4 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1033.18.3063.1718 [GMT 1:00]
Lancé depuis: c:\users\mo\Desktop\plop.exe
.
ADS - Windows: deleted 48 bytes in 1 streams.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\hpe255C.dll
c:\programdata\hpeB0E7.dll
c:\users\mo\AppData\Roaming\.#
c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F58.###
c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F68.###
c:\users\mo\AppData\Roaming\.#\MBX@5F0@1ED1F78.###
c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F58.###
c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F68.###
c:\users\mo\AppData\Roaming\.#\MBX@968@1F01F78.###
c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F58.###
c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F68.###
c:\users\mo\AppData\Roaming\.#\MBX@F30@1FE1F78.###
c:\windows\system32\sqlite3.dll

Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

Une copie infectée de c:\windows\System32\wininit.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

Une copie infectée de c:\windows\explorer.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-05 au 2010-11-05 ))))))))))))))))))))))))))))))))))))
.

2010-11-05 16:52 . 2010-11-05 16:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-03 21:38 . 2010-11-03 21:38 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-11-03 21:21 . 2010-11-04 06:00 -------- d-----w- c:\programdata\moosoft
2010-11-03 20:53 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-11-03 19:24 . 2010-11-03 21:57 -------- d-----w- c:\program files\The Cleaner
2010-11-03 19:24 . 2010-11-03 21:05 -------- d-----w- c:\users\mo\AppData\Roaming\thecleaner
2010-11-03 19:00 . 2010-11-03 19:00 -------- dc-h--w- c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2010-11-03 18:59 . 2010-11-03 20:53 -------- d-----w- c:\programdata\Lavasoft
2010-11-03 18:59 . 2010-11-03 18:59 -------- d-----w- c:\program files\Lavasoft
2010-10-30 16:39 . 2009-07-14 01:15 315904 ----a-w- c:\windows\system32\Difx9199.rra
2010-10-29 15:12 . 2010-10-30 17:38 -------- d-----w- c:\users\mo\AppData\Roaming\383023B6067A2A20D66DC58422C29201
2010-10-27 05:19 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-10-27 05:19 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll
2010-10-27 05:19 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-10-27 05:19 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-10-27 05:18 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-10-26 18:49 . 2010-10-26 18:49 -------- d-----w- c:\program files\Winamax Poker
2010-10-23 16:38 . 2010-10-23 16:38 -------- d-----w- c:\windows\fr
2010-10-23 16:37 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-23 16:31 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll
2010-10-23 16:31 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-10-23 16:07 . 2010-10-23 18:45 -------- d-----w- c:\users\mo\AppData\Roaming\Windows Live Writer
2010-10-23 16:07 . 2010-10-23 16:07 -------- d-----w- c:\users\mo\AppData\Local\Windows Live Writer
2010-10-22 14:30 . 2010-10-22 14:30 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2010-10-21 05:27 . 2010-10-21 05:27 -------- d-----w- c:\program files\Microsoft IntelliPoint
2010-10-21 05:19 . 2010-10-21 05:19 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\9907f17e1cb70df10\InstallManager_WLE_WLE.exe
2010-10-21 05:19 . 2010-10-21 05:19 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\9831b5a51cb70df0f\MeshBetaRemover.exe
2010-10-21 05:19 . 2010-10-21 05:19 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\DSETUP.dll
2010-10-21 05:19 . 2010-10-21 05:19 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\DXSETUP.exe
2010-10-21 05:19 . 2010-10-21 05:19 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\970cec641cb70df0e\dsetup32.dll
2010-10-21 05:19 . 2010-10-21 05:19 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\DSETUP.dll
2010-10-21 05:19 . 2010-10-21 05:19 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\DXSETUP.exe
2010-10-21 05:19 . 2010-10-21 05:19 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\96109a871cb70df0d\dsetup32.dll
2010-10-21 05:19 . 2010-09-01 05:51 -------- d-----w- c:\users\mo\AppData\Local\Windows Live
2010-10-21 05:19 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-10-21 05:19 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-10-21 05:19 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2010-10-20 05:07 . 2010-10-23 16:37 -------- d-----w- c:\program files\Windows Live
2010-10-16 17:01 . 2010-01-26 08:24 471040 ----a-w- c:\windows\system32\RegisterLSP.exe
2010-10-16 17:01 . 2010-01-26 08:23 258048 ----a-w- c:\windows\system32\PrivacyProvider.dll
2010-10-16 17:01 . 2010-01-26 08:22 2740224 ----a-w- c:\windows\system32\PrivacyProvider.exe
2010-10-16 12:08 . 2010-10-16 12:08 8704 ----a-w- c:\windows\system32\SpOrder.dll
2010-10-16 12:08 . 2010-10-16 12:08 73728 ----a-w- c:\windows\system32\VistaInfo32.dll
2010-10-16 12:08 . 2010-10-16 17:01 -------- d-----w- c:\program files\IP Hider
2010-10-15 18:05 . 2010-10-15 18:05 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-10-15 18:05 . 2010-10-15 18:05 253952 ------w- c:\windows\Setup1.exe
2010-10-13 05:12 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-10-07 17:17 . 2010-10-07 17:17 -------- d-----w- c:\programdata\ASUS OC Profiles
2010-10-07 17:15 . 2010-10-07 17:15 -------- d-----w- C:\temp
2010-10-07 17:15 . 2010-10-07 17:15 -------- d-----w- C:\dvmexp
2010-10-07 17:14 . 2010-10-09 07:43 -------- d-----w- C:\ASUS.000
2010-10-07 17:14 . 2010-10-07 17:14 -------- d-----w- C:\ASUS.SYS
2010-10-07 17:13 . 2010-10-07 17:13 -------- d-----w- c:\program files\Downloaded Installations
2010-10-07 17:11 . 2007-12-17 09:14 12400 ----a-r- c:\windows\system32\drivers\AsIO.sys
2010-10-07 17:11 . 2006-01-10 08:50 24576 ----a-r- c:\windows\system32\AsIO.dll
2010-10-07 17:11 . 2010-10-07 17:12 -------- d-----w- c:\program files\ASUS
2010-10-07 17:11 . 2008-01-04 11:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2010-10-07 17:11 . 2008-01-04 11:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2010-10-07 17:11 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2010-10-07 17:11 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2010-10-07 17:11 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2010-10-07 17:11 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2010-10-07 17:11 . 2009-07-14 01:15 315904 ----a-w- c:\windows\system32\Difx8fdf.rra
2010-10-07 17:03 . 2010-10-07 17:04 -------- d-----w- c:\windows\AsusInstAll
2010-10-07 17:03 . 2009-07-10 05:48 856064 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2010-10-07 17:03 . 2009-07-10 03:04 1067008 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2010-10-07 17:03 . 2009-07-06 01:58 491008 ----a-w- c:\windows\system32\VIASysFx.dll
2010-10-07 17:03 . 2009-06-01 02:10 211456 ----a-w- c:\windows\system32\Dts2APO.dll
2010-10-07 17:03 . 2009-03-04 08:42 75776 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2010-10-07 17:03 . 2009-01-19 13:30 68608 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2010-10-07 17:03 . 2009-01-19 13:29 181248 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2010-10-07 17:03 . 2007-12-04 03:28 76288 ----a-w- c:\windows\system32\nQPropPageExt.dll
2010-10-07 17:03 . 2007-12-04 03:28 71680 ----a-w- c:\windows\system32\nQAPO.dll
2010-10-07 17:03 . 2010-10-07 17:03 -------- d-----w- c:\program files\VIA

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-03 20:52 . 2010-09-01 05:09 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-10-19 09:41 . 2009-11-29 12:22 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-07 23:21 . 2010-09-02 05:05 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A1D2DDB-1ABF-41FB-B88A-449C36DEAC41}\mpengine.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 12:03 . 2010-09-21 12:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-08-21 05:32 . 2010-09-15 07:02 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-10 03:15 . 2010-08-10 03:15 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-08-10 03:15 . 2010-08-10 03:15 69632 ----a-w- c:\windows\system32\QuickTime.qts
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreeMi UPnP Media Server"="c:\program files\FreeMi UPnP Media Server\FreeMi UPnP Media Server.exe" [2010-09-17 89088]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-22 39408]
"Google Update"="c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-26 135664]
"tcactive"="c:\program files\The Cleaner\tcap.exe" [2010-03-29 2951680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-24 1474560]
"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872]
"Turbo Key"="c:\program files\ASUS\Turbo Key\TurboKey.exe" [2009-05-25 1768960]
"IPHider"="c:\program files\IP Hider\IP Hider.exe" [2010-02-26 1560576]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 1797008]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Mise … jour des licences ESET.lnk - c:\program files\ESET\MiNODLogin\MiNODLogin.exe [2010-10-18 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
backup=c:\windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Acrobat.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Acrobat.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Mise à jour des licences ESET.lnk]
backup=c:\windows\pss\Mise à jour des licences ESET.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-14 01:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-01 06:39 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2010-07-21 14:53 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2010-07-21 15:08 1778064 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 13:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-04-29 13:39 437584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-12-22 23:44 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2004-11-22 07:18 307200 ----a-r- c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"updateMgr"=c:\program files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 135664]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
R2 moohelp;The Cleaner 2011 Helper Service;c:\program files\The Cleaner\mhelper.exe [2010-03-16 813056]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-07-11 13224]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-11-03 1181328]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-09-12 251248]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-09-23 64288]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-03 176128]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-07-17 319488]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-12-18 95896]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-03 214016]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2010-07-07 44432]
S3 PrivacyProvider;PrivacyProvider;c:\windows\system32\PrivacyProvider.exe [2010-01-26 2740224]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-04-19 189784]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-07-11 27632]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-11-20 13:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'

2010-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 18:53]

2010-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-24 18:53]

2010-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000Core.job
- c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-26 13:14]

2010-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-363704617-1961234646-957867529-1000UA.job
- c:\users\mo\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-26 13:14]
.
.
------- Examen supplémentaire -------
.
IE: &Envoyer à OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convertir en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la cible du lien en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir la sélection en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la sélection en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir les liens sélectionnés en Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convertir les liens sélectionnés en un fichier PDF existant - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
LSP: c:\windows\system32\PrivacyProvider.dll
Trusted Zone: secuser.com
FF - ProfilePath - c:\users\mo\AppData\Roaming\Mozilla\Firefox\Profiles\jfan4znq.default\
FF - prefs.js: browser.startup.homepage - google.fr
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\mo\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\mo\AppData\Roaming\Mozilla\Firefox\Profiles\jfan4znq.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll

---- PARAMETRES FIREFOX ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-ITSecMng - c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
MSConfigStartUp-Kernel and Hardware Abstraction Layer - KHALMNPR.EXE
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
AddRemove-Scooby-Doo™, Le Secret du Sphinx - c:\program files\Mindscape\Scooby-Doo™


.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(116)
c:\windows\system32\btncopy.dll
c:\program files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
c:\program files\Megaupload\Mega Manager\MegaIEMn.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\ASUS\Six Engine\SixEngine.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Heure de fin: 2010-11-05 17:56:47 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-11-05 16:56

Avant-CF: 427 299 778 560 octets libres
Après-CF: 427 288 875 008 octets libres

- - End Of File - - 2C1F2D3E94DD7236AE2444F13AF4EF0C


merci de ton aide

merci seigneur apollo apparemment je n'ai plus de virus. merci infiniment de prendre de ton temps pour t'occuper de personne comme moi

Bonsoir,

Minute papillon

Il vaut mieux faire quelques vérifications supplémentaires. Tu as en outre des applications à mettre à jour car faillibles en l'état.

ComboFix a confirmé mes doutes sur les deux fichiers qui n'ont pu être analysés par virus total. (ce qui est un signe).

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Pour les systèmes 64 Bits: Télécharger RSIT 64 Bits

• Double-clique sur RSIT.exe afin de lancer RSIT. Pour XP
  
  Important :
  * Sous Vista : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
  
  * Sous Windows 7 : Il faut mettre le fichier RSIT.exe sur le bureau, faire un clic droit dessus et dans Propriétés, onglet Compatibilité, cocher la case "Exécuter ce programme en mode compatibilité pour" et dans le menu choisir Vista SP2 et la case dans Niveau de privilège.
  Valide par Appliquer.
  
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

>>>Héberge les rapports RSIT ici: Cijoint.fr - Service gratuit de dépôt de fichiers et me donner les liens pour que je puisse les consulter.

Pour l'instant, il vaut mieux procéder de la sorte pour ne pas planter le sujet du forum.
N'héberge les fichiers que lorsqu'on le demande stp, sinon poste-les en clair. Merci.

@++

voici pour l'un
Cijoint.fr - Service gratuit de dépôt de fichiers

et voici pour l'autre
http://www.cijoint.f.../cij9zShgKb.txt

Ce message a été modifié par rapetou83 - 05 novembre 2010 - 07:08 .