cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v1.27.1906 par Nicolas Coolman, Update du 21/04/2011
Run by barnezet at 22/04/2011 18:42:56
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19048
MFIE: Mozilla Firefox v3.6.13 (fr)

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 634 GB (69%) free of 919 GB

---\\ Logged in mode
Computer Name: PC-DE-BARNEZET
User Name: barnezet
All Users Names: barnezet, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\barnezet\AppData\Roaming
%LocalAppData%=C:\Users\barnezet\AppData\Local
%StartMenu%=C:\Users\barnezet\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 634 Go of 919 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.047CDEFF94B63F0A4791372B47427B60] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2011 07:21:28.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]

---\\ Processus lancés
[MD5.F1AA26C6F261C28D42994CF46F3F83B7] - (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe [684032]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.E6CB83FF2C098C6FFCF2D43A4AAC9B54] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6139904]
[MD5.E273A48CB6D61990E7E7F040CD606F1D] - (.Packard Bell BV - Activboard Application.) -- C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe [79416]
[MD5.062F3DB9AFA9C3CE0DA52F28595C0C6D] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152]
[MD5.CAF03357DE72F8F19FA099581A685C1A] - (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe [282624]
[MD5.2E9A1A6555C20424FC6DCC3AF21F4D68] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3451496]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064]
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480]
[MD5.CB2B9EB1447D8A264E46948DF46C1212] - (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [1038136]
[MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360]
[MD5.89F7C30A91E5581BDF14C62AB46A2B2D] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe [255536]
[MD5.1BB16912FD7A9D5A39D033C15485470F] - (.Packard Bell BV - ActivOSD Application.) -- C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\AOSD.exe [99896]
[MD5.FFABE130A970EAEEC1D246B326F82D99] - (.Lavasoft Limited - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [1190680]
[MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320]
[MD5.C2E9F997B2FEFE06C898BFEECF3B63B2] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [362496]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120]
[MD5.C1D36A2CBE0CEC4DF593DB1288CF586E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638232]
[MD5.85D374F30A2015D795B1E8D1258866D4] - (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe [116280]
[MD5.86AB3F6C784197DC1D994A83AF4259CD] - (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe [178688]
[MD5.2753FA95AF1BF1A64B8BB6AD3BEFBBD7] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [643584]

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [barnezet] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [barnezet] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [barnezet] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [barnezet] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [barnezet] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [barnezet] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=13] - (.Google - Google Updater plugin) -- C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.448] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@t-immersion.com/DFusionHomeWebPlugIn] - (.Total Immersion - D'Fusion @Home Web Plug-In (2.30.11563.0).) -- C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll
M2 - MFEP: prefs.js [barnezet - zaziefl0.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [barnezet - zaziefl0.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR Community Toolbar v3.3.3.2 (.Conduit Ltd..)
M2 - MFEP: prefs.js [barnezet - zaziefl0.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.troner.net
R0 - HKUS\S-1-5-21-1274732335-371456544-2151125226-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-1274732335-371456544-2151125226-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {91C18ED5-5E1C-4AE5-A148-A861DE8C8E16} Clé orpheline
R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} Clé orpheline

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: findyourprofitsky - {833ba127-c920-1e79-c8ee-6230e60d9f3e} . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\f2a28ab8.dll
O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} Clé orpheline
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [FujiKeyboard] . (.Packard Bell BV - Activboard Application.) -- c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] Clé orpheline
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [NWEReboot] Clé orpheline
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\RunOnce: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-1274732335-371456544-2151125226-1000\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1274732335-371456544-2151125226-1000\..\Run: [SmpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKUS\S-1-5-21-1274732335-371456544-2151125226-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-21-1274732335-371456544-2151125226-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\barnezet\Desktop\Comptes & Budget Free V6.0.lnk . (.www.alauxsoft.com (France).) -- C:\Program Files\Comptes et Budget Free V6.0\Comptes.exe
O4 - Global Startup: C:\Users\barnezet\Desktop\LimeWire 5.4.6.lnk . (.Lime Wire, LLC.) -- C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: C:\Users\barnezet\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\barnezet\Desktop\Sweet Home 3D.lnk . (.Sun Microsystems, Inc..) -- C:\Windows\System32\javaws.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk . (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Démarrer Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk . (...) -- C:\Windows\Installer\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}\QTPlayer.ico
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\barnezet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winferno Registry Power Cleaner.lnk . (.Capital Intellect Inc.) -- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Recherche - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} (PhotoboxPhotowaysUploader5 Control) - http://assets.photobox.com/assets/aurig ... 1105115744
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} (Snapfish Activia3) - http://www3.snapfish.fr/SnapfishActivia3.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/new ... oader5.cab
O16 - DPF: {741747F6-83B4-4FB9-A268-8CA4010762C8} (Snapfish Activia2) - http://www3.snapfish.fr/SnapfishActivia2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlus ... 1.6/gp.cab
O16 - DPF: {FAB2BB9D-91E9-457E-9D42-75A7FCCBBC00} (CDFusionActiveXCtl Object) - http://www.opticiens-atol.com/pages/col ... erFull.exe

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS3\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\Windows\system32\FsUsbExService.exe
O23 - Service: (GenericHidService) . (.Packard Bell Services - HID Service Vista compliant.) - c:\windows\system32\HidService.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: (Norton Internet Security) - Clé orpheline
O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.3.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: (ServiceLayer) . (.Nokia. - ServiceLayer Module.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegPowerClean.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RPCReminder.job
[MD5.A7D8E0B3C776C973EAB1752B30B2EBAD] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
[MD5.054F770777DD40F1DBC601EEC92088D3] [APT] [AppleSoftwareUpdate] (.Apple Computer, Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
[MD5.3FD5F79AA40B1C244C59DE984E98DC37] [APT] [Google Software Updater] (.Google.) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
[MD5.CD6013804760C0914747221DBAE53FF6] [APT] [RegPowerClean] (.Capital Intellect Inc.) -- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
[MD5.45CE845083D072B8656C34377650B3DA] [APT] [RPCReminder] (.Winferno Software.) -- C:\Program Files\Winferno\RegistryPowerCleaner\RPCReminder.exe
[MD5.00000000000000000000000000000000] [APT] [{9A8E4C53-F3FE-4833-B9B1-271129955838}] (.Pas de propriétaire.) -- C:\Windows\UNNeroVision.exe (.not file.)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (SRTSP) . (. - .) - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.sys (.not file.)
O41 - Driver: (SRTSPX) . (. - .) - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.sys (.not file.)
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

---\\ Logiciels installés (O42)
O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {09BDEEF0-5590-457D-89A9-5DB2742F9BBF}
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- Ad-Aware
O42 - Logiciel: Ad-Aware - (.Lavasoft.) [HKLM] -- {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}
O42 - Logiciel: Adobe Photoshop Elements 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop Elements 6
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Software Update - (.Apple Computer, Inc..) [HKLM] -- {55FA89BD-21D3-42F7-9249-C94C0094A83C}
O42 - Logiciel: Aqual Ball - (.SDLL.) [HKLM] -- {1542713D-8992-49D5-89B9-099A8B52E052}
O42 - Logiciel: ArcSoft PhotoImpression 4 - (.ArcSoft.) [HKLM] -- {7D4ED56E-C3DF-46F6-924B-D6774A766943}
O42 - Logiciel: Bubble Fever - (.Pas de propriétaire.) [HKLM] -- {9792C556-B4A1-4AE0-A08A-F4DFE8B2951C}
O42 - Logiciel: Bubble Snooker - (.SDLL.) [HKLM] -- {1D451864-82EA-4D49-9E83-21558C52FF3E}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Comptes et Budget (Mono-compte) V6.0 - (.Michel ALAUX..) [HKLM] -- Comptes_et_Budget (Mono-compte) V6.0_is1
O42 - Logiciel: Contextual Tool Findyourprofitsky - (.Pas de propriétaire.) [HKLM] -- dd5e2e5d
O42 - Logiciel: DiMAGE Messenger 2.0 - (.Pas de propriétaire.) [HKLM] -- {60CEC25A-2174-417A-9779-B4707D773DA9}
O42 - Logiciel: DiMAGE Viewer - (.Pas de propriétaire.) [HKLM] -- {976EA7B1-7562-483D-88DA-4323D263B7CD}
O42 - Logiciel: FileZilla Client 3.3.5.1 - (.Pas de propriétaire.) [HKCU] -- FileZilla Client
O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}
O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart All-In-One Driver Software 10.0 Rel .2 - (.HP.) [HKLM] -- {20B30DC1-E423-4939-B51D-05C58B0F9BBB}
O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential
O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {11B83AD3-7A46-4C2E-A568-9505981D4C6F}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Java(TM) 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: LimeWire 5.4.6 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: MetaBoli - (.Pas de propriétaire.) [HKLM] -- {709817E4-5439-4206-8738-796B34B623BD}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930}
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F
O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- {F4EA67C9-6748-4C1E-9AFF-04149AC75D95}
O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- {CA786CFF-1D31-4804-B436-F3405B14357F}
O42 - Logiciel: Paint.NET v3.36 - (.dotPDN LLC.) [HKLM] -- {43602F34-1AA3-44FB-AEB2-D08C2C73743F}
O42 - Logiciel: Pilote Webcam pour DiMAGE KONICA_MINOLTA - (.Pas de propriétaire.) [HKLM] -- {99E67091-D392-4031-AD2A-E9547F3615F8}
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- {F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG USB Mobile Device
O42 - Logiciel: Samsung Mobile Modem Device Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile Modem Device
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A}
O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Setup My PC - (.Pas de propriétaire.) [HKLM] -- {28518520-F25C-48C3-A224-861F331602F4}
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: SoftwareUpdate 1.0 - (.EoRezo.) [HKLM] -- SoftwareUpdate_is1
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Sweet Home 3D - (.eTeks.) [HKCU] -- Sweet Home 3D
O42 - Logiciel: Total Immersion D'Fusion @Home Web Plug-In - (.Total Immersion.) [HKLM] -- D'Fusion @Home Web Plug-In
O42 - Logiciel: Uninstall Dual Mode Camera - (.Pas de propriétaire.) [HKLM] -- Dual Mode Camera_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VLC media player 1.0.0 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Vista Codec Package - (.Shark007.) [HKLM] -- {F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: Visual C++ 8.0 ATL (x86) WinSXS MSM - (.Microsoft Corporation.) [HKLM] -- {97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}
O42 - Logiciel: Visual C++ 8.0 CRT (x86) WinSXS MSM - (.Microsoft Corporation.) [HKLM] -- {98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
O42 - Logiciel: Winferno Registry Power Cleaner - (.Winferno.com.) [HKLM] -- RegPowerClean_is1
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: pdfforge Toolbar v1.1.1 - (.Spigot, Inc..) [HKLM] -- {4EF8BE6A-899C-4196-94E7-297C5F7A203E}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AC3filter]
[HKCU\Software\ALWIL Software]
[HKCU\Software\AVAST Software]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\pdfforge]
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
[HKCU\Software\AppDataLow\Software\{BBFC9C70-8479-9BB5-37C8-2D4B8DFEA905}]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\ad31d5ef]
[HKCU\Software\AppDataLow\b31e402f]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreVorbis]
[HKCU\Software\CyberLink]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\DiMAGE]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EMME]
[HKCU\Software\Emjysoft]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavasoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MINOLTA]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mobileleader]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OXXOgames]
[HKCU\Software\OfferBox]
[HKCU\Software\PBORY]
[HKCU\Software\PDFCreator]
[HKCU\Software\Packard Bell]
[HKCU\Software\Paint.NET]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\Redemption??]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\Search Settings]
[HKCU\Software\Spointer]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VirginMega]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winferno]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\cspep]
[HKCU\Software\eMule]
[HKCU\Software\keyhole.com]
[HKCU\Software\madFlac]
[HKCU\Software\yahooinstall]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AVAST Software]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Audible]
[HKLM\Software\Borland]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CA561B]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\CrazyLoader]
[HKLM\Software\DIMAGE]
[HKLM\Software\EasyBits]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Freeze.com]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hauppauge]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Intel]
[HKLM\Software\JL2005C]
[HKLM\Software\JL2005C_11]
[HKLM\Software\JL2005C_31]
[HKLM\Software\JL2005C_6]
[HKLM\Software\JL6_DECODE]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KONICA MINOLTA PHOTO IMAGING, INC.]
[HKLM\Software\KONICA_MINOLTA]
[HKLM\Software\Lavasoft]
[HKLM\Software\Logitech]
[HKLM\Software\MCCI]
[HKLM\Software\MINOLTA]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\MetaBoli]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NSCPID]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\OfferBox]
[HKLM\Software\PACKARD BELL]
[HKLM\Software\PBORY]
[HKLM\Software\PBreg]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PDFCreator]
[HKLM\Software\Packard Bell ImageWriter]
[HKLM\Software\Packard Bell Updator]
[HKLM\Software\Paint.NET]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\Redemption??]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung]
[HKLM\Software\Search Settings]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Total Immersion]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\VirginMega]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Xobni]
[HKLM\Software\Yahoo]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]
[HKLM\Software\pdfforge]

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/04/2011 - 18:43:26 - [3767010] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 30/01/2011 - 17:31:46 - [3511045] ----D- C:\Program Files\7-Zip
O43 - CFD: 07/12/2010 - 22:39:48 - [502474522] ----D- C:\Program Files\Adobe
O43 - CFD: 18/02/2010 - 09:34:36 - [56431663] ----D- C:\Program Files\Ahead
O43 - CFD: 18/01/2011 - 16:36:40 - [154577553] ----D- C:\Program Files\Alwil Software
O43 - CFD: 12/02/2010 - 13:55:06 - [2339579] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 08/01/2010 - 19:37:00 - [257171725] ----D- C:\Program Files\ArcSoft
O43 - CFD: 26/10/2009 - 15:23:36 - [536976] ----D- C:\Program Files\Babylon
O43 - CFD: 26/02/2011 - 18:58:04 - [3653664] ----D- C:\Program Files\CCleaner
O43 - CFD: 15/03/2011 - 10:38:28 - [495333631] ----D- C:\Program Files\Common Files
O43 - CFD: 20/01/2010 - 16:50:22 - [5576399] ----D- C:\Program Files\Comptes et Budget Free V6.0
O43 - CFD: 08/11/2010 - 10:44:36 - [1281696] ----D- C:\Program Files\CrazyLoader
O43 - CFD: 22/04/2011 - 17:13:00 - [1894760] ----D- C:\Program Files\cspep
O43 - CFD: 24/11/2010 - 15:57:34 - [795104] ----D- C:\Program Files\DIFX
O43 - CFD: 29/07/2009 - 12:46:16 - [5790753] ----D- C:\Program Files\DiMAGE Messenger 2.0
O43 - CFD: 29/07/2009 - 12:38:02 - [14327584] ----D- C:\Program Files\DiMAGE Viewer
O43 - CFD: 02/05/2010 - 20:53:48 - [10906334] ----D- C:\Program Files\eMule
O43 - CFD: 07/07/2009 - 20:16:54 - [0] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 27/11/2010 - 15:59:48 - [16387911] ----D- C:\Program Files\FileZilla FTP Client
O43 - CFD: 07/02/2011 - 17:37:04 - [4842050] ----D- C:\Program Files\Google
O43 - CFD: 13/11/2008 - 07:51:56 - [4710923] ----D- C:\Program Files\HDReg
O43 - CFD: 30/07/2009 - 11:46:02 - [0] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 30/07/2009 - 11:46:28 - [264234057] ----D- C:\Program Files\HP
O43 - CFD: 24/11/2010 - 16:14:42 - [56810585] ----D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/04/2011 - 12:03:16 - [5632231] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 15/03/2011 - 10:35:50 - [89688703] ----D- C:\Program Files\Java
O43 - CFD: 08/01/2010 - 19:39:00 - [2935394] ----D- C:\Program Files\JL2005D
O43 - CFD: 26/02/2011 - 20:50:58 - [97454368] ----D- C:\Program Files\Lavasoft
O43 - CFD: 05/01/2010 - 12:02:50 - [79823158] ----D- C:\Program Files\LimeWire
O43 - CFD: 26/02/2011 - 18:54:06 - [4921894] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 24/11/2010 - 15:55:08 - [221184] ----D- C:\Program Files\MarkAny
O43 - CFD: 24/11/2010 - 16:13:36 - [221184] ----D- C:\Program Files\MarkAnyContentSAFER
O43 - CFD: 19/12/2010 - 22:21:06 - [9454922] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 21/10/2009 - 12:42:04 - [17877561] ----D- C:\Program Files\Micro Application
O43 - CFD: 30/11/2009 - 08:52:16 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 18/07/2009 - 14:36:42 - [282972361] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 18/12/2010 - 13:13:56 - [145709334] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 26/06/2010 - 08:47:52 - [331107] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 12/08/2010 - 13:11:34 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 26/02/2011 - 18:52:00 - [32904765] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 07/07/2009 - 20:29:18 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 07/02/2011 - 16:55:56 - [0] ----D- C:\Program Files\Navilog1
O43 - CFD: 13/11/2008 - 07:47:38 - [7825061] ----D- C:\Program Files\Nero
O43 - CFD: 26/02/2011 - 19:09:00 - [96600] ----D- C:\Program Files\OfferBox
O43 - CFD: 07/07/2009 - 20:21:54 - [1332473551] ----D- C:\Program Files\PACKARD BELL
O43 - CFD: 15/09/2009 - 15:23:18 - [9326446] ----D- C:\Program Files\Paint.NET
O43 - CFD: 24/11/2010 - 15:57:16 - [9771964] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 21/09/2009 - 15:08:10 - [21625204] ----D- C:\Program Files\PDFCreator
O43 - CFD: 26/02/2011 - 20:25:20 - [17514] ----D- C:\Program Files\pdfforge Toolbar
O43 - CFD: 12/02/2010 - 13:55:46 - [72399970] ----D- C:\Program Files\QuickTime
O43 - CFD: 13/11/2008 - 07:29:56 - [22653975] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 08/02/2010 - 23:54:34 - [0] ----D- C:\Program Files\RibMonTech
O43 - CFD: 24/11/2010 - 15:57:36 - [202717840] ----D- C:\Program Files\Samsung
O43 - CFD: 21/10/2009 - 12:42:58 - [53051807] ----D- C:\Program Files\SDLL
O43 - CFD: 22/12/2009 - 13:20:04 - [72563835] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 23/10/2009 - 17:10:46 - [200758] ----D- C:\Program Files\StoneTrip
O43 - CFD: 16/09/2010 - 14:34:06 - [7644876] ----D- C:\Program Files\Total Immersion
O43 - CFD: 02/11/2006 - 15:01:56 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 20/01/2010 - 16:46:54 - [2028971] ----D- C:\Program Files\VBW
O43 - CFD: 08/07/2009 - 11:47:32 - [75096999] ----D- C:\Program Files\VideoLAN
O43 - CFD: 12/03/2010 - 23:38:48 - [52376448] ----D- C:\Program Files\VistaCodecPack
O43 - CFD: 03/11/2009 - 11:22:16 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 03/11/2009 - 11:22:16 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 03/11/2009 - 11:22:14 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 03/11/2009 - 11:22:16 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 15/04/2011 - 12:03:12 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 16/10/2010 - 17:04:30 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 07/07/2009 - 20:16:54 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 03/11/2009 - 11:22:16 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 18/11/2009 - 20:29:48 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 03/11/2009 - 11:22:16 - [7761435] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 28/11/2009 - 11:19:28 - [17801801] ----D- C:\Program Files\Winferno
O43 - CFD: 08/12/2010 - 16:58:40 - [3886217] ----D- C:\Program Files\WinRAR
O43 - CFD: 17/12/2009 - 11:51:24 - [0] ----D- C:\Program Files\Yahoo!
O43 - CFD: 07/12/2010 - 22:39:58 - [49517816] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 18/02/2010 - 09:33:58 - [23105255] ----D- C:\Program Files\Common Files\Ahead
O43 - CFD: 20/01/2010 - 16:36:08 - [7694579] ----D- C:\Program Files\Common Files\Borland Shared
O43 - CFD: 18/07/2009 - 14:36:42 - [86016] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 30/07/2009 - 11:46:02 - [469525] ----D- C:\Program Files\Common Files\Hewlett-Packard
O43 - CFD: 30/07/2009 - 11:45:40 - [5280332] ----D- C:\Program Files\Common Files\HP
O43 - CFD: 29/07/2009 - 12:37:26 - [4774918] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 15/03/2011 - 10:38:28 - [1247175] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 13/11/2008 - 07:41:44 - [655111] ----D- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 18/01/2011 - 16:31:14 - [335997422] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 18/02/2010 - 19:05:42 - [2628049] ----D- C:\Program Files\Common Files\Nero
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 30/09/2009 - 18:00:30 - [0] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 03/11/2009 - 11:22:16 - [22772996] ----D- C:\Program Files\Common Files\System
O43 - CFD: 09/12/2010 - 16:38:22 - [536371308] ----D- C:\ProgramData\Adobe
O43 - CFD: 18/02/2010 - 09:34:08 - [0] ----D- C:\ProgramData\Ahead
O43 - CFD: 18/01/2011 - 16:30:36 - [54277281] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 12/02/2010 - 13:55:26 - [26662912] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 07/07/2009 - 20:16:54 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 12/04/2011 - 17:56:56 - [2318336] ----D- C:\ProgramData\Downloaded Installations
O43 - CFD: 02/05/2010 - 20:57:00 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 07/07/2009 - 20:16:54 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 03/11/2009 - 12:00:54 - [670] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 07/02/2011 - 17:12:58 - [0] ----D- C:\ProgramData\Google
O43 - CFD: 18/07/2009 - 15:30:16 - [14036] ----D- C:\ProgramData\Google Updater
O43 - CFD: 30/07/2009 - 11:49:30 - [85517] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 15/03/2010 - 10:13:10 - [15088515] ----D- C:\ProgramData\HP
O43 - CFD: 14/03/2010 - 13:17:32 - [8988] ----D- C:\ProgramData\HP Product Assistant
O43 - CFD: 26/02/2011 - 21:00:02 - [340184677] ----D- C:\ProgramData\Lavasoft
O43 - CFD: 26/02/2011 - 18:54:04 - [6596361] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 07/12/2010 - 22:15:32 - [109154] ----D- C:\ProgramData\McAfee
O43 - CFD: 07/12/2010 - 22:15:32 - [853] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 07/07/2009 - 20:16:54 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 18/07/2009 - 14:36:12 - [321645911] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 18/07/2009 - 09:44:58 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 07/07/2009 - 20:16:54 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 18/02/2010 - 19:05:42 - [218858] ----D- C:\ProgramData\Nero
O43 - CFD: 30/09/2009 - 18:01:02 - [276] ----D- C:\ProgramData\Norton
O43 - CFD: 13/11/2008 - 07:52:00 - [6807840] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 09/07/2009 - 17:07:48 - [201077] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 24/11/2010 - 16:15:58 - [0] ----D- C:\ProgramData\PC Suite
O43 - CFD: 21/04/2011 - 11:36:10 - [15244334] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 04/06/2010 - 10:33:44 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 30/09/2009 - 18:01:00 - [155] ----D- C:\ProgramData\Symantec
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 12/03/2010 - 23:38:46 - [23381870] ----D- C:\ProgramData\VistaCodecs
O43 - CFD: 30/07/2009 - 11:50:18 - [240] ----D- C:\ProgramData\WEBREG
O43 - CFD: 28/11/2009 - 11:24:02 - [391868] ----D- C:\ProgramData\Winferno
O43 - CFD: 07/12/2010 - 22:58:30 - [7037998] ----D- C:\Users\barnezet\AppData\Roaming\Adobe
O43 - CFD: 20/01/2010 - 16:50:20 - [132151] ----D- C:\Users\barnezet\AppData\Roaming\AlauxSoft
O43 - CFD: 17/10/2010 - 16:34:04 - [61189] ----D- C:\Users\barnezet\AppData\Roaming\ArchiFacile
O43 - CFD: 08/11/2010 - 10:39:24 - [5314] ----D- C:\Users\barnezet\AppData\Roaming\CrazyLoader
O43 - CFD: 28/11/2009 - 11:22:14 - [0] ----D- C:\Users\barnezet\AppData\Roaming\Digsby
O43 - CFD: 26/12/2009 - 15:27:10 - [0] ----D- C:\Users\barnezet\AppData\Roaming\DIMAGE
O43 - CFD: 18/04/2011 - 11:32:44 - [951] ----D- C:\Users\barnezet\AppData\Roaming\dvdcss
O43 - CFD: 25/08/2010 - 13:34:26 - [26511559] ----D- C:\Users\barnezet\AppData\Roaming\Emjysoft
O43 - CFD: 12/02/2010 - 13:56:18 - [6295] ----D- C:\Users\barnezet\AppData\Roaming\Emme
O43 - CFD: 02/11/2010 - 16:10:50 - [3914962] ----D- C:\Users\barnezet\AppData\Roaming\EoRezo
O43 - CFD: 11/02/2011 - 18:11:38 - [1608073] ----D- C:\Users\barnezet\AppData\Roaming\eTeks
O43 - CFD: 09/04/2011 - 21:23:10 - [20409] ----D- C:\Users\barnezet\AppData\Roaming\FileZilla
O43 - CFD: 07/07/2009 - 23:18:56 - [0] ----D- C:\Users\barnezet\AppData\Roaming\Google
O43 - CFD: 21/09/2009 - 15:10:30 - [233954] ----D- C:\Users\barnezet\AppData\Roaming\HP
O43 - CFD: 22/04/2011 - 18:32:28 - [0] ----D- C:\Users\barnezet\AppData\Roaming\HPAppData
O43 - CFD: 07/07/2009 - 20:27:52 - [0] ----D- C:\Users\barnezet\AppData\Roaming\Identities
O43 - CFD: 18/02/2010 - 22:27:22 - [21788] ----D- C:\Users\barnezet\AppData\Roaming\InfraRecorder
O43 - CFD: 08/02/2011 - 10:23:36 - [24137848] ----D- C:\Users\barnezet\AppData\Roaming\LimeWire
O43 - CFD: 07/07/2009 - 23:23:04 - [26716] ----D- C:\Users\barnezet\AppData\Roaming\Macromedia
O43 - CFD: 26/02/2011 - 18:54:10 - [4488229] ----D- C:\Users\barnezet\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\barnezet\AppData\Roaming\Media Center Programs
O43 - CFD: 07/12/2010 - 22:58:30 - [7223164] -S--D- C:\Users\barnezet\AppData\Roaming\Microsoft
O43 - CFD: 20/08/2009 - 10:36:12 - [4488736] ----D- C:\Users\barnezet\AppData\Roaming\Mozilla
O43 - CFD: 10/07/2009 - 12:54:42 - [143662] ----D- C:\Users\barnezet\AppData\Roaming\Nero
O43 - CFD: 26/02/2011 - 19:09:00 - [121] ----D- C:\Users\barnezet\AppData\Roaming\OfferBox
O43 - CFD: 07/07/2009 - 20:32:10 - [37] ----D- C:\Users\barnezet\AppData\Roaming\Packard Bell
O43 - CFD: 24/11/2010 - 16:15:58 - [354] ----D- C:\Users\barnezet\AppData\Roaming\PC Suite
O43 - CFD: 10/02/2011 - 16:43:18 - [0] ----D- C:\Users\barnezet\AppData\Roaming\Real
O43 - CFD: 24/11/2010 - 15:55:28 - [162429158] ----D- C:\Users\barnezet\AppData\Roaming\Samsung
O43 - CFD: 10/09/2010 - 09:49:32 - [13824] ----D- C:\Users\barnezet\AppData\Roaming\Template
O43 - CFD: 10/04/2011 - 15:26:40 - [1601811] ----D- C:\Users\barnezet\AppData\Roaming\uTorrent
O43 - CFD: 12/03/2010 - 23:38:48 - [951] ----D- C:\Users\barnezet\AppData\Roaming\VistaCodecs
O43 - CFD: 19/04/2011 - 20:05:22 - [473596] ----D- C:\Users\barnezet\AppData\Roaming\vlc
O43 - CFD: 19/12/2009 - 13:00:26 - [12] ----D- C:\Users\barnezet\AppData\Roaming\WinRAR
O43 - CFD: 28/11/2009 - 11:18:48 - [0] ----D- C:\Users\barnezet\AppData\Roaming\Yahoo!
O43 - CFD: 07/12/2010 - 22:39:00 - [17636861] ----D- C:\Users\barnezet\Appdata\Local\Adobe
O43 - CFD: 10/07/2009 - 12:57:10 - [6930495] ----D- C:\Users\barnezet\Appdata\Local\Ahead
O43 - CFD: 07/07/2009 - 20:21:06 - [0] -SH-D- C:\Users\barnezet\Appdata\Local\Application Data
O43 - CFD: 08/11/2010 - 10:52:02 - [137361] ----D- C:\Users\barnezet\Appdata\Local\crazyloader Air
O43 - CFD: 28/11/2009 - 11:22:18 - [9325] ----D- C:\Users\barnezet\Appdata\Local\Digsby
O43 - CFD: 24/11/2010 - 16:14:02 - [190101616] ----D- C:\Users\barnezet\Appdata\Local\Downloaded Installations
O43 - CFD: 02/05/2010 - 20:53:48 - [5916813] ----D- C:\Users\barnezet\Appdata\Local\eMule
O43 - CFD: 07/02/2011 - 17:12:58 - [1946] ----D- C:\Users\barnezet\Appdata\Local\Google
O43 - CFD: 07/07/2009 - 20:21:06 - [0] -SH-D- C:\Users\barnezet\Appdata\Local\Historique
O43 - CFD: 21/09/2009 - 15:10:30 - [858650] ----D- C:\Users\barnezet\Appdata\Local\HP
O43 - CFD: 07/12/2010 - 22:58:30 - [833164462] ----D- C:\Users\barnezet\Appdata\Local\Microsoft
O43 - CFD: 23/09/2009 - 08:55:50 - [799639] ----D- C:\Users\barnezet\Appdata\Local\Microsoft Games
O43 - CFD: 07/07/2009 - 23:50:46 - [0] ----D- C:\Users\barnezet\Appdata\Local\Microsoft Help
O43 - CFD: 26/02/2011 - 18:52:06 - [33566599] ----D- C:\Users\barnezet\Appdata\Local\Mozilla
O43 - CFD: 07/07/2009 - 20:32:10 - [70946] ----D- C:\Users\barnezet\Appdata\Local\Packard Bell
O43 - CFD: 21/04/2011 - 10:17:28 - [0] ----D- C:\Users\barnezet\Appdata\Local\Paint.NET
O43 - CFD: 08/02/2010 - 23:54:52 - [951] ----D- C:\Users\barnezet\Appdata\Local\RibMonTech
O43 - CFD: 26/02/2011 - 21:00:30 - [0] ----D- C:\Users\barnezet\Appdata\Local\Sunbelt Software
O43 - CFD: 22/04/2011 - 18:41:30 - [1097274] ----D- C:\Users\barnezet\Appdata\Local\Temp
O43 - CFD: 07/07/2009 - 20:21:06 - [0] -SH-D- C:\Users\barnezet\Appdata\Local\Temporary Internet Files
O43 - CFD: 31/08/2009 - 13:47:52 - [2935363] ----D- C:\Users\barnezet\Appdata\Local\VirtualStore
O43 - CFD: 28/11/2009 - 11:20:24 - [11395154] ----D- C:\Users\barnezet\Appdata\Local\Xobni

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.10EF12005489527700FCFD7FE4EF1200] - 22/04/2011 - 16:18:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2077917]
O44 - LFC:[MD5.F2808AABCC85A6288C30FD3F0EC2E1E0] - 22/04/2011 - 11:36:45 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1503662]
O44 - LFC:[MD5.C146058D7A0EAEEAF581586CEFDBC8A5] - 22/04/2011 - 11:36:45 ---A- . (...) -- C:\Windows\System32\perfc009.dat [104716]
O44 - LFC:[MD5.E7D269916F882D02E322E6DAB252F158] - 22/04/2011 - 11:36:45 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127298]
O44 - LFC:[MD5.1D10125F5EE1339EC8319E21A77ED8AC] - 22/04/2011 - 11:36:45 ---A- . (...) -- C:\Windows\System32\perfh009.dat [598702]
O44 - LFC:[MD5.DD26F0399B9F3DA2C694A4F8F1513EA8] - 22/04/2011 - 11:36:45 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [681560]
O44 - LFC:[MD5.D858F75CC57A9DE57478A1831AC3469D] - 22/04/2011 - 11:23:33 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt [3968]
O44 - LFC:[MD5.10EF12005489527700FCFD7FE4EF1200] - 22/04/2011 - 10:04:47 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.F71AE4B19E9E75A44641D0261038AA2C] - 22/04/2011 - 10:04:30 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.8E4B228E016F78ADE310D580BB551C85] - 22/04/2011 - 10:04:18 ---A- . (...) -- C:\aaw7boot.log [19439]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/04/2011 - 11:07:53 ---A- . (...) -- C:\Windows\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/04/2011 - 11:07:53 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.E7EBF6A057E8D21DDB2D35D87324DE45] - 15/04/2011 - 11:05:29 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [351008]
O44 - LFC:[MD5.697681D23913D175B4DA2849C4F97DE0] - 15/04/2011 - 08:51:33 ---A- . (...) -- C:\Windows\win.ini [275]
O44 - LFC:[MD5.54F73529D65E5EB41FFC28C4EDDF069F] - 14/04/2011 - 15:39:47 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]
O44 - LFC:[MD5.B44A7AC9E801C38F54F7340351313E85] - 14/04/2011 - 15:39:47 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [292864]
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 14/04/2011 - 11:34:00 ---A- . (...) -- C:\Windows\NeroDigital.ini [116]
O44 - LFC:[MD5.74A1CDA4E678C9E0FC86A5700AB2505D] - 08/04/2011 - 14:23:57 ---A- . (...) -- C:\Windows\System32\dd5e2e5d.exe [121404]
O44 - LFC:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 05/04/2011 - 10:26:02 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [371544]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 05/04/2011 - 10:26:01 ---A- . (...) -- C:\Windows\System32\config.nt [2577]
O44 - LFC:[MD5.EEC85BCB8211D4ABB62DC7BF94EF2DB3] - 04/04/2011 - 18:29:16 ---A- . (...) -- C:\Windows\System32\f2a28ab8.dll [2641408]

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.JDCT"="jl_jdct.drv" . (.JEILIN Tech. - JEILIN JDCT Decompressor.) -- C:\Windows\System32\jl_jdct.drv
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"msacm.ac3filter"="ac3filter.acm" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ac3filter.acm
O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"jl_jdct.drv"="JEILIN JDCT Decompressor" . (.JEILIN Tech. - JEILIN JDCT Decompressor.) -- C:\Windows\System32\jl_jdct.drv
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"ac3filter.acm"="AC3Filter ACM codec" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ac3filter.acm
O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow Audio Decoder.) -- C:\Windows\System32\ff_acm.acm

---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\AutoStartNPSAgent [Key] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O53 - SMSR:HKLM\...\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
O53 - SMSR:HKLM\...\startupreg\NBKeyScan [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.1C2E6BB4FE8621B1B863855B02BC33EB] - 23/02/2011 - 14:54:55 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.B0F137F664F10829CD2380B0E20E7C29] - 23/02/2011 - 14:55:03 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [53592]
O58 - SDL:[MD5.B6A9373619D851BE80FB5F1B5EED0D4E] - 23/02/2011 - 14:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.9BE41C1AE8BC481EB662D85C98D979C2] - 23/02/2011 - 14:56:55 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [371544]
O58 - SDL:[MD5.4B1A54BA2BC5873A774DF6B70AB8B0B3] - 23/02/2011 - 14:56:45 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [301528]
O58 - SDL:[MD5.C7F1CEA32766184911293F4E1EE653F5] - 23/02/2011 - 14:55:49 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [49240]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 16/07/2008 - 13:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 16/07/2008 - 13:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.EFE9FDC54BA6D55DCEFE045062AD5C3F] - 09/07/2008 - 17:31:58 ---A- . (.Windows (R) 2000 DDK provider - Universal Serial Bus Camera Driver.) -- C:\Windows\system32\drivers\jl2005c.sys [68826]
O58 - SDL:[MD5.336ABE8721CBC3110F1C6426DA633417] - 23/02/2011 - 02:00:14 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys [64512]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.5BD2C6D982481D548107C602E7CCFBBC] - 31/01/2005 - 09:20:04 ---A- . (.Logitech Inc. - Logitech Elch 2 Video Driver.) -- C:\Windows\system32\drivers\LV561AV.SYS [211712]
O58 - SDL:[MD5.A730FC8671A60666D6E877C544DD7CD4] - 31/01/2005 - 09:12:46 ---A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\Windows\system32\drivers\LVUSBSta.sys [22016]
O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 20/12/2010 - 18:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]
O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 18:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.B0184A830A1A0B951CA842D396C33D0D] - 16/10/2008 - 08:16:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 178.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7381824]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.4876E7C3184BDF50EDE043FEF616B867] - 31/10/2007 - 04:23:20 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [115744]
O58 - SDL:[MD5.175CC28DCF819F78CAA3FBD44AD9E52A] - 17/09/2007 - 15:53:26 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\system32\drivers\pccsmcfd.sys [21632]
O58 - SDL:[MD5.D86B4A68565E444D76457F14172C875A] - 13/11/2008 - 06:40:09 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\PxHelp20.sys [43528]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.219CA9A36D6DE2EC04F958C907673436] - 07/05/2008 - 12:22:50 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2134424]
O58 - SDL:[MD5.283392AF1860ECDB5E0F8EBD7F3D72DF] - 02/11/2006 - 08:30:56 ---A- . (.Realtek Corporation - Realtek 8101/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [44544]
O58 - SDL:[MD5.C1AE5D1F53285D79A0B73A62AF20734F] - 26/02/2011 - 20:02:03 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [98392]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.EAA66218CD39F5BB1B4853A78C67C787] - 20/03/2009 - 10:01:26 ---A- . (.MCCI - SAMSUNG USB Mobile Device.) -- C:\Windows\system32\drivers\ss_bbus.sys [90112]
O58 - SDL:[MD5.F8A771C5A63DC641772B7A3B05AF173F] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcm.sys [12160]
O58 - SDL:[MD5.F8A771C5A63DC641772B7A3B05AF173F] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_bcmnt.sys [12160]
O58 - SDL:[MD5.91765F99914ED8693D8BC76524F21581] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem Filter.) -- C:\Windows\system32\drivers\ss_bmdfl.sys [14976]
O58 - SDL:[MD5.840E7B738B03C10EE91D9B7D3D6EFF15] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Modem.) -- C:\Windows\system32\drivers\ss_bmdm.sys [121856]
O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwh.sys [12160]
O58 - SDL:[MD5.29B73D03AE6EDABB88E50364B066A6CA] - 20/03/2009 - 10:01:26 ---A- . (.MCCI Corporation - SAMSUNG USB Mobile Device (Windows 2000/XP support functions).) -- C:\Windows\system32\drivers\ss_bwhnt.sys [12160]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/11/2010 - 15:12:10 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 31/03/2009 - 09:39:36 ---A- . (...) -- C:\Windows\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWFSBLK.sys - (.not file.) - aswFsBlk (aswFsBlk) .(...) - LEGACY_ASWFSBLK
O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWRDR.sys - (.not file.) - aswRdr (aswRdr) .(...) - LEGACY_ASWRDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSNX.sys - (.not file.) - aswSnx (aswSnx) .(...) - LEGACY_ASWSNX
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWSP.sys - (.not file.) - avast! Self Protection (aswSP) .(...) - LEGACY_ASWSP
O64 - Services: CurCS - C:\Windows\system32\Drivers\ASWTDI.sys - (.not file.) - avast! Network Shield Support (aswTdi) .(...) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\system32\drivers\int15.sys - int15 (int15) .(.Acer, Inc. - int15.) - LEGACY_INT15
O64 - Services: CurCS - C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys - Lavasoft helper driver (Lavasoft Kernexplorer) .(...) - LEGACY_LAVASOFT_KERNEXPLORER
O64 - Services: CurCS - C:\Windows\System32\DRIVERS\Lbd.sys - Lbd (Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD
O64 - Services: CurCS - C:\Windows\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.sys (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG
O64 - Services: CurCS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.sys (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.sys (.not file.) - SRTSP (SRTSP) .(...) - LEGACY_SRTSP
O64 - Services: CurCS - C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.sys (.not file.) - SRTSPX (SRTSPX) .(...) - LEGACY_SRTSPX

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web) - http://isearch.babylon.com
O69 - SBI: SearchScopes [HKCU] {0F36E18A-6296-4333-9D99-269AAFE3D111}_Chercher Malin - (Chercher Malin) - http://www.cherchermalin.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6CEE3B3C-20A2-4EBF-89D4-4B21119E53DD} [DefaultScope] - (Fast Browser Search) - http://www.fastbrowsersearch.com
O69 - SBI: SearchScopes [HKCU] {7B554C89-FB6B-43E1-8C02-47F1E929E899} - (Yahoo! Search) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {8AADDC59-6BC4-49EA-9425-FE8908BA7634} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} - (Ask Search) - http://toolbar.ask.com

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.8FDD4A99CD6580218A7BEC8F7F18939F] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\barnezet\AppData\Local\mbglz.bat [93]

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "{01F2C003-5D72-491C-B020-015207D83F05}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{B4E16B59-0D86-43B0-93B4-6AD3E9DA1A66}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "TCP Query User{4C973681-01C1-46B9-8749-8A23B5AF3ABF}C:\program files\internet explorer\iexplore.exe" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{CC73EB04-453C-4D5D-8763-E1CC047740E2}C:\program files\internet explorer\iexplore.exe" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Internet Explorer.) -- C:\program files\internet explorer\iexplore.exe
O87 - FAEL: "TCP Query User{716DEFF4-E3BF-41CA-ACE4-A409784C0C0C}C:\program files\utorrent\utorrent.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\utorrent\utorrent.exe (.not file.)
O87 - FAEL: "UDP Query User{EE69BADE-524F-4BEF-A81D-DFF7B7E82B9C}C:\program files\utorrent\utorrent.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\utorrent\utorrent.exe (.not file.)
O87 - FAEL: "TCP Query User{55FB3149-3065-40C5-9C39-2FF7B9A63568}C:\program files\limewire\limewire.exe" | In - Private - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "UDP Query User{01A856D5-C321-49D8-A0E8-CDE87E875A0B}C:\program files\limewire\limewire.exe" | In - Private - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "TCP Query User{0FEF7EC8-E665-480D-ABC1-AA6655705B9C}C:\program files\limewire\limewire.exe" | In - Public - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "UDP Query User{FD89EB15-92FA-496F-91D4-D736505D0113}C:\program files\limewire\limewire.exe" | In - Public - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "TCP Query User{B7A17C7F-C1AE-4C05-941E-E9A9EF295F68}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{9B092FB4-0A83-43B0-B425-F3551BB17427}C:\program files\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "{B5AB757D-4221-4210-8831-F847D3D1397C}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~os2EED.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{CF4B1C52-0F8A-4FAF-AEE0-2553514B3BD2}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~os671E.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{076D4696-D208-4B2E-AD64-FC856E16B929}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~os2423.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{B57CDFFD-5630-4547-8838-4B469BB22109}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~os11FB.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{375C67F5-EC0C-4931-A8F1-406388FB718E}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~osCE16.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{2F085671-5DE2-4C1E-8E8D-0AA8A5A199E5}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~osA638.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{BD533C72-70D1-446A-955E-9DAC85A0BD18}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~os7974.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{5EE7AAE9-81B0-49AE-9F16-7A4BB8E3D403}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~os7F8C.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{48A68172-DABD-4ACA-A7B3-A6D43C647650}" | In - None - P6 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe
O87 - FAEL: "{BD9C7311-FECD-4B2C-8721-9BAEBD60F5A2}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\Temp\~os166D.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{663FA292-4E9F-465A-8866-4B1C90C7F185}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~osB3C2.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "TCP Query User{0FBA8C35-7FBF-416F-965A-E10B3E10D1EB}C:\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{35436B68-54C8-4C48-94D9-B27370EEDD2F}C:\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "TCP Query User{355E71E4-E148-4E00-8D69-C37F25C95614}C:\program files\relevantknowledge\rlvknlg.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\relevantknowledge\rlvknlg.exe (.not file.)
O87 - FAEL: "UDP Query User{246159CD-6C38-4C9D-AE36-7D40F3F9CDAC}C:\program files\relevantknowledge\rlvknlg.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\relevantknowledge\rlvknlg.exe (.not file.)
O87 - FAEL: "{6CA36467-9D89-49D6-B3B4-40F7348311E3}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~os625B.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{83D4CB84-70D0-41D9-8E20-FFC8071C2063}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~os7A3F.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{34F46779-AA40-48E7-BB59-D9D65057DAA0}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~osC439.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{4104D8FA-5683-45DD-9746-0B6E906368AD}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~os4A26.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{CC380E77-2CE5-4259-A436-7BA82C232A84}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~os95EB.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{AF648C16-8EF1-44E1-AEB6-D07B56194C1A}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~os9F2C.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{D108A987-683A-478C-B185-FD0C1B58EEBE}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~os7983.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{CCFD75C3-0219-4F62-9752-E38DD2E3D393}" |In - Private - P6 - TRUE | .(...) -- C:\Users\barnezet\AppData\Local\Temp\~osC5A6.tmp\rlvknlg.exe (.not file.)
O87 - FAEL: "{7ED3A637-2EBD-4BAA-9047-21F0D806B202}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\CrazyLoader\crazyloader.exe (.not file.)
O87 - FAEL: "{C520DE2B-F655-488A-8EEE-EEA6EFEFE39F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\CrazyLoader\crazyloader.exe (.not file.)
O87 - FAEL: "{38FE4CE2-2926-48CD-9D7A-78154DA70FC3}" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe
O87 - FAEL: "{8B2DFDE1-158E-4386-AC5D-E2452EFDFD77}" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe
O87 - FAEL: "{B055C959-0B34-4D5B-9D2E-3F868AA0AAD9}" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Program Files\Java\jre6\bin\javaws.exe
O87 - FAEL: "{06FB20A5-9A2A-4836-96E3-9C4E46932CBA}" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Program Files\Java\jre6\bin\javaws.exe
O87 - FAEL: "TCP Query User{EF4EBF40-1D45-4365-8D36-A2C531D1FB54}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program files\java\jre6\launch4j-tmp\crazyloader.exe
O87 - FAEL: "UDP Query User{C1CD0DC7-5253-4F9F-BF49-5A159BEC4313}C:\program files\java\jre6\launch4j-tmp\crazyloader.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program files\java\jre6\launch4j-tmp\crazyloader.exe
O87 - FAEL: "TCP Query User{B66E971D-4248-43AB-BE33-0C42A8D9210D}C:\users\barnezet\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\barnezet\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)
O87 - FAEL: "UDP Query User{84C82E4C-0814-4CCD-B19C-F6B5230602B4}C:\users\barnezet\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\barnezet\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.)
O87 - FAEL: "{46626456-EA74-469F-A0CE-3F41C6067D0C}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
O87 - FAEL: "{74395592-E5B1-4091-BA9C-F8156FE6F912}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
O87 - FAEL: "{D44D3478-FFD4-4256-8C3A-866705F2950E}" | In - Private - P6 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
O87 - FAEL: "{803937D6-C701-4CE2-8FA0-BFAAF680E25C}" | In - Private - P17 - TRUE | .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe

---\\ Scan Additionnel (O88)
Database Version : 6152 - (21/04/2011)

[HKCU\Software\Microsoft\Internet Explorer\lowregistry\search settings] =>PUP.Dealio
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Adware.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] =>Adware.AskTBar
[HKCR\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4ef8be6a-899c-4196-94e7-297c5f7a203e}] =>Adware.BHO
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ef8be6a-899c-4196-94e7-297c5f7a203e}] =>Adware.BHO
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ef8be6a-899c-4196-94e7-297c5f7a203e}] =>Adware.BHO
[HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}] =>Adware.Mostofate
[HKLM\Software\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}] =>Adware.Mostofate
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCR\Interface\{9ebb289a-2d7b-465b-825f-1530b813e95a}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{9ebb289a-2d7b-465b-825f-1530b813e95a}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] =>PUP.Eorezo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] =>PUP.Eorezo
[HKCR\Interface\{cd5c92ae-97b0-4bc3-ba65-ba0308d543bf}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{cd5c92ae-97b0-4bc3-ba65-ba0308d543bf}] =>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf739809-1c6c-47c0-85b9-569dbb141420}] =>Adware.AskBarDis
C:\Program Files\Crazyloader =>Adware.SPointer
C:\Program Files\OfferBox =>PUP.OfferBox
C:\Program Files\pdfforge Toolbar =>PUP.Dealio
C:\Users\barnezet\AppData\Roaming\Crazyloader =>Adware.SPointer
C:\Users\barnezet\AppData\Roaming\EoRezo =>PUP.Eorezo
C:\Users\barnezet\AppData\Roaming\OfferBox =>PUP.OfferBox

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
SR - | Demand 23/02/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 16/07/2008 24576 | (ETService) . (...) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
SS - | Demand 13/11/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 31/03/2009 233472 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SR - | Auto 18/09/2008 83264 | (GenericHidService) . (.Packard Bell Services.) - c:\windows\system32\HidService.exe
SS - | Auto 18/07/2009 190448 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 19/04/2011 2146496 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
SS - | Demand 15/01/2010 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SR - | Auto 16/10/2008 203296 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SS - | Demand 07/04/2008 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by barnezet at 22/04/2011 18:44:34

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR

End of the scan (1192 lines in 01mn 40s)(0)

Publicité


Signaler le contenu de ce document

Publicité