Probleme avec search-web

Réseaux & telecom Internet
1

Bonjour,
Voila au lieu de ma page d’accueil habituel google sur internet apparait une page search-web.
Quand je vais dans outils / options remettre ma page d’accueil habituelle, il apparait en bas a droite une petite fenêtre bleu qui me met que “I info a détecter un changement dans mes paramètre navigateur”
je clique sur OK pour fermer cette petite fenêtre, il me demande de cliquer ok et de redémarrer mon navigateur.
Quand le navigateur redémarre j’ai toujours search-web en page d’accueil…

Quelqu’un sait il comment je me débarrasse de ce truc ???

Merci

2

Bonjour,

tu n’aura pas installer MSN avec tous ses sponsors par hasard :-(:

Télécharge MalwareByte’s Anti-Malware :
fileforum.betanews.com…

Installe le programme aide ici: [www.bibou0007.com...](http://www.bibou0007.com/t952-malwarebytes-anti-malware)
Lance-le et mets à jour la base de définition.


Choisis ensuite "Exécuter un examen complet" puis "Rechercher"
Sélectionne les disques dur et clique sur "Lancer l'examen"
Laisse l'analyse se faire (cela peut durer longtemps).
A la fin, [b]vérifie que les éléments trouvés soient cochés[/b] (dans "Résultat de l'examen).
Puis clique sur "[b]Supprimer la sélection[/b]" en bas.
Un redémarrage peut être nécessaire.


Un rapport va s'afficher, enregistre-le sur ton bureau.
ou sinon, après le démarrage, il se trouvera dans "Rapports/logs" , poste le ici ;)
3

ok ok
merci de ta reponse.
Non j’ai pas installer msn ou quoi que ce soit dernierement.
Je vois pas d’ou ca peut venir.
Bref, voila le rapport malwareByte

Malwarebytes’ Anti-Malware 1.50.1.1100

Version de la base de données: 6511

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

05/05/2011 19:14:36
mbam-log-2011-05-05 (19-14-36).txt

Type d’examen: Examen complet (C:|D:|E:|G:|H:|I:|J:|)
Elément(s) analysé(s): 741524
Temps écoulé: 3 heure(s), 10 minute(s), 1 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

c:\Users\benoit\Desktop\sauvegardedd\benoit\sauvegarde mac mars 2007\logiciel pc\extraire streaming\fairstarsrecorderkeygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\benoit\Desktop\sauvegardedd\benoit\sauvegarde mac mars 2007\logiciel pc\SON\sound forge\soundforge50d_bld229\damn_soundforge50b_kg.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\benoit\Desktop\sauvegardedd\benoit\sauvegarde mac mars 2007\logiciel pc\SON\sound forge\soundforge50d_bld229\DM_MP3P\damn_mp3plugin_kg.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\benoit\Desktop\sauvegardedd\benoit\sauvegarde mac mars 2007\logiciel pc\Video\premiere 7.0\Iris\DM_I4005\damn_iris4005.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\benoit\Desktop\sauvegardedd\benoit\sauvegarde pc sept 2009\truc bureau\clé steven\fl studio 7\VST\nvs111kg.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Users\benoit\Desktop\sauvegardedd\pc\benoit\downloads\eMule\Incoming\pas bon\adobe photoshop cs3 premium french\adobe photoshop cs3 premium french\Crack\Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\benoit\Desktop\sauvegardedd\pc\benoit\logiciels\installer\premiere 7.0\Iris\DM_I4005\damn_iris4005.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\benoit\Desktop\sauvegardedd\pc\benoit\logiciels\logiciel son\lionel\01 dx plugins\01_sonic foundry\noise reduction 2.0 v.2.0a build 170\000 cracks 000\damn_noiseplugin_kg.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

Merci encore

4

Bonjour,

on a pas fini pour vérifier:

Télécharge ZHPDiag de Nicolas Coolman sur ton Bureau: telechargement.zebulon.fr…
Installe le programme et exécute-le si le lancement n’est pas automatique. Utilisateur de vista/seven, clique droit et exécuter en tant qu’administrateur.
La fenêtre du logiciel se présente ainsi :

http://pix.toile-libre.org/upload/original/1304146465.jpg

Clique sur la petite loupe en haut à gauche pour débuter l’analyse :
L’analyse peut durer une dizaine de minutes.
Le rapport généré par l’outil se nomme ZHPDiag.txt et se situe là : C:\program files\ZHPDiag\ZHPDiag.txt
Il y en a également une copie sur ton Bureau.

Fais un copier/coller de ce rapport dans ton prochaine message

5

ok, c’est fait.
Voila le rapport. Ça en fait de la lecture…
Merci encore.

Rapport de ZHPDiag v1.27.200 par Nicolas Coolman, Update du 04/05/2011
Run by benoit at 06/05/2011 13:43:21
Web site : www.premiumorange.com…

—\ Web Browser
MSIE: Internet Explorer v7.0.6002.18005
MFIE: Mozilla Firefox v3.6.17 (fr) (Defaut)
GCIE: Google Chrome v11.0.696.60

—\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 7, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (27% free)
System Restore: Activé (Enable)
System drive C: has 68 GB (14%) free of 456 GB

—\ Logged in mode
Computer Name: PCBENOIT
User Name: benoit
All Users Names: benoit, ASPNET, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

—\ Environnement Variables
%AppData%=C:\Documents and Settings\ReleaseEngineer.MACROVISION\Application Data
%LocalAppData%=C:\Users\benoit\AppData\Local
%StartMenu%=C:\Users\benoit\AppData\Roaming\Microsoft\Windows\Start Menu

—\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 68 Go of 456 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 10 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

—\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

—\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 23:27:38.) – C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 08:33:37.) – C:\Windows\system32\Wininit.exe [96768]
[MD5.A7A07D223862A0C661DB225E27058248] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/02/2011 17:38:42.) – C:\Windows\system32\wininet.dll [834048]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/04/2009 23:28:14.) – C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 23:32:28.) – C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 23:32:50.) – C:\Windows\system32\drivers\ntfs.sys [1083880]

—\ Processus lancés
[MD5.56A1CFFFFC8D646A0388DFBF3EC362CF] - (.Microsoft Corporation - Microsoft Tablet PC Input Component.) – C:\Windows\SYSTEM32\WISPTIS.EXE [244224]
[MD5.7122B0AA2212B07BBFC49BD22215BF3B] - (.Microsoft Corporation - Tablet PC Input Panel Accessory.) – C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [304128]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) – C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.8D0C8187D3D2BEFBDF76E35E5855C5A1] - (.Realtek Semiconductor - HD Audio Control Panel.) – C:\WINDOWS\RtHDVCpl.exe [4435968]
[MD5.4B555106290BD117334E9A08761C035A] - (…) – C:\WINDOWS\System32\rundll32.exe [44544]
[MD5.47B02FB30ADCADE3036A84E5774636F2] - (.Lexmark International Inc. - Lexmark Fast Pics Application.) – C:\Program Files\Lexmark 5400 Series\ezprint.exe [82864]
[MD5.68A553BDFA855C4F1074696682FCDEB6] - (.Apple Inc. - iTunesHelper.) – C:\Program Files\iTunes\iTunesHelper.exe [141600]
[MD5.9ACE8ECDB1EBC519F48AA65DE5875573] - (.RealNetworks, Inc. - RealNetworks Scheduler.) – C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256]
[MD5.7B878518590E826F1F3A5B1D61D405F8] - (.AVAST Software - avast! Antivirus.) – C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3396624]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) – C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424]
[MD5.0408F0E5C0411B11B9502D957BCE15E1] - (.Nikon Corporation - Nikon Transfer Monitor.) – C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [479232]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java™ Update Scheduler.) – C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) – C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) – C:\WINDOWS\ehome\ehtray.exe [125952]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) – C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) – C:\Windows\ehome\ehmsas.exe [37376]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) – C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac [309824]
[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - (.Sun Microsystems, Inc. - Java™ Platform SE binary.) – C:\Program Files\Java\jre6\bin\javaw.exe [145184]
[MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) – C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000]
[MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) – C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368]
[MD5.B19B204CABFA9F225618EDA4A90C1A2C] - (.Microsoft Corporation - Serveur de personnalisation d’entrée.) – C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [198656]
[MD5.A9E333D4E8289F6D5F10B90F5D0F3944] - (.Wacom Technology, Corp. - Tablet user module for professional driver.) – C:\Windows\system32\WTablet\Wacom_TabletUser.exe [2046320]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) – C:\Windows\system32\wuauclt.exe [53472]
[MD5.000B70598782452D2EBD26918F551041] - (.Microsoft Corporation - Windows Live Mail.) – C:\Program Files\Windows Live\Mail\wlmail.exe [92024]
[MD5.D938FB6915EA338BDFC0DCF8773634C5] - (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe [912344]
[MD5.E68C1EFDA668BFF3E2023C72E9EF7A93] - (.Mozilla Corporation - Plugin Container for Firefox.) – C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.ADE63CBD832A9BDD96DCF013496312C5] - (.Nicolas Coolman - Diagnostic Tool.) – C:\Program Files\ZHPDiag\ZHPDiag.exe [645120]

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\xeoocom.xml
M3 - MFPP: Plugins - [benoit] – C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) – C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java™ Deploy.) – C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) – C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) – C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer™ LiveConnect-Enabled Plug-In.) – C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) – C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) – C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) – C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) – C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) – C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) – C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) – C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) – C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) – C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) – C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) – C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) – C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) – c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) – C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) – C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) – c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.775] - (.RealNetworks, Inc. - RealPlayer™ LiveConnect-Enabled Plug-In.) – c:\program files\real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.775] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) – c:\program files\real\realplayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer™ HTML5VideoShim Plug-In.) – C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.775] - (.RealNetworks, Inc. - 6.0.12.775.) – c:\program files\real\realplayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) – C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) – C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@wacom.com/wacom-plugin,version=1.1.0.3] - (.Wacom, Inc. - Wacom Dynamic Link Library.) – C:\Program Files\TabletPlugins\npwacom.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) – C:\Users\benoit\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G0 - GCSP: Preference [User Data\Default][HomePage] www.search-web.net…
G2 - GCE: Preference [User Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.2 (Activé)

—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.search-web.net…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.msn.com…
R0 - HKUS\S-1-5-21-4006893756-1276379533-543529398-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.search-web.net…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.microsoft.com…
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) – C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

—\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

—\ —\ Modification d’une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”

—\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} . (.Pas de propriétaire - Pas de description.) – C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) – C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) – C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) – C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) – C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) – C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) – C:\Program Files\Java\jre6\bin\jp2ssv.dll

—\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Lexmark Barre d’outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} . (.Pas de propriétaire - Pas de description.) – C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) – C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

—\ —\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM…\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) – C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM…\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) – C:\Windows\RtHDVCpl.exe
O4 - HKLM…\Run: [NvSvc] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 158.2.) – C:\Windows\system32\nvsvc.dll
O4 - HKLM…\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) – C:\Windows\system32\NvCpl.dll
O4 - HKLM…\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) – C:\Windows\system32\NvMcTray.dll
O4 - HKLM…\Run: [Lexmark 5400 Series Fax Server] . (.Pas de propriétaire - Fax Man Server.) – C:\Program Files\Lexmark 5400 Series\fm3032.exe
O4 - HKLM…\Run: [EzPrint] . (.Lexmark International Inc. - Lexmark Fast Pics Application.) – C:\Program Files\Lexmark 5400 Series\ezprint.exe
O4 - HKLM…\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) – C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM…\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) – C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM…\Run: [BboxUpdate] . (.TechCity Solutions France - eStantAutoRunV.) – C:\Program Files\BboxUpdate\eStantAutoRunV.exe
O4 - HKLM…\Run: [B2C_AGENT] . (.LG Electronics - B2C NotiAgent MFC ?? ???.) – C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM…\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) – C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O4 - HKLM…\Run: [avast5] . (.AVAST Software - avast! Antivirus.) – C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM…\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) – C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM…\Run: [Nikon Transfer Monitor] . (.Nikon Corporation - Nikon Transfer Monitor.) – C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
O4 - HKLM…\Run: [LXCTCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCTtime.dll (.not file.)
O4 - HKLM…\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java™ Update Scheduler.) – C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKCU…\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) – C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU…\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) – C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU…\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) – C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-4006893756-1276379533-543529398-1000…\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) – C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-4006893756-1276379533-543529398-1000…\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) – C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-4006893756-1276379533-543529398-1000…\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) – C:\Windows\ehome\ehTray.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc…) – C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\binternet.lnk . (…) – C:\Users\benoit\binternet.jar
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk . (…) – C:\Program Files\OpenOffice.org 3\program\quickstart.exe

—\ —\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) – C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) – C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) – C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\benoit\Desktop\1. Windows Live Messenger.lnk . (.Microsoft Corporation.) – C:\Users\benoit\AppData\Roaming\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
O4 - Global Startup: C:\Users\benoit\Desktop\3d - Raccourci.lnk . (…) – C:\Users\benoit\3d
O4 - Global Startup: C:\Users\benoit\Desktop\AD-R.lnk . (…) – C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Adobe Bridge CS3.lnk . (.Adobe Systems, Inc…) – C:\Program Files\Adobe\Adobe Bridge CS3\Bridge.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Adobe Dreamweaver CS3.lnk . (.Adobe Systems, Inc…) – C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Adobe Flash CS3 Professional.lnk . (.Adobe Systems Incorporated…) – C:\Program Files\Adobe\Adobe Flash CS3\Flash.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Adobe InDesign 2.0.lnk . (.Adobe Systems Incorporated.) – C:\Program Files\Adobe\InDesign 2.0\InDesign.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Adobe Photoshop CS3.lnk . (.Adobe Systems, Incorporated.) – C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Adobe Premiere F1-4.2.lnk . (.Adobe Systems Incorporated.) – C:\Win32App\Premiere\Premiere.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Blender.lnk . (…) – C:\Program Files\Blender Foundation\Blender\blender.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Calculator.lnk . (.Microsoft Corporation.) – C:\WINDOWS\System32\calc.exe
O4 - Global Startup: C:\Users\benoit\Desktop\CamStudio.lnk . (…) – C:\Program Files\CamStudio\Recorder.exe
O4 - Global Startup: C:\Users\benoit\Desktop\cmsms - Raccourci.lnk . (…) – C:\Users\benoit\internet\cmsms
O4 - Global Startup: C:\Users\benoit\Desktop\FairUse Wizard 2.lnk . (…) – C:\Program Files\FairUse Wizard 2\FU.exe
O4 - Global Startup: C:\Users\benoit\Desktop\FruityLoops 3.lnk . (.Image-Line.) – C:\Program Files\FruityLoops3\FruityLoops.exe
O4 - Global Startup: C:\Users\benoit\Desktop\graphisme - Raccourci.lnk . (…) – C:\Users\benoit\graphisme
O4 - Global Startup: C:\Users\benoit\Desktop\Illustrator CS3.lnk . (.Adobe Systems Inc…) – C:\Program Files\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe
O4 - Global Startup: C:\Users\benoit\Desktop\internet - Raccourci.lnk . (…) – C:\Users\benoit\internet
O4 - Global Startup: C:\Users\benoit\Desktop\job - Raccourci.lnk . (…) – C:\Users\benoit\job
O4 - Global Startup: C:\Users\benoit\Desktop\Nota Bene module Professeur.lnk . (.OMT.) – C:\Users\benoit\AppData\Roaming\NBPROF\Nota Bene Professeur.exe
O4 - Global Startup: C:\Users\benoit\Desktop\photo - Raccourci.lnk . (…) – C:\Users\benoit\photo
O4 - Global Startup: C:\Users\benoit\Desktop\Sound Forge 4.5.lnk . (.Sonic Foundry, Inc…) – C:\audio\soundforge\FORGE32.EXE
O4 - Global Startup: C:\Users\benoit\Desktop\Téléchargement - Raccourci.lnk . (…) – C:\Users\benoit\Downloads
O4 - Global Startup: C:\Users\benoit\Desktop\WampServer.lnk . (.Aestan Software.) – C:\wamp\wampmanager.exe
O4 - Global Startup: C:\Users\benoit\Desktop\Windows Live Mail.lnk . (.Microsoft Corporation.) – C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - Global Startup: C:\Users\benoit\Desktop\www - Raccourci.lnk . (…) – C:\wamp\www
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) – C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) – C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WampServer.lnk . (.Aestan Software.) – C:\wamp\wampmanager.exe
O4 - Global Startup: C:\Users\benoit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) – C:\Program Files\Windows Media Player\wmplayer.exe

—\ Lignes supplémentaires dans le menu contextuel d’Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki… . (.Google Inc. - Google Toolbar for Internet Explorer.) – C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll
O8 - Extra context menu item: Recherche avec search-web - (.not file.) - C:\Users\benoit\scriptjava.html

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) – C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) – C:\Program Files\Windows Live\Writer\WriterBro

—\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) – C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) – C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) – C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) – C:\Windows\system32\pnrpnsp.dll
O10 - Broken Internet access because of LSP provider (.not file.) – C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) – C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) – C:\Windows\system32\winrnr.dll

—\ Site dans la Zone de confiance d’Internet Explorer (O15)
O15 - Trusted Zone: [HKCU…\Domains] *.chat-land.org
O15 - Trusted Zone: [HKCU…\Domains\www] *.chat-land.org

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - platformdl.adobe.com…

—\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpDomain = lan
O17 - HKLM\System\CS3\Services\Tcpip…{E96D5A80-4DE9-43AF-9A62-AF85921196BD}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

—\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) – C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

—\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) – C:\Windows\system32\webcheck.dll

—\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l’interface utilisateur du.) – C:\Windows\system32\browseui.dll

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (eStantLaunchService) . (.TechCity Solutions France - eSTantAutoRunService.) - C:\Program Files\BboxUpdate\eSRunService.exe
O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d’installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d’installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (lxct_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxctcoms.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: (OMSI download service) . (…) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: (RoxLiveShare9) - Clé orpheline
O23 - Service: (stllssvr) - Clé orpheline
O23 - Service: (TabletServiceWacom) . (.Wacom Technology, Corp. - Tablet Service for professional driver.) - C:\Windows\system32\Wacom_Tablet.exe
O23 - Service: (wampapache) . (.Apache Software Foundation - Apache HTTP Server.) - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: (wampmysqld) . (…) - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

—\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(…) - (.not file.)

—\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc…) – C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc…) – C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeLogonTaskS-1-5-21-4006893756-1276379533-543529398-1000] (.RealNetworks, Inc…) – C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeScheduledTaskS-1-5-21-4006893756-1276379533-543529398-1000] (.RealNetworks, Inc…) – C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
[MD5.46C92F0351DF5A4F74C9D37CD43F741D] [APT] [{7B4CCB61-073B-4FE8-9CC0-F5BC0D31DA18}] (.Skype Technologies S.A…) – C:\Program Files\Skype\Phone\Skype.exe

—\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (DLACDBHM) . (.Roxio - Shared Driver Component.) - C:\Windows\System32\Drivers\DLACDBHM.sys
O41 - Driver: (DLARTL_M) . (.Roxio - Shared Driver Component.) - C:\Windows\System32\Drivers\DLARTL_M.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

—\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] – 7-Zip
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] – {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: ALZip - (.ESTsoft Corp…) [HKLM] – ALZip_is1
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] – {90176341-0A8B-4CCC-A78D-F862228A6B95}
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] – {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] – {9C9824D9-9000-4373-A6A5-D0E5D4831394}
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] – {08B32819-6EEF-4057-AEDA-5AB681A36A23}
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] – {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] – {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM] – {A2D81E70-2A98-4A08-A628-94388B063C5E}
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] – {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
O42 - Logiciel: Adobe Color EU Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] – {73B5D990-04EA-4751-B10F-5534770B91F2}
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] – {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
O42 - Logiciel: Adobe Color NA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] – {FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] – {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] – {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
O42 - Logiciel: Adobe Dreamweaver CS3 - (.Adobe Systems Incorporated.) [HKLM] – Adobe_ad19d2ae8332572b119cf35fd0a30d8
O42 - Logiciel: Adobe Dreamweaver CS3 - (.Adobe Systems Incorporated.) [HKLM] – {4BDB76C6-902E-41D5-9064-68768E02886B}
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] – {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
O42 - Logiciel: Adobe Extension Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] – {BE5F3842-8309-4754-92D5-83E02E6077A3}
O42 - Logiciel: Adobe Flash CS3 - (.Adobe Systems Incorporated.) [HKLM] – {80FD3971-8482-49C8-BA8C-B6464A15882F}
O42 - Logiciel: Adobe Flash CS3 Professional - (.Adobe Systems Incorporated.) [HKLM] – Adobe_b2b4b1546e74314f8131ded43e4bd9d
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] – Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] – Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems, Inc…) [HKLM] – {BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
O42 - Logiciel: Adobe Flash Video Encoder - (.Adobe Systems Incorporated.) [HKLM] – {1B0BCA28-1F11-4D60-8A2F-DEBE04B5341E}
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] – {6ABE0BEE-D572-4FE8-B434-9E72A289431B}
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] – {04AF207D-9A77-465A-8B76-991F6AB66245}
O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] – Adobe_e21d2df5563f0bf421cf2cc5ec26c42
O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] – {6E08CE13-C2AB-4749-9335-5900B958929E}
O42 - Logiciel: Adobe InDesign 2.0.2 - (.Adobe Systems, Inc…) [HKLM] – Adobe InDesign 2.0
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] – {54793AA1-5001-42F4-ABB6-C364617C6078}
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] – {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] – Adobe_32e9033392a51340b32fdc6ad893ab7
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] – {BF794769-8875-4E01-B7BE-E00104604F4A}
O42 - Logiciel: Adobe Premiere vF1-4.2 - (.Pas de propriétaire.) [HKLM] – Adobe Premiere vF1-4.2
O42 - Logiciel: Adobe Reader 9.1 - Français - (.Adobe Systems Incorporated.) [HKLM] – {AC76BA86-7AD7-1036-7B44-A91000000001}
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc…) [HKLM] – Adobe SVG Viewer
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] – {82503EA7-7E08-4AA8-90E9-BE4D0A6D453F}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] – {926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] – {CE67DBBB-2ED0-4F35-B482-0CFE4CFC1570}
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] – {D2E18162-47FB-4216-8AB3-F420C1AF75A4}
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] – {29E5EA97-5F74-4A57-B8B2-D4F169117183}
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] – {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] – {E69AE897-9E0B-485C-8552-7841F48D42D8}
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] – {D0DFF92A-492E-4C40-B862-A74A173C25C5}
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] – {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] – {802771A9-A856-4A41-ACF7-1450E523C923}
O42 - Logiciel: Apple Application Support - (.Apple Inc…) [HKLM] – {3FA365DF-2D68-45ED-8F83-8C8A33E65143}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc…) [HKLM] – {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
O42 - Logiciel: Apple Software Update - (.Apple Inc…) [HKLM] – {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: ArcSoft Panorama Maker 5 - (.ArcSoft.) [HKLM] – {F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}
O42 - Logiciel: Blender (remove only) - (.Pas de propriétaire.) [HKLM] – Blender
O42 - Logiciel: Bonjour - (.Apple Inc…) [HKLM] – {07287123-B8AC-41CE-8346-3D777245C35B}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] – CCleaner
O42 - Logiciel: CamStudio 2.0 Fr - (.Pas de propriétaire.) [HKLM] – CamStudio 2.0 Fr_is1
O42 - Logiciel: Capture NX 2 - (.NIKON CORPORATION.) [HKLM] – Capture NX 2
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] – {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] – {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] – {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dell Driver Download Manager - (.Dell Inc…) [HKCU] – 309a46b1dc89b774
O42 - Logiciel: Désinst. LG PC Suite III - (.LG Electronics.) [HKLM] – {D94BA408-F110-488B-A65E-3AE7945F79E6}_is1
O42 - Logiciel: Désinstaller Bouygues Telecom - CD d’installation Bbox - (.Bouygues Telecom.) [HKLM] – Bouygues Telecom - désinstallation Bbox
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc…) [HKCU] – Facebook Plug-In
O42 - Logiciel: FairUse Wizard 2 - (.FairUse Wizard.) [HKLM] – FairUse Wizard 2
O42 - Logiciel: File Signature Verification - (.Microsoft Corporation.) [HKLM] – chklogo
O42 - Logiciel: File Uploader - (.Nikon.) [HKLM] – {237CD223-1B9D-47E8-A76C-E478B83CCEA2}
O42 - Logiciel: FreeTV V1.0 - (.Pas de propriétaire.) [HKLM] – FreeTV_is1
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] – {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Chrome - (.Google Inc…) [HKLM] – Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc…) [HKLM] – {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc…) [HKLM] – {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc…) [HKLM] – {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] – {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] – {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: INDEX EDUCATION - ProfNOTE 2009 - (.Index Education.) [HKLM] – {CE8C19E1-72E8-4CDF-B463-826B74329163}
O42 - Logiciel: ImgBurn (Remove Only) - (.Pas de propriétaire.) [HKLM] – ImgBurn
O42 - Logiciel: Infineon USB driver 1.0.0.6 - (.Infineon.) [HKLM] – Infineon USB driver_is1
O42 - Logiciel: Java™ 6 Update 24 - (.Sun Microsystems, Inc…) [HKLM] – {26A24AE4-039D-4CA4-87B4-2F83216016FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] – {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LG Bluetooth Drivers - (.LG Electronics.) [HKLM] – {AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}
O42 - Logiciel: LG Internet Kit - (.LG Electronics.) [HKLM] – {40034B11-149E-4310-AE89-BB575B02525B}
O42 - Logiciel: LG MC USB U330 driver - (.LG Electronics.) [HKLM] – {ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}
O42 - Logiciel: LG USB Modem Drivers - (.LG Electronics.) [HKLM] – {E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}
O42 - Logiciel: Lexmark 5400 Series - (.Lexmark International, Inc…) [HKLM] – Lexmark 5400 Series
O42 - Logiciel: Lexmark Barre d’outils - (.Pas de propriétaire.) [HKLM] – {1017A80C-6F09-4548-A84D-EDD6AC9525F0}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] – {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] – {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] – {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] – {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes’ Anti-Malware - (.Malwarebytes Corporation.) [HKLM] – Malwarebytes’ Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc…) [HKLM] – McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] – {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] – {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] – Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] – M2416447
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] – M979906
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] – {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] – Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] – {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] – Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] – {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] – {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] – {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] – {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] – {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] – {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] – {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] – {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] – {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] – {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] – Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] – Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.17) - (.Mozilla.) [HKLM] – Mozilla Firefox (3.6.17)
O42 - Logiciel: Mystery PI - The London Caper - (.Oberon Media.) [HKLM] – {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118744537}
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] – NVIDIA Drivers
O42 - Logiciel: Nikon Message Center - (.Nikon.) [HKLM] – {D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
O42 - Logiciel: Nikon Transfer - (.Nikon.) [HKLM] – {E9757890-7EC5-46C8-99AB-B00F07B6525C}
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] – {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] – {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
O42 - Logiciel: Package de pilotes Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6) - (.Infineon Technologies.) [HKLM] – 7D6D030B3D73FCCA3D4E45319380F315DFBE7A54
O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM] – {87441A59-5E64-4096-A170-14EFE67200C3}
O42 - Logiciel: Python 2.6.4 - (.Python Software Foundation.) [HKLM] – {e7394a0f-3f80-45b1-87fc-abcd51893246}
O42 - Logiciel: Python 3.1.1 - (.Python Software Foundation.) [HKLM] – {7ff90460-89b7-435b-b583-b37b2815ccc7}
O42 - Logiciel: QuickTime - (.Apple Inc…) [HKLM] – {1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] – RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc…) [HKLM] – {F4F4F84E-804F-4E9A-84D7-C34283F0088F}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp…) [HKLM] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Drag-to-Disc - (.Roxio.) [HKLM] – {2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] – {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] – {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] – {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A…) [HKLM] – {D103C4BA-F905-437A-8049-DB24763BBE36}
O42 - Logiciel: Sonic Foundry SoundForge v4.5 - (.Pas de propriétaire.) [HKLM] – Sonic Foundry SoundForge v4.5
O42 - Logiciel: Sony Ericsson PC Suite 6.009.00 - (.Sony Ericsson.) [HKLM] – {2FFE93F0-BB72-4E52-8761-354D1AAA9387}
O42 - Logiciel: Tablette Wacom - (.Wacom Technology Corp…) [HKLM] – Wacom Tablet Driver
O42 - Logiciel: USB Flash Port Driver - (.Infineon Technologies.) [HKLM] – {065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] – {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.3 - (.VideoLAN Team.) [HKLM] – VLC media player
O42 - Logiciel: ViewNX - (.Nikon.) [HKLM] – {F007CBCE-D714-4C0B-8CE9-9B0D78116468}
O42 - Logiciel: WampServer 2.0 - (.Romain Bourdon (Roms).) [HKLM] – WampServer 2_is1
O42 - Logiciel: WebTablet IE Plugin - (.Wacom Technology Corp…) [HKLM] – Wacom WebTabletPlugin for IE
O42 - Logiciel: WebTablet Netscape Plugin - (.Wacom Technology Corp…) [HKLM] – Wacom WebTabletPlugin for Netscape
O42 - Logiciel: Widestream6 - (.Secure Digital Services.) [HKLM] – {835525BE-63BD-4EC4-9425-00CEAD4849C2}
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] – WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] – {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] – {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] – {F53D678E-238F-4A71-9742-08BB6774E9DC}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] – {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] – {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] – {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] – {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] – {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] – {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] – {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] – {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] – {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] – {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] – {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] – {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] – {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] – {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] – {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] – {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] – {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] – {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] – {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] – {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] – {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] – {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] – {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] – {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] – {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] – {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] – {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] – {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] – {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] – {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] – {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
O42 - Logiciel: adsl TV - (.Pas de propriétaire.) [HKLM] – adsl TV
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM] – avast5
O42 - Logiciel: chat-land - (.Chat-land.) [HKLM] – {8E1588DC-8279-4C73-AB80-8EEA6C283CE2}_is1
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] – eMule
O42 - Logiciel: iTunes - (.Apple Inc…) [HKLM] – {A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}

—\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ABBYY]
[HKCU\Software\AGESoft]
[HKCU\Software\ALWIL Software]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EstSoft]
[HKCU\Software\FUW]
[HKCU\Software\FairUse Wizard 2]
[HKCU\Software\FairUseW]
[HKCU\Software\FruityLoops 3]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Image-Line]
[HKCU\Software\ImgBurn]
[HKCU\Software\Index Education]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\LG Electronics Inc]
[HKCU\Software\LG PC Suite2]
[HKCU\Software\Lexmark 5400 Series]
[HKCU\Software\LexmarkPhoto]
[HKCU\Software\Lexmark]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LowRegistry]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes’ Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Nikon]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Printer Icons]
[HKCU\Software\Radio Sounds]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\SampleView]
[HKCU\Software\Skype]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\Sysinternals]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WideStream]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eMule]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ASUS]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\BlenderFoundation]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Debug]
[HKLM\Software\EstSoft]
[HKLM\Software\FairUse Wizard]
[HKLM\Software\FaxMan5400SeriesPorts]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Huawei technologies]
[HKLM\Software\Index Education]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LG Electronics]
[HKLM\Software\LexmarkInkjet]
[HKLM\Software\Lexmark]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes’ Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MedioStream]
[HKLM\Software\Mozilla Firefox 3.0.4]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nikon]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Policies]
[HKLM\Software\Python]
[HKLM\Software\Radium]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\Rock Kit]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sci-Fi]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Skype]
[HKLM\Software\SoftThinks]
[HKLM\Software\Sonic Foundry]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Ericsson]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Swearware]
[HKLM\Software\Techcity]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\Wacom]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
[HKLM\Software\widestream]

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/09/2009 - 22:50:46 - [3094515] ----D- C:\Program Files\7-Zip
O43 - CFD: 11/03/2010 - 22:56:30 - [121173485] ----D- C:\Program Files\Abbyy FineReader 6.0 Sprint
O43 - CFD: 02/05/2011 - 17:09:40 - [138820473] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 27/10/2009 - 14:08:06 - [1974468821] ----D- C:\Program Files\Adobe
O43 - CFD: 24/01/2011 - 20:54:44 - [53956798] ----D- C:\Program Files\adslTV
O43 - CFD: 18/10/2010 - 19:09:04 - [151761131] ----D- C:\Program Files\Alwil Software
O43 - CFD: 13/10/2009 - 18:10:14 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 04/01/2011 - 14:57:42 - [25685311] ----D- C:\Program Files\ArcSoft
O43 - CFD: 23/04/2010 - 11:04:56 - [24168136] ----D- C:\Program Files\Bbox
O43 - CFD: 23/04/2010 - 11:04:58 - [229791] ----D- C:\Program Files\BboxUpdate
O43 - CFD: 02/12/2009 - 19:04:54 - [32837364] ----D- C:\Program Files\Blender Foundation
O43 - CFD: 23/02/2011 - 12:20:54 - [8387150] ----D- C:\Program Files\CamStudio
O43 - CFD: 15/11/2009 - 16:24:56 - [2780336] ----D- C:\Program Files\CCleaner
O43 - CFD: 19/09/2009 - 16:34:26 - [17139027] ----D- C:\Program Files\chat-land
O43 - CFD: 11/04/2011 - 20:09:02 - [1373873208] ----D- C:\Program Files\Common Files
O43 - CFD: 25/04/2010 - 14:33:22 - [795104] ----D- C:\Program Files\DIFX
O43 - CFD: 27/10/2009 - 14:08:22 - [0] ----D- C:\Program Files\directx
O43 - CFD: 05/10/2009 - 14:59:42 - [10791058] ----D- C:\Program Files\eMule
O43 - CFD: 17/09/2009 - 00:25:40 - [12324438] ----D- C:\Program Files\ESTsoft
O43 - CFD: 11/09/2010 - 11:18:20 - [21345719] ----D- C:\Program Files\FairUse Wizard 2
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 23/02/2011 - 12:29:02 - [463844288] ----D- C:\Program Files\FruityLoops3
O43 - CFD: 28/10/2010 - 10:17:08 - [376048726] ----D- C:\Program Files\Google
O43 - CFD: 14/05/2010 - 12:23:00 - [1157238] ----D- C:\Program Files\ImgBurn
O43 - CFD: 25/04/2010 - 14:32:58 - [1510535] ----D- C:\Program Files\infineon
O43 - CFD: 10

6

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 19/09/2009 - 22:50:46 - [3094515] ----D- C:\Program Files\7-Zip
O43 - CFD: 11/03/2010 - 22:56:30 - [121173485] ----D- C:\Program Files\Abbyy FineReader 6.0 Sprint
O43 - CFD: 02/05/2011 - 17:09:40 - [138820473] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 27/10/2009 - 14:08:06 - [1974468821] ----D- C:\Program Files\Adobe
O43 - CFD: 24/01/2011 - 20:54:44 - [53956798] ----D- C:\Program Files\adslTV
O43 - CFD: 18/10/2010 - 19:09:04 - [151761131] ----D- C:\Program Files\Alwil Software
O43 - CFD: 13/10/2009 - 18:10:14 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 04/01/2011 - 14:57:42 - [25685311] ----D- C:\Program Files\ArcSoft
O43 - CFD: 23/04/2010 - 11:04:56 - [24168136] ----D- C:\Program Files\Bbox
O43 - CFD: 23/04/2010 - 11:04:58 - [229791] ----D- C:\Program Files\BboxUpdate
O43 - CFD: 02/12/2009 - 19:04:54 - [32837364] ----D- C:\Program Files\Blender Foundation
O43 - CFD: 23/02/2011 - 12:20:54 - [8387150] ----D- C:\Program Files\CamStudio
O43 - CFD: 15/11/2009 - 16:24:56 - [2780336] ----D- C:\Program Files\CCleaner
O43 - CFD: 19/09/2009 - 16:34:26 - [17139027] ----D- C:\Program Files\chat-land
O43 - CFD: 11/04/2011 - 20:09:02 - [1373873208] ----D- C:\Program Files\Common Files
O43 - CFD: 25/04/2010 - 14:33:22 - [795104] ----D- C:\Program Files\DIFX
O43 - CFD: 27/10/2009 - 14:08:22 - [0] ----D- C:\Program Files\directx
O43 - CFD: 05/10/2009 - 14:59:42 - [10791058] ----D- C:\Program Files\eMule
O43 - CFD: 17/09/2009 - 00:25:40 - [12324438] ----D- C:\Program Files\ESTsoft
O43 - CFD: 11/09/2010 - 11:18:20 - [21345719] ----D- C:\Program Files\FairUse Wizard 2
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 23/02/2011 - 12:29:02 - [463844288] ----D- C:\Program Files\FruityLoops3
O43 - CFD: 28/10/2010 - 10:17:08 - [376048726] ----D- C:\Program Files\Google
O43 - CFD: 14/05/2010 - 12:23:00 - [1157238] ----D- C:\Program Files\ImgBurn
O43 - CFD: 25/04/2010 - 14:32:58 - [1510535] ----D- C:\Program Files\infineon
O43 - CFD: 10/02/2011 - 16:31:08 - [32282020] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/04/2010 - 11:15:08 - [28671] ----D- C:\Program Files\Internet 3G+ Bouygues Telecom
O43 - CFD: 17/02/2010 - 12:21:00 - [3279486] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 27/01/2010 - 18:09:04 - [1582699] ----D- C:\Program Files\iPod
O43 - CFD: 27/01/2010 - 18:09:56 - [112684697] ----D- C:\Program Files\iTunes
O43 - CFD: 11/04/2011 - 20:05:50 - [91531793] ----D- C:\Program Files\Java
O43 - CFD: 21/09/2009 - 16:29:20 - [16664352] ----D- C:\Program Files\JRE
O43 - CFD: 13/12/2009 - 11:33:52 - [111134058] ----D- C:\Program Files\Lexmark 5400 Series
O43 - CFD: 13/12/2009 - 11:58:30 - [353811] ----D- C:\Program Files\Lexmark Toolbar
O43 - CFD: 10/09/2010 - 10:58:20 - [125369611] ----D- C:\Program Files\LG Electronics
O43 - CFD: 25/04/2010 - 14:27:36 - [10156782] ----D- C:\Program Files\LGInternetKit
O43 - CFD: 02/05/2011 - 09:48:10 - [85298] ----D- C:\Program Files\lx_cats
O43 - CFD: 05/05/2011 - 12:33:48 - [4967875] ----D- C:\Program Files\Malwarebytes’ Anti-Malware
O43 - CFD: 22/10/2010 - 11:42:34 - [9454922] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 17/09/2009 - 00:07:50 - [2664525] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 22/04/2011 - 08:42:02 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 19/09/2009 - 23:59:46 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 26/06/2010 - 11:18:56 - [15715] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 12/08/2010 - 12:08:04 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 05/05/2011 - 22:45:38 - [32241131] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 17/02/2010 - 12:18:12 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 04/01/2011 - 15:23:28 - [79048245] ----D- C:\Program Files\Nikon
O43 - CFD: 23/08/2010 - 15:29:30 - [9662] ----D- C:\Program Files\Oberon Media
O43 - CFD: 21/09/2009 - 16:29:20 - [385258936] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 23/08/2010 - 14:24:06 - [42253452] ----D- C:\Program Files\orange
O43 - CFD: 27/01/2010 - 18:07:04 - [82550515] ----D- C:\Program Files\QuickTime
O43 - CFD: 19/09/2010 - 19:43:32 - [90915407] ----D- C:\Program Files\Real
O43 - CFD: 12/07/2007 - 12:41:48 - [15273502] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 15/04/2010 - 18:46:42 - [9425620] ----D- C:\Program Files\Roxio
O43 - CFD: 18/09/2010 - 16:26:58 - [30284489] R—D- C:\Program Files\Skype
O43 - CFD: 15/06/2007 - 19:28:38 - [0] ----D- C:\Program Files\SoftThinks
O43 - CFD: 15/02/2010 - 20:05:48 - [68] ----D- C:\Program Files\Sonic
O43 - CFD: 10/10/2010 - 18:04:34 - [714592] ----D- C:\Program Files\Sony Corporation
O43 - CFD: 04/12/2009 - 17:19:38 - [32095308] ----D- C:\Program Files\Sony Ericsson
O43 - CFD: 27/12/2010 - 11:16:20 - [19157283] ----D- C:\Program Files\Tablet
O43 - CFD: 27/12/2010 - 11:18:02 - [772707] ----D- C:\Program Files\TabletPlugins
O43 - CFD: 23/04/2010 - 10:38:58 - [16278] ----D- C:\Program Files\Techcity
O43 - CFD: 16/11/2009 - 17:19:56 - [401720] ----D- C:\Program Files\Trend Micro
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 19/09/2009 - 22:52:16 - [75191582] ----D- C:\Program Files\VideoLAN
O43 - CFD: 16/11/2009 - 16:42:38 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 16/11/2009 - 16:42:34 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 16/11/2009 - 16:42:22 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 16/11/2009 - 16:42:34 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 31/03/2011 - 09:55:26 - [190363236] ----D- C:\Program Files\Windows Live
O43 - CFD: 15/04/2011 - 09:34:24 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 14/10/2010 - 11:01:40 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 16/09/2009 - 21:53:16 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 16/11/2009 - 16:42:30 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 18/11/2009 - 14:29:48 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 16/11/2009 - 16:42:36 - [6527558] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 15/06/2007 - 19:25:14 - [255282] ----D- C:\Program Files\Winqual Tools
O43 - CFD: 06/05/2011 - 13:43:34 - [3803152] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 27/10/2009 - 13:56:42 - [628130443] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 27/01/2010 - 18:09:04 - [94379494] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 04/01/2011 - 14:57:44 - [65678349] ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD: 04/01/2011 - 14:56:34 - [14294460] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 11/04/2011 - 20:09:02 - [1247175] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 17/09/2009 - 00:55:18 - [655109] ----D- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 31/01/2011 - 21:04:16 - [202692009] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 04/01/2011 - 15:01:38 - [4177705] ----D- C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 04/01/2011 - 15:28:06 - [62518141] ----D- C:\Program Files\Common Files\Nikon
O43 - CFD: 19/09/2010 - 19:44:02 - [21499212] ----D- C:\Program Files\Common Files\Real
O43 - CFD: 15/04/2010 - 18:46:44 - [881] ----D- C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 18/03/2010 - 12:33:04 - [2135336] ----D- C:\Program Files\Common Files\Skype
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 16/11/2009 - 16:42:30 - [8737810] ----D- C:\Program Files\Common Files\System
O43 - CFD: 10/05/2010 - 18:44:30 - [219197] ----D- C:\Program Files\Common Files\windows
O43 - CFD: 17/09/2009 - 00:04:54 - [226051194] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 19/09/2010 - 19:43:24 - [352256] ----D- C:\Program Files\Common Files\xing shared
O43 - CFD: 13/12/2009 - 11:32:04 - [27148] ----D- C:\ProgramData\5400 Series
O43 - CFD: 18/10/2009 - 14:05:54 - [137399003] ----D- C:\ProgramData\Adobe
O43 - CFD: 17/09/2009 - 14:29:14 - [0] ----D- C:\ProgramData\ALM
O43 - CFD: 18/10/2010 - 18:54:30 - [17917585] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 27/12/2010 - 11:18:48 - [9] ----D- C:\ProgramData\AppData
O43 - CFD: 13/10/2009 - 18:09:42 - [42793984] ----D- C:\ProgramData\Apple
O43 - CFD: 13/10/2009 - 18:11:30 - [77208393] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 10/02/2011 - 16:31:10 - [9572] ----D- C:\ProgramData\ArcSoft
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 04/12/2009 - 17:23:16 - [0] ----D- C:\ProgramData\BVRP Software
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 05/10/2009 - 15:00:14 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 04/01/2011 - 15:21:26 - [410] ----D- C:\ProgramData\EnterNHelp
O43 - CFD: 17/09/2009 - 00:25:42 - [45] ----D- C:\ProgramData\ESTsoft
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 21/09/2009 - 10:00:56 - [29942] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 23/08/2010 - 14:24:38 - [0] ----D- C:\ProgramData\Floodlight Games
O43 - CFD: 22/09/2009 - 10:48:36 - [536308] ----D- C:\ProgramData\Google
O43 - CFD: 15/02/2010 - 20:04:18 - [186] ----D- C:\ProgramData\InstallShield
O43 - CFD: 25/04/2010 - 14:35:20 - [2626754] ----D- C:\ProgramData\LGMOBILEAX
O43 - CFD: 07/11/2009 - 21:21:00 - [6648524] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 02/09/2010 - 00:18:24 - [298815] ----D- C:\ProgramData\McAfee
O43 - CFD: 13/10/2010 - 11:22:04 - [853] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 31/01/2011 - 21:05:06 - [2137705601] ----D- C:\ProgramData\Microsoft
O43 - CFD: 16/09/2009 - 21:53:16 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 04/01/2011 - 15:01:34 - [6997856] ----D- C:\ProgramData\Nikon
O43 - CFD: 07/12/2010 - 23:30:06 - [1154239] ----D- C:\ProgramData\Real
O43 - CFD: 15/04/2010 - 18:45:36 - [60843] ----D- C:\ProgramData\Roxio
O43 - CFD: 18/03/2010 - 12:33:02 - [28186549] ----D- C:\ProgramData\Skype
O43 - CFD: 15/02/2010 - 20:03:58 - [954] ----D- C:\ProgramData\Sonic
O43 - CFD: 04/12/2009 - 17:19:38 - [84472] ----D- C:\ProgramData\Sony Ericsson
O43 - CFD: 04/01/2011 - 15:00:16 - [12] R-H-D- C:\ProgramData\Specifications
O43 - CFD: 16/06/2010 - 22:08:22 - [154] ----D- C:\ProgramData\Sun
O43 - CFD: 04/01/2011 - 15:04:00 - [12] ----D- C:\ProgramData\SupportPrinters
O43 - CFD: 23/08/2010 - 16:29:44 - [0] —AD- C:\ProgramData\TEMP
O43 - CFD: 04/01/2011 - 15:21:26 - [40] ----D- C:\ProgramData\Ultima_T15
O43 - CFD: 05/12/2010 - 17:27:48 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 07/03/2011 - 13:09:36 - [43909] ----D- C:\Users\benoit\AppData\Roaming\5400 Series
O43 - CFD: 10/03/2011 - 09:33:34 - [197670746] ----D- C:\Users\benoit\AppData\Roaming\Adobe
O43 - CFD: 27/05/2010 - 11:11:48 - [61917016] ----D- C:\Users\benoit\AppData\Roaming\Apple Computer
O43 - CFD: 04/01/2011 - 14:58:38 - [638] ----D- C:\Users\benoit\AppData\Roaming\ArcSoft
O43 - CFD: 02/12/2009 - 19:04:58 - [7483794] ----D- C:\Users\benoit\AppData\Roaming\Blender Foundation
O43 - CFD: 20/04/2011 - 21:26:12 - [3255] ----D- C:\Users\benoit\AppData\Roaming\dvdcss
O43 - CFD: 17/09/2009 - 00:25:46 - [456] ----D- C:\Users\benoit\AppData\Roaming\ESTsoft
O43 - CFD: 14/05/2010 - 15:24:42 - [6558611] ----D- C:\Users\benoit\AppData\Roaming\Facebook
O43 - CFD: 23/08/2010 - 14:24:38 - [25631] ----D- C:\Users\benoit\AppData\Roaming\Floodlight Games
O43 - CFD: 15/02/2010 - 10:33:52 - [323] ----D- C:\Users\benoit\AppData\Roaming\FreeBurner
O43 - CFD: 22/09/2009 - 10:49:26 - [0] ----D- C:\Users\benoit\AppData\Roaming\Google
O43 - CFD: 16/09/2009 - 21:57:00 - [0] ----D- C:\Users\benoit\AppData\Roaming\Identities
O43 - CFD: 18/01/2011 - 18:03:52 - [0] ----D- C:\Users\benoit\AppData\Roaming\ImgBurn
O43 - CFD: 07/02/2010 - 15:32:30 - [0] ----D- C:\Users\benoit\AppData\Roaming\IndexEducation
O43 - CFD: 07/02/2010 - 15:26:52 - [0] ----D- C:\Users\benoit\AppData\Roaming\InstallShield
O43 - CFD: 25/04/2010 - 11:20:26 - [2624818] ----D- C:\Users\benoit\AppData\Roaming\LG Electronics
O43 - CFD: 17/09/2009 - 00:01:06 - [1976699] ----D- C:\Users\benoit\AppData\Roaming\Macromedia
O43 - CFD: 07/11/2009 - 21:21:06 - [5423470] ----D- C:\Users\benoit\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\benoit\AppData\Roaming\Media Center Programs
O43 - CFD: 04/01/2011 - 15:11:06 - [14026105] -S–D- C:\Users\benoit\AppData\Roaming\Microsoft
O43 - CFD: 16/09/2009 - 23:56:24 - [22275174] ----D- C:\Users\benoit\AppData\Roaming\Mozilla
O43 - CFD: 18/10/2010 - 18:54:46 - [5679689] ----D- C:\Users\benoit\AppData\Roaming\NBPROF
O43 - CFD: 04/01/2011 - 15:46:10 - [549436] ----D- C:\Users\benoit\AppData\Roaming\Nikon
O43 - CFD: 23/08/2010 - 15:29:42 - [16775] ----D- C:\Users\benoit\AppData\Roaming\Oberonv1001
O43 - CFD: 11/10/2009 - 18:25:12 - [3341574] ----D- C:\Users\benoit\AppData\Roaming\OpenOffice.org
O43 - CFD: 07/12/2010 - 23:30:00 - [6751412] ----D- C:\Users\benoit\AppData\Roaming\Real
O43 - CFD: 15/02/2010 - 20:13:50 - [6460514] ----D- C:\Users\benoit\AppData\Roaming\Roxio
O43 - CFD: 25/04/2010 - 11:06:26 - [0] ----D- C:\Users\benoit\AppData\Roaming\SampleView
O43 - CFD: 12/01/2011 - 02:52:26 - [2679057] ----D- C:\Users\benoit\AppData\Roaming\Skype
O43 - CFD: 02/05/2011 - 17:46:04 - [1944683] ----D- C:\Users\benoit\AppData\Roaming\vlc
O43 - CFD: 08/02/2011 - 17:03:52 - [604] ----D- C:\Users\benoit\AppData\Roaming\widestream
O43 - CFD: 01/02/2011 - 16:34:46 - [295] ----D- C:\Users\benoit\AppData\Roaming\Windows Live Writer
O43 - CFD: 06/05/2011 - 08:23:10 - [16719] ----D- C:\Users\benoit\AppData\Roaming\WTablet
O43 - CFD: 06/03/2010 - 20:40:50 - [382660235] ----D- C:\Users\benoit\Appdata\Local\Adobe
O43 - CFD: 24/11/2009 - 14:25:54 - [0] ----D- C:\Users\benoit\Appdata\Local\Apple
O43 - CFD: 13/04/2011 - 20:45:42 - [37671181] ----D- C:\Users\benoit\Appdata\Local\Apple Computer
O43 - CFD: 16/09/2009 - 21:56:48 - [0] -SH-D- C:\Users\benoit\Appdata\Local\Application Data
O43 - CFD: 17/09/2009 - 14:08:12 - [3125465] ----D- C:\Users\benoit\Appdata\Local\Apps
O43 - CFD: 04/01/2011 - 14:58:26 - [17720] ----D- C:\Users\benoit\Appdata\Local\ArcSoft
O43 - CFD: 17/09/2009 - 14:08:38 - [0] ----D- C:\Users\benoit\Appdata\Local\Deployment
O43 - CFD: 25/04/2010 - 14:33:02 - [425984] ----D- C:\Users\benoit\Appdata\Local\Downloaded Installations
O43 - CFD: 05/10/2009 - 15:00:14 - [4340371] ----D- C:\Users\benoit\Appdata\Local\eMule
O43 - CFD: 29/12/2010 - 00:38:52 - [171197] ----D- C:\Users\benoit\Appdata\Local\Google
O43 - CFD: 16/09/2009 - 21:56:48 - [0] -SH-D- C:\Users\benoit\Appdata\Local\Historique
O43 - CFD: 13/02/2011 - 20:41:58 - [4258200650] ----D- C:\Users\benoit\Appdata\Local\Microsoft
O43 - CFD: 16/09/2009 - 23:56:24 - [100384184] ----D- C:\Users\benoit\Appdata\Local\Mozilla
O43 - CFD: 15/02/2010 - 20:22:18 - [666] ----D- C:\Users\benoit\Appdata\Local\Roxio
O43 - CFD: 04/12/2009 - 17:23:16 - [0] ----D- C:\Users\benoit\Appdata\Local\Sony Ericsson
O43 - CFD: 06/05/2011 - 13:46:12 - [89285826] ----D- C:\Users\benoit\Appdata\Local\Temp
O43 - CFD: 16/09/2009 - 21:56:48 - [0] -SH-D- C:\Users\benoit\Appdata\Local\Temporary Internet Files
O43 - CFD: 16/11/2009 - 00:24:48 - [144] ----D- C:\Users\benoit\Appdata\Local\VirtualStore
O43 - CFD: 02/05/2011 - 15:51:50 - [568361] ----D- C:\Users\benoit\Appdata\Local\widestream6 Air
O43 - CFD: 06/05/2011 - 10:22:14 - [81920] ----D- C:\Users\benoit\Appdata\Local\Windows Live
O43 - CFD: 01/02/2011 - 00:59:32 - [372902] ----D- C:\Users\benoit\Appdata\Local\Windows Live Writer
O43 - CFD: 16/09/2009 - 22:00:08 - [10002] ----D- C:\Users\benoit\Appdata\Local\WindowsUpdate

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2CEE12005489CC7600ECFD7F00EF1200] - 06/05/2011 - 12:10:48 —A- . (…) – C:\Windows\WindowsUpdate.log [1476804]
O44 - LFC:[MD5.2D4792630804D1B3D1B946A564FBB091] - 06/05/2011 - 07:18:18 —A- . (…) – C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1344C036983F1438B0FF6BE6FB1B5CEF] - 05/05/2011 - 11:36:09 —A- . (…) – C:\Windows\System32\Wacom_Tablet.dat [3829]
O44 - LFC:[MD5.4BC214B80AB92CC29BA887852E2264C7] - 04/05/2011 - 16:47:50 —A- . (…) – C:\Windows\System32\PerfStringBackup.INI [1524428]
O44 - LFC:[MD5.42A7277B73B3C495486807783E7B967E] - 04/05/2011 - 16:47:50 —A- . (…) – C:\Windows\System32\perfc009.dat [107898]
O44 - LFC:[MD5.03933A93A11EB2BEDC38E64A49D89754] - 04/05/2011 - 16:47:50 —A- . (…) – C:\Windows\System32\perfc00C.dat [131282]
O44 - LFC:[MD5.6B96161993B6C227291C782D345964E9] - 04/05/2011 - 16:47:50 —A- . (…) – C:\Windows\System32\perfh009.dat [604566]
O44 - LFC:[MD5.1DF2131A3E8B043B459B95969F226D9C] - 04/05/2011 - 16:47:50 —A- . (…) – C:\Windows\System32\perfh00C.dat [688656]
O44 - LFC:[MD5.F06A5A64812014A293367B5E38575631] - 02/05/2011 - 18:41:49 —A- . (…) – C:\Ad-Report-SCAN[2].txt [3244]
O44 - LFC:[MD5.BE7432EDC87304A5F67B537B3828A066] - 02/05/2011 - 16:12:57 —A- . (…) – C:\Ad-Report-CLEAN[1].txt [6229]
O44 - LFC:[MD5.5B8E06BD1A708C06FCEDC97462622305] - 02/05/2011 - 16:10:54 —A- . (…) – C:\Ad-Report-SCAN[1].txt [6662]
O44 - LFC:[MD5.F99DDD5E4F807B43E8B85DCD5F4B59EA] - 01/05/2011 - 19:46:45 —A- . (.Microsoft - Legacy GDF resource DLL.) – C:\Windows\System32\GameUXLegacyGDFs.dll [4240384]
O44 - LFC:[MD5.08040F0D3055C18DE29CBA8E633A3418] - 24/04/2011 - 19:41:54 —A- . (…) – C:\Windows\setupact.log [2848]
O44 - LFC:[MD5.402396096330792A52BD976F0A23F216] - 21/04/2011 - 07:29:41 —A- . (…) – C:\lxct.log [14948]
O44 - LFC:[MD5.B042C87D64E3C561408C2333D5E4FA8D] - 16/04/2011 - 15:44:27 —A- . (…) – C:\Windows\System32\FNTCACHE.DAT [1664400]
O44 - LFC:[MD5.B44A7AC9E801C38F54F7340351313E85] - 15/04/2011 - 08:29:06 —A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) – C:\Windows\System32\atmfd.dll [292864]
O44 - LFC:[MD5.54F73529D65E5EB41FFC28C4EDDF069F] - 15/04/2011 - 08:28:58 —A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library…) – C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.68288DA42BC798992A42CD59061B199D] - 11/04/2011 - 19:06:14 —A- . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) – C:\Windows\System32\java.exe [145184]
O44 - LFC:[MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - 11/04/2011 - 19:06:14 —A- . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) – C:\Windows\System32\javaw.exe [145184]
O44 - LFC:[MD5.58DC5CBDC930AF070B177843810F2C85] - 11/04/2011 - 19:06:14 —A- . (.Sun Microsystems, Inc. - Java™ Web Start Launcher.) – C:\Windows\System32\javaws.exe [157472]
O44 - LFC:[MD5.E728A00E86E022D1BAEF590EB8307351] - 11/04/2011 - 19:05:49 —A- . (…) – C:\Windows\System32\jupdate-1.6.0_24-b07.log [5872]

—\ MountPoints2 Shell Key (O51)
O51 - MPSK:{02e6b3b5-c9e6-11de-9282-001bfc9ec0cc}\AutoRun\command. (.Pas de propriétaire - Pas de description.) – C:\Windows\system32\p.exe (.not file.)
O51 - MPSK:{7695569c-4fc2-11df-b865-001bfc9ec0cc}\AutoRun\command. (.Pas de propriétaire - Pas de description.) – F:\USBAutoRun.exe (.not file.)
O51 - MPSK:{bc09a5cf-11b7-11df-ba83-001bfc9ec0cc}\AutoRun\command. (.Pas de propriétaire - Pas de description.) – F:\AutoRun.exe (.not file.)
O51 - MPSK:{e3d2cbd7-3a96-11df-9498-806e6f6e6963}\AutoRun\command. (.Pas de propriétaire - Pas de description.) – F:\AutoRun.exe (.not file.)

—\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32"VIDC.I420"=“lvcodec2.dll” . (.Logitech Inc. - Video Codec.) – C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32"VIDC.YVU9"=“IYVU9_32.DLL” . (.Pas de propriétaire - Pas de description.) – C:\Windows\System32\IYVU9_32.DLL
O52 - TDSD: \Drivers32"msacm.l3acm"=“C:\Windows\System32\l3codeca.acm” . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) – C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32"vidc.cvid"=“iccvid.dll” . (.Radius Inc. - Codec Cinepak®.) – C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32"VIDC.IV41"=“IR41_32.DLL” . (.Intel® Corporation - Intel Indeo® Video Interactive 32-bit Driver.) – C:\Windows\System32\IR41_32.DLL
O52 - TDSD: \Drivers32"VIDC.IV32"=“IR32_32.DLL” . (.Intel® Corporation - Pas de description.) – C:\Windows\System32\IR32_32.DLL
O52 - TDSD: \Drivers32"VIDC.IV31"=“IR32_32.DLL” . (.Intel® Corporation - Pas de description.) – C:\Windows\System32\IR32_32.DLL
O52 - TDSD: \drivers.desc"C:\Windows\System32\l3codeca.acm"=“Fraunhofer IIS MPEG Layer-3 Codec” . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) – C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc"IR41_32.DLL"=“Indeo® video interactive R4.1 par Intel” . (.Pas de propriétaire - Pas de description.) – (.not file.)
O52 - TDSD: \drivers.desc"IR32_32.DLL"=“Indeo® video R3.2 par Intel” . (.Pas de propriétaire - Pas de description.) – (.not file.)
O52 - TDSD: \drivers.desc"IYVU9_32.DLL"=“Indeo® video Raw YVU9 par Intel” . (.Pas de propriétaire - Pas de description.) – C:\Windows\System32\IYVU9_32.DLL

—\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM…\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) – C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM…\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) – C:\Windows\system32\credssp.dll

—\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM…\Policies\System] - “ConsentPromptBehaviorAdmin”=2
O55 - MWPS:[HKLM…\Policies\System] - “ConsentPromptBehaviorUser”=1
O55 - MWPS:[HKLM…\Policies\System] - “EnableInstallerDetection”=1
O55 - MWPS:[HKLM…\Policies\System] - “EnableLUA”=0
O55 - MWPS:[HKLM…\Policies\System] - “EnableSecureUIAPaths”=1
O55 - MWPS:[HKLM…\Policies\System] - “EnableVirtualization”=1
O55 - MWPS:[HKLM…\Policies\System] - “PromptOnSecureDesktop”=1
O55 - MWPS:[HKLM…\Policies\System] - “ValidateAdminCodeSignatures”=0
O55 - MWPS:[HKLM…\Policies\System] - “dontdisplaylastusername”=0
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticecaption”=
O55 - MWPS:[HKLM…\Policies\System] - “legalnoticetext”=
O55 - MWPS:[HKLM…\Policies\System] - “scforceoption”=0
O55 - MWPS:[HKLM…\Policies\System] - “shutdownwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “undockwithoutlogon”=1
O55 - MWPS:[HKLM…\Policies\System] - “FilterAdministratorToken”=0
O55 - MWPS:[HKLM…\Policies\System] - “EnableUIADesktopToggle”=0
O55 - MWPS:[HKLM…\Policies\System] - “DisableRegistryTools”=0

—\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU…\policies\Explorer] - “NoDrives”=0
O56 - MWPE:[HKCU…\policies\Explorer] - “NoRun”=0
O56 - MWPE:[HKCU…\policies\Explorer] - “NoFind”=0
O56 - MWPE:[HKCU…\policies\Explorer] - “NoLogOff”=0
O56 - MWPE:[HKCU…\policies\Explorer] - “NoSetFolders”=0
O56 - MWPE:[HKLM…\policies\Explorer] - “NoDrives”=0
O56 - MWPE:[HKLM…\policies\Explorer] - “BindDirectlyToPropertySetStorage”=0

—\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 —A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\Windows\system32\drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 —A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\Windows\system32\drivers\adpahci.sys [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 —A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) – C:\Windows\system32\drivers\adpu160m.sys [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 —A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) – C:\Windows\system32\drivers\adpu320.sys [147048]
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 —A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\Windows\system32\drivers\aliide.sys [14952]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 —A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\Windows\system32\drivers\arc.sys [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 —A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\system32\drivers\arcsas.sys [67688]
O58 - SDL:[MD5.DCDAAB8697A47894A554050CE18D0B56] - 18/10/2006 - 13:44:48 —A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) – C:\Windows\system32\drivers\ASACPI.sys [7680]
O58 - SDL:[MD5.CBA53C5E29AE0A0CE76F9A2BE3A40D9E] - 13/01/2011 - 09:37:09 —A- . (.AVAST Software - avast! File System Access Blocking Driver.) – C:\Windows\system32\drivers\aswFsBlk.sys [17744]
O58 - SDL:[MD5.317F85FB68A3BE507E9CCEDE5E6D9EE0] - 13/01/2011 - 09:37:19 —A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) – C:\Windows\system32\drivers\aswMonFlt.sys [51280]
O58 - SDL:[MD5.B6E8C5874377A42756C282FAC2E20836] - 13/01/2011 - 09:37:30 —A- . (.AVAST Software - avast! TDI RDR Driver.) – C:\Windows\system32\drivers\aswRdr.sys [23632]
O58 - SDL:[MD5.B93A553C9B0F14263C8F016A44C3258C] - 13/01/2011 - 09:41:16 —A- . (.AVAST Software - avast! self protection module.) – C:\Windows\system32\drivers\aswSP.sys [294608]
O58 - SDL:[MD5.1408421505257846EB336FEEEF33352D] - 13/01/2011 - 09:40:16 —A- . (.AVAST Software - avast! TDI Filter Driver.) – C:\Windows\system32\drivers\aswTdi.sys [47440]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 —A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) – C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 —A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) – C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 —A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) – C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 —A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) – C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 —A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) – C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 —A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) – C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 24/07/2006 - 03:00:00 —A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) – C:\Windows\system32\drivers\cdr4_xp.sys [2432]
O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 24/07/2006 - 03:00:00 —A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) – C:\Windows\system32\drivers\cdralw2k.sys [2560]
O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 —A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) – C:\Windows\system32\drivers\cmdide.sys [16488]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 —A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) – C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.76167B5EB2DFFC729EDC36386876B40B] - 11/08/2006 - 10:35:18 —A- . (.Roxio - Shared Driver Component.) – C:\Windows\system32\drivers\DLACDBHM.SYS [12920]
O58 - SDL:[MD5.91886FED52A3F9966207BCE46CFD794F] - 11/08/2006 - 10:35:16 —A- . (.Roxio - Shared Driver Component.) – C:\Windows\system32\drivers\DLARTL_M.SYS [28184]
O58 - SDL:[MD5.C00440385CF9F3D142917C63F989E244] - 21/07/2006 - 11:21:26 —A- . (.Sonic Solutions - Device Driver.) – C:\Windows\system32\drivers\DRVMCDB.SYS [99176]
O58 - SDL:[MD5.6E6AB29D3C06E64CE81FEACDA85394B5] - 11/08/2006 - 11:05:58 —A- . (.Roxio - Device Driver Manager.) – C:\Windows\system32\drivers\DRVNDDM.SYS [51768]
O58 - SDL:[MD5.7505290504C8E2D172FA378CC0497BCC] - 02/11/2006 - 08:30:55 —A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) – C:\Windows\system32\drivers\e1e6032.sys [200704]
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 —A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) – C:\Windows\system32\drivers\E1G60I32.sys [117760]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 —A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) – C:\Windows\system32\drivers\elxstor.sys [316520]
O58 - SDL:[MD5.E044B5C7CD5CEA728D13D30D431B13E0] - 12/05/2009 - 14:53:04 —A- . (.Danish Wireless Design A/S - USB driver for Flash Loader Utility.) – C:\Windows\system32\drivers\FlashUsb.sys [16896]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 —A- . (.GEAR Software Inc. - CD DVD Filter.) – C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 —A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) – C:\Windows\system32\drivers\HpCISSs.sys [37480]
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 —A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) – C:\Windows\system32\drivers\iaStorV.sys [232040]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 —A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) – C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 —A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) – C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 —A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) – C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.C995C0E8B4503FAC38793BB0236AD246] - 08/02/2006 - 03:52:58 —A- . (.JMicron - SCSI Port upper filter driver.) – C:\Windows\system32\drivers\JGOGO.sys [6912]
O58 - SDL:[MD5.C341318BEAE24FA4042C5F8C64CB38B6] - 07/12/2006 - 03:41:16 —A- . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) – C:\Windows\system32\drivers\jraid.sys [44416]
O58 - SDL:[MD5.1D038CA6C529203087A990E5E97887B4] - 29/09/2009 - 07:11:20 —A- . (.LG Electronics Inc. - LG BT Bus Enumerator.) – C:\Windows\system32\drivers\lgbtbus.sys [10496]
O58 - SDL:[MD5.4DD47B5AF0B24871EBB9EFC012A7474E] - 29/09/2009 - 07:11:22 —A- . (.LG Electronics Inc. - LG Bluetooth Transport Driver.) – C:\Windows\system32\drivers\lgbtport.sys [12160]
O58 - SDL:[MD5.9419FAAC6552A51542DBBA02971C841C] - 19/11/2008 - 16:09:08 —A- . (.LG Electronics Inc. - LG CDMA USB Multi function Driver.) – C:\Windows\system32\drivers\lgusbbus.sys [13056]
O58 - SDL:[MD5.C0A466FA4FFEC464320E159BC1BBDC0C] - 19/11/2008 - 16:09:08 —A- . (.LG Electronics Inc. - LG CDMA USB Diagnostics Driver.) – C:\Windows\system32\drivers\lgusbdiag.sys [19968]
O58 - SDL:[MD5.F74A54774A9B0AFEB3C40ADEC68AA600] - 19/11/2008 - 16:09:10 —A- . (.LG Electronics Inc. - LG CDMA USB Modem Driver.) – C:\Windows\system32\drivers\lgusbmodem.sys [24832]
O58 - SDL:[MD5.26F1976A330195D62A6224C76968CF0D] - 29/09/2009 - 07:11:20 —A- . (.LG Electronics Inc. - LG Virtual Modem Driver.) – C:\Windows\system32\drivers\lgvmodem.sys [12928]
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 —A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) – C:\Windows\system32\drivers\lsi_fc.sys [65640]
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 —A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) – C:\Windows\system32\drivers\lsi_sas.sys [65640]
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 —A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) – C:\Windows\system32\drivers\lsi_scsi.sys [65640]
O58 - SDL:[MD5.B1AD87B4C97B6B59FCD075001E76865F] - 26/04/2004 - 22:31:04 —A- . (.Logitech Inc. - Video Minidriver.) – C:\Windows\system32\drivers\lvcd.sys [474304]
O58 - SDL:[MD5.BC4052D0E8415E00E3270E0AA792860B] - 26/04/2004 - 22:28:30 —A- . (.Logitech Inc. - USB Statistic Driver.) – C:\Windows\system32\drivers\LVUSBSta.sys [12112]
O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 17:08:40 —A- . (.Malwarebytes Corporation - Malwarebytes’ Anti-Malware.) – C:\Windows\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 17:09:00 —A- . (.Malwarebytes Corporation - Malwarebytes’ Anti-Malware.) – C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 —A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) – C:\Windows\system32\drivers\megasas.sys [28776]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 —A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) – C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 —A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) – C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 —A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) – C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.0C2FFF51FCC657BF0011F27FC40E5FF3] - 26/04/2007 - 16:17:00 —A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 158.) – C:\Windows\system32\drivers\nvlddmkm.sys [7475072]
O58 - SDL:[MD5.1657F3FBD9061526C14FF37E79306F98] - 02/11/2006 - 08:30:56 —A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver…) – C:\Windows\system32\drivers\nvm60x32.sys [429056]
O58 - SDL:[MD5.C7859D19648D45EE888666C044ECAB23] - 15/01/2007 - 17:35:18 —A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver…) – C:\Windows\system32\drivers\nvmfdx32.sys [1032104]
O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 —A- . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\system32\drivers\nvraid.sys [88680]
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 —A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\system32\drivers\nvstor.sys [40040]
O58 - SDL:[MD5.5FBF62A83B551F757112B4A0C27432EC] - 22/12/2006 - 20:07:10 —A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\system32\drivers\nvstor32.sys [93696]
O58 - SDL:[MD5.FEFFCFDC528764A04C8ED63D5FA6E711] - 24/07/2006 - 03:00:00 —A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) – C:\Windows\system32\drivers\pxhelp20.sys [36528]
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 —A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) – C:\Windows\system32\drivers\ql2300.sys [900712]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 —A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) – C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.389F5D4859F4300D52EAD838F1A17131] - 23/04/2007 - 18:13:22 —A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) – C:\Windows\system32\drivers\RTKVHDA.sys [1769952]
O58 - SDL:[MD5.59509AD6CBC28F2C73056268985B3E48] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 Driver.) – C:\Windows\system32\drivers\s0016bus.sys [89256]
O58 - SDL:[MD5.8C4A9024CF84D61D4BC07F06DDF7B2D1] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Windows 2000/XP support functions.) – C:\Windows\system32\drivers\s0016cm.sys [12200]
O58 - SDL:[MD5.8C4A9024CF84D61D4BC07F06DDF7B2D1] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Windows 2000/XP support functions.) – C:\Windows\system32\drivers\s0016cmnt.sys [12200]
O58 - SDL:[MD5.44D115C6BE5DF0F32338DA1032923644] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 USB Ethernet Emulation (WDM class reg.) – C:\Windows\system32\drivers\s0016cr.sys [10792]
O58 - SDL:[MD5.B98C3A6F91F4FBA285AF9606A240C6B4] - 16/05/2008 - 12:33:14 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC Modem Filter Driver.) – C:\Windows\system32\drivers\s0016mdfl.sys [15016]
O58 - SDL:[MD5.8A83426F4FB7B5212825D9DE76368B1A] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC Modem WDM Driver.) – C:\Windows\system32\drivers\s0016mdm.sys [120744]
O58 - SDL:[MD5.7A78BBA97FEB5E6D24C49E93A3BF7287] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC Device Management Driver.) – C:\Windows\system32\drivers\s0016mgmt.sys [114216]
O58 - SDL:[MD5.34EF7B5F611957B73E7219DD5A222AD1] - 16/05/2008 - 12:33:14 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 USB Ethernet Emulation (NDIS 5 Minipo.) – C:\Windows\system32\drivers\s0016nd5.sys [25512]
O58 - SDL:[MD5.36792935847143E4A3CDA0DC87248487] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 USB WMC OBEX Interface Device Driver.) – C:\Windows\system32\drivers\s0016obex.sys [110632]
O58 - SDL:[MD5.927208754FB27FC3E7A659E77500C5D1] - 16/05/2008 - 12:33:14 —A- . (.MCCI Corporation - Sony Ericsson Device 0016 USB Ethernet Emulation.) – C:\Windows\system32\drivers\s0016unic.sys [115752]
O58 - SDL:[MD5.DA9BB7BCBB5F3D4B4E9B1E767278259D] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Windows 2000/XP support functions.) – C:\Windows\system32\drivers\s0016wh.sys [12200]
O58 - SDL:[MD5.DA9BB7BCBB5F3D4B4E9B1E767278259D] - 16/05/2008 - 12:33:12 —A- . (.MCCI Corporation - Windows 2000/XP support functions.) – C:\Windows\system32\drivers\s0016whnt.sys [12200]
O58 - SDL:[MD5.7C38FC284136981EBE002252FA0900D3] - 05/09/2006 - 19:07:00 —A- . (.MCCI - Sony Ericsson Device 089 Driver.) – C:\Windows\system32\drivers\se59bus.sys [61536]
O58 - SDL:[MD5.7692F6346DC6497DBD216889D58D5A82] - 05/09/2006 - 19:06:56 —A- . (.MCCI - Windows 2000/XP support functions.) – C:\Windows\system32\drivers\se59wh.sys [5872]
O58 - SDL:[MD5.7692F6346DC6497DBD216889D58D5A82] - 05/09/2006 - 19:06:56 —A- . (.MCCI - Windows 2000/XP support functions.) – C:\Windows\system32\drivers\se59whnt.sys [5872]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 —A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) – C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.E5B56569A9F79B70314FEDE6C953641E] - 09/01/2008 - 11:28:34 —A- . (.Sony Ericsson Mobile Communications - seehcri Driver.) – C:\Windows\system32\drivers\seehcri.sys [27632]
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 —A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\Windows\system32\drivers\sisraid2.sys [38504]
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 —A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\system32\drivers\sisraid4.sys [71784]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 —A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) – C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 —A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) – C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 —A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) – C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 —A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) – C:\Windows\system32\drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 —A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) – C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 —A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) – C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.1DF89C499BF45D878B87EBD4421D462D] - 28/08/2009 - 18:42:52 —A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) – C:\Windows\system32\drivers\usbaapl.sys [40448]
O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 —A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\Windows\system32\drivers\viaide.sys [17512]
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 —A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) – C:\Windows\system32\drivers\vsmraid.sys [112232]
O58 - SDL:[MD5.17BDADE5A09D0B0F85F6FD95E3A68ECD] - 25/01/2010 - 00:32:24 —A- . (.Wacom Technology - Wacom HID Mouse Monitor Filter Driver.) – C:\Windows\system32\drivers\wacmoumonitor.sys [16168]
O58 - SDL:[MD5.427A8BC96F16C40DF81C2D2F4EDD32DD] - 16/02/2007 - 20:12:36 —A- . (.Wacom Technology - Wacom Mouse Filter Driver.) – C:\Windows\system32\drivers\wacommousefilter.sys [11312]
O58 - SDL:[MD5.846B58EA44BF8C92E4B59F4E2252C4C0] - 22/09/2009 - 00:29:22 —A- . (.Wacom Technology - Virtual Hid Device.) – C:\Windows\system32\drivers\wacomvhid.sys [14120]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 —A- . (…) – C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 —A- . (…) – C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 —A- . (…) – C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 —A- . (…) – C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 —A- . (…) – C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 —A- . (…) – C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 —A- . (…) – C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 —A- . (…) – C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 —A- . (…) – C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 —A- . (…) – C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 —A- . (…) – C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 —A- . (…) – C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 —A- . (…) – C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 —A- . (…) – C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 —A- . (…) – C:\Windows\system32\NTIO804.SYS [34672]

—\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] – Ad-Remover
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] – ZHPDiag_is1

—\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(…) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 13/01/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(…) - LEGACY_ASWRDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(…) - LEGACY_ASWSP
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(…) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(…) - LEGACY_BEEP
O64 - Services: CurCS - C:\Users\benoit\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(…) - LEGACY_CATCHME
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLABMFSM.sys - DLABMFSM(DLABMFSM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABMFSM
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLABOIOM.sys - DLABOIOM(DLABOIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABOIOM
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLADResM.sys - DLADResM(DLADResM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLADRESM
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLAIFS_M.sys - DLAIFS_M(DLAIFS_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAIFS_M
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLAOPIOM.sys - DLAOPIOM(DLAOPIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAOPIOM
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLAPoolM.sys - DLAPoolM(DLAPoolM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAPOOLM
O64 - Services: CurCS - 11/08/2006 - C:\Windows\System32\Drivers\DLARTL_M.sys - DLARTL_M(DLARTL_M) .(.Roxio - Shared Driver Component.) - LEGACY_DLARTL_M
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLAUDFAM.sys - DLAUDFAM(DLAUDFAM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDFAM
O64 - Services: CurCS - 26/10/2006 - C:\Windows\System32\DLA\DLAUDF_M.sys - DLAUDF_M(DLAUDF_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDF_M
O64 - Services: CurCS - 11/08/2006 - C:\Windows\System32\Drivers\DRVNDDM.sys - DRVNDDM(DRVNDDM) .(.Roxio - Device Driver Manager.) - LEGACY_DRVNDDM
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(…) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(…) - LEGACY_FS_REC
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(…) - LEGACY_MBR
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(…) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(…) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(…) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(…) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(…) - LEGACY_NULL
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\nvstor.sys - nvstor(nvstor) .(.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(…) - LEGACY_PROCEXP113
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(…) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(…) - LEGACY_SPLDR

—\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.cpl> [HKLM…\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.com> [HKLM…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.exe> [HKLM…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.html> [HKLM…\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> [HKLM…\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM…\open\Command] (.Microsoft Corporation - Éditeur du Registre.) – C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU…\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU…\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU…\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.cpl> [HKCR…\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) – C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKCR…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.com> [HKCR…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.exe> [HKCR…\open\Command] “%1” %* (.not file.)
O67 - Shell Spawning: <.html> [HKCR…\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR…\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR…\open\Command] (.Microsoft Corporation - Éditeur du Registre.) – C:\Windows\regedit.exe

—\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM…\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM…\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM…\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\IEXPLORE.exe

—\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - search.live.com…
O69 - SBI: SearchScopes [HKCU] {0571B9CD-53F3-4192-8E7E-50117C196865} - (Google) - www.google.com…
O69 - SBI: SearchScopes [HKCU] {557C21FE-7274-410D-853E-9ED4471BF193} - (search-web.net) - search-web.net3A%23FFFFF0%3B…
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - www.google.com…
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - search.live.com…

—\ Recherche d’infection Rogue (O86)
C:\ProgramData\5400 Series
C:\Users\benoit\AppData\Roaming\5400 Series

—\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: “WinCollab-DFSR-In-TCP” | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) – C:\Windows\system32\dfsr.exe
O87 - FAEL: “WinCollab-DFSR-Out-TCP” | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) – C:\Windows\system32\dfsr.exe
O87 - FAEL: “WinCollab-In-TCP” | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) – C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: “WinCollab-Out-TCP” | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) – C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: “WinCollab-In-UDP” | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) – C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: “WinCollab-Out-UDP” | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) – C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: “RemoteSvcAdmin-In-TCP-NoScope” | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) – C:\Windows\system32\services.exe
O87 - FAEL: “RemoteSvcAdmin-In-TCP” | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) – C:\Windows\system32\services.exe
O87 - FAEL: “NetPres-In-TCP-NoScope” | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) – C:\Windows\system32\netproj.exe
O87 - FAEL: “NetPres-Out-TCP-NoScope” | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) – C:\Windows\system32\netproj.exe
O87 - FAEL: “NetPres-WSD-In-UDP” | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) – C:\Windows\system32\netproj.exe
O87 - FAEL: “NetPres-WSD-Out-UDP” | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) – C:\Windows\system32\netproj.exe
O87 - FAEL: “NetPres-In-TCP” | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) – C:\Windows\system32\netproj.exe
O87 - FAEL: “NetPres-Out-TCP” | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) – C:\Windows\system32\netproj.exe
O87 - FAEL: “CoreNet-GP-LSASS-Out-TCP” | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) – C:\Windows\system32\lsass.exe
O87 - FAEL: “TCP Query User{89E65275-8C33-43EA-831D-B493E50F0DEC}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe” | In - Public - P6 - TRUE | .(.Adobe Systems, Inc…) – C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe
O87 - FAEL: “UDP Query User{611EBE2E-D596-43E6-A030-F72EA8D923AC}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe” | In - Public - P17 - TRUE | .(.Adobe Systems, Inc…) – C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe
O87 - FAEL: “TCP Query User{930E6AED-E701-4A36-B9DF-D41C12BA6064}C:\program files\emule\emule.exe” | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) – C:\program files\emule\emule.exe
O87 - FAEL: “UDP Query User{82ECF144-CCB6-471B-8E98-B46FABB7EF75}C:\program files\emule\emule.exe” | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) – C:\program files\emule\emule.exe
O87 - FAEL: “{49A2AB29-72B8-42DF-A88B-4461C2E73F95}” |In - Public - P6 - TRUE | .(…) – C:\Program Files\Bonjour\mDNSResponder.exe (.not file.)
O87 - FAEL: “{C81B2803-F111-4317-B0EA-90A44EBE4254}” |In - Public - P17 - TRUE | .(…) – C:\Program Files\Bonjour\mDNSResponder.exe (.not file.)
O87 - FAEL: “TCP Query User{9E596333-DBEC-457C-8595-6F1FE823D65C}C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe” | In - Public - P6 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) – C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O87 - FAEL: “UDP Query User{4FF0D7E1-5CFA-4615-A9CF-B759E5237F44}C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe” | In - Public - P17 - TRUE | .(.Apache Software Foundation - Apache HTTP Server.) – C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O87 - FAEL: “FPS-SpoolSvc-In-TCP-NoScope” | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) – C:\Windows\system32\spoolsv.exe
O87 - FAEL: “FPS-SpoolSvc-In-TCP” | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) – C:\Windows\system32\spoolsv.exe
O87 - FAEL: “TCP Query User{646CFD63-3448-40C2-8F84-8AE582B9BC46}C:\program files\adobe\adobe illustrator cs3\support files\contents\windows\illustrator.exe” | In - Public - P6 - TRUE | .(.Adobe Systems Inc…) – C:\program files\adobe\adobe illustrator
O87 - FAEL: “UDP Query User{AAE3120C-2D92-46D8-A1EF-96D71B7ED542}C:\program files\adobe\adobe illustrator cs3\support files\contents\windows\illustrator.exe” | In - Public - P17 - TRUE | .(.Adobe Systems Inc…) – C:\program files\adobe\adobe illustrator
O87 - FAEL: “TCP Query User{0937C989-2DE7-4FF6-9054-739276F2D500}C:\program files\adsltv\adsltv.exe” | In - Public - P6 - TRUE | .(.adsltv.org - Pas de description.) – C:\program files\adsltv\adsltv.exe
O87 - FAEL: “UDP Query User{3568242D-9AEF-4EF2-9600-5D2844C8E07C}C:\program files\adsltv\adsltv.exe” | In - Public - P17 - TRUE | .(.adsltv.org - Pas de description.) – C:\program files\adsltv\adsltv.exe
O87 - FAEL: “{E91C19A4-9AEC-4455-9549-694BAEF64DF7}” | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) – C:\WINDOWS\System32\lxctcoms.exe
O87 - FAEL: “{77539C6C-6FF4-4C04-B78F-4E6368ADF9C8}” | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Communication System.) – C:\WINDOWS\System32\lxctcoms.exe
O87 - FAEL: “{64E13C89-F65E-4203-8CA3-6713B6AC7496}” | In - Public - P6 - TRUE | .(.Pas de propriétaire - Device Monitor.) – C:\Program Files\Lexmark 5400 Series\lxctmon.exe
O87 - FAEL: “{999FF158-E7EA-4812-BEA3-A481A19C90BA}” | In - Public - P17 - TRUE | .(.Pas de propriétaire - Device Monitor.) – C:\Program Files\Lexmark 5400 Series\lxctmon.exe
O87 - FAEL: “{56B52765-EF99-4745-8F90-9F8DA0244E00}” | In - Public - P6 - TRUE | .(.Lexmark International Inc. - AIOC exe.) – C:\Program Files\Lexmark 5400 Series\LXCTaiox.exe
O87 - FAEL: “{843CA7A0-F4FE-4E74-BCD7-506FD4F45086}” | In - Public - P17 - TRUE | .(.Lexmark International Inc. - AIOC exe.) – C:\Program Files\Lexmark 5400 Series\LXCTaiox.exe
O87 - FAEL: “{001AB73E-8D55-4F2E-8099-137829244878}” | In - Public - P6 - TRUE | .(.Apple Inc. - iTunes.) – C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: “{94791DC9-16FD-498F-8448-4E70FC101366}” | In - Public - P17 - TRUE | .(.Apple Inc. - iTunes.) – C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: “{12C0B032-B4E3-45F1-8C37-D0485680E016}” | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) – C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: “{63761FE0-863C-4879-AB2E-333331E53ADF}” |In - Public - P6 - TRUE | .(…) – E:\eSKernel.exe (.not file.)
O87 - FAEL: “{6B517995-7EFD-4CE9-9582-2E235A64C3CF}” |In - Public - P17 - TRUE | .(…) – E:\eSKernel.exe (.not file.)
O87 - FAEL: “{FD3BED88-0DB6-41E7-BB97-7BBA3D65305E}” | In - Public - P6 - TRUE | .(.TechCity Solutions France - eSKernel.) – C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: “{ACCFE422-2D91-47F8-9965-C01BEC21AD48}” | In - Public - P17 - TRUE | .(.TechCity Solutions France - eSKernel.) – C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: “{5D8A4106-A764-424F-9EBD-81319FF121FA}” | In - Public - P6 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) – C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: “{A969F163-3190-4A3B-9B02-967D9F312E5B}” | In - Public - P17 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) – C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: “{2BAB03C4-0501-4418-87D9-FC0BF03F38B1}” | In - Public - P6 - TRUE | .(.Skype Technologies - Skype Extras Manager.) – C:\Program Files\Skype\Plugin Manager\skypePM.exe
O87 - FAEL: “{5D2E35B4-70D1-4D2F-8B71-56A81648B856}” | In - Public - P17 - TRUE | .(.Skype Technologies - Skype Extras Manager.) – C:\Program Files\Skype\Plugin Manager\skypePM.exe
O87 - FAEL: “{75AAAD34-2463-45A7-A3AB-6083E52800D7}” | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) – C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: “{D6DECFA0-BE88-4FA2-8FC5-CE1C638D14EE}” | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) – C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: “{111A9F18-05B9-4A94-82CA-D40C2D414E11}” | In - None - P17 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) – C:\Program Files\Windows Live\Mesh\MOE.exe
O87 - FAEL: “TCP Query User{73E01575-947D-4435-AB40-5D0BCD8EF9C1}C:\program files\mozilla firefox\firefox.exe” | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) – C:\program files\mozilla firefox\firefox.exe
O87 - FAEL: “UDP Query User{43A84FD5-724F-4E23-A84D-81A99914261B}C:\program files\mozilla firefox\firefox.exe” | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) – C:\program files\mozilla firefox\firefox.exe

—\ Scan Additionnel (O88)
Database Version : 6886 - (04/05/2011)
Number of Keys Founds (Clés trouvées) : 5
Number of Directories Founds (Dossiers trouvés) : 3

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive] =>PUP.OfferBox
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes{557C21FE-7274-410D-853E-9ED4471BF193}] =>
[HKCU\Software\WideStream] =>Adware.SPointer
[HKLM\Software\WideStream] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall{835525BE-63BD-4EC4-9425-00CEAD4849C2}] =>Adware.SPointer
C:\Users\benoit\AppData\Roaming\Widestream =>Adware.SPointer
C:\Users\benoit\Appdata\Local\widestream6 Air =>Adware.SPointer
C:\Documents and Settings\benoit\Local Settings\Application Data\widestream6 Air =>Adware.SPointer

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc…) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 28/08/2009 144672 | (Apple Mobile Device) . (.Apple Inc…) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
SR - | Auto 13/01/2011 40384 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 29/04/2008 20480 | (eStantLaunchService) . (.TechCity Solutions France.) - C:\Program Files\BboxUpdate\eSRunService.exe
SS - | Demand 17/09/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd…) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 14/03/2010 135664 | (gupdate) . (.Google Inc…) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 14/03/2010 135664 | (gupdatem) . (.Google Inc…) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 22/09/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 12/11/2009 545568 | (iPod Service) . (.Apple Inc…) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 19/03/2007 537520 | (lxct_device) . (…) - C:\Windows\system32\lxctcoms.exe
SS - | Demand 15/01/2010 227232 | (McComponentHostService) . (.McAfee, Inc…) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SR - | Auto 30/04/2009 90112 | (OMSI download service) . (…) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
SS - | Auto 30/04/2009 0 | (RoxLiveShare9) . (…) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
SS - | Demand 30/04/2009 0 | (stllssvr) . (…) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 09/03/2010 5010288 | (TabletServiceWacom) . (.Wacom Technology, Corp…) - C:\Windows\system32\Wacom_Tablet.exe
SS - | Demand 10/12/2008 24636 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
SS - | Demand 17/06/2009 6582912 | (wampmysqld) . (…) - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

—\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, www.gmer.net…
Run by benoit at 06/05/2011 13:49:44

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
C:\Windows\system32\DRIVERS\nvstor32.sys NVIDIA Corporation NVIDIA nForc

7

Rends toi à cette adresse afin de télécharger AD-Remover (créé par C_XX) :
forum-aide-contre-virus.be…
Clique sur TELECHARGER et enregistre-le sur votre bureau.
Une fois téléchargé, double-clique sur son icone pour lancer l’installation.
Sous vista et Windows7 : clic droit sur son icone et sélectionnez “Exécuter en tant qu’administrateur”.
L’installation se fera automatiquement.
Clique sur “Scanner” pour exécuter une recherche des infections.
Clique sur “Oui” pour confirmer.
Copie/colle le rapport dans ton prochain message.

8

voila voili

======= RAPPORT D’AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: www.teamxscript.org…

C:\Program Files\Ad-Remover\main.exe (SCAN [3]) -> Lancé à 16:25:17 le 06/05/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
benoit@PCBENOIT (System manufacturer System Product Name)

============== RECHERCHE ==============

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [3.6.17 (fr)] ****

HKLM_MozillaPlugins@wacom.com/wacom-plugin,version=1.1.0.3 (x)
Searchplugins\xeoocom.xml (hxxp://www.xeoo.com/)

– C:\Users\benoit\AppData\Roaming\Mozilla\FireFox\Profiles\4ocxapcw.default –
Extensions\firebug@software.joehewitt.com (Firebug)
Extensions\illimitux@illimitux.net (Illimitux)
Extensions{bb6bc1bb-f824-4702-90cd-35e2fb24f25c} (Add N Edit Cookies)
Extensions{c45c406e-ab73-11d8-be73-000a95be3b12} (Web Developer)
Prefs.js - browser.download.dir, C:\Users\benoit\Downloads
Prefs.js - browser.startup.homepage, www.search-web.net…
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.17
Prefs.js - keyword.URL, search-web.net…
Prefs.js - privacy.popups.showBrowserMessage, false

========================================

**** Internet Explorer Version [7.0.6002.18005] ****

HKCU_Main|Default_Page_URL - www.microsoft.com…
HKCU_Main|Default_Search_URL - www.microsoft.com…
HKCU_Main|Search bar - go.microsoft.com…
HKCU_Main|Start Page - www.search-web.net…
HKLM_Main|Default_Page_URL - go.microsoft.com…
HKLM_Main|Default_Search_URL - www.microsoft.com…
HKLM_Main|Search bar - search.msn.com…
HKLM_Main|Search Page - www.microsoft.com…
HKLM_Main|Start Page - fr.msn.com…
HKCU_SearchScopes{557C21FE-7274-410D-853E-9ED4471BF193} - “search-web.net” (hxxp://search-web.net/results.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&…)
HKCU_Toolbar\WebBrowser|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
HKLM_Toolbar|{1017A80C-6F09-4548-A84D-EDD6AC9525F0} (C:\Program Files\Lexmark Toolbar\toolband.dll)
BHO{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - “Lexmark Barre d’outils” (C:\Program Files\Lexmark Toolbar\toolband.dll)
BHO{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - “Search Helper” (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 78 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 19 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 02/05/2011 17:11:22 (6229 Octet(s))
C:\Ad-Report-SCAN[1].txt - 02/05/2011 17:09:51 (6662 Octet(s))
C:\Ad-Report-SCAN[2].txt - 02/05/2011 19:41:12 (3244 Octet(s))
C:\Ad-Report-SCAN[3].txt - 06/05/2011 16:25:31 (3171 Octet(s))

Fin à: 16:26:12, 06/05/2011

============== E.O.F ==============

9

Tu as déjà utilisé ce logiciel seul ?Car il y a déjà plusieurs rapports sur ton système .

O44 - LFC:[MD5.F06A5A64812014A293367B5E38575631] - 02/05/2011 - 18:41:49 —A- . (…) – C:\Ad-Report-SCAN[2].txt [3244]
O44 - LFC:[MD5.BE7432EDC87304A5F67B537B3828A066] - 02/05/2011 - 16:12:57 —A- . (…) – C:\Ad-Report-CLEAN[1].txt [6229]
O44 - LFC:[MD5.5B8E06BD1A708C06FCEDC97462622305] - 02/05/2011 - 16:10:54 —A- . (…) – C:\Ad-Report-SCAN[1].txt [6662]

:jap:
Edité le 06/05/2011 à 20:31

10

oui j’avais essayé ce logiciel pour voir si ca pouvait régler le problème, mais non… Fallait pas ??? :etonne2:

11

Qu’est ce que je fait maintenant ???
Quelqu’un a une idée ???
:etonne2::etonne2::etonne2::etonne2: