Pascalem

Je dois m'absenter pour quelques jours, jusque mardi. Si mon problème n'était pas résolu, je mettrai un nouveau post. Merci à tous.

Alors voilà ; Combofix chez moi ne fonctionne pas ( mode administrateur, antivirus désactivé); pas même en mode sans échec ; au moment où il décompresse , l'écran devient noir (pas de message d'erreur) , windows s'éteint avec un bref écran bleu que j'ai pas le temps de lire. Quant à TDSSKILLER, il ne fonctionne plus non plus ; ce midi j'avais réussi en mode sans échec, et j'avais le rappport suivant : 2011/04/21 12:51:13.0503 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23 2011/04/21 12:51:13.0503 ================================================================================ 2011/04/21 12:51:13.0503 SystemInfo: 2011/04/21 12:51:13.0503 2011/04/21 12:51:13.0503 OS Version: 6.1.7600 ServicePack: 0.0 2011/04/21 12:51:13.0503 Product type: Workstation 2011/04/21 12:51:13.0503 ComputerName: PC_FELUY 2011/04/21 12:51:13.0503 UserName: P. LEMAIGRE 2011/04/21 12:51:13.0503 Windows directory: C:\Windows 2011/04/21 12:51:13.0503 System windows directory: C:\Windows 2011/04/21 12:51:13.0503 Processor architecture: Intel x86 2011/04/21 12:51:13.0503 Number of processors: 4 2011/04/21 12:51:13.0503 Page size: 0x1000 2011/04/21 12:51:13.0503 Boot type: Safe boot 2011/04/21 12:51:13.0503 ================================================================================ 2011/04/21 12:51:18.0136 Initialize success 2011/04/21 12:51:33.0486 ================================================================================ 2011/04/21 12:51:33.0486 Scan started 2011/04/21 12:51:33.0486 Mode: Manual; 2011/04/21 12:51:33.0486 ================================================================================ 2011/04/21 12:51:41.0021 ================================================================================ 2011/04/21 12:51:41.0021 Scan finished 2011/04/21 12:51:41.0021 ================================================================================ 2011/04/21 12:52:04.0671 ================================================================================ 2011/04/21 12:52:04.0671 Scan started 2011/04/21 12:52:04.0671 Mode: Manual; 2011/04/21 12:52:04.0671 ================================================================================ 2011/04/21 12:52:11.0785 ================================================================================ 2011/04/21 12:52:11.0785 Scan finished 2011/04/21 12:52:11.0785

Merci pear pour ton aide, voici le rapport : Rapport de ZHPDiag v1.27.1903 par Nicolas Coolman, Update du 17/04/2011 Run by P. LEMAIGRE at 21/04/2011 18:14:44 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 4.0 v4.0 (Defaut) ---\\ System Information Windows 7 Business Edition, 32-bit (Build 7600) Processor: x86 Family 6 Model 30 Stepping 5, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2014 MB (59% free) System Restore: Activé (Enable) System drive C: has 43 GB (55%) free of 78 GB ---\\ Logged in mode Computer Name: PC_FELUY User Name: P. LEMAIGRE All Users Names: P. LEMAIGRE, OUSSAMA, Administrateur, Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables %AppData%=C:\Users\P. LEMAIGRE\AppData\Roaming %LocalAppData%=C:\Users\P. LEMAIGRE\AppData\Local %StartMenu%=C:\Users\P. LEMAIGRE\AppData\Roaming\Microsoft\Windows\Start Menu ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 43 Go of 78 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 206 Go of 388 Go) E:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ Hard drive, Flash drive, Thumb drive (Free 125 Go of 298 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK ---\\ Recherche particulière de fichiers génériques [MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 02:14:20.) -- C:\Windows\Explorer.exe [2613248] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256] [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/03/2011 16:33:58.) -- C:\Windows\system32\wininet.dll [1126912] [MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Winlogon.exe [285696] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584] [MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 02:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432] ---\\ Processus lancés [MD5.B8494201B216C87A4A0303951FA864C5] - (...) -- C:\Windows\system32\FolderCastleAgent.exe [581120] [MD5.56B4E7BC40BCAF9C4F410E06BE437662] - (.THOMSON Telecom Belgium - SpeedTouch 330 diagnostics.) -- C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe [557149] [MD5.03B1DC67F343BF2AF8CFEC3DCA09C943] - (.ESET - ESET GUI.) -- C:\Program Files\ESET Smart Security\egui.exe [2029640] [MD5.7AAF26E5CEC48A364FAB61A3505668FB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [MD5.356A22A5871AC798035E4082C0508F76] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.D6D0AD94EFC131772C3265F242D78FCB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [644096] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Users\P. LEMAIGRE\AppData\Roaming\Mozilla\Firefox\Profiles\5kumbkti.default\searchplugins\bing.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Users\P. LEMAIGRE\AppData\Roaming\Mozilla\Firefox\Profiles\5kumbkti.default\searchplugins\ddlsearch-rapidshare-megaupload.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Users\P. LEMAIGRE\AppData\Roaming\Mozilla\Firefox\Profiles\5kumbkti.default\searchplugins\movizdbcom.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Users\P. LEMAIGRE\AppData\Roaming\Mozilla\Firefox\Profiles\5kumbkti.default\searchplugins\telechargercom.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Users\P. LEMAIGRE\AppData\Roaming\Mozilla\Firefox\Profiles\5kumbkti.default\searchplugins\youtube.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\fcmdSrchddr.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [P. LEMAIGRE] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll (.not file.) P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..'>http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll M0 - MFSP: prefs.js [P. LEMAIGRE - 5kumbkti.default] iGoogle M0 - MFSP: prefs.js [P. LEMAIGRE - njbrleoy.default] iGoogle M0 - MFSP: prefs.js [P. LEMAIGRE - nocx86ko.default] iGoogle M2 - MFEP: prefs.js [P. LEMAIGRE - 5kumbkti.default\aging-tabs@design-noir.de] [] Aging Tabs v0.7.1 (.Dão Gottwald.) M2 - MFEP: prefs.js [P. LEMAIGRE - 5kumbkti.default\fastdial@telega.phpnet.us] [fastdial] Fast Dial v3.4 (.telega.) M2 - MFEP: prefs.js [P. LEMAIGRE - 5kumbkti.default\lcdclock_bloodeye@gmail.com] [] LCD Clock v0.4.2 (.Bloodeye.) M2 - MFEP: prefs.js [P. LEMAIGRE - 5kumbkti.default\personas@christopher(2).beard] [personas] Personas v1.2.4 (.Chris Beard.) M2 - MFEP: prefs.js [P. LEMAIGRE - 5kumbkti.default\zoomit@disruptive-innovations.com] [] Glazoom (formerly known as Zoom It!) v1.2.4 (.Disruptive Innovations SARL.) M2 - MFEP: prefs.js [P. LEMAIGRE - 5kumbkti.default\{446c03e0-2c35-11db-a98b-0800200c9a66}] [] Favicon Picker 2 v0.6.1.14 (.Torisugari.) M2 - MFEP: prefs.js [P. LEMAIGRE - 5kumbkti.default\{446c03e0-2c35-11db-a98b-0800200c9a66}(2)] [] Favicon Picker 2 v0.4.2.0 (.Torisugari.) ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-3813675725-1958923974-2502501252-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.skynet.be:8080 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Folder Castle - {783840E6-0A18-4087-9EC7-A1CC131DF0D4} . (.Pas de propriétaire - Pas de description.) -- C:\fcToolBar.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [diagnostics] Clé orpheline O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET Smart Security\egui.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-3813675725-1958923974-2502501252-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\P. LEMAIGRE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer 9.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\P. LEMAIGRE\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe O4 - Global Startup: C:\Users\P. LEMAIGRE\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe O4 - Global Startup: C:\Users\P. LEMAIGRE\Desktop\Mes Documents.lnk . (...) -- D:\Mes Documents O4 - Global Startup: C:\Users\P. LEMAIGRE\Desktop\My ISP connexion.lnk - Clé orpheline O4 - Global Startup: C:\Users\P. LEMAIGRE\Desktop\Screamer Radio.lnk . (.Steamcore.se.) -- C:\Program Files\Screamer Radio\screamer.exe O4 - Global Startup: C:\Users\P. LEMAIGRE\Desktop\SmsDiscount.lnk . (.SmsDiscount.) -- C:\Program Files\SmsDiscount\SmsDiscount.exe O4 - Global Startup: C:\Users\P. LEMAIGRE\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\P. LEMAIGRE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\P. LEMAIGRE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.exe ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~4\OFFICE11\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{D69D37CF-3819-4AAC-B1C2-033A0D2E0B50}: NameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{D69D37CF-3819-4AAC-B1C2-033A0D2E0B50}: NameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS2\Services\Tcpip\..\{D69D37CF-3819-4AAC-B1C2-033A0D2E0B50}: NameServer = 195.238.2.21 195.238.2.22 ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: C:\Windows\system32\Alg.exe (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: (EhttpSrv) . (.ESET - ESET HTTP Server Service.) - C:\Program Files\ESET Smart Security\EHttpSrv.exe O23 - Service: (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET Smart Security\ekrn.exe O23 - Service: (gupdate) - Clé orpheline O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: (maconfservice) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\3.0.199\McCHSvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: (Norton Ghost) . (.Symantec Corporation - Service Module.) - C:\Program Files\Norton Ghost\Agent\VProSvc.exe O23 - Service: (ServiceLayer) . (.Nokia - ServiceLayer Module.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: (st330service) . (.THOMSON Telecom Belgium - SpeedTouch Host Service.) - C:\Program Files\Thomson\ST330\service\st330service.exe O23 - Service: (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME\TomTomHOMEService.exe O23 - Service: (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: C:\Windows\system32\Wat\WatUX.exe (WatAdminSvc) . (...) - C:\Windows\system32\Wat\WatAdminSvc.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Folder Castle Agent.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.B8494201B216C87A4A0303951FA864C5] [APT] [Folder Castle Agent] (.Pas de propriétaire.) -- C:\Windows\system32\FolderCastleAgent.exe [MD5.923E02CA12F54B2F086DDB9C683E46E5] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineCore] (.Pas de propriétaire.) -- C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Pas de propriétaire.) -- C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.) [MD5.346376C397D9687F1995F33AEAB5A8BC] [APT] [{28648F9C-9FB9-49D6-985C-81CF2452BCEF}] (.Pas de propriétaire.) -- K:\Mes Documents\Programmes\Folder Castle 1.2 with serial\FolderCastle.exe [MD5.00000000000000000000000000000000] [APT] [{4EF18D59-E094-4D43-A8FF-A20AF0A38D21}] (.Pas de propriétaire.) -- C:\Program Files\Philips Display\SmartControl\dthtml.exe (.not file.) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (30976231) . (. - .) - C:\Windows\System32\DRIVERS\30976231.sys (.not file.) O41 - Driver: (30976232) . (. - .) - C:\Windows\System32\DRIVERS\30976232.sys (.not file.) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys O41 - Driver: (EIO) . (. - .) - C:\Windows\System32\DRIVERS\EIO.sys (.not file.) O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: setup_9.0.0.722_21.04.2011_14-54drv (setup_9.0.0.722_21.04.2011_14-54drv) . (. - .) - C:\Windows\System32\DRIVERS\3097623.sys (.not file.) O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {5968F27A-66E6-171E-5311-0A74D74AAD9B} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7} O42 - Logiciel: BCWipe 3.0 - (.Pas de propriétaire.) [HKLM] -- BCWipe O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CPUID CPU-Z 1.56 - (.Pas de propriétaire.) [HKLM] -- CPUID CPU-Z_is1 O42 - Logiciel: Canon MP Navigator EX 3.1 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.1 O42 - Logiciel: Canon MX350 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter O42 - Logiciel: DirectVobSub (remove only) - (.Pas de propriétaire.) [HKLM] -- DirectVobSub O42 - Logiciel: Folder Castle 1.2 - (.Pas de propriétaire.) [HKLM] -- FC_is1 O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: Glary Utilities 2.33.0.1158 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {C768790F-04FB-11E0-9B2C-001AA037B01E} O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Java 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF} O42 - Logiciel: KeePass Password Safe 2.14 - (.Dominik Reichl.) [HKLM] -- KeePassPasswordSafe2_is1 O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {0810B8B7-7539-41D3-983E-6127FCF1CC9E} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800} O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM] -- {5FC7AB5C-61FC-42DF-A923-5139BCF10D42} O42 - Logiciel: Microsoft Office FrontPage 2003 - (.Microsoft Corporation.) [HKLM] -- {9017040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E} O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 fr) O42 - Logiciel: Mozilla Thunderbird (3.1.9) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (3.1.9) O42 - Logiciel: MyDefrag v4.3.1 - (.J.C. Kessels.) [HKLM] -- MyDefrag v4.3.1_is1 O42 - Logiciel: MyTomTom 3.0.2.267 - (.TomTom.) [HKLM] -- MyTomTom O42 - Logiciel: Nero 9 - (.Nero AG.) [HKLM] -- {14b8866d-381d-443e-b939-7e59591aaaf6} O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {F1FDAA01-988C-423F-AC12-0D8F333943FD} O42 - Logiciel: Nokia Software Updater - (.Nokia Corporation.) [HKLM] -- {4D568C38-0552-4CDD-A643-01FAFA2957EF} O42 - Logiciel: Norton Ghost - (.Symantec Corporation.) [HKLM] -- {B0255743-165B-4BD5-8DA8-37DFB9930012} O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB} O42 - Logiciel: QT Lite 4.0.0 - (.Pas de propriétaire.) [HKLM] -- quicktime_lite_is1 O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} O42 - Logiciel: SereneScreen Aquarium - (.Prolific Publishing, Inc..) [HKLM] -- SereneScreen Aquarium_is1 O42 - Logiciel: Skype™ 5.0 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} O42 - Logiciel: SmsDiscount - (.Finarea S.A. Switzerland.) [HKLM] -- SmsDiscount_is1 O42 - Logiciel: SopCast 3.3.2 - (.www.sopcast.com.) [HKLM] -- SopCast O42 - Logiciel: SpeedTouch 330 - (.Pas de propriétaire.) [HKLM] -- SpeedTouch 330 O42 - Logiciel: TomTom HOME 2.8.1.2218 - (.TomTom.) [HKLM] -- TomTom HOME O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV O42 - Logiciel: VirtualDub 1.9.6 Fr - (.Trad-Fr.) [HKLM] -- {1FF7993C-23B1-4C91-B1F6-09D13C57A06A}_is1 O42 - Logiciel: VirtualDub Plugin Pack 1.0.0.6 Fr - (.Trad-Fr.) [HKLM] -- {D6E6B04E-0498-4794-B272-2EDE12E02837}_is1 O42 - Logiciel: Visual Studio C++ 9.0 Runtime - (.TomTom International B.V..) [HKLM] -- {08C7A49D-2B12-46F6-8B41-26D3B0D1C01F} O42 - Logiciel: VobSub v2.23 (Remove Only) - (.Pas de propriétaire.) [HKLM] -- VobSub O42 - Logiciel: WhiteCap - (.SoundSpectrum.) [HKLM] -- WhiteCap O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B} O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\AC3filter] [HKCU\Software\AMD] [HKCU\Software\ASUS] [HKCU\Software\ATI] [HKCU\Software\Ad-Remover] [HKCU\Software\Adobe] [HKCU\Software\Antanda] [HKCU\Software\AppDataLow\IEPro] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\BitTorrent] [HKCU\Software\CDDB] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreVorbis] [HKCU\Software\CrystalIdea Software] [HKCU\Software\DivX] [HKCU\Software\ESET] [HKCU\Software\FLEXnet] [HKCU\Software\Foxit Software] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Jetico] [HKCU\Software\KasperskyLab] [HKCU\Software\Licenses] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\Magix] [HKCU\Software\MagneticSoft] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MyDefrag] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\Nuance] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Portrait Displays] [HKCU\Software\SUPERAntiSpyware.com] [HKCU\Software\ScanSoft] [HKCU\Software\Screamer Radio] [HKCU\Software\SereneScreen] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\SmsDiscount] [HKCU\Software\Softonic] [HKCU\Software\TomTom] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Veetle] [HKCU\Software\VirtualDub.org] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Xara] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\cybelsoft] [HKCU\Software\eMule] [HKCU\Software\madFlac] [HKCU\Software\techPowerUp] [HKLM\Software\<company>] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DirectShowFilters] [HKLM\Software\ESET] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Jetico] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\MAGIX] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Nokia Mobile Phones] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\OMSI] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\QuickTimeLite] [HKLM\Software\RegisteredApplications] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\SereneScreen] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\SpeedTouch] [HKLM\Software\Symantec] [HKLM\Software\The Silicon Realms Toolworks] [HKLM\Software\Thomson] [HKLM\Software\TomTom] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Veetle] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\WinRAR] [HKLM\Software\cybelsoft] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 21/04/2011 - 15:33:32 - [16384] -SH-D- C:\Program Files\%APPDATA% O43 - CFD: 20/04/2011 - 17:31:44 - [63265941] ----D- C:\Program Files\Ad-Remover O43 - CFD: 22/01/2011 - 15:07:52 - [113684709] ----D- C:\Program Files\Adobe O43 - CFD: 22/03/2011 - 19:57:54 - [118100523] ----D- C:\Program Files\ATI O43 - CFD: 1/12/2010 - 18:00:58 - [81715044] ----D- C:\Program Files\Canon O43 - CFD: 29/11/2010 - 11:10:40 - [18458274] --H-D- C:\Program Files\CanonBJ O43 - CFD: 24/02/2011 - 17:08:30 - [3653664] ----D- C:\Program Files\CCleaner O43 - CFD: 21/04/2011 - 17:22:56 - [584757809] ----D- C:\Program Files\Common Files O43 - CFD: 28/12/2010 - 13:29:10 - [4593934] ----D- C:\Program Files\CPU-Z O43 - CFD: 14/07/2009 - 11:01:44 - [83226132] ----D- C:\Program Files\DVD Maker O43 - CFD: 30/11/2010 - 18:04:20 - [10906334] ----D- C:\Program Files\eMule O43 - CFD: 21/04/2011 - 15:51:54 - [502938150] ----D- C:\Program Files\ESET O43 - CFD: 29/11/2010 - 00:40:36 - [61037640] ----D- C:\Program Files\ESET Smart Security O43 - CFD: 28/11/2010 - 18:19:46 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 19/12/2010 - 16:05:26 - [15183201] ----D- C:\Program Files\Foxit Software O43 - CFD: 20/02/2011 - 12:58:10 - [113127538] ----D- C:\Program Files\GIMP-2.0 O43 - CFD: 19/03/2011 - 16:45:16 - [19547436] ----D- C:\Program Files\Glary Utilities O43 - CFD: 26/02/2011 - 15:26:06 - [87214428] ----D- C:\Program Files\Google O43 - CFD: 28/11/2010 - 23:13:42 - [574466] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 23/02/2011 - 18:41:52 - [13598430] ----D- C:\Program Files\Intel O43 - CFD: 17/03/2011 - 17:41:50 - [5172620] ----D- C:\Program Files\Internet Explorer O43 - CFD: 20/03/2011 - 10:48:30 - [233984] ----D- C:\Program Files\ITknowledge24 O43 - CFD: 27/12/2010 - 13:01:50 - [88449412] ----D- C:\Program Files\Java O43 - CFD: 30/11/2010 - 18:07:08 - [3960893] ----D- C:\Program Files\Jetico O43 - CFD: 22/03/2011 - 20:45:36 - [3343399] ----D- C:\Program Files\JkDefrag v4.3.1 O43 - CFD: 6/03/2011 - 15:08:42 - [4503275] ----D- C:\Program Files\KeePass O43 - CFD: 22/03/2011 - 19:39:16 - [5657562] ----D- C:\Program Files\ma-config.com O43 - CFD: 16/01/2011 - 11:55:26 - [4922023] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 21/04/2011 - 12:38:14 - [10760471] ----D- C:\Program Files\McAfee Security Scan O43 - CFD: 30/11/2010 - 17:42:42 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 12/12/2010 - 12:39:00 - [147812402] ----D- C:\Program Files\Microsoft Games O43 - CFD: 29/11/2010 - 11:04:20 - [52656089] ----D- C:\Program Files\Microsoft LifeCam O43 - CFD: 30/11/2010 - 17:51:50 - [274255863] ----D- C:\Program Files\Microsoft Office O43 - CFD: 30/11/2010 - 17:52:04 - [200035] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 21/04/2011 - 13:21:10 - [35855182] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 21/04/2011 - 13:21:10 - [36660473] ----D- C:\Program Files\Mozilla Thunderbird O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 16/03/2011 - 18:43:44 - [14068091] ----D- C:\Program Files\MyTomTom 3 O43 - CFD: 10/12/2010 - 17:19:24 - [583114314] ----D- C:\Program Files\Nero O43 - CFD: 14/12/2010 - 17:24:04 - [5890445] ----D- C:\Program Files\Nokia O43 - CFD: 7/12/2010 - 19:11:42 - [184270103] ----D- C:\Program Files\Norton Ghost O43 - CFD: 14/12/2010 - 17:24:16 - [13467734] ----D- C:\Program Files\PC Connectivity Solution O43 - CFD: 18/03/2011 - 17:02:06 - [64903518] ----D- C:\Program Files\QuickTime Lite O43 - CFD: 14/07/2009 - 06:52:32 - [38593281] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 7/12/2010 - 19:06:38 - [5856953] ----D- C:\Program Files\Screamer Radio O43 - CFD: 24/12/2010 - 18:07:22 - [132734] ----D- C:\Program Files\ScreenAquarium O43 - CFD: 30/11/2010 - 17:58:22 - [14940124] R---D- C:\Program Files\Skype O43 - CFD: 9/03/2011 - 18:24:32 - [15387977] ----D- C:\Program Files\SmsDiscount O43 - CFD: 4/03/2011 - 17:16:58 - [9574928] ----D- C:\Program Files\SopCast O43 - CFD: 1/12/2010 - 18:33:08 - [14918976] ----D- C:\Program Files\SoundSpectrum O43 - CFD: 21/04/2011 - 12:57:04 - [55200476] ----D- C:\Program Files\SUPERAntiSpyware O43 - CFD: 28/11/2010 - 18:59:40 - [30107551] ----D- C:\Program Files\Thomson O43 - CFD: 8/03/2011 - 19:12:46 - [0] ----D- C:\Program Files\TomTom DesktopSuite O43 - CFD: 8/03/2011 - 19:15:10 - [50621857] ----D- C:\Program Files\TomTom HOME O43 - CFD: 20/03/2011 - 18:10:22 - [22486] ----D- C:\Program Files\TomTom International B.V O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 30/01/2011 - 14:58:36 - [395640] ----D- C:\Program Files\uTorrent O43 - CFD: 19/12/2010 - 14:32:06 - [10428379] ----D- C:\Program Files\Veetle O43 - CFD: 10/12/2010 - 19:24:22 - [80529230] ----D- C:\Program Files\VideoLAN O43 - CFD: 22/03/2011 - 18:47:08 - [9164908] ----D- C:\Program Files\VirtualDub O43 - CFD: 21/04/2011 - 17:49:10 - [0] ----D- C:\Program Files\Virus Removal Tool O43 - CFD: 27/02/2011 - 15:17:22 - [47593972] ----D- C:\Program Files\Win7codecs O43 - CFD: 14/07/2009 - 10:39:40 - [3049984] ----D- C:\Program Files\Windows Defender O43 - CFD: 25/12/2010 - 16:47:46 - [7013496] ----D- C:\Program Files\Windows Journal O43 - CFD: 14/12/2010 - 17:14:56 - [45806173] ----D- C:\Program Files\Windows Live O43 - CFD: 14/07/2009 - 10:39:40 - [6180864] ----D- C:\Program Files\Windows Mail O43 - CFD: 14/07/2009 - 10:39:40 - [6910891] ----D- C:\Program Files\Windows Media Player O43 - CFD: 28/11/2010 - 18:19:46 - [12194484] ----D- C:\Program Files\Windows NT O43 - CFD: 14/07/2009 - 10:39:40 - [4417800] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 14/07/2009 - 06:52:34 - [189440] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 14/07/2009 - 10:39:40 - [26765193] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 11/03/2011 - 19:36:04 - [3921490] ----D- C:\Program Files\WinRAR O43 - CFD: 21/04/2011 - 18:15:06 - [3753320] ----D- C:\Program Files\ZHPDiag O43 - CFD: 22/01/2011 - 15:07:56 - [3515373] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 30/11/2010 - 17:47:42 - [86016] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 1/12/2010 - 18:26:12 - [9736491] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 27/12/2010 - 13:02:08 - [1243079] ----D- C:\Program Files\Common Files\Java O43 - CFD: 30/11/2010 - 17:52:04 - [157907862] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 10/12/2010 - 17:22:28 - [204870118] ----D- C:\Program Files\Common Files\Nero O43 - CFD: 14/12/2010 - 17:23:40 - [44066788] ----D- C:\Program Files\Common Files\Nokia O43 - CFD: 28/11/2010 - 23:13:42 - [0] ----D- C:\Program Files\Common Files\Portrait Displays O43 - CFD: 23/02/2011 - 18:40:54 - [419877] ----D- C:\Program Files\Common Files\postureAgent O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 7/12/2010 - 19:11:42 - [9987720] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 14/07/2009 - 10:39:40 - [17234563] ----D- C:\Program Files\Common Files\System O43 - CFD: 28/11/2010 - 21:55:06 - [94176909] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 22/01/2011 - 15:16:46 - [136910585] ----D- C:\ProgramData\Adobe O43 - CFD: 18/03/2011 - 17:02:06 - [13488] ----D- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 28/11/2010 - 18:19:46 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 29/11/2010 - 11:11:30 - [22194629] --H-D- C:\ProgramData\CanonBJ O43 - CFD: 25/12/2010 - 16:59:00 - [2517] --H-D- C:\ProgramData\CanonIJScan O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 30/11/2010 - 18:55:18 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 29/11/2010 - 00:40:26 - [74687871] ----D- C:\ProgramData\ESET O43 - CFD: 21/04/2011 - 12:30:06 - [1211] ----D- C:\ProgramData\F-Secure O43 - CFD: 28/11/2010 - 18:19:46 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 14/12/2010 - 17:22:14 - [93143056] ----D- C:\ProgramData\Installations O43 - CFD: 21/04/2011 - 17:47:16 - [216022] ----D- C:\ProgramData\Kaspersky Lab O43 - CFD: 22/03/2011 - 19:39:12 - [1204422] ----D- C:\ProgramData\ma-config.com O43 - CFD: 16/01/2011 - 11:55:26 - [6592487] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 21/04/2011 - 12:38:08 - [112626] ----D- C:\ProgramData\McAfee O43 - CFD: 21/04/2011 - 12:38:24 - [840] ----D- C:\ProgramData\McAfee Security Scan O43 - CFD: 28/11/2010 - 18:19:46 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 30/11/2010 - 17:47:18 - [551656662] -S--D- C:\ProgramData\Microsoft O43 - CFD: 28/11/2010 - 18:19:46 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 10/12/2010 - 17:17:36 - [9626717] ----D- C:\ProgramData\Nero O43 - CFD: 14/12/2010 - 17:25:36 - [148824172] ----D- C:\ProgramData\Nokia O43 - CFD: 14/12/2010 - 17:27:30 - [11120] ----D- C:\ProgramData\PC Suite O43 - CFD: 30/11/2010 - 17:58:20 - [18007040] ----D- C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 27/12/2010 - 13:02:08 - [119] ----D- C:\ProgramData\Sun O43 - CFD: 20/04/2011 - 16:37:04 - [0] ----D- C:\ProgramData\SUPERAntiSpyware.com O43 - CFD: 7/12/2010 - 19:13:54 - [1855370] ----D- C:\ProgramData\Symantec O43 - CFD: 13/02/2011 - 15:13:46 - [0] ---AD- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 8/03/2011 - 19:15:40 - [0] ----D- C:\ProgramData\TomTom O43 - CFD: 27/02/2011 - 15:17:24 - [26343938] ----D- C:\ProgramData\Win7codecs O43 - CFD: 25/12/2010 - 16:52:58 - [1981] ----D- C:\ProgramData\zeon O43 - CFD: 22/01/2011 - 15:16:02 - [5306986] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Adobe O43 - CFD: 28/11/2010 - 19:29:30 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\ATI O43 - CFD: 25/12/2010 - 17:07:46 - [49672] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Canon O43 - CFD: 1/01/2011 - 11:39:36 - [199] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\dvdcss O43 - CFD: 29/11/2010 - 00:41:00 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\ESET O43 - CFD: 21/04/2011 - 12:30:16 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\f-secure O43 - CFD: 5/12/2010 - 15:30:02 - [573] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\FFSJ O43 - CFD: 25/12/2010 - 16:56:54 - [139] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\FLEXnet O43 - CFD: 1/01/2011 - 15:41:36 - [55] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\FLV Extract O43 - CFD: 13/02/2011 - 15:15:36 - [146233] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\GlarySoft O43 - CFD: 6/03/2011 - 16:40:48 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\GrabPro O43 - CFD: 23/03/2011 - 08:22:50 - [165] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\gtk-2.0 O43 - CFD: 28/11/2010 - 18:20:02 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Identities O43 - CFD: 26/12/2010 - 12:15:04 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\InstallShield O43 - CFD: 21/04/2011 - 14:46:08 - [14552] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\KeePass O43 - CFD: 28/11/2010 - 21:50:24 - [31009] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Macromedia O43 - CFD: 25/12/2010 - 16:54:00 - [543] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Macrovision O43 - CFD: 16/01/2011 - 11:55:30 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 11:00:42 - [0] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Media Center Programs O43 - CFD: 19/03/2011 - 09:15:08 - [19167031] -S--D- C:\Users\P. LEMAIGRE\AppData\Roaming\Microsoft O43 - CFD: 6/03/2011 - 17:05:10 - [423] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\MiniDm O43 - CFD: 28/11/2010 - 21:12:42 - [28256870] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Mozilla O43 - CFD: 10/12/2010 - 17:26:54 - [515368] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Nero O43 - CFD: 14/12/2010 - 17:27:28 - [354] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\PC Suite O43 - CFD: 21/04/2011 - 13:21:10 - [2626856] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Skype O43 - CFD: 10/12/2010 - 18:15:38 - [8487] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\SmsDiscount O43 - CFD: 1/12/2010 - 18:34:18 - [664] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\SoundSpectrum O43 - CFD: 20/04/2011 - 16:37:04 - [79947951] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\SUPERAntiSpyware.com O43 - CFD: 8/12/2010 - 17:40:50 - [336] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Symantec O43 - CFD: 29/11/2010 - 14:14:46 - [345872540] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Thunderbird O43 - CFD: 8/03/2011 - 19:15:30 - [40015356] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\TomTom O43 - CFD: 21/04/2011 - 13:21:10 - [1702733] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\uTorrent O43 - CFD: 13/02/2011 - 16:33:00 - [1599623] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\vlc O43 - CFD: 27/02/2011 - 15:17:24 - [1025] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Win7codecs O43 - CFD: 5/12/2010 - 16:26:44 - [485] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\WinRAR O43 - CFD: 25/12/2010 - 16:55:14 - [53130] ----D- C:\Users\P. LEMAIGRE\AppData\Roaming\Zeon O43 - CFD: 28/11/2010 - 18:19:52 - [0] -SH-D- C:\Users\P. LEMAIGRE\Appdata\Local\Application Data O43 - CFD: 28/11/2010 - 19:29:30 - [61878] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\ATI O43 - CFD: 3/12/2010 - 16:59:44 - [1827394] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\ElevatedDiagnostics O43 - CFD: 31/12/2010 - 14:41:46 - [225008] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\eMule O43 - CFD: 7/12/2010 - 19:09:10 - [649264] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\ESET O43 - CFD: 26/02/2011 - 15:26:16 - [1946] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Google O43 - CFD: 28/11/2010 - 18:19:52 - [0] -SH-D- C:\Users\P. LEMAIGRE\Appdata\Local\Historique O43 - CFD: 17/03/2011 - 17:36:54 - [603520] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Hook Network O43 - CFD: 22/01/2011 - 15:16:02 - [293132272] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Microsoft O43 - CFD: 26/02/2011 - 15:07:58 - [638912] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Microsoft Games O43 - CFD: 28/11/2010 - 21:12:38 - [76004664] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Mozilla O43 - CFD: 26/12/2010 - 17:09:24 - [4140] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Nero O43 - CFD: 26/02/2011 - 13:34:52 - [50291] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\SlimWare Utilities Inc O43 - CFD: 8/12/2010 - 17:40:50 - [1706] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Symantec_Corporation O43 - CFD: 21/04/2011 - 18:14:26 - [49911869] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Temp O43 - CFD: 28/11/2010 - 18:19:52 - [0] -SH-D- C:\Users\P. LEMAIGRE\Appdata\Local\Temporary Internet Files O43 - CFD: 10/12/2010 - 16:56:48 - [9069651] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Thunderbird O43 - CFD: 16/03/2011 - 18:44:00 - [655898450] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\TomTom O43 - CFD: 28/11/2010 - 18:19:56 - [0] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\VirtualStore O43 - CFD: 28/11/2010 - 22:00:24 - [28672] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Windows Live O43 - CFD: 9/02/2011 - 19:12:48 - [6055539] ----D- C:\Users\P. LEMAIGRE\Appdata\Local\Xara ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.827C60BD193D43B0D35F19D424593CF1] - 21/04/2011 - 16:55:22 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.BABA9B1E5C56A91304CC5B5FBD4CE94B] - 21/04/2011 - 16:55:22 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106190] O44 - LFC:[MD5.7229DC2D88BF00123D3A742AB513F2A7] - 21/04/2011 - 16:55:22 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130548] O44 - LFC:[MD5.A46EF2D08ABF71C5E6A2D99181E80C68] - 21/04/2011 - 16:55:22 ---A- . (...) -- C:\Windows\System32\perfh009.dat [615810] O44 - LFC:[MD5.B8483DB432E96516D3D81C8940DFA56B] - 21/04/2011 - 16:55:22 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704242] O44 - LFC:[MD5.DCBB8CF68DD8CEAD28C438F7D82B37C4] - 21/04/2011 - 16:50:56 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.CA4B339DF5F385B68D2A2BEF84C194B5] - 21/04/2011 - 15:46:05 --HA- . (...) -- C:\Windows\hfdriver.dat [766] O44 - LFC:[MD5.D2A58B6B8A9FDB198628CFB98BEE0441] - 21/04/2011 - 15:25:34 ---A- . (...) -- C:\lopR.txt [11329] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/04/2011 - 12:23:51 ---A- . (...) -- C:\Windows\ativpsrm.bin [0] O44 - LFC:[MD5.F494A37E807F125C439E21C848B6D6DC] - 21/04/2011 - 11:44:36 ---A- . (...) -- C:\Windows\System32\eod2e1g.log [814] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/04/2011 - 15:40:59 RSHA- . (...) -- C:\IO.SYS [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/04/2011 - 15:40:59 RSHA- . (...) -- C:\MSDOS.SYS [0] O44 - LFC:[MD5.B56C828246735BC2FF7342D1A750996B] - 25/03/2011 - 18:22:05 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9792] O44 - LFC:[MD5.B56C828246735BC2FF7342D1A750996B] - 25/03/2011 - 18:22:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9792] O44 - LFC:[MD5.7D7E6B1E4E14BC13FE7856812CE84C86] - 14/01/2008 - 09:52:24 ---A- . (...) -- C:\Windows\System32\fcdll.dll [461312] ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.x264"="x264vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\x264vfw.dll O52 - TDSD: \Drivers32\"msacm.ac3filter"="ac3filter.acm" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ac3filter.acm O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"x264vfw.dll"="H264 Video codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\x264vfw.dll O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \drivers.desc\"ac3filter.acm"="AC3Filter ACM codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ac3filter.acm O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\SUPERAntiSpyware [Key] . (.SUPERAntiSpyware.com - SUPERAntiSpyware Application.) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=1 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976] O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552] O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512] O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400] O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [79952] O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312] O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [23616] O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368] O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608] O58 - SDL:[MD5.B6E6B264E9C4D0AD0E97AF8434C8754D] - 17/02/2009 - 18:22:14 ---A- . (.ASUSTeK Computer Inc. - ASUS Virtual Video Capture Device Driver.) -- C:\Windows\system32\drivers\asusgsb.sys [15232] O58 - SDL:[MD5.95B1E9804CA10D096C0383F7C6684950] - 17/11/2010 - 13:04:24 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW73.sys [101392] O58 - SDL:[MD5.D05CF4523E0C04EF82454ABFD84FDC1D] - 27/01/2011 - 00:36:14 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [7566848] O58 - SDL:[MD5.92DC2E0AE49148F83B24D89C737B0C97] - 27/01/2011 - 23:13:10 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [238592] O58 - SDL:[MD5.409AAFBD2642813F2C1BB446C816E354] - 17/02/2009 - 18:22:14 ---A- . (.ASUSTeK Computer Inc. - ATKDispLowFilter.) -- C:\Windows\system32\drivers\ATKDispLowFilter.sys [30976] O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888] O58 - SDL:[MD5.8ACD4A0E6CE972882EE6DB31C83CAD4C] - 14/09/2007 - 05:46:44 ---A- . (.Jetico, Inc. - BCSwap Swap File Encrypting Driver.) -- C:\Windows\system32\drivers\bcswap.sys [91496] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080] O58 - SDL:[MD5.C3963D85B721A7F80D8A55F4E2867A3A] - 26/02/2010 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmb.sys [18176] O58 - SDL:[MD5.3859C69A77793180548802DAC9F34A38] - 26/02/2010 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\ccdcmbo.sys [22528] O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952] O58 - SDL:[MD5.C2EB4539A4F6AB6EDD01BDC191619975] - 9/11/2010 - 14:35:30 ---A- . (.CPUID - CPUID Driver.) -- C:\Windows\system32\drivers\cpuz135_x32.sys [21992] O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720] O58 - SDL:[MD5.E31464CE787E3A0FFEA55BAA591897F0] - 14/05/2009 - 15:41:10 ---A- . (.ESET - Amon monitor.) -- C:\Windows\system32\drivers\eamon.sys [114472] O58 - SDL:[MD5.2C95A7A87E4272C1FFF9BAF579677DB3] - 14/05/2009 - 15:47:14 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\system32\drivers\ehdrv.sys [107256] O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712] O58 - SDL:[MD5.C2C9A92B560A775C65B89E78DCB6951A] - 14/05/2009 - 15:49:22 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\drivers\epfw.sys [133000] O58 - SDL:[MD5.73FC7C4A5952B5493C6BE2708D1538C0] - 14/05/2009 - 15:49:26 ---A- . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\Windows\system32\drivers\epfwndis.sys [33096] O58 - SDL:[MD5.5211FB96523E6C1AEE19D6FB4D57CE25] - 14/05/2009 - 15:49:32 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\drivers\epfwwfp.sys [38240] O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160] O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624] O58 - SDL:[MD5.A88485DC6A7136C10D9A6C7E38FDFE3C] - 18/09/2009 - 03:54:14 ---A- . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\system32\drivers\HECI.sys [41088] O58 - SDL:[MD5.353694EF44517C3CADF0444AD3C403B7] - 29/01/2008 - 21:02:08 ---A- . (...) -- C:\Windows\system32\drivers\hfdriver.sys [18944] O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152] O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332352] O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040] O58 - SDL:[MD5.77BDE7B7060D063702F3AF3482895536] - 28/11/2010 - 17:59:39 ---A- . (.THOMSON Telecom Belgium - SpeedTouch WDM Library.) -- C:\Windows\system32\drivers\lpwdm.sys [16128] O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824] O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168] O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864] O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800] O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584] O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624] O58 - SDL:[MD5.338F83EE9CB9E15EEACF0CBB90218CBF] - 26/02/2010 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\nmwcdnsu.sys [137344] O58 - SDL:[MD5.D15BAC979144FB69ED28F97B2DD84D48] - 26/02/2010 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\Windows\system32\drivers\nmwcdnsuc.sys [8320] O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117312] O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [142416] O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 26/08/2008 - 10:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfd.sys [18816] O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488] O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064] O58 - SDL:[MD5.7DFD48E24479B68B258D8770121155A0] - 14/07/2009 - 23:02:52 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys [139776] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016] O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888] O58 - SDL:[MD5.C9FA6A70C051FC59D22C2E4CD211AD9B] - 28/11/2010 - 17:59:39 ---A- . (.THOMSON Telecom Belgium - SpeedTouch 330 usb-driver.) -- C:\Windows\system32\drivers\st330.sys [30464] O58 - SDL:[MD5.0017202EB0224F82706F04ED35AB23C2] - 28/11/2010 - 17:59:39 ---A- . (.THOMSON Telecom Belgium - SpeedTouch vbus driver.) -- C:\Windows\system32\drivers\stbus.sys [12672] O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072] O58 - SDL:[MD5.0A9484E3CDAFB529B392B5E9EBBC4AA6] - 28/11/2010 - 17:59:39 ---A- . (.THOMSON Telecom Belgium - SpeedTouch PPP Adapter.) -- C:\Windows\system32\drivers\stppp.sys [32000] O58 - SDL:[MD5.7168EA26833301750562BFD0A16A66D3] - 26/02/2011 - 13:54:33 ---A- . (...) -- C:\Windows\system32\drivers\SWDUMon.sys [11232] O58 - SDL:[MD5.5C66E6AA29DAD1875CC74662DD13C87E] - 28/03/2007 - 20:29:12 ---A- . (.StorageCraft - StorageCraft Volume Snap-Shot.) -- C:\Windows\system32\drivers\symsnap.sys [131944] O58 - SDL:[MD5.0CCADC7391021376EDBB8AA649D04E68] - 26/02/2010 - 14:32:46 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerflt.sys [8192] O58 - SDL:[MD5.68B4F83CCCF70A2FF32EE142C234332A] - 26/02/2010 - 14:32:58 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\usbser_lowerfltj.sys [8192] O58 - SDL:[MD5.16662738E1AB857FB91ED2D4065440B0] - 28/03/2007 - 20:29:10 ---A- . (.Symantec Corporation - V2iMount.sys - Image Mounting Device Driver.) -- C:\Windows\system32\drivers\v2imount.sys [37864] O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976] O58 - SDL:[MD5.6666A8DDCF315635FC3C13F18C944B19] - 28/03/2007 - 20:23:50 ---A- . (.Symantec Corporation - VProEventMonitor.Sys - Event Monitoring driver.) -- C:\Windows\system32\drivers\vproeventmonitor.sys [14072] O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: Lop SD - (.AngelDark & Eric71.) ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - C:\Windows\System32\DRIVERS\30976231.sys (.not file.) - 30976231 (30976231) .(...) - LEGACY_30976231 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\30976232.sys (.not file.) - 30976232 Boot Guard Driver (30976232) .(...) - LEGACY_30976232 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\atikmdag.sys - amdkmdag (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP O64 - Services: CurCS - C:\Windows\system32\drivers\cpuz135_x32.sys - cpuz135 (cpuz135) .(.CPUID - CPUID Driver.) - LEGACY_CPUZ135 O64 - Services: CurCS - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2 (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\eamon.sys - eamon (eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ehdrv.sys - ehdrv (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\epfw.sys - epfw (epfw) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFW O64 - Services: CurCS - C:\Windows\System32\DRIVERS\epfwwfp.sys - epfwwfp (epfwwfp) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFP O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC O64 - Services: CurCS - C:\Windows\System32\DRIVERS\hfdriver.sys - HFDrv (HFDrv) .(...) - LEGACY_HFDRV O64 - Services: CurCS - (.not file.) - klmd24 (klmd24) .(...) - LEGACY_KLMD24 O64 - Services: CurCS - (.not file.) - klmd25 (klmd25) .(...) - LEGACY_KLMD25 O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys - SASDIFSV (SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV O64 - Services: CurCS - C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - SASKUTIL (SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - LEGACY_SASKUTIL O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV O64 - Services: CurCS - C:\Windows\System32\DRIVERS\3097623.sys (.not file.) - setup_9.0.0.722_21.04.2011_14-54drv (setup_9.0.0.722_21.04.2011_14-54drv) .(...) - LEGACY_SETUP_9.0.0.722_21.04.2011_14-54DRV O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR O64 - Services: CurCS - C:\Windows\System32\DRIVERS\symsnap.sys - Symantec Volume Snap Shot Driver (symsnap) .(.StorageCraft - StorageCraft Volume Snap-Shot.) - LEGACY_SYMSNAP O64 - Services: CurCS - C:\Windows\system32\Drivers\utixmta5.sys (.not file.) - AVZ Kernel Driver (utixmta5) .(...) - LEGACY_UTIXMTA5 O64 - Services: CurCS - C:\Windows\System32\DRIVERS\v2imount.sys - Symantec V2i Mount Driver (v2imount) .(.Symantec Corporation - V2iMount.sys - Image Mounting Device Driver.) - LEGACY_V2IMOUNT ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {AA8FD75C-C057-469F-881B-C3467C0137A5} [DefaultScope] - (iGoogle) - Google O69 - SBI: SearchScopes [HKCU] {C2E6D0D0-6712-4F32-81A1-D1CBE2C54E6F} - (Wikipédia (fr)) - Wikipédia, l'encyclopédie libre O69 - SBI: SearchScopes [HKCU] {F44091AC-508E-438C-A1CE-5D64E5712DEC} - (YouTube) - http://www.youtube.com ---\\ Internet Feature Controls (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.5923BA07BC3FA1301B971C0541E87350] [sPRF] (.SUPERAntiSpyware.com - SUPERAntiSpyware Update Application.) -- C:\Users\P. LEMAIGRE\AppData\Local\Temp\SSUPDATE.EXE [355056] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "SPPSVC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe O87 - FAEL: "SPPSVC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) -- C:\Windows\system32\sppsvc.exe O87 - FAEL: "{6E0A8009-7568-406F-AC95-4CA58317D74F}" |In - Public - P6 - TRUE | .(...) -- C:\Users\P. LEMAIGRE\AppData\Local\Temp\stInstall.exe (.not file.) O87 - FAEL: "{A957AB2E-BAFD-4B11-AC63-2DA01AFDA674}" |In - Public - P17 - TRUE | .(...) -- C:\Users\P. LEMAIGRE\AppData\Local\Temp\stInstall.exe (.not file.) O87 - FAEL: "{A79E1F2C-3CD6-43B6-9202-9CAE6BD5D678}" | In - Public - P6 - TRUE | .(.THOMSON Telecom Belgium - SpeedTouch Host Service.) -- C:\Program Files\Thomson\ST330\service\st330service.exe O87 - FAEL: "{9A96D201-4B5E-4779-877C-66A67FAA561F}" | In - Public - P17 - TRUE | .(.THOMSON Telecom Belgium - SpeedTouch Host Service.) -- C:\Program Files\Thomson\ST330\service\st330service.exe O87 - FAEL: "{27A973B5-828A-4C6D-975B-DC5F46118036}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe O87 - FAEL: "{5E71D263-1EEA-4B2F-98AD-50F58D847326}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe O87 - FAEL: "{3CE45211-846A-44BB-B3B1-5EE865D84F7F}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe O87 - FAEL: "{E63F54E8-3437-4628-9EA2-E4C1E07BA3C3}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe O87 - FAEL: "{6A95E6E2-5AE6-4F8F-A163-4F7F1B1DA5E4}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe O87 - FAEL: "{B9366607-E59D-4643-9F6E-92177B62A181}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe O87 - FAEL: "{091E05B5-0B28-4F03-8D73-C0A360E8BE71}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe O87 - FAEL: "{1E09EF88-98A4-4353-B48F-B9263F964942}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe O87 - FAEL: "{4758364A-CD90-404D-A89D-39EBD14532D5}" | In - Private - P6 - TRUE | .(.SmsDiscount - Client to make VoIP calls..) -- C:\Program Files\SmsDiscount\SmsDiscount.exe O87 - FAEL: "{0A15838E-30B0-4055-B9E6-F44A3BC8A9B4}" | In - Private - P17 - TRUE | .(.SmsDiscount - Client to make VoIP calls..) -- C:\Program Files\SmsDiscount\SmsDiscount.exe O87 - FAEL: "{BDBC9446-1521-4D12-8EA1-C3CFE0F382E1}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O87 - FAEL: "{3A1F3817-DD2D-4716-B2D3-3FA2BD10280D}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{86B34562-BC29-462F-BFBA-CA45CDF01EC7}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{61056657-540F-4F85-9FF9-47BB83FE5281}" | In - Public - P6 - TRUE | .(.SmsDiscount - Client to make VoIP calls..) -- C:\Program Files\SmsDiscount\SmsDiscount.exe O87 - FAEL: "{E59FA9EF-0F11-49C3-9B38-9B5CDF5375E6}" | In - Public - P17 - TRUE | .(.SmsDiscount - Client to make VoIP calls..) -- C:\Program Files\SmsDiscount\SmsDiscount.exe O87 - FAEL: "{ED805724-6195-4C8E-ADE1-C64C0A66FEDC}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{BDC68A81-ABED-4CF1-AA42-1E2B551508E7}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{A1E0F55D-AB61-47CE-A421-3AFD0BC7B104}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{060C6E04-FB6E-4D10-86B8-3267BC19B1F2}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 27/01/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe SS - | Demand 14/05/2009 20680 | (EhttpSrv) . (.ESET.) - C:\Program Files\ESET Smart Security\EHttpSrv.exe SR - | Auto 14/05/2009 731840 | (ekrn) . (.ESET.) - C:\Program Files\ESET Smart Security\ekrn.exe SS - | Disabled 14/05/2009 0 | (gupdate) . (...) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe SR - | Auto 16/04/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe SS - | Demand 10/03/2011 311744 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SS - | Demand 23/02/2011 237008 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.199\McCHSvc.exe SS - | Disabled 24/09/2008 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe SS - | Demand 28/03/2007 3290728 | (Norton Ghost) . (.Symantec Corporation.) - C:\Program Files\Norton Ghost\Agent\VProSvc.exe SS - | Demand 20/10/2010 630272 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 19/03/2011 581632 | (st330service) . (.THOMSON Telecom Belgium.) - C:\Program Files\Thomson\ST330\service\st330service.exe SR - | Auto 9/03/2011 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME\TomTomHOMEService.exe SR - | Auto 16/04/2010 2533400 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe SS - | Demand 29/11/2010 1343400 | C:\Windows\system32\Wat\WatUX.exe (WatAdminSvc) . (...) - C:\Windows\system32\Wat\WatAdminSvc.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by P. LEMAIGRE at 21/04/2011 18:15:42 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x85F184F0]<< 1 ntkrnlpa!IofCallDriver[0x82C45458] -> \Device\Harddisk0\DR0[0x85EF5A58] 3 CLASSPNP[0x837B059E] -> ntkrnlpa!IofCallDriver[0x82C45458] -> [0x85DA8918] 5 ACPI[0x834983B2] -> ntkrnlpa!IofCallDriver[0x82C45458] -> \IdeDeviceP2T0L0-2[0x85D9F030] \Driver\atapi[0x85EF9618] -> IRP_MJ_CREATE -> 0x85F184F0 error: Read Un périphérique attaché au système ne fonctionne pas correctement. kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by P. LEMAIGRE at 21/04/2011 18:15:44 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (1035 lines in 01mn 00s)(0)

Bonjour à tous, Mon antivirus détecte sans cesse (et bloque) des tentatives de connexions vers des pages web suspectes : "rollagarr0s.com" ou "fr0dsafetycheck0n.com", et j'ai l'écran bleu à chaque fermeture de windows 7 qui redémarre alors automatiquement. J'ai tout scanné avec mon antivirus ( ESET à jour) ainsi qu'avec MALWAREBYTES'. Rien trouvé. Testé aussi avec: Ad-R, TDSSkiller. J'ai fait une restauration système, et j'ai même remis une ancienne image propre (ghost) de mon lecteur C ; rien n'y fait ; il doit y avoir un fichier malicieux caché quelque part. J'aurais voulu essayer avec COMBOFIX; quelqu'un peut-il m'y aider ?