Fenêtres publicitaires intempestives

syphilis · le 31 décembre 2010

bonjour

je suis depuis un moment confrontée à un problème de malware, si je me fie aux informations que j'ai grapillé sur le forum...

des fenetres publicitaires s'ouvrent indépendament de ma volonté pendant la navigation et aussi hors navigation, surtout la nuit j'ai l'impression. Il arrive qu'au matin un dizaine de fenetres publicitaires soient ouvertes sur l'ordinateur, et ça commence à me rendre folle! merci à toute aide qui puisse m'etre apportée...

ci joint un rapport (log) hijackthis comme conseillé dans la procédure d'éradication de malwares que j'ai lue sur le forum:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:09:25, on 31/12/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Steam\steam.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\PROGRA~2\Fun4IM\BndCore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\FABULEUZ\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: lightspeedincome - {33390146-9f73-6b9c-d2c8-bb5b58991cc4} - C:\Windows\SysWow64\e84fe9b1.dll (file missing)

O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Fun4IM\Plugins\IE\ieplugin.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [iP Network] C:\Program Files (x86)\InstallPedia\networker.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O20 - AppInit_DLLs: c:\progra~2\fun4im\bndhook.dll

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Fun4IM Coordinator - Bandoo Media Inc. - C:\PROGRA~2\Fun4IM\Bandoo.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 22423 bytes

merci beaucoup d'avance de l'aide qui pourrait m'etre apportée

pear · le 31 décembre 2010

Bonjour,

Téléchargez AD-Remover sur le bureau

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

Ensuite

Relancer Ad- remover , choisir l'option Nettoyer

Il y aura 2 rapports à poster après Scanner et Nettoyer

Pour désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

Hijackthis ne connait pas le 64 bits:

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Clic sur la Loupe pour lancer le scan

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

syphilis · le 2 janvier 2011

bonjour, tout d'abord bonne année...

et c'est parti: voici le rapport de scan d'AD remover:

======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 22/12/10 à 11:40

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 08:02:01 le 02/01/2011, Mode normal

Microsoft Windows 7 Professionnel (X64)

FABULEUZ@FABULEUZ-PC (System manufacturer System Product Name)

============== RECHERCHE ==============

Fichier trouvé: C:\Windows\system32\c0e801a6.exe

Dossier trouvé: C:\Program Files (x86)\InstallPedia

Fichier trouvé: C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchquWebSearch.xml

Dossier trouvé: C:\Program Files (x86)\Windows Searchqu Toolbar

Fichier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk

Dossier trouvé: C:\Users\FABULEUZ\AppData\Roaming\Bandoo

Dossier trouvé: C:\ProgramData\Bandoo

Dossier trouvé: C:\Users\FABULEUZ\AppData\LocalLow\Conduit

Dossier trouvé: C:\Users\FABULEUZ\AppData\LocalLow\SearchquTB

Dossier trouvé: C:\Users\FABULEUZ\AppData\Roaming\OfferBox

Dossier trouvé: C:\Users\Administrateur\AppData\Roaming\OfferBox

Dossier trouvé: C:\Program Files (x86)\OfferBox

Clé trouvée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}

Clé trouvée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}

Clé trouvée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}

Clé trouvée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}

Clé trouvée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}

Clé trouvée: HKLM\Software\Classes\CLSID\{33390146-9f73-6b9c-d2c8-bb5b58991cc4}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33390146-9f73-6b9c-d2c8-bb5b58991cc4}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{33390146-9f73-6b9c-d2c8-bb5b58991cc4}

Clé trouvée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}

Clé trouvée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}

Clé trouvée: HKLM\Software\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé trouvée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}

Clé trouvée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}

Clé trouvée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}

Clé trouvée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}

Clé trouvée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}

Clé trouvée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Clé trouvée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Clé trouvée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}

Clé trouvée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Clé trouvée: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}

Clé trouvée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}

Clé trouvée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c0e801a6

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier

Clé trouvée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1

Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore

Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore.1

Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr

Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1

Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr

Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr.1

Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr

Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr.1

Clé trouvée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin

Clé trouvée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1

Clé trouvée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl

Clé trouvée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1

Clé trouvée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl

Clé trouvée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1

Clé trouvée: HKLM\Software\Classes\Toolbar.CT1460988

Clé trouvée: HKLM\Software\Classes\Toolbar.CT2391419

Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115

Clé trouvée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE

Clé trouvée: HKLM\Software\Classes\AppID\BandooCore.EXE

Clé trouvée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Clé trouvée: HKLM\Software\OfferBox

Clé trouvée: HKLM\Software\InstallPedia

Clé trouvée: HKLM\Software\SearchquMediabarTb

Clé trouvée: HKLM\Software\bandoo

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKLM\Software\Freeze.com

Clé trouvée: HKCU\Software\OfferBox

Clé trouvée: HKCU\Software\Conduit

Clé trouvée: HKCU\Software\AppDataLow\Software\searchqutb

Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403}

Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403}

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo

Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar

Clé trouvée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|IP Network

Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020}

============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Users\FABULEUZ\AppData\Roaming\Mozilla\FireFox\Profiles\8wkitryo.default\Prefs.js --

browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [9.0.7930.16406] **

[HKCU\Software\Microsoft\Internet Explorer\Main]

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Show_ToolBar: yes

Start Page: hxxp://google.fr/

Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157

Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Delete_Temp_Files_On_Exit: yes

Enable Browser Extensions: yes

Local Page: C:\Windows\SysWOW64\blank.htm

Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157

Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 02/01/2011 (8224 Octet(s))

Fin à: 08:02:37, 02/01/2011

============== E.O.F ==============

syphilis · le 2 janvier 2011

ensuite le rapport d'AD remover après nettoyage:

======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 22/12/10 à 11:40

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: TeamXscript : AD-Remover - FindyKill - UsbFix

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 08:03:24 le 02/01/2011, Mode normal

Microsoft Windows 7 Professionnel (X64)

FABULEUZ@FABULEUZ-PC (System manufacturer System Product Name)

============== ACTION(S) ==============

Fichier supprimé: C:\Windows\system32\c0e801a6.exe

Dossier supprimé: C:\Program Files (x86)\InstallPedia

Fichier supprimé: C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchquWebSearch.xml

Dossier supprimé: C:\Program Files (x86)\Windows Searchqu Toolbar

Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk

Dossier supprimé: C:\Users\FABULEUZ\AppData\Roaming\Bandoo

Dossier supprimé: C:\ProgramData\Bandoo

Dossier supprimé: C:\Users\FABULEUZ\AppData\LocalLow\Conduit

Dossier supprimé: C:\Users\FABULEUZ\AppData\LocalLow\SearchquTB

Dossier supprimé: C:\Users\FABULEUZ\AppData\Roaming\OfferBox

Dossier supprimé: C:\Users\Administrateur\AppData\Roaming\OfferBox

Dossier supprimé: C:\Program Files (x86)\OfferBox

(!) -- Fichiers temporaires supprimés.

Clé supprimée: HKLM\Software\Classes\CLSID\{074E4EFE-81BB-4EA4-866E-082CB0E01070}

Clé supprimée: HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}

Clé supprimée: HKLM\Software\Classes\CLSID\{0CE5B352-9D9C-41E1-9551-FCCD92820217}

Clé supprimée: HKLM\Software\Classes\CLSID\{167B2B5F-2757-434A-BBDA-2FDB2003F14F}

Clé supprimée: HKLM\Software\Classes\CLSID\{2E9A60EA-5554-49C3-BC9D-D0404DBACC62}

Clé supprimée: HKLM\Software\Classes\CLSID\{33390146-9f73-6b9c-d2c8-bb5b58991cc4}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33390146-9f73-6b9c-d2c8-bb5b58991cc4}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{33390146-9f73-6b9c-d2c8-bb5b58991cc4}

Clé supprimée: HKLM\Software\Classes\CLSID\{3E63C9BC-DD51-4E83-ABA6-B350EAD28531}

Clé supprimée: HKLM\Software\Classes\CLSID\{44CFFEF4-E7E1-44BD-B1F5-29F828ADA1B8}

Clé supprimée: HKLM\Software\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}

Clé supprimée: HKLM\Software\Classes\CLSID\{EF2B6317-C367-401B-83B8-80302D6588A7}

Clé supprimée: HKLM\Software\Classes\CLSID\{F5379B4B-24D8-432A-9A96-BE75EE5117DB}

Clé supprimée: HKLM\Software\Classes\CLSID\{F7FB2BC4-6C27-4EAC-B5E2-037B71FDE101}

Clé supprimée: HKLM\Software\Classes\CLSID\{FD53FE35-4368-4B71-89D6-F29F3DB29DF1}

Clé supprimée: HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}

Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Clé supprimée: HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}

Clé supprimée: HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}

Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Clé supprimée: HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}

Clé supprimée: HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}

Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c0e801a6

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.BandooCoordinator.1

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.CoordinatorUI.1

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.HTTPAsyncResult.1

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier

Clé supprimée: HKLM\Software\Classes\BandooCoordinator.PlugInNotifier.1

Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore

Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore.1

Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr

Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1

Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr

Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr.1

Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr

Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr.1

Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin

Clé supprimée: HKLM\Software\Classes\BandooIEPlugin.BandooIEPlugin.1

Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl

Clé supprimée: HKLM\Software\Classes\BFlashAnimator.BFlashAnimatorCtrl.1

Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl

Clé supprimée: HKLM\Software\Classes\BGIFAnimator.BGIFAnimatorCtrl.1

Clé supprimée: HKLM\Software\Classes\Toolbar.CT1460988

Clé supprimée: HKLM\Software\Classes\Toolbar.CT2391419

Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115

Clé supprimée: HKLM\Software\Classes\AppID\BandooCoordinator.EXE

Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE

Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Clé supprimée: HKLM\Software\OfferBox

Clé supprimée: HKLM\Software\InstallPedia

Clé supprimée: HKLM\Software\SearchquMediabarTb

Clé supprimée: HKLM\Software\bandoo

Clé supprimée: HKLM\Software\Conduit

Clé supprimée: HKLM\Software\Freeze.com

Clé supprimée: HKCU\Software\OfferBox

Clé supprimée: HKCU\Software\Conduit

Clé supprimée: HKCU\Software\AppDataLow\Software\searchqutb

Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403}

Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7403}

Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo

Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu MediaBar

Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|IP Network

Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{7FF99715-3016-4381-84CE-E4E4C9673020}

============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.13 (fr)] **

-- C:\Users\FABULEUZ\AppData\Roaming\Mozilla\FireFox\Profiles\8wkitryo.default\Prefs.js --

browser.startup.homepage_override.mstone, rv:1.9.2.13

========================================

** Internet Explorer Version [9.0.7930.16406] **

[HKCU\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Enable Browser Extensions: yes

Local Page: C:\Windows\SysWOW64\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 493 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 02/01/2011 (8704 Octet(s))

C:\Ad-Report-SCAN[1].txt - 02/01/2011 (8353 Octet(s))

Fin à: 08:04:19, 02/01/2011

============== E.O.F ==============

syphilis · le 2 janvier 2011

et voilà le petit dernier que vous m'avez demandé, celui de ZHPdiag:

Rapport de ZHPDiag v1.27.1471 par Nicolas Coolman, Update du 30/12/2010

Run by FABULEUZ at 02/01/2011 08:26:50

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

---\\ Web Browser

MSIE: Internet Explorer v9.0.7930.16406

---\\ System Information

Windows 7 Business Edition, 64-bit (Build 7600)

Processor: Intel64 Family 6 Model 26 Stepping 5, GenuineIntel

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 12279 MB (85% free)

System Restore: Désactivé (Disabled)

System drive C: has 407 GB (43%) free of 931 GB

---\\ Logged in mode

Computer Name: FABULEUZ-PC

User Name: FABULEUZ

All Users Names: FABULEUZ, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 407 Go of 931 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Free 0 Go of 1 Go)

F:\ Hard drive, Flash drive, Thumb drive (Free 920 Go of 932 Go)

G:\ CD-ROM drive (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

---\\ Recherche particulière de fichiers génériques

[MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 07:34:59.) -- C:\Windows\Explorer.exe [2870272]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]

---\\ Processus lancés

[MD5.F34E7705751BB413283434697BF8E55D] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696]

[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]

[MD5.3DD25048297A24AB4B3BFC17ABA5D0DB] - (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe [1242448]

[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768]

[MD5.B661327C64FACCF3EB14DE1D1D2190CC] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [869688]

[MD5.8B4022226C18FA378C324C11CBADDA36] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [304304]

[MD5.3DC8DFE611053A3D862C549F6E4B052A] - (.Bandoo Media Inc. - Fun4IM Core.) -- C:\PROGRA~2\Fun4IM\BndCore.exe [1579408]

[MD5.E71E84BD9910750E421708112ADFC822] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [621568]

---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (9.00.7930.16406 (WIN7_IE9_Beta.100831-2345)) -- C:\Windows\System32\ieframe.dll

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O4 - HKCU\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.)

O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

O4 - HKLM\..\Wow6432Node\Run: [switchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe

O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O4 - HKUS\S-1-5-21-698820930-825607945-331214559-1000\..\Run: [JP595IR86O] C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.)

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe After Effects CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe After Effects CS5\Support Files\AfterFX.exe (.not file.)

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Bridge CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Contribute CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\App\Contribute.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Fireworks CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Fireworks.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Flash Professional CS5.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files (x86)\Adobe\Adobe Flash CS5\Flash.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Illustrator CS5.lnk . (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Photoshop CS5 (64 Bit).lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (.not file.)

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Adobe Premiere Pro CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe (.not file.)

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\Chessmaster 10ème Edition.lnk . (.Ubisoft Entertainment.) -- C:\Program Files (x86)\Ubisoft\Chessmaster 10ème Edition\Chessmaster.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 8\FL.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\FL Studio 9.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 9\FL.exe

O4 - Global Startup: C:\Documents And Settings\FABULEUZ\Desktop\VLC Player.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\VLC Player\vlc.exe

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe After Effects CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe After Effects CS5\Support Files\AfterFX.exe (.not file.)

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Bridge CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Contribute CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\App\Contribute.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Dreamweaver CS5.lnk . (.Adobe Systems, Inc..) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Fireworks CS5.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Fireworks.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Flash Professional CS5.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files (x86)\Adobe\Adobe Flash CS5\Flash.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Illustrator CS5.lnk . (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Photoshop CS5 (64 Bit).lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe (.not file.)

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Adobe Premiere Pro CS5.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS5\Adobe Premiere Pro.exe (.not file.)

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\Chessmaster 10ème Edition.lnk . (.Ubisoft Entertainment.) -- C:\Program Files (x86)\Ubisoft\Chessmaster 10ème Edition\Chessmaster.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\FL Studio 8.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 8\FL.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\FL Studio 9.lnk . (.Image-Line.) -- C:\Program Files (x86)\Image-Line\FL Studio 9\FL.exe

O4 - Global Startup: C:\Users\FABULEUZ\Desktop\VLC Player.lnk . (.Pas de propriétaire.) -- C:\Program Files (x86)\VLC Player\vlc.exe

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM ENCODER.lnk . (.Gretech Corporation.) -- C:\Program Files (x86)\GRETECH\GomEncoder\GomEnc.exe

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk . (.Gretech Corp..) -- C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\FABULEUZ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{B1EB51D2-7F8B-4039-9B9C-6B0707FA4186}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: (Fun4IM Coordinator) . (.Bandoo Media Inc. - Fun4IM Coordinator.) - C:\PROGRA~2\Fun4IM\Bandoo.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (nvsvc) - Clé orpheline

O23 - Service: (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-FABULEUZ-PC-FABULEUZ] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance] (.Pas de propriétaire.) -- C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{22116563-108C-42c0-A7CE-60161B75E508}] (.Pas de propriétaire.) -- C:\Users\FABULEUZ\AppData\Local\Temp\Ffq.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}] (.Pas de propriétaire.) -- C:\Windows\Fhewya.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}] (.Pas de propriétaire.) -- C:\Users\FABULEUZ\AppData\Local\Temp\Ffr.exe (.not file.)

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (dmeoaaew) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\dmeoaaew.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

---\\ Logiciels installés (O42)

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD}

O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM] -- {925D058B-564A-443A-B4B2-7E90C6432E55}

O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45}

O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}

O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM] -- {8557397C-A42D-486F-97B3-A2CBC2372593}

O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}

O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: Nokia Connectivity Cable Driver - (.Pas de propriétaire.) [HKLM] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ASIO4ALL v2 by Wuschel]

[HKCU\Software\ASUS]

[HKCU\Software\Adobe]

[HKCU\Software\Alcohol Soft]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software\{AAEDC5DC-05CC-DED7-78DB-C3BD57412D82}]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow\b4a4f807]

[HKCU\Software\AppDataLow]

[HKCU\Software\Audacity]

[HKCU\Software\Avira]

[HKCU\Software\BitDefender]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CoreAAC]

[HKCU\Software\DT Soft]

[HKCU\Software\Dimension]

[HKCU\Software\ESET]

[HKCU\Software\Electronic Arts]

[HKCU\Software\Enkord]

[HKCU\Software\FMJ-Software]

[HKCU\Software\Flowmix]

[HKCU\Software\GNU]

[HKCU\Software\GRETECH]

[HKCU\Software\GameShadow]

[HKCU\Software\Google]

[HKCU\Software\H3O8CABBPI]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\Hyperspace]

[HKCU\Software\Image-Line]

[HKCU\Software\JP595IR86O]

[HKCU\Software\JavaSoft]

[HKCU\Software\Jone Stone Productions]

[HKCU\Software\Lauyan]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Minnetonka Audio Software]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nbeshine]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\NtWqIVLZEWZU]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PACE Anti-Piracy]

[HKCU\Software\Policies]

[HKCU\Software\RAD Game Tools]

[HKCU\Software\Realtek]

[HKCU\Software\SOFTWIN]

[HKCU\Software\SecuROM]

[HKCU\Software\SoftVoice]

[HKCU\Software\Softonic]

[HKCU\Software\Sonic Foundry]

[HKCU\Software\Synthetic Aperture]

[HKCU\Software\Syntrillium]

[HKCU\Software\Sysinternals]

[HKCU\Software\TuneUp]

[HKCU\Software\UIC Phoenxsoftware]

[HKCU\Software\VSO]

[HKCU\Software\Valve]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinZip Computing]

[HKCU\Software\Winferno]

[HKCU\Software\Wow6432Node]

[HKCU\Software\XML]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\eMule]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\BrowserChoice]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\EA GAMES]

[HKLM\Software\ESET]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\Imagineer Systems Ltd]

[HKLM\Software\Intel]

[HKLM\Software\Khronos]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\ODBC]

[HKLM\Software\PACE Anti-Piracy]

[HKLM\Software\Policies]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\Sonic]

[HKLM\Software\Synthetic Aperture]

[HKLM\Software\TuneUp]

[HKLM\Software\Waves Audio]

[HKLM\Software\Wow6432Node]

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD: 17/06/2010 - 23:01:20 ----D- C:\Program Files\Adobe

O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files

O43 - CFD: 14/07/2009 - 16:35:42 ----D- C:\Program Files\DVD Maker

O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 21/06/2010 - 12:55:04 ----D- C:\Program Files\Google

O43 - CFD: 31/12/2010 - 18:58:40 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 16/08/2010 - 19:16:20 ----D- C:\Program Files\Interplay

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\MSBuild

O43 - CFD: 09/09/2010 - 18:36:50 ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 17/06/2010 - 08:49:50 ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 14/07/2009 - 06:09:28 --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 16:35:40 ----D- C:\Program Files\Windows Journal

O43 - CFD: 21/12/2010 - 20:31:02 ----D- C:\Program Files\Windows Mail

O43 - CFD: 31/10/2010 - 13:36:00 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 16/06/2010 - 17:23:24 ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 17/06/2010 - 23:02:00 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files\PACE Anti-Piracy

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\System

O43 - CFD: 22/06/2010 - 11:23:10 ----D- C:\ProgramData\Adobe

O43 - CFD: 17/06/2010 - 22:59:14 ----D- C:\ProgramData\ALM

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Application Data

O43 - CFD: 31/12/2010 - 10:53:00 ----D- C:\ProgramData\Avira

O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Bureau

O43 - CFD: 17/06/2010 - 22:21:08 ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Documents

O43 - CFD: 16/08/2010 - 18:40:00 ----D- C:\ProgramData\eMule

O43 - CFD: 02/09/2010 - 16:54:06 ----D- C:\ProgramData\Enkord

O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Favorites

O43 - CFD: 15/12/2010 - 12:02:28 ----D- C:\ProgramData\Fun4IM

O43 - CFD: 21/06/2010 - 12:55:30 ----D- C:\ProgramData\Google

O43 - CFD: 20/06/2010 - 20:00:56 ----D- C:\ProgramData\GRETECH

O43 - CFD: 18/06/2010 - 15:17:02 ----D- C:\ProgramData\Lauyan

O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 29/11/2010 - 16:16:56 -S-AD- C:\ProgramData\Microsoft

O43 - CFD: 16/06/2010 - 17:23:24 -SH-D- C:\ProgramData\Modèles

O43 - CFD: 09/09/2010 - 18:39:38 ----D- C:\ProgramData\NVIDIA

O43 - CFD: 09/09/2010 - 18:36:16 ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\ProgramData\PACE Anti-Piracy

O43 - CFD: 17/06/2010 - 23:08:10 ----D- C:\ProgramData\regid.1986-12.com.adobe

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 17/06/2010 - 08:40:26 ----D- C:\ProgramData\Sun

O43 - CFD: 06/09/2010 - 15:10:46 ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 06:08:58 -SH-D- C:\ProgramData\Templates

O43 - CFD: 31/10/2010 - 13:43:56 ----D- C:\ProgramData\TuneUp Software

O43 - CFD: 20/06/2010 - 19:57:18 ----D- C:\ProgramData\Winferno

O43 - CFD: 30/11/2010 - 06:38:20 ----D- C:\ProgramData\WinZip

O43 - CFD: 16/08/2010 - 09:40:36 ----D- C:\ProgramData\Yahoo!

O43 - CFD: 17/06/2010 - 23:02:00 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 17/06/2010 - 23:08:44 ----D- C:\Program Files\Common Files\PACE Anti-Piracy

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 12/11/2010 - 09:34:48 ---AD- C:\Program Files\Common Files\System

O43 - CFD: 17/06/2010 - 22:59:52 ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 12/09/2010 - 10:09:02 ----D- C:\Program Files (x86)\Alcohol Soft

O43 - CFD: 11/10/2010 - 17:35:44 ----D- C:\Program Files (x86)\Anti-Blaxx 1.18

O43 - CFD: 20/06/2010 - 18:25:08 ----D- C:\Program Files (x86)\ASIO4ALL v2

O43 - CFD: 29/11/2010 - 16:17:10 ----D- C:\Program Files (x86)\Auxiliary Power

O43 - CFD: 31/12/2010 - 10:53:00 ----D- C:\Program Files (x86)\Avira

O43 - CFD: 23/10/2010 - 14:43:26 ----D- C:\Program Files (x86)\Babylon

O43 - CFD: 23/10/2010 - 11:26:10 ----D- C:\Program Files (x86)\Bethesda Softworks

O43 - CFD: 29/10/2010 - 11:46:04 ----D- C:\Program Files (x86)\bitComposer Games

O43 - CFD: 06/09/2010 - 15:17:20 ----D- C:\Program Files (x86)\BitTorrent

O43 - CFD: 02/11/2010 - 18:08:02 ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 20/06/2010 - 20:00:40 ----D- C:\Program Files (x86)\CoreAAC

O43 - CFD: 14/10/2010 - 09:28:22 ----D- C:\Program Files (x86)\CureROM

O43 - CFD: 11/10/2010 - 17:01:10 ----D- C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 21/10/2010 - 12:53:22 ----D- C:\Program Files (x86)\DAEMON Tools Toolbar

O43 - CFD: 17/09/2010 - 11:19:54 ----D- C:\Program Files (x86)\DAZ

O43 - CFD: 02/09/2010 - 15:21:10 ----D- C:\Program Files (x86)\directx

O43 - CFD: 21/10/2010 - 16:53:56 ----D- C:\Program Files (x86)\EA GAMES

O43 - CFD: 14/10/2010 - 10:59:52 ----D- C:\Program Files (x86)\Eidos

O43 - CFD: 16/08/2010 - 18:39:54 ----D- C:\Program Files (x86)\eMule

O43 - CFD: 31/12/2010 - 11:02:24 ----D- C:\Program Files (x86)\Feedback Tool

O43 - CFD: 23/10/2010 - 18:29:56 ----D- C:\Program Files (x86)\ffdshow

O43 - CFD: 11/10/2010 - 18:12:12 ----D- C:\Program Files (x86)\FlexCell

O43 - CFD: 25/11/2010 - 15:29:16 ----D- C:\Program Files (x86)\FMOD SoundSystem

O43 - CFD: 11/10/2010 - 18:12:12 ----D- C:\Program Files (x86)\Forms Data Loader Free

O43 - CFD: 23/10/2010 - 18:25:52 ----D- C:\Program Files (x86)\Free Offers from Freeze.com

O43 - CFD: 15/12/2010 - 12:02:32 ----D- C:\Program Files (x86)\Fun4IM

O43 - CFD: 12/09/2010 - 18:21:24 ----D- C:\Program Files (x86)\GCH Guitar academy

O43 - CFD: 21/06/2010 - 12:55:24 ----D- C:\Program Files (x86)\Google

O43 - CFD: 20/06/2010 - 20:00:46 ----D- C:\Program Files (x86)\GRETECH

O43 - CFD: 15/12/2010 - 12:02:48 ----D- C:\Program Files (x86)\icons

O43 - CFD: 27/10/2010 - 18:28:56 ----D- C:\Program Files (x86)\Image-Line

O43 - CFD: 24/10/2010 - 09:53:08 --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 16/06/2010 - 18:00:04 ----D- C:\Program Files (x86)\Intel

O43 - CFD: 31/12/2010 - 18:58:40 ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 17/06/2010 - 08:39:48 ----D- C:\Program Files (x86)\Java

O43 - CFD: 23/08/2010 - 10:23:58 ----D- C:\Program Files (x86)\JRE

O43 - CFD: 18/06/2010 - 15:17:04 ----D- C:\Program Files (x86)\Lauyan

O43 - CFD: 09/09/2010 - 18:14:08 ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 31/12/2010 - 19:24:48 ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\My Company Name

O43 - CFD: 31/10/2010 - 13:49:26 ----D- C:\Program Files (x86)\Need For Speed Hot Pursuit 2

O43 - CFD: 31/10/2010 - 16:08:42 ----D- C:\Program Files (x86)\nfs

O43 - CFD: 29/10/2010 - 09:24:44 ----D- C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 23/08/2010 - 10:23:58 ----D- C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 20/06/2010 - 18:24:32 ----D- C:\Program Files (x86)\Outsim

O43 - CFD: 11/09/2010 - 13:18:12 ----D- C:\Program Files (x86)\RADVideo

O43 - CFD: 17/06/2010 - 08:49:36 ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 13/09/2010 - 12:51:02 ----D- C:\Program Files (x86)\Road To Fame

O43 - CFD: 28/11/2010 - 12:21:04 --H-D- C:\Program Files (x86)\Roland

O43 - CFD: 16/09/2010 - 12:14:18 ----D- C:\Program Files (x86)\Smith Micro

O43 - CFD: 28/09/2010 - 11:19:24 ----D- C:\Program Files (x86)\Softonic_France

O43 - CFD: 02/01/2011 - 08:06:16 ----D- C:\Program Files (x86)\Steam

O43 - CFD: 17/06/2010 - 08:50:50 --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 02/11/2010 - 18:40:52 ----D- C:\Program Files (x86)\THQ

O43 - CFD: 10/09/2010 - 13:26:00 ----D- C:\Program Files (x86)\Ubisoft

O43 - CFD: 03/08/2010 - 09:49:42 ----D- C:\Program Files (x86)\UIC Phoenxsoftware

O43 - CFD: 14/07/2009 - 05:57:08 --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 20/06/2010 - 19:36:06 ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 31/12/2010 - 11:43:06 ----D- C:\Program Files (x86)\VLC Player

O43 - CFD: 12/09/2010 - 11:00:02 ----D- C:\Program Files (x86)\vso

O43 - CFD: 27/10/2010 - 18:29:06 ----D- C:\Program Files (x86)\VstPlugins

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 21/12/2010 - 20:31:00 ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 31/10/2010 - 13:36:00 ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 06:32:40 ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 06:32:42 ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 30/11/2010 - 06:37:44 ----D- C:\Program Files (x86)\WinZip

O43 - CFD: 02/01/2011 - 08:26:54 ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 17/06/2010 - 22:53:00 ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 17/06/2010 - 22:32:40 ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 16/09/2010 - 13:52:54 ----D- C:\Program Files (x86)\Common Files\DAZ

O43 - CFD: 10/09/2010 - 13:22:30 ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 17/06/2010 - 08:40:26 ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 16/09/2010 - 12:16:40 ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 17/06/2010 - 22:37:38 ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 14/07/2009 - 04:20:10 ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 28/10/2010 - 16:41:50 ----D- C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 14/07/2009 - 16:24:10 ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 02/11/2010 - 18:08:02 ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.A8A21B98733044F7060C65CF437F07DE] - 02/01/2011 - 08:13:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [19040]

O44 - LFC:[MD5.A8A21B98733044F7060C65CF437F07DE] - 02/01/2011 - 08:13:06 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [19040]

O44 - LFC:[MD5.532F3E7C41715DA3071738E7920444CA] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]

O44 - LFC:[MD5.175DCB6819A736A4BB3192F18CE12362] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [106190]

O44 - LFC:[MD5.003F92AF268A404B320D464824814227] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [130548]

O44 - LFC:[MD5.70835F86BAAB994905C10A40D096EF61] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [615810]

O44 - LFC:[MD5.C227A2CB11876C29127D0430C4CC6CE1] - 02/01/2011 - 08:12:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [704242]

O44 - LFC:[MD5.070000000000000000000000B8EE1800] - 02/01/2011 - 08:09:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1614553]

O44 - LFC:[MD5.1A5F269E443B0B7B375185D1442639DB] - 02/01/2011 - 08:05:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [11028]

O44 - LFC:[MD5.92CFE8F17E787BE19BEC4BA2ED2BEBB6] - 02/01/2011 - 08:05:48 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.579F662EC3D8401FA7D7F68BDE58BD83] - 31/12/2010 - 11:06:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\IE9_main.log [5428]

O44 - LFC:[MD5.71177AB27204CC7DA01E6CC6A3B2371E] - 31/12/2010 - 11:04:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\ieuinit.inf [72533]

O44 - LFC:[MD5.71177AB27204CC7DA01E6CC6A3B2371E] - 31/12/2010 - 11:04:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ieuinit.inf [72533]

O44 - LFC:[MD5.FB6D9C2A0FC44E91117720B31C2D012B] - 30/12/2010 - 08:06:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [4866160]

O44 - LFC:[MD5.7F319E86085C6D5F50A48C3F4A1772AB] - 28/12/2010 - 21:26:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\BlendSettings.ini [23]

O44 - LFC:[MD5.D441A1E6486513FDCAEB1938D75DB91A] - 21/12/2010 - 20:32:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [47158]

O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 21/12/2010 - 20:04:44 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367104]

O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080]

O44 - LFC:[MD5.8A7A52A9024E5343C531DA37E867890E] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]

O44 - LFC:[MD5.B2BE9288DC4C3A8532FACCAB7191F71A] - 21/12/2010 - 20:04:43 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294400]

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

---\\ MountPoints2 Shell Key (MPSK) (O51)

O51 - MPSK:{07117579-be4d-11df-8c78-e0cb4ea68c46}\Shell\AutoRun\command. (.Electronic Arts Inc. - rungame MFC Application.) -- E:\RunGame.exe

O51 - MPSK:{73e0da44-7a56-11df-8d3e-e0cb4ea68c46}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- G:\OblivionLauncher.exe (.not file.)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.7A4B413614C055935567CF88A9734D38] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [106576]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.B4AD0CACBAB298671DD6F6EF7E20679D] - 14/07/2009 - 02:52:21 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28752]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.19B006B181E3875FD254F7B67ACF1E7C] - 16/07/2009 - 04:38:40 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [15416]

O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 01/01/2011 - 19:00:09 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120]

O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 17/08/2010 - 13:39:11 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]

O58 - SDL:[MD5.D83EFB6FD45DF9D55E9A1AFC63640D50] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410688]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.AD8C3895155EE8D057F073856B2D5851] - 28/06/2007 - 10:47:14 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\nmwcdx64.sys [173056]

O58 - SDL:[MD5.E55CAB397F77D5208DB18A78B1B7C0D5] - 10/07/2010 - 04:38:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 258.96.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13187176]

O58 - SDL:[MD5.3E38712941E9BB4DDBEE00AFFE3FED3D] - 14/07/2009 - 02:48:27 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [149056]

O58 - SDL:[MD5.477DC4D6DEB99BE37084C9AC6D013DA1] - 14/07/2009 - 02:45:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [167488]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.4B42BC58294E83A6A92EC8B88C14C4A3] - 23/06/2010 - 09:10:56 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [344680]

O58 - SDL:[MD5.D42D651676883181400E22957A7E0B1E] - 22/05/2009 - 19:04:22 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1762080]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.2D0000000000000000000000B8EE1800] - 17/06/2010 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 28/12/2007 - 08:22:02 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS [10296]

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG

O64 - Services: CurCS - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - (.not file.) - ehdrv (ehdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_EHDRV

O64 - Services: CurCS - (.not file.) - epfwwfpr (epfwwfpr) .(.Pas de propriétaire - Pas de description.) - LEGACY_EPFWWFPR

O64 - Services: CurCS - C:\Windows\system32\Drivers\EXFAT.sys - (.not file.) - exFAT File System Driver (exfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_EXFAT

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL

O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - (.not file.) - UnlockerDriver5 (UnlockerDriver5) .(.Pas de propriétaire - Pas de description.) - LEGACY_UNLOCKERDRIVER5

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF

O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS5.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - {searchTerms} - Bing

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - {searchTerms} - Bing

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - {searchTerms} - Recherche Google

O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (DAEMON Search) - DAEMON-Search.com :: SEARCH

O69 - SBI: SearchScopes [HKCU] {F0A89676-EE10-41DB-8AA7-8E2A016F48BE} - (Yahoo! Search) - {searchterms} - Yahoo! France Résultats de recherche

---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84)

[MD5.E4CC410BD005958125CD87C5F6E66371] [sPRF] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\FABULEUZ\AppData\Local\Temp\GLF93C8.tmp.tbMedi.dll [3908192]

[MD5.D20AF64D70A5DA7D77DB105755BE6DCB] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\FABULEUZ\AppData\Local\Temp\InstallHelper.dll [1323520]

[MD5.24DF7F7E1A7F839B569149F76EF0C321] [sPRF] (.2K Czech - Mafia II Application.) -- C:\Users\FABULEUZ\AppData\Local\Temp\mafia2.exe [24261920]

[MD5.D0E80D812DBB66C8B949FA5E4FA82E1C] [sPRF] (.Secure Digital Services Limited - OfferBox Browser setup.) -- C:\Users\FABULEUZ\AppData\Local\Temp\OB.exe [1729296]

[MD5.E13ED373938A428A7F737A6B4BC740C1] [sPRF] (.GMER - GMER Driver http://www.gmer.net.) -- C:\Users\FABULEUZ\AppData\Local\Temp\pwliakog.sys [94848]

[MD5.82EC7DCC8D7C2D3E0AA19A49FD7117B5] [sPRF] (.Acresso Software Inc. - InstallScript Setup Launcher.) -- C:\Users\FABULEUZ\AppData\Local\Temp\setup.exe [807560]

[MD5.0487A88CE05C6B6D80E51BD1BC803BCC] [sPRF] (.Discordia Limited - Windows Searchqu Toolbar 2.0.) -- C:\Users\FABULEUZ\AppData\Local\Temp\SetupDataMngr_Searchqu.exe [2457944]

[MD5.72707C24A3C8D13865B7B0360D8D8DFD] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\FABULEUZ\AppData\LocalLow\cookieman.exe [46080]

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 17/08/2010 135336 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 01/01/2011 267944 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SS - | Auto 19/11/2010 1942416 | (Fun4IM Coordinator) . (.Bandoo Media Inc..) - C:\PROGRA~2\Fun4IM\Bandoo.exe

SS - | Auto 21/06/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 21/06/2010 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 21/06/2010 0 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

SS - | Demand 16/07/2009 316664 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by FABULEUZ at 02/01/2011 08:27:59

device: opened successfully

user: error reading MBR

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by FABULEUZ at 02/01/2011 08:27:59

Use the desktop link 'MBRCheck' to have full report

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O58 - SDL:[MD5.2D0000000000000000000000B8EE1800] - 17/06/2010 - 00:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys [834544]

End of the scan (794 lines in 01mn 09s)(0)

merci de votre aide...