Se connecter / S'enregistrer
Votre question

PC louche

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
23 Juillet 2010 20:39:19

Bonjour,
Un informaticien pourrais m'aider?
Mon pc portable est depuis quelque temps assez lent, de plus lors du démarrage windows j'ai quelque fois des pages perso déjà ouverte (photos vidéo etc).
Je suis novice en informatique mais j'ai quand meme un parefeu un antivirus et je fais tres souvent des scan de mon pc via mon norton 360 qui ne detecte rien.
Croyez vous que quelqu'un à pirater mon pc ?
voici mon compte rendu ZHPdiag :
http://www.cijoint.fr/cjlink.php?file=cj201007/cij5Twlc...
Merci d'avance.

Autres pages sur : louche

24 Juillet 2010 07:23:57

Bonjour,

ton Pc est infecté.

Fais la manip' d' Ad-Remover (merci C_XX) et poste le rapport : Ici

A+
24 Juillet 2010 18:43:18

Merci du coup de main,
d'après toi mon pc à "juste" un virus ou logiciel espion lambda ou il est complétement à poil est quelqu'un peux prendre ce qu'il lui chante dessus ?
Voici mon rapport :
======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 21/07/10 à 14:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 18:35:08 le 24/07/2010, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
Peter@PC-DE-PETER (Hewlett-Packard HP Pavilion dv7 Notebook PC)

============== RECHERCHE ==============


0,Fichier trouvé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
0,Fichier trouvé: C:\Users\Peter\AppData\Roaming\Mozilla\FireFox\Profiles\jdpmdtr6.default\searchplugins\askcom.xml
0,Fichier trouvé: C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pacific Poker.lnk
0,Dossier trouvé: C:\Users\Peter\AppData\LocalLow\Conduit
0,Dossier trouvé: C:\Program Files\Conduit
0,Dossier trouvé: C:\Users\Peter\AppData\Roaming\DesktopIcon
0,Dossier trouvé: C:\ProgramData\Viewpoint
0,Dossier trouvé: C:\Program Files\Viewpoint
3,Fichier trouvé: C:\Users\Peter\Desktop\Ebay.lnk

-- Fichier ouvert: C:\Users\Peter\AppData\Roaming\Mozilla\FireFox\Profiles\jdpmdtr6.default\Prefs.js --
Ligne trouvée: user_pref("CT2207610.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne trouvée: user_pref("CT2207610.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT220...
Ligne trouvée: user_pref("CT2542115.SavedHomepage", "hxxp://search.conduit.com/?ctid=CT2207610&SearchSource=13");
Ligne trouvée: user_pref("CT2542115.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne trouvée: user_pref("CT2542115.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254...
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultthis.engineName", "Softonic_France Customized Web Search");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&Sea...
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.search.selectedEngine", "Softonic_France Customized Web Search");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2542115&SearchSource=13");
-- Fichier Fermé --


1,Clé trouvée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
1,Clé trouvée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
0,Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl
0,Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1
0,Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
0,Clé trouvée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2207610
0,Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
0,Clé trouvée: HKLM\Software\Conduit
0,Clé trouvée: HKLM\Software\MetaStream
0,Clé trouvée: HKLM\Software\Poker 770
0,Clé trouvée: HKLM\Software\Titan Poker
0,Clé trouvée: HKLM\Software\Viewpoint
0,Clé trouvée: HKCU\Software\Grand Virtual
0,Clé trouvée: HKCU\Software\pacificpoker
0,Clé trouvée: HKCU\Software\Poker 770
0,Clé trouvée: HKCU\Software\pokerinstaller
0,Clé trouvée: HKCU\Software\Titan Poker
0,Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
0,Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
0,Clé trouvée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.7 (en-US)] **

-- C:\Users\Peter\AppData\Roaming\Mozilla\FireFox\Profiles\jdpmdtr6.default\Prefs.js --
browser.download.dir, C:\\Users\\Peter\\Downloads
browser.search.defaultenginename, Ask.com
browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&SearchSource=3&q={searchTerms}
browser.search.selectedEngine, Softonic_France Customized Web Search
browser.startup.homepage, hxxp://search.conduit.com/?ctid=CT2542115&SearchSource=13
browser.startup.homepage_override.mstone, rv:1.9.2.7

========================================

** Internet Explorer Version [7.0.6002.18005] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://search.conduit.com?SearchSource=10&ctid=CT2542115

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 2 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 24/07/2010 (6195 Octet(s))

Fin à: 18:37:26, 24/07/2010

============== E.O.F ==============
Contenus similaires
24 Juillet 2010 18:51:04

et voici le rapport du nettoyage :
======= RAPPORT D'AD-REMOVER 2.0.0.1,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par C_XX le 21/07/10 à 14:00
Contact: AdRemover.contact[AT]gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:44:47 le 24/07/2010, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)
Peter@PC-DE-PETER (Hewlett-Packard HP Pavilion dv7 Notebook PC)

============== ACTION(S) ==============


0,Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
0,Fichier supprimé: C:\Users\Peter\AppData\Roaming\Mozilla\FireFox\Profiles\jdpmdtr6.default\searchplugins\askcom.xml
0,Fichier supprimé: C:\Users\Peter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pacific Poker.lnk
0,Dossier supprimé: C:\Users\Peter\AppData\LocalLow\Conduit
0,Dossier supprimé: C:\Program Files\Conduit
0,Dossier supprimé: C:\Users\Peter\AppData\Roaming\DesktopIcon
0,Dossier supprimé: C:\ProgramData\Viewpoint
0,Dossier supprimé: C:\Program Files\Viewpoint
3,Fichier supprimé: C:\Users\Peter\Desktop\Ebay.lnk

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Peter\AppData\Roaming\Mozilla\FireFox\Profiles\jdpmdtr6.default\Prefs.js --
Ligne supprimée: user_pref("CT2207610.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne supprimée: user_pref("CT2207610.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT220...
Ligne supprimée: user_pref("CT2542115.SavedHomepage", "hxxp://search.conduit.com/?ctid=CT2207610&SearchSource=13");
Ligne supprimée: user_pref("CT2542115.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne supprimée: user_pref("CT2542115.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT254...
Ligne supprimée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne supprimée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne supprimée: user_pref("browser.search.defaultthis.engineName", "Softonic_France Customized Web Search");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2542115&Sea...
Ligne supprimée: user_pref("browser.search.order.1", "Ask.com");
Ligne supprimée: user_pref("browser.search.selectedEngine", "Softonic_France Customized Web Search");
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2542115&SearchSource=13");
-- Fichier Fermé --


1,Clé supprimée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
1,Clé supprimée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
0,Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl
0,Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1
0,Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
0,Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT2207610
0,Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
0,Clé supprimée: HKLM\Software\Conduit
0,Clé supprimée: HKLM\Software\MetaStream
0,Clé supprimée: HKLM\Software\Poker 770
0,Clé supprimée: HKLM\Software\Titan Poker
0,Clé supprimée: HKLM\Software\Viewpoint
0,Clé supprimée: HKCU\Software\Grand Virtual
0,Clé supprimée: HKCU\Software\pacificpoker
0,Clé supprimée: HKCU\Software\Poker 770
0,Clé supprimée: HKCU\Software\pokerinstaller
0,Clé supprimée: HKCU\Software\Titan Poker
0,Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
0,Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
0,Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.7 (en-US)] **

-- C:\Users\Peter\AppData\Roaming\Mozilla\FireFox\Profiles\jdpmdtr6.default\Prefs.js --
browser.download.dir, C:\\Users\\Peter\\Downloads
browser.startup.homepage_override.mstone, rv:1.9.2.7

========================================

** Internet Explorer Version [7.0.6002.18005] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 42 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 17 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 24/07/2010 (6004 Octet(s))
C:\Ad-Report-SCAN[1].txt - 24/07/2010 (6324 Octet(s))

Fin à: 18:46:29, 24/07/2010

============== E.O.F ==============
24 Juillet 2010 22:15:41

twistagain62 a dit :
> d'après toi mon pc à "juste" un virus ou logiciel espion lambda ou il est complétement à poil est quelqu'un peux prendre ce qu'il lui chante dessus ?


Re,

> C' est un peu des deux...

Télécharge UsbFix (merci El Desaparecido) : Ici

# Connecte tous tes périphériques externes (clé Usb, disque dur...), sans les ouvrir
# Double-clique sur le raccourci présent sur le Bureau
# Choisis l' option 1 (Recherche) et laisse-le travailler
# Poste le rapport (également sauvegardé à la racine du disque)

process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus...) comme étant un RiskTool. Il ne s' agit pas d' un virus, mais d' un utilitaire destiné à mettre fin des processus. Mis entre de mauvaises mains cet utilitaire pourrait arrêter des logiciels de sécurité (antivirus, firewall...), d' où l' alerte émise.
24 Juillet 2010 22:50:15

Voila le fameux rapport :
############################## | UsbFix 7.017 | [Recherche]

Utilisateur: Peter (Administrateur) # PC-DE-PETER [Hewlett-Packard HP Pavilion dv7 Notebook PC]
Mis à jour le 22/07/10 par El Desaparecido / C_XX
Lancé à 22:44:03 | 24/07/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 7.0.6002.18005

Pare-feu Windows: Désactivé /!\
RAM -> 3068 Mo
C:\ (%systemdrive%) -> Disque fixe # 289 Go (84 Go libre(s) - 29%) [] # NTFS
D:\ -> Disque fixe # 9 Go (2 Go libre(s) - 18%) [HP_RECOVERY] # NTFS
E:\ -> CD-ROM
G:\ -> Disque amovible # 7 Go (7 Go libre(s) - 100%) [UDISK] # FAT32

################## | Éléments infectieux |


################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{6de2b9c1-83c0-11de-b088-001eecf08eec}
Shell\AutoRun\Command = F:\installer.exe
Shell\verb\Command = F:\installer.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{7ff5e6f6-52c6-11df-9f48-001eecf08eec}
Shell\AutoRun\Command = wubi.exe --cdmenu

HKCU\.\.\.\.\Explorer\MountPoints2\{8f6df07a-745e-11de-842f-001eecf08eec}
Shell\AutoRun\Command = F:\WDSetup.exe


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |
25 Juillet 2010 01:30:00

Bonsoir,

# Connecte tous tes périphériques externes, sans les ouvrir
# Double-clique sur le raccourci d' UsbFix
# Choisis l' option 2 (Suppression)
# Ton bureau va disparaître et le pc redémarrer
# Laisse-le travailler
# Poste le rapport

:) 

A+
25 Juillet 2010 11:01:39

Merci pour la réponse,
Voici le rapport en question :
############################## | UsbFix 7.017 | [Suppression]

Utilisateur: Peter (Administrateur) # PC-DE-PETER [Hewlett-Packard HP Pavilion dv7 Notebook PC]
Mis à jour le 22/07/10 par El Desaparecido / C_XX
Lancé à 10:52:51 | 25/07/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 7.0.6002.18005

Pare-feu Windows: Désactivé /!\
RAM -> 3068 Mo
C:\ (%systemdrive%) -> Disque fixe # 289 Go (76 Go libre(s) - 26%) [] # NTFS
D:\ -> Disque fixe # 9 Go (2 Go libre(s) - 18%) [HP_RECOVERY] # NTFS
E:\ -> CD-ROM
G:\ -> Disque amovible # 7 Go (7 Go libre(s) - 100%) [UDISK] # FAT32

################## | Éléments infectieux |


################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{6de2b9c1-83c0-11de-b088-001eecf08eec}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{7ff5e6f6-52c6-11df-9f48-001eecf08eec}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8f6df07a-745e-11de-842f-001eecf08eec}

################## | Listing |

[25/07/2010 - 10:57:32 | SHD ] C:\$RECYCLE.BIN
[24/07/2010 - 18:46:29 | A | 6190] C:\Ad-Report-CLEAN[1].txt
[24/07/2010 - 22:26:06 | A | 2404] C:\Ad-Report-CLEAN[2].txt
[24/07/2010 - 18:37:48 | A | 6324] C:\Ad-Report-SCAN[1].txt
[24/07/2010 - 22:22:31 | A | 2302] C:\Ad-Report-SCAN[2].txt
[24/07/2010 - 22:30:29 | A | 2415] C:\Ad-Report-SCAN[3].txt
[30/07/2008 - 01:44:29 | A | 74] C:\autoexec.bat
[18/01/2009 - 12:50:59 | A | 2452] C:\Autorun_dll.log
[05/02/2010 - 16:50:20 | SHD ] C:\boot
[11/04/2009 - 08:36:36 | RASH | 333257] C:\bootmgr
[04/09/2009 - 17:50:12 | A | 153798] C:\cddrvinstall.log
[18/09/2006 - 23:43:37 | A | 10] C:\config.sys
[02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings
[27/06/2010 - 14:03:23 | D ] C:\Downloads
[25/07/2010 - 10:07:00 | ASH | 3218042880] C:\hiberfil.sys
[17/01/2009 - 19:52:20 | HD ] C:\HP
[28/11/2008 - 07:01:16 | D ] C:\Intel
[26/07/2009 - 16:20:10 | RASH | 0] C:\IO.SYS
[17/01/2009 - 19:52:20 | AH | 373] C:\IPH.PH
[23/07/2010 - 20:18:30 | D ] C:\Kill'em
[26/07/2009 - 16:20:10 | RASH | 0] C:\MSDOS.SYS
[30/07/2008 - 01:54:17 | RHD ] C:\MSOCache
[25/07/2010 - 10:18:19 | D ] C:\N360_BACKUP
[25/07/2010 - 10:06:59 | ASH | 3531632640] C:\pagefile.sys
[21/01/2008 - 04:32:31 | D ] C:\PerfLogs
[24/07/2010 - 18:46:21 | RD ] C:\Program Files
[24/07/2010 - 18:46:21 | HD ] C:\ProgramData
[26/07/2009 - 16:20:25 | A | 90] C:\Setup.log
[29/07/2009 - 17:06:54 | D ] C:\Sounds
[04/09/2009 - 18:31:38 | D ] C:\SwSetup
[24/07/2010 - 17:54:43 | SHD ] C:\System Volume Information
[17/01/2009 - 19:51:02 | HD ] C:\System.sav
[03/02/2010 - 15:05:42 | D ] C:\Temp
[25/07/2010 - 10:57:32 | D ] C:\UsbFix
[25/07/2010 - 10:52:51 | A | 2976] C:\UsbFix.txt
[25/10/2009 - 18:35:30 | RD ] C:\Users
[14/07/2010 - 17:52:32 | D ] C:\Windows
[25/07/2010 - 10:57:32 | SHD ] D:\$RECYCLE.BIN
[17/01/2009 - 19:49:38 | SH | 13] D:\BLOCK.RIN
[28/11/2008 - 07:29:50 | RSHD ] D:\boot
[04/10/2006 - 01:02:44 | SH | 438328] D:\bootmgr
[26/03/2008 - 18:08:32 | SH | 1089] D:\Desktop.ini
[10/09/2002 - 18:14:28 | SH | 8134] D:\Folder.htt
[28/11/2008 - 07:30:26 | RSHD ] D:\HP
[18/01/2009 - 12:50:57 | ASH | 22] D:\HPCD.sys
[25/07/2010 - 10:07:19 | ASH | 222] D:\MASTER.LOG
[18/01/2009 - 12:21:13 | RSHD ] D:\PRELOAD
[16/09/2002 - 16:37:48 | SH | 181898] D:\protect.chinese hong kong
[16/09/2002 - 16:37:40 | SH | 181916] D:\protect.chinese simplified
[16/09/2002 - 16:37:48 | SH | 181898] D:\protect.chinese traditional
[27/04/2006 - 18:19:40 | SH | 181865] D:\protect.czech
[03/11/2005 - 17:21:26 | SH | 181726] D:\protect.danish
[10/09/2002 - 15:56:12 | SH | 181605] D:\protect.dutch
[10/09/2002 - 15:50:18 | SH | 181651] D:\protect.ed
[22/11/2004 - 17:28:30 | SH | 181648] D:\protect.english
[03/11/2005 - 17:20:20 | SH | 181673] D:\protect.finnish
[03/11/2005 - 17:19:52 | SH | 181736] D:\protect.french
[03/11/2005 - 17:18:10 | SH | 181669] D:\protect.german
[23/11/2005 - 17:56:46 | SH | 182689] D:\protect.greek
[23/01/2006 - 11:18:00 | SH | 182605] D:\protect.hebrew
[28/08/2007 - 16:58:08 | SH | 181696] D:\protect.hungarian
[03/11/2005 - 17:17:00 | SH | 181554] D:\protect.italian
[19/06/2007 - 17:22:10 | SH | 182351] D:\protect.japanese
[24/11/2005 - 13:24:44 | SH | 218295] D:\protect.korean
[03/11/2005 - 17:15:12 | SH | 181578] D:\protect.norwegian
[25/04/2006 - 16:44:10 | SH | 181789] D:\protect.polish
[03/11/2005 - 17:13:12 | SH | 181624] D:\protect.portuguese
[27/10/2005 - 21:24:10 | SH | 181882] D:\protect.portuguese brazilian
[28/06/2004 - 10:52:46 | SH | 211936] D:\protect.russian
[03/11/2005 - 17:11:46 | SH | 181586] D:\protect.spanish
[10/09/2002 - 16:15:06 | SH | 181602] D:\protect.swedish
[12/08/2003 - 12:37:30 | SH | 181783] D:\protect.turkish
[17/01/2009 - 20:38:26 | RSH | 26] D:\RCBoot.sys
[28/11/2008 - 07:29:48 | RD ] D:\RECOVERY
[28/11/2008 - 07:29:53 | RSHD ] D:\SOURCES
[04/08/2009 - 17:34:32 | SHD ] D:\System Volume Information
[28/11/2008 - 07:30:17 | RSHD ] D:\Tools
[28/11/2008 - 07:29:56 | RSHD ] D:\WINDOWS
[30/04/2010 - 13:48:24 | HD ] G:\CanonBJ

################## | Vaccin |

C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

################## | E.O.F |
25 Juillet 2010 15:45:27

Etrange... ou rassurant à priori il n'y a rien :
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4345

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

25/07/2010 15:03:23
mbam-log-2010-07-25 (15-03-23).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 148595
Temps écoulé: 8 minute(s), 0 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
25 Juillet 2010 16:09:20

twistagain62 a dit :
> Etrange... ou rassurant à priori il n'y a rien :


Re,

> Rassurant.

Poste un nouveau rapport ZHPDiag...


26 Juillet 2010 15:36:01

Merci de ta patience,
The rapport :
Rapport de ZHPDiag v1.26.31 par Nicolas Coolman, Update du 23/07/2010
Run by Peter at 26/07/2010 15:02:44
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.h...
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v7.0.6002.18005
MFIE: Mozilla Firefox (3.6.8)

---\\ System Information
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3068 MB (56% free)
System drive C: has 99 GB (34%) free of 289 GB

---\\ Logged in mode
Computer Name: PC-DE-PETER
User Name: Peter
All Users Names: postgres, Peter, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 99 Go of 289 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK


---\\ Processus lancés
[MD5.EE215321E83BE72AB77B6627FD149EAE] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [117640]
[MD5.19D93154C82FE39A99B269CED1056A92] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512]
[MD5.95B2B8B728BB1BFC000178CDC79AF023] - (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe [468264]
[MD5.6FC398F279D5F5E53E61683B5450195D] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032]
[MD5.544C1EF07AEC178A83538A251A72CE13] - (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.1BA064138A5EE6B61A11A552DC072E57] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [442467]
[MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [952768]
[MD5.6CF023F0A798C56599B8EA9FF9F083A0] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.B624202660474516E73AA95238FD9843] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe [813584]
[MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE [316720]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360]
[MD5.E96BC31E0114F0999FB0F92FC65D61CA] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE [55824]
[MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]
[MD5.892699A6AEB910C58B726BD70BEA4F4B] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528]
[MD5.642FA80C2C43EE609313746AA305DC86] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808]
[MD5.8B069EAE08AE6599A747445FBC83E0D3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Users\Public\ZHPDiag\ZHPDiag.exe [481280]


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.06 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Myriad Software. - Myriad music plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\NPMyrMus.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 8.2.2.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll (.not file.)


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Applications démarrées par registre & par dossier(O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [QPService] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [OnScreenDisplay] . (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] . (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Windows\KHALMNPR.EXE
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (.not file.)
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKLM\..\policies\Explorer: [BindDirectlyToPropertySetStorage] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=0
O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=0
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (.not file.)
O4 - Global Startup: Logitech SetPoint.lnk . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Philips SA19xx Device Manager.lnk . (.KeenHigh Tech. - Device manager for GoGear SA19xx.) -- C:\Program Files\Philips\GoGear SA19xx Device Manager\main.exe


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Recherche AOL Toolbar . (.Pas de propriétaire - Pas de description.) -- C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Tout télécharger avec BitComet . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe
O8 - Extra context menu item: Télécharger avec BitComet . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll


---\\ Internet Explorer Plugins (O12)
O12 - Plugin for .mu3 - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mxl - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mya - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myt - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Corporation - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.5.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) . (.Pas de propriétaire - CLSched Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Peter.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{F90DC18B-B935-4587-8F46-4A94EC4DEB26}.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\SwDir.dll


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Symantec Heuristics Driver (BHDrvx86) . (.Symantec Corporation - BASH Driver.) - C:\Windows\system32\Drivers\N360\0308000.029\BHDrvx86.sys
O41 - Driver: Symantec Hash Provider (ccHP) . (.Symantec Corporation - Common Client Hash Provider Driver.) - C:\Windows\system32\Drivers\N360\0308000.029\ccHPx86.sys
O41 - Driver: Symantec Eraser Control driver (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: IDSVix86 (IDSVix86) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys
O41 - Driver: Symantec Real Time Storage Protection (PEL) (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.sys
O41 - Driver: Symantec Network Security Intermediate Filter Driver (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\system32\DRIVERS\SymIMv.sys
O41 - Driver: Symantec Network Dispatch Driver (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\N360\0308000.029\SYMTDI.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: AIM 6 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: AOL Toolbar 5.0 - (.AOL LLC.) [HKLM]
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM]
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Reader 8.2.2 - Français - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM]
O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM]
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM]
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM]
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Baldur's Gate - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Baldur's Gate(TM) II - Shadows of Amn(TM) - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: BitComet 1.09 - (.~RnySmile~.) [HKLM]
O42 - Logiciel: Crystal Metronome 1.4.7 - (.MIL Software.) [HKLM]
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM]
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM]
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: GoGear SA19xx Device Manager - (.Philips.) [HKLM]
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Help and Support - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Quick Launch Buttons 6.40 D1 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP QuickPlay 3.7 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP QuickTouch 1.00 D2 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP User Guides 0103 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM]
O42 - Logiciel: Haali Matroska Splitter - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM]
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM]
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM]
O42 - Logiciel: Java(TM) 6 Update 6 - (.Sun Microsystems, Inc..) [HKLM]
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: KhalInstallWrapper - (.Logitech.) [HKLM]
O42 - Logiciel: LG MC USB Modem driver - (.LG Electronics.) [HKLM]
O42 - Logiciel: LG PC Suite II - (.LG PC Suite.) [HKLM]
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: Lame ACM MP3 Codec - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: LightScribe System Software 1.12.33.2 - (.LightScribe.) [HKLM]
O42 - Logiciel: Livebox - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Logitech SetPoint - (.Logitech.) [HKLM]
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Magic Desktop - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Mozilla Firefox (3.6.8) - (.Mozilla.) [HKLM]
O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM]
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM]
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: Norton Security Scan (Symantec Corporation) - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: PianoFX STUDIO 4.0 - (.Tanseon Systems.) [HKLM]
O42 - Logiciel: PostgreSQL 8.3 - (.PostgreSQL Global Development Group.) [HKLM]
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: ProtectSmart Hard Drive Protection - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: QuickPlay SlingPlayer 0.4.6 - (.SlingMedia.) [HKLM]
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM]
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB982135) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM]
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM]
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM]
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM]
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM]
O42 - Logiciel: eBay Icon - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM]

---\\ HKCU & HKLM Software Keys
[HKCU\Software\$PACKNAME]
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\AC3Filter]
[HKCU\Software\AOL]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\America Online]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\BitComet]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\CDDB]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreAAC]
[HKCU\Software\CyberLink]
[HKCU\Software\D-LUSiON]
[HKCU\Software\EasyBits]
[HKCU\Software\FreeTime]
[HKCU\Software\Full Tilt Poker]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\HP Guide]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\LG Electronics Inc]
[HKCU\Software\LG Media Player]
[HKCU\Software\LightScribe]
[HKCU\Software\Logitech]
[HKCU\Software\MIL Software]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mirage-Team Encoder Pack]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\Partouche]
[HKCU\Software\PatchPoker]
[HKCU\Software\Policies]
[HKCU\Software\Pvm]
[HKCU\Software\RealNetworks]
[HKCU\Software\ReflexiveArcade]
[HKCU\Software\Royal Philips]
[HKCU\Software\SOCID]
[HKCU\Software\Softonic]
[HKCU\Software\Softthinks]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VHLD]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\assompc]
[HKCU\Software\shockwave.com]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\AOL]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BD Inc]
[HKLM\Software\BioWare Corp.]
[HKLM\Software\BioWare Corp]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant]
[HKLM\Software\CyberLink]
[HKLM\Software\Debug]
[HKLM\Software\EasyBits]
[HKLM\Software\Full Tilt Poker]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\Gabest]
[HKLM\Software\GameSpy]
[HKLM\Software\Google]
[HKLM\Software\HPQLOG]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JMicron Technology Corp.]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LG Electronics]
[HKLM\Software\LG PC Suite]
[HKLM\Software\LightScribe]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Myriad Software]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\PTECH]
[HKLM\Software\Philips]
[HKLM\Software\Policies]
[HKLM\Software\PostgreSQL]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TrendMicro]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WholeSecurity]
[HKLM\Software\WildTangent]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\pgAdmin III]


---\\ Contenu des dossiers Program Files (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Remover
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\AGEIA Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AIM6
O43 - CFD:Common File Directory ----D- C:\Program Files\AOL
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\BitComet
O43 - CFD:Common File Directory ----D- C:\Program Files\Black Isle
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Crystal Metronome
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\d-lusion
O43 - CFD:Common File Directory ----D- C:\Program Files\EasyBits For Kids
O43 - CFD:Common File Directory ----D- C:\Program Files\EasyPHP-5.3.1
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FreeTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Full Tilt Poker
O43 - CFD:Common File Directory ----D- C:\Program Files\GRETECH
O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\HP
O43 - CFD:Common File Directory ----D- C:\Program Files\HP Games
O43 - CFD:Common File Directory ----D- C:\Program Files\IDT
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\LG Electronics
O43 - CFD:Common File Directory ----D- C:\Program Files\LG PC Suite II
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\muvee Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Norton 360
O43 - CFD:Common File Directory ----D- C:\Program Files\Norton Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files\NortonInstaller
O43 - CFD:Common File Directory R---D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Philips
O43 - CFD:Common File Directory ----D- C:\Program Files\PianoFX
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerStars
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerStars.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerTracker 3
O43 - CFD:Common File Directory ----D- C:\Program Files\PostgreSQL
O43 - CFD:Common File Directory ----D- C:\Program Files\Pvm
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\SAGEM
O43 - CFD:Common File Directory ----D- C:\Program Files\Symantec
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AOL
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\muvee Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 26/07/2010 - 13:17:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1581182]
O44 - LFC:[MD5.B4996B5CF782E6BA0C6C34E0F0AD2E6B] - 26/07/2010 - 13:07:24 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 25/07/2010 - 13:53:21 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 25/07/2010 - 13:53:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.DDE65B7C5D4387FCE5914DF416C53234] - 25/07/2010 - 09:57:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [5708]
O44 - LFC:[MD5.4271A731F0912D018B91D7863451CC8E] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.BF8A195718BDF4745D4E81CB3964B474] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [104070]
O44 - LFC:[MD5.295D3D333CE5EEE4EDFA1ED84A6DE253] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [126626]
O44 - LFC:[MD5.C1D90B636AB74D9222E4A211ABD7DF19] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [595996]
O44 - LFC:[MD5.420FEA6DAE0BD99D5ACF4679B223168A] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [679042]
O44 - LFC:[MD5.0210D0751F582E88B8CB634C70FE0E0A] - 24/07/2010 - 21:30:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[3].txt [2415]
O44 - LFC:[MD5.1562956371B146D003D9F71C725F1246] - 24/07/2010 - 21:26:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[2].txt [2404]
O44 - LFC:[MD5.CAF913009E48E619CB88BD821A5F8ABA] - 24/07/2010 - 21:22:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[2].txt [2302]
O44 - LFC:[MD5.723256FE740511D17A3FCF37FE30D9A2] - 24/07/2010 - 17:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [6190]
O44 - LFC:[MD5.D0BECF58E6A74BD7D0426EC76AED1174] - 24/07/2010 - 17:37:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [6324]
O44 - LFC:[MD5.D43683D7DB9F2103AE4A56C54B4EDEE8] - 23/07/2010 - 21:22:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [190973]
O44 - LFC:[MD5.9954EB03B30343CBFB790AA49CE2EB39] - 23/07/2010 - 18:58:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [236112]
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 23/07/2010 - 16:49:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\DOErrors.log [52]
O44 - LFC:[MD5.EF97D3B44EECBB5C3768F70B9B754577] - 14/07/2010 - 16:54:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [305464]
O44 - LFC:[MD5.A9C2AE88FB3487AC20707B4ACFFCA54E] - 14/07/2010 - 16:52:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WININIT.INI [47]
O44 - LFC:[MD5.131BC4447D0092AC8A57032DD1107D43] - 14/07/2010 - 16:52:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\wacam.TMP [724]
O44 - LFC:[MD5.131BC4447D0092AC8A57032DD1107D43] - 14/07/2010 - 16:51:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\wacam.ini [724]
O44 - LFC:[MD5.0C9DD626B5B0D0FE0E2A462282FEAFA8] - 14/07/2010 - 16:51:48 ---A- . (.Pas de propriétaire - MMPlugHostCtrl Module.) -- C:\Windows\System32\MMPlugHostCtrl.dll [169720]


---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \Drivers32\"vidc.ffds"="ffdshow.ax" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.XVID"="XVIDVFW.DLL" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.DIVX"="DIVX.DLL" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.wmv3"="wmv9vcm.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.lameacm"="LameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"wmv9vcm.dll"="Microsoft Windows Media Video 9 VCM" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=0


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.3B10711AD8656C097E0D16A41B29C54C] - 27/03/2008 - 12:11:34 ---A- . (.Hewlett-Packard Corporation - HP Accelerometer.) -- C:\Windows\system32\drivers\Accelerometer.sys
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.CF6A67C90951E3E763D2135DEDE44B85] - 02/11/2006 - 08:30:53 ---A- . (.Broadcom Corporation - BCM 802.11g Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.4CD6B056C5FD9E97C06FE74C81479517] - 24/01/2008 - 14:23:12 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\system32\drivers\enecir.sys
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 10/09/2009 - 12:54:17 R--A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys
O58 - SDL:[MD5.24F3F496C18EFC234777723A67A85F81] - 27/03/2008 - 12:12:12 ---A- . (.Hewlett-Packard Corporation - HP Disk Filter - SATA.) -- C:\Windows\system32\drivers\hpdskflt.sys
O58 - SDL:[MD5.35956140E686D53BF676CF0C778880FC] - 18/06/2007 - 16:12:04 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys
O58 - SDL:[MD5.DA971CFC625D13636E04C405948E9D62] - 08/07/2008 - 11:16:26 ---A- . (.JMicron Technology Corporation - JMicron JMB38X Flash Media Controller Driver.) -- C:\Windows\system32\drivers\jmcr.sys
O58 - SDL:[MD5.36FC312051A6919E97C5CDCE6360DDB4] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - LGE Mobile Driver.) -- C:\Windows\system32\drivers\lgmcbus.sys
O58 - SDL:[MD5.071162D8DA52736404AC803F2BC82736] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmccm.sys
O58 - SDL:[MD5.071162D8DA52736404AC803F2BC82736] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmccmnt.sys
O58 - SDL:[MD5.165A301A58D569D7A60186AE48170586] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Ethernet (WDM class registry for Windows 200.) -- C:\Windows\system32\drivers\lgmccr.sys
O58 - SDL:[MD5.793F99799F1D857537CF1810283A7DB9] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\lgmcmdfl.sys
O58 - SDL:[MD5.D991DBEE3A13F670928B4A9C07E67503] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\lgmcmdm.sys
O58 - SDL:[MD5.9761981C9656ABD1F13A6FC7B2D6B431] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\lgmcmgmt.sys
O58 - SDL:[MD5.3E3B259BE2C9031975170C4B7FFC7B6C] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Ethernet (NDIS 5 Miniport).) -- C:\Windows\system32\drivers\lgmcnd5.sys
O58 - SDL:[MD5.BC68570F3F3A7D07F50505B58D45C539] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC OBEX Interface Device Driver.) -- C:\Windows\system32\drivers\lgmcobex.sys
O58 - SDL:[MD5.2E29DA94E03474942B7CBF1952563C0A] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Ethernet.) -- C:\Windows\system32\drivers\lgmcunic.sys
O58 - SDL:[MD5.EB8B6BE7431A7DBD76AA88E03548CAF1] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmcwh.sys
O58 - SDL:[MD5.EB8B6BE7431A7DBD76AA88E03548CAF1] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmcwhnt.sys
O58 - SDL:[MD5.7F9C7B28CF1C859E1C42619EEA946DC8] - 17/06/2009 - 17:56:06 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys
O58 - SDL:[MD5.AB33792A87285344F43B5CE23421BAB0] - 17/06/2009 - 17:56:16 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.77030525CD86A93F1AF34FA9B96D33CE] - 17/06/2009 - 17:56:32 ---A- . (.Logitech, Inc. - Logitech USB Filter Driver..) -- C:\Windows\system32\drivers\LUsbFilt.sys
O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys
O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys
O58 - SDL:[MD5.E559EA9138C77B5D1FDA8C558764A25F] - 28/04/2008 - 07:29:26 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digit
26 Juillet 2010 22:03:08

twistagain62 a dit :
> Merci de ta patience,


Bonjour,

> ;) 

Ataleur...

A+
26 Juillet 2010 23:40:47

Bonsoir,

le rapport ZHPDiag est incomplet, poste-le sur Cijoint.

A+
27 Juillet 2010 15:18:14

Le voici :

Rapport de ZHPDiag v1.26.31 par Nicolas Coolman, Update du 23/07/2010
Run by Peter at 26/07/2010 15:02:44
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.h...
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v7.0.6002.18005
MFIE: Mozilla Firefox (3.6.8)

---\\ System Information
Platform : Windows Vista (TM) Home Premium (6.0.6002) Service Pack 2
Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3068 MB (56% free)
System drive C: has 99 GB (34%) free of 289 GB

---\\ Logged in mode
Computer Name: PC-DE-PETER
User Name: Peter
All Users Names: postgres, Peter, Administrateur,
Unselected Option: O1,O45,O61,O65,O82
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 99 Go of 289 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK


---\\ Processus lancés
[MD5.EE215321E83BE72AB77B6627FD149EAE] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [117640]
[MD5.19D93154C82FE39A99B269CED1056A92] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512]
[MD5.95B2B8B728BB1BFC000178CDC79AF023] - (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe [468264]
[MD5.6FC398F279D5F5E53E61683B5450195D] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032]
[MD5.544C1EF07AEC178A83538A251A72CE13] - (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752]
[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040]
[MD5.1BA064138A5EE6B61A11A552DC072E57] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [442467]
[MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [952768]
[MD5.6CF023F0A798C56599B8EA9FF9F083A0] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.B624202660474516E73AA95238FD9843] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe [813584]
[MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE [316720]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360]
[MD5.E96BC31E0114F0999FB0F92FC65D61CA] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE [55824]
[MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]
[MD5.892699A6AEB910C58B726BD70BEA4F4B] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [95528]
[MD5.642FA80C2C43EE609313746AA305DC86] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808]
[MD5.8B069EAE08AE6599A747445FBC83E0D3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Users\Public\ZHPDiag\ZHPDiag.exe [481280]


---\\ Plugins de navigateurs Opera/Firefox(P1/P2)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.06 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Myriad Software. - Myriad music plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\NPMyrMus.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 8.2.2.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll (.not file.)


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese...


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll


---\\ Applications démarrées par registre & par dossier(O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [QPService] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [OnScreenDisplay] . (. Hewlett-Packard Development Company, L.P. - HP QuickTouch On Screen Display.) -- C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] . (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Windows\KHALMNPR.EXE
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (.not file.)
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKLM\..\policies\Explorer: [BindDirectlyToPropertySetStorage] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=0
O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=0
O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=0
O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (.not file.)
O4 - Global Startup: Logitech SetPoint.lnk . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Philips SA19xx Device Manager.lnk . (.KeenHigh Tech. - Device manager for GoGear SA19xx.) -- C:\Program Files\Philips\GoGear SA19xx Device Manager\main.exe


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Recherche AOL Toolbar . (.Pas de propriétaire - Pas de description.) -- C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Tout télécharger avec BitComet . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe
O8 - Extra context menu item: Télécharger avec BitComet . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe
O8 - Extra context menu item: Télécharger toutes les vidéos avec BitComet . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} . (.BitComet - BitCometBHO.) -- C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll


---\\ Internet Explorer Plugins (O12)
O12 - Plugin for .mu3 - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mxl - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mya - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myt - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz - C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\3.8.0.41\coIEPlg.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Corporation - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.5.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) . (.Pas de propriétaire - CLSched Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Internet Security - Effectuer une analyse complète du système - Peter.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{F90DC18B-B935-4587-8F46-4A94EC4DEB26}.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\System32\Adobe\Director\SwDir.dll


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Symantec Heuristics Driver (BHDrvx86) . (.Symantec Corporation - BASH Driver.) - C:\Windows\system32\Drivers\N360\0308000.029\BHDrvx86.sys
O41 - Driver: Symantec Hash Provider (ccHP) . (.Symantec Corporation - Common Client Hash Provider Driver.) - C:\Windows\system32\Drivers\N360\0308000.029\ccHPx86.sys
O41 - Driver: Symantec Eraser Control driver (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: IDSVix86 (IDSVix86) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys
O41 - Driver: Symantec Real Time Storage Protection (PEL) (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.sys
O41 - Driver: Symantec Network Security Intermediate Filter Driver (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\system32\DRIVERS\SymIMv.sys
O41 - Driver: Symantec Network Dispatch Driver (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\N360\0308000.029\SYMTDI.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: AIM 6 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: AOL Toolbar 5.0 - (.AOL LLC.) [HKLM]
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM]
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Reader 8.2.2 - Français - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM]
O42 - Logiciel: Adobe Shockwave Player 11 - (.Adobe Systems, Inc..) [HKLM]
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM]
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM]
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Baldur's Gate - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Baldur's Gate(TM) II - Shadows of Amn(TM) - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: BitComet 1.09 - (.~RnySmile~.) [HKLM]
O42 - Logiciel: Crystal Metronome 1.4.7 - (.MIL Software.) [HKLM]
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM]
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: GearDrvs - (.GEAR Software.) [HKLM]
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: GoGear SA19xx Device Manager - (.Philips.) [HKLM]
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Help and Support - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Quick Launch Buttons 6.40 D1 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP QuickPlay 3.7 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP QuickTouch 1.00 D2 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP User Guides 0103 - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM]
O42 - Logiciel: Haali Matroska Splitter - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM]
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM]
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM]
O42 - Logiciel: Java(TM) 6 Update 6 - (.Sun Microsystems, Inc..) [HKLM]
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: KhalInstallWrapper - (.Logitech.) [HKLM]
O42 - Logiciel: LG MC USB Modem driver - (.LG Electronics.) [HKLM]
O42 - Logiciel: LG PC Suite II - (.LG PC Suite.) [HKLM]
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: Lame ACM MP3 Codec - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: LightScribe System Software 1.12.33.2 - (.LightScribe.) [HKLM]
O42 - Logiciel: Livebox - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Logitech SetPoint - (.Logitech.) [HKLM]
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Magic Desktop - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Mozilla Firefox (3.6.8) - (.Mozilla.) [HKLM]
O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM]
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM]
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: Norton Security Scan (Symantec Corporation) - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM]
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: PianoFX STUDIO 4.0 - (.Tanseon Systems.) [HKLM]
O42 - Logiciel: PostgreSQL 8.3 - (.PostgreSQL Global Development Group.) [HKLM]
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM]
O42 - Logiciel: ProtectSmart Hard Drive Protection - (.Hewlett-Packard.) [HKLM]
O42 - Logiciel: QuickPlay SlingPlayer 0.4.6 - (.SlingMedia.) [HKLM]
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM]
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982312) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB982331) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB982308) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB982135) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM]
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM]
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM]
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM]
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM]
O42 - Logiciel: eBay Icon - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM]

---\\ HKCU & HKLM Software Keys
[HKCU\Software\$PACKNAME]
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\AC3Filter]
[HKCU\Software\AOL]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\America Online]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\BitComet]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\CDDB]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreAAC]
[HKCU\Software\CyberLink]
[HKCU\Software\D-LUSiON]
[HKCU\Software\EasyBits]
[HKCU\Software\FreeTime]
[HKCU\Software\Full Tilt Poker]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\HP Guide]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\LG Electronics Inc]
[HKCU\Software\LG Media Player]
[HKCU\Software\LightScribe]
[HKCU\Software\Logitech]
[HKCU\Software\MIL Software]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mirage-Team Encoder Pack]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\Partouche]
[HKCU\Software\PatchPoker]
[HKCU\Software\Policies]
[HKCU\Software\Pvm]
[HKCU\Software\RealNetworks]
[HKCU\Software\ReflexiveArcade]
[HKCU\Software\Royal Philips]
[HKCU\Software\SOCID]
[HKCU\Software\Softonic]
[HKCU\Software\Softthinks]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VHLD]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\assompc]
[HKCU\Software\shockwave.com]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\AOL]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BD Inc]
[HKLM\Software\BioWare Corp.]
[HKLM\Software\BioWare Corp]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant]
[HKLM\Software\CyberLink]
[HKLM\Software\Debug]
[HKLM\Software\EasyBits]
[HKLM\Software\Full Tilt Poker]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\Gabest]
[HKLM\Software\GameSpy]
[HKLM\Software\Google]
[HKLM\Software\HPQLOG]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JMicron Technology Corp.]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LG Electronics]
[HKLM\Software\LG PC Suite]
[HKLM\Software\LightScribe]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Myriad Software]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\PTECH]
[HKLM\Software\Philips]
[HKLM\Software\Policies]
[HKLM\Software\PostgreSQL]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TrendMicro]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WholeSecurity]
[HKLM\Software\WildTangent]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\pgAdmin III]


---\\ Contenu des dossiers Program Files (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD:Common File Directory ----D- C:\Program Files\Ad-Remover
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\AGEIA Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\AIM6
O43 - CFD:Common File Directory ----D- C:\Program Files\AOL
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\BitComet
O43 - CFD:Common File Directory ----D- C:\Program Files\Black Isle
O43 - CFD:Common File Directory ----D- C:\Program Files\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\Crystal Metronome
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\d-lusion
O43 - CFD:Common File Directory ----D- C:\Program Files\EasyBits For Kids
O43 - CFD:Common File Directory ----D- C:\Program Files\EasyPHP-5.3.1
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\FreeTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Full Tilt Poker
O43 - CFD:Common File Directory ----D- C:\Program Files\GRETECH
O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard
O43 - CFD:Common File Directory ----D- C:\Program Files\HP
O43 - CFD:Common File Directory ----D- C:\Program Files\HP Games
O43 - CFD:Common File Directory ----D- C:\Program Files\IDT
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Intel
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\LG Electronics
O43 - CFD:Common File Directory ----D- C:\Program Files\LG PC Suite II
O43 - CFD:Common File Directory ----D- C:\Program Files\List_Kill'em
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\muvee Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Norton 360
O43 - CFD:Common File Directory ----D- C:\Program Files\Norton Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files\NortonInstaller
O43 - CFD:Common File Directory R---D- C:\Program Files\Online Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Philips
O43 - CFD:Common File Directory ----D- C:\Program Files\PianoFX
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerStars
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerStars.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\PokerTracker 3
O43 - CFD:Common File Directory ----D- C:\Program Files\PostgreSQL
O43 - CFD:Common File Directory ----D- C:\Program Files\Pvm
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\SAGEM
O43 - CFD:Common File Directory ----D- C:\Program Files\Symantec
O43 - CFD:Common File Directory ----D- C:\Program Files\Synaptics
O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AOL
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Blizzard Entertainment
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logishrd
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\muvee Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.00000000000000000000000000000000] - 26/07/2010 - 13:17:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1581182]
O44 - LFC:[MD5.B4996B5CF782E6BA0C6C34E0F0AD2E6B] - 26/07/2010 - 13:07:24 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 25/07/2010 - 13:53:21 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]
O44 - LFC:[MD5.67B48A903430C6D4FB58CBACA1866601] - 25/07/2010 - 13:53:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]
O44 - LFC:[MD5.DDE65B7C5D4387FCE5914DF416C53234] - 25/07/2010 - 09:57:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix.txt [5708]
O44 - LFC:[MD5.4271A731F0912D018B91D7863451CC8E] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.BF8A195718BDF4745D4E81CB3964B474] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [104070]
O44 - LFC:[MD5.295D3D333CE5EEE4EDFA1ED84A6DE253] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [126626]
O44 - LFC:[MD5.C1D90B636AB74D9222E4A211ABD7DF19] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [595996]
O44 - LFC:[MD5.420FEA6DAE0BD99D5ACF4679B223168A] - 24/07/2010 - 21:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [679042]
O44 - LFC:[MD5.0210D0751F582E88B8CB634C70FE0E0A] - 24/07/2010 - 21:30:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[3].txt [2415]
O44 - LFC:[MD5.1562956371B146D003D9F71C725F1246] - 24/07/2010 - 21:26:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[2].txt [2404]
O44 - LFC:[MD5.CAF913009E48E619CB88BD821A5F8ABA] - 24/07/2010 - 21:22:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[2].txt [2302]
O44 - LFC:[MD5.723256FE740511D17A3FCF37FE30D9A2] - 24/07/2010 - 17:46:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-CLEAN[1].txt [6190]
O44 - LFC:[MD5.D0BECF58E6A74BD7D0426EC76AED1174] - 24/07/2010 - 17:37:48 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Ad-Report-SCAN[1].txt [6324]
O44 - LFC:[MD5.D43683D7DB9F2103AE4A56C54B4EDEE8] - 23/07/2010 - 21:22:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [190973]
O44 - LFC:[MD5.9954EB03B30343CBFB790AA49CE2EB39] - 23/07/2010 - 18:58:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [236112]
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 23/07/2010 - 16:49:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\DOErrors.log [52]
O44 - LFC:[MD5.EF97D3B44EECBB5C3768F70B9B754577] - 14/07/2010 - 16:54:57 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [305464]
O44 - LFC:[MD5.A9C2AE88FB3487AC20707B4ACFFCA54E] - 14/07/2010 - 16:52:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WININIT.INI [47]
O44 - LFC:[MD5.131BC4447D0092AC8A57032DD1107D43] - 14/07/2010 - 16:52:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\wacam.TMP [724]
O44 - LFC:[MD5.131BC4447D0092AC8A57032DD1107D43] - 14/07/2010 - 16:51:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\wacam.ini [724]
O44 - LFC:[MD5.0C9DD626B5B0D0FE0E2A462282FEAFA8] - 14/07/2010 - 16:51:48 ---A- . (.Pas de propriétaire - MMPlugHostCtrl Module.) -- C:\Windows\System32\MMPlugHostCtrl.dll [169720]


---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \Drivers32\"vidc.ffds"="ffdshow.ax" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.XVID"="XVIDVFW.DLL" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.DIVX"="DIVX.DLL" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.wmv3"="wmv9vcm.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.lameacm"="LameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"wmv9vcm.dll"="Microsoft Windows Media Video 9 VCM" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=0


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.3B10711AD8656C097E0D16A41B29C54C] - 27/03/2008 - 12:11:34 ---A- . (.Hewlett-Packard Corporation - HP Accelerometer.) -- C:\Windows\system32\drivers\Accelerometer.sys
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.CF6A67C90951E3E763D2135DEDE44B85] - 02/11/2006 - 08:30:53 ---A- . (.Broadcom Corporation - BCM 802.11g Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.4CD6B056C5FD9E97C06FE74C81479517] - 24/01/2008 - 14:23:12 ---A- . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome.) -- C:\Windows\system32\drivers\enecir.sys
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 10/09/2009 - 12:54:17 R--A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys
O58 - SDL:[MD5.24F3F496C18EFC234777723A67A85F81] - 27/03/2008 - 12:12:12 ---A- . (.Hewlett-Packard Corporation - HP Disk Filter - SATA.) -- C:\Windows\system32\drivers\hpdskflt.sys
O58 - SDL:[MD5.35956140E686D53BF676CF0C778880FC] - 18/06/2007 - 16:12:04 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys
O58 - SDL:[MD5.DA971CFC625D13636E04C405948E9D62] - 08/07/2008 - 11:16:26 ---A- . (.JMicron Technology Corporation - JMicron JMB38X Flash Media Controller Driver.) -- C:\Windows\system32\drivers\jmcr.sys
O58 - SDL:[MD5.36FC312051A6919E97C5CDCE6360DDB4] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - LGE Mobile Driver.) -- C:\Windows\system32\drivers\lgmcbus.sys
O58 - SDL:[MD5.071162D8DA52736404AC803F2BC82736] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmccm.sys
O58 - SDL:[MD5.071162D8DA52736404AC803F2BC82736] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmccmnt.sys
O58 - SDL:[MD5.165A301A58D569D7A60186AE48170586] - 09/01/2008 - 10:22:24 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Ethernet (WDM class registry for Windows 200.) -- C:\Windows\system32\drivers\lgmccr.sys
O58 - SDL:[MD5.793F99799F1D857537CF1810283A7DB9] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\lgmcmdfl.sys
O58 - SDL:[MD5.D991DBEE3A13F670928B4A9C07E67503] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\lgmcmdm.sys
O58 - SDL:[MD5.9761981C9656ABD1F13A6FC7B2D6B431] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\lgmcmgmt.sys
O58 - SDL:[MD5.3E3B259BE2C9031975170C4B7FFC7B6C] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Ethernet (NDIS 5 Miniport).) -- C:\Windows\system32\drivers\lgmcnd5.sys
O58 - SDL:[MD5.BC68570F3F3A7D07F50505B58D45C539] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC OBEX Interface Device Driver.) -- C:\Windows\system32\drivers\lgmcobex.sys
O58 - SDL:[MD5.2E29DA94E03474942B7CBF1952563C0A] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - LGE Mobile USB WMC Ethernet.) -- C:\Windows\system32\drivers\lgmcunic.sys
O58 - SDL:[MD5.EB8B6BE7431A7DBD76AA88E03548CAF1] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmcwh.sys
O58 - SDL:[MD5.EB8B6BE7431A7DBD76AA88E03548CAF1] - 09/01/2008 - 10:22:26 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\lgmcwhnt.sys
O58 - SDL:[MD5.7F9C7B28CF1C859E1C42619EEA946DC8] - 17/06/2009 - 17:56:06 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys
O58 - SDL:[MD5.AB33792A87285344F43B5CE23421BAB0] - 17/06/2009 - 17:56:16 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.77030525CD86A93F1AF34FA9B96D33CE] - 17/06/2009 - 17:56:32 ---A- . (.Logitech, Inc. - Logitech USB Filter Driver..) -- C:\Windows\system32\drivers\LUsbFilt.sys
O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys
O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys
O58 - SDL:[MD5.E559EA9138C77B5D1FDA8C558764A25F] - 28/04/2008 - 07:29:26 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw5v32.sys
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys
O58 - SDL:[MD5.F972DC046C374A9E02F2DFBE74EBB203] - 14/05/2008 - 03:09:00 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda32v.sys
O58 - SDL:[MD5.6C1C07916A4FED3E26BF399F07370986] - 14/05/2008 - 03:09:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.) -- C:\Windows\system32\drivers\nvlddmkm.sys
O58 - SDL:[MD5.1657F3FBD9061526C14FF37E79306F98] - 02/11/2006 - 08:30:56 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm60x32.sys
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Dri
27 Juillet 2010 15:37:23

et le restant :sweat: 
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:[MD5.2FC33077F85D7DC0D03678C06D43898C] - 02/05/2008 - 14:59:40 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.21CC262AB5F42F7A6B91DC7304C2F267] - 27/06/2008 - 16:44:18 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt.sys
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys
O58 - SDL:[MD5.A54FF04BD6E75DC4D8CB6F3E352635E0] - 11/09/2009 - 09:56:42 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\system32\drivers\SYMEVENT.SYS
O58 - SDL:[MD5.34F1C9D5DCC19DF1E824D6B73767B8AF] - 22/08/2009 - 09:13:59 R--A- . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) -- C:\Windows\system32\drivers\SymIMV.sys
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys
O58 - SDL:[MD5.BF7AA84D5AF0FAA0978C840E63B17DBF] - 18/01/2008 - 12:31:26 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS
O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:23:23 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS
O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS


---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.)
O63 - Logiciel: Usbfix By C_XX & El Desaparecido - (.C_XX & El Desaparecido.)
O63 - Logiciel: ZHPDiag 1.26 - (.Nicolas Coolman.)
O63 - Logiciel: List_Kill'em 2.0.2.0 - (.g3n-h@ckm@n.)


---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - C:\Windows\system32\drivers\adp94xx.sys - adp94xx (adp94xx) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX
O64 - Services: CurCS - C:\Windows\system32\drivers\adpahci.sys - adpahci (adpahci) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI
O64 - Services: CurCS - C:\Windows\system32\drivers\adpu160m.sys - adpu160m (adpu160m) .(.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) - LEGACY_ADPU160M
O64 - Services: CurCS - C:\Windows\system32\drivers\adpu320.sys - adpu320 (adpu320) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) - LEGACY_ADPU320
O64 - Services: CurCS - C:\Windows\system32\drivers\djsvs.sys - aic78xx (aic78xx) .(.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) - LEGACY_AIC78XX
O64 - Services: CurCS - C:\Windows\system32\drivers\aliide.sys - aliide (aliide) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE
O64 - Services: CurCS - C:\Windows\system32\drivers\arc.sys - arc (arc) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC
O64 - Services: CurCS - C:\Windows\system32\drivers\arcsas.sys - arcsas (arcsas) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS
O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\system32\Drivers\N360\0308000.029\BHDrvx86.sys - Symantec Heuristics Driver (BHDrvx86) .(.Symantec Corporation - BASH Driver.) - LEGACY_BHDRVX86
O64 - Services: CurCS - C:\Windows\system32\Drivers\N360\0308000.029\ccHPx86.sys - Symantec Hash Provider (ccHP) .(.Symantec Corporation - Common Client Hash Provider Driver.) - LEGACY_CCHP
O64 - Services: CurCS - C:\Windows\system32\drivers\cmdide.sys - cmdide (cmdide) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE
O64 - Services: CurCS - (.not file.) - CO_Mon (CO_Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_CO_MON
O64 - Services: CurCS - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys - Symantec Eraser Control driver (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - C:\Windows\system32\drivers\elxstor.sys - elxstor (elxstor) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10741 (EraserUtilDrv10741) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10741
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10910 (EraserUtilDrv10910) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10910
O64 - Services: CurCS - (.not file.) - EraserUtilDrv10920 (EraserUtilDrv10920) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV10920
O64 - Services: CurCS - (.not file.) - EraserUtilDrv11010 (EraserUtilDrv11010) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRV11010
O64 - Services: CurCS - (.not file.) - EraserUtilDrvI7 (EraserUtilDrvI7) .(.Pas de propriétaire - Pas de description.) - LEGACY_ERASERUTILDRVI7
O64 - Services: CurCS - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - EraserUtilRebootDrv (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\drivers\hpcisss.sys - HpCISSs (HpCISSs) .(.Hewlett-Packard Company - Smart Array Storport Driver.) - LEGACY_HPCISSS
O64 - Services: CurCS - C:\Windows\system32\drivers\iastorv.sys - Intel RAID Controller Vista (iaStorV) .(.Intel Corporation - Intel Matrix Storage Manager driver (base).) - LEGACY_IASTORV
O64 - Services: CurCS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100723.001\IDSvix86.sys - Symantec Intrusion Prevention Driver (IDSvix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86
O64 - Services: CurCS - C:\Windows\system32\drivers\iirsp.sys - iirsp (iirsp) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP
O64 - Services: CurCS - C:\Windows\system32\drivers\iteatapi.sys - ITEATAPI_Service_Install (iteatapi) .(.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) - LEGACY_ITEATAPI
O64 - Services: CurCS - C:\Windows\system32\drivers\iteraid.sys - ITERAID_Service_Install (iteraid) .(.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) - LEGACY_ITERAID
O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_fc.sys - LSI_FC (LSI_FC) .(.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC
O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_sas.sys - LSI_SAS (LSI_SAS) .(.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS
O64 - Services: CurCS - C:\Windows\system32\drivers\lsi_scsi.sys - LSI_SCSI (LSI_SCSI) .(.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR
O64 - Services: CurCS - C:\Windows\system32\drivers\megasas.sys - megasas (megasas) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS
O64 - Services: CurCS - C:\Windows\system32\drivers\megasr.sys - MegaSR (MegaSR) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR
O64 - Services: CurCS - C:\Windows\system32\drivers\mraid35x.sys - Mraid35x (Mraid35x) .(.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X
O64 - Services: CurCS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100725.021\NAVENG.sys - NAVENG (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG
O64 - Services: CurCS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100725.021\NAVEX15.sys - NAVEX15 (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15
O64 - Services: CurCS - C:\Windows\system32\drivers\nfrd960.sys - nfrd960 (nfrd960) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960
O64 - Services: CurCS - C:\Windows\system32\drivers\nvraid.sys - NVIDIA nForce RAID Driver (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - C:\Windows\system32\drivers\nvstor.sys - nvstor (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - C:\Windows\system32\drivers\ql2300.sys - QLogic Fibre Channel Miniport Driver (ql2300) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300
O64 - Services: CurCS - C:\Windows\system32\drivers\ql40xx.sys - QLogic iSCSI Miniport Driver (ql40xx) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX
O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\drivers\sisraid4.sys - SiSRaid4 (SiSRaid4) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4
O64 - Services: CurCS - (.not file.) - SPBBCDrv (SPBBCDrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPBBCDRV
O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\N360\0308000.029\SRTSP.sys - Symantec Real Time Storage Protection (SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP
O64 - Services: CurCS - C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.sys - SRTSPX (SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX
O64 - Services: CurCS - C:\Windows\system32\drivers\symc8xx.sys - Symc8xx (Symc8xx) .(.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX
O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMDNS
O64 - Services: CurCS - C:\Windows\system32\drivers\N360\0308000.029\SYMEFA.sys - Symantec Extended File Attributes (SymEFA) .(.Symantec Corporation - Symantec Extended File Attributes.) - LEGACY_SYMEFA
O64 - Services: CurCS - C:\Windows\system32\Drivers\SYMEVENT.sys - SymEvent (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT
O64 - Services: CurCS - C:\Windows\system32\Drivers\N360\0308000.029\SYMFW.sys - SYMFW (SYMFW) .(.Symantec Corporation - Firewall Filter Driver.) - LEGACY_SYMFW
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\SymIMv.sys - Symantec Network Security Intermediate Filter Driver (SymIM) .(.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - LEGACY_SYMIM
O64 - Services: CurCS - C:\Windows\system32\Drivers\N360\0308000.029\SYMNDISV.sys - SYMNDISV (SYMNDISV) .(.Symantec Corporation - NDIS Filter Driver.) - LEGACY_SYMNDISV
O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMREDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\N360\0308000.029\SYMTDI.sys - SYMTDI (SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI
O64 - Services: CurCS - C:\Windows\system32\drivers\sym_hi.sys - Sym_hi (Sym_hi) .(.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI
O64 - Services: CurCS - C:\Windows\system32\drivers\sym_u3.sys - Sym_u3 (Sym_u3) .(.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) - LEGACY_SYM_U3
O64 - Services: CurCS - C:\Windows\system32\drivers\uliahci.sys - uliahci (uliahci) .(.ULi Electronics Inc. - ULi SATA Controller Driver.) - LEGACY_ULIAHCI
O64 - Services: CurCS - C:\Windows\system32\drivers\ulsata.sys - UlSata (UlSata) .(.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) - LEGACY_ULSATA
O64 - Services: CurCS - C:\Windows\system32\drivers\ulsata2.sys - ulsata2 (ulsata2) .(.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) - LEGACY_ULSATA2
O64 - Services: CurCS - C:\Windows\system32\drivers\viaide.sys - viaide (viaide) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE
O64 - Services: CurCS - C:\Windows\system32\drivers\vsmraid.sys - vsmraid (vsmraid) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe


---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe


---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\\jdpmdtr6.default\searchplugins\conduit.xml
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Recherche AOL Toolbar]
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\E&xporter vers Microsoft Excel]
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\Tout télécharger avec BitComet]
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\Télécharger avec BitComet]
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\Télécharger toutes les vidéos avec BitComet]
O69 - SBI: SearchScopes ${searchCLSID}- (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes {230C22EE-865B-4F83-92C2-08CF69DA6578}- (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes {B3D1C463-0C12-4F24-BCB2-7943255E8DC0}- (Kelkoo) - http://fr.kelkoopartners.net


---\\ Recherche d'infection Master Boot Record (O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by Peter at 26/07/2010 15:06:22
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
kernel: MBR read successfully
user & kernel MBR OK



End of the scan (926 lines in 03mn 38s)
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS