Supprimer hiddenext/crypted et heur/crypted

pec5 -  
gdbod Messages postés 14 Statut Membre -
Bonjour,

Voila, je viens de rentrer et antivir me détecte hiddenext/crypted et heur/crypted dans un fichier qui se trouve sur : c:/users/..../app dat/local/temp/tn7en7h4a66.exe

j'attends vos instructions,
merci d'avance.

21 réponses

  • 1
  • 2
  1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    @Vent d'ouest : en plus d'avoir utilisé mon canned [tu te mettra à la tâche pour faire les tiens] tu as ici l exemple que je te parlais hier : un hook légitime du MBR.

    TDSS Killer n'a lieu d'être pour ce cas.

    De plus, ComboFix a supprimé une application légitime : cacaoweb n'est pas néfaste.

    A+
    .::. Contributeur Sécurité .::.
    1
  2. Vent d'ouest Messages postés 714 Statut Membre 41
     
    Salut,

    Télécharge ComboFix (de sUBs) sur ton Bureau.

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    * Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
    * Il va te demander d'installer la console de récupération : ACCEPTE !.
    * Ne touche pas au pc durant le scan.
    * Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
    0
  3. gdbod Messages postés 14 Statut Membre
     
    Bonsoir,

    J'ai poster ma question avant d'être inscrit sous le forum, et je me suis inscrit sous un nom différent, mais je suis bien pec5.

    Tous d'abord merci pour ton aide et voici le rapport :

    ComboFix 11-05-16.01 - Bool 16/05/2011 20:28:01.1.4 - x64
    Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.4079.2598 [GMT 2:00]
    Lancé depuis: d:\téléchargement\ComboFix.exe
    AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
    SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\ntuser.dat
    c:\users\Bool\AppData\Roaming\cacaoweb
    c:\users\Bool\AppData\Roaming\cacaoweb\ad96D9145E8C867A23E1125CAAA9681BE1.ad
    c:\users\Bool\AppData\Roaming\cacaoweb\adstorage.db
    c:\users\Bool\AppData\Roaming\cacaoweb\cacaoweb.exe
    c:\users\Bool\AppData\Roaming\cacaoweb\replicating48F3E345B89138CBB49C50156896E1ED.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\replicating6EB43FA71E6F33A894BFF060077AE784.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\replicating7A7F7A97478CB921B01585E21980B0DB.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\replicatingA878635A24EE94F14F0B7DBAAB7B8E13.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\replicatingBC433BA3C1F15321C18B93FCD98E8469.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\replicatingC3994D1DACB44D14793D473EA063D221.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\replicatingD723D7EBE9D3C727703CA9756F2B2FB3.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\replicatingF6CD467E048874A43B7FCD1CA2AEE1C3.cacao
    c:\users\Bool\AppData\Roaming\cacaoweb\storage.db
    c:\users\Bool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rundll32 .exe
    c:\users\Bool\AppData\Roaming\TN7EN7H4A66.exe
    .
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-16 au 2011-05-16 ))))))))))))))))))))))))))))))))))))
    .
    .
    2011-05-16 17:08 . 2011-05-16 17:08 -------- d-----w- c:\users\Bool\AppData\Local\{FC272E97-0A35-4D15-BC05-83546723CB5E}
    2011-05-16 15:28 . 2011-05-16 15:28 388096 ----a-r- c:\users\Bool\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-05-16 15:28 . 2011-05-16 15:28 -------- d-----w- c:\program files (x86)\Trend Micro
    2011-05-15 12:04 . 2011-05-15 12:04 -------- d-----w- c:\users\Bool\AppData\Local\SKIDROW
    2011-05-14 17:07 . 2011-05-16 05:08 -------- d-----w- c:\users\Bool\AppData\Local\{EECA1257-3AFB-45FB-A386-F8EEBDF65278}
    2011-05-14 08:28 . 2009-08-24 20:13 34304 ----a-w- c:\windows\system32\DfSdkBt.exe
    2011-05-13 17:07 . 2011-05-14 05:07 -------- d-----w- c:\users\Bool\AppData\Local\{29247309-72A2-4B59-89C3-25AE697E7E1F}
    2011-05-13 16:17 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
    2011-05-13 16:17 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
    2011-05-13 15:11 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
    2011-05-13 15:11 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2011-05-13 15:11 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2011-05-13 05:06 . 2011-05-13 05:06 -------- d-----w- c:\users\Bool\AppData\Local\{1962222F-8AA4-41F7-BF51-B2CE64B539AF}
    2011-05-12 17:06 . 2011-05-12 17:06 -------- d-----w- c:\users\Bool\AppData\Local\{0F6C679C-3479-4E88-995C-2A14F3E48E58}
    2011-05-12 05:06 . 2011-05-12 05:06 -------- d-----w- c:\users\Bool\AppData\Local\{D26CE2AE-C9D8-4910-8F4F-5828B85507ED}
    2011-05-11 17:06 . 2011-05-11 17:06 -------- d-----w- c:\users\Bool\AppData\Local\{0B7C8096-46AB-41FD-B9B6-7F16DFDD712B}
    2011-05-11 05:05 . 2011-05-11 05:06 -------- d-----w- c:\users\Bool\AppData\Local\{BCF9529D-D139-4DD3-88AF-2B6DA8BF2D11}
    2011-05-10 17:05 . 2011-05-10 17:05 -------- d-----w- c:\users\Bool\AppData\Local\{72B375A5-B37B-4D43-9025-2216C9E125FD}
    2011-05-10 05:05 . 2011-05-10 05:05 -------- d-----w- c:\users\Bool\AppData\Local\{D85FF01F-3B84-41C8-929A-B866CBEFAF05}
    2011-05-09 17:05 . 2011-05-09 17:05 -------- d-----w- c:\users\Bool\AppData\Local\{CE626681-5D67-42C3-98D7-7C427767CE87}
    2011-05-09 05:05 . 2011-05-09 05:05 -------- d-----w- c:\users\Bool\AppData\Local\{2299A396-A643-4C8D-8F00-35879E44D8FD}
    2011-05-08 17:04 . 2011-05-08 17:05 -------- d-----w- c:\users\Bool\AppData\Local\{A04D248E-6124-4DD8-9319-6BDAC3DD0EBF}
    2011-05-08 05:04 . 2011-05-08 05:04 -------- d-----w- c:\users\Bool\AppData\Local\{2E8701B6-318F-4C6C-B7A1-FF69364E208F}
    2011-05-07 17:04 . 2011-05-07 17:04 -------- d-----w- c:\users\Bool\AppData\Local\{B17CD30F-29A7-49E1-86AF-A9B2B2DBE702}
    2011-05-07 05:04 . 2011-05-07 05:04 -------- d-----w- c:\users\Bool\AppData\Local\{EB710DB4-103D-44F2-8AD6-7861124166C0}
    2011-05-06 17:04 . 2011-05-06 17:04 -------- d-----w- c:\users\Bool\AppData\Local\{36A4396C-DF31-41E8-A7DD-4AC62DD429D1}
    2011-05-06 05:03 . 2011-05-06 05:04 -------- d-----w- c:\users\Bool\AppData\Local\{8DB1F28D-465F-4C33-9378-06FAAE53CB3A}
    2011-05-05 17:03 . 2011-05-05 17:03 -------- d-----w- c:\users\Bool\AppData\Local\{A754597B-9747-4A62-B15B-38C9F571B309}
    2011-05-05 05:03 . 2011-05-05 05:03 -------- d-----w- c:\users\Bool\AppData\Local\{CBD957A0-ABF3-480C-80DA-DC905A071BE5}
    2011-05-04 19:05 . 2011-05-04 19:05 -------- d-----w- c:\users\Bool\AppData\Local\ElevatedDiagnostics
    2011-05-04 17:03 . 2011-05-04 17:03 -------- d-----w- c:\users\Bool\AppData\Local\{AB72615B-93CB-4317-AEE5-08A46068A694}
    2011-05-04 05:03 . 2011-05-04 05:03 -------- d-----w- c:\users\Bool\AppData\Local\{D571FA7E-2512-4441-9BEA-04DF87DFAF88}
    2011-05-03 14:19 . 2011-05-03 14:19 -------- d-----w- c:\users\Bool\AppData\Local\{8170EA2C-FF72-4AEC-A357-89E5CC695AC1}
    2011-05-02 16:34 . 2011-05-02 16:34 -------- d-----w- c:\users\Bool\AppData\Local\{D22839A9-754C-47FD-8532-8852672FB531}
    2011-05-02 04:34 . 2011-05-02 04:34 -------- d-----w- c:\users\Bool\AppData\Local\{D87094D5-4A14-4B92-A139-3579D937D500}
    2011-05-01 16:34 . 2011-05-01 16:34 -------- d-----w- c:\users\Bool\AppData\Local\{AB53041D-1F7C-4071-A002-11006410ED7F}
    2011-05-01 04:34 . 2011-05-01 04:34 -------- d-----w- c:\users\Bool\AppData\Local\{B755D4D7-7038-4F88-BB23-6BAF8B3A262E}
    2011-04-30 16:33 . 2011-04-30 16:34 -------- d-----w- c:\users\Bool\AppData\Local\{088AFAB3-7411-49DF-B298-27D0768994D7}
    2011-04-29 04:33 . 2011-04-30 04:33 -------- d-----w- c:\users\Bool\AppData\Local\{84B3C6A5-00E9-4EF7-BE4A-22A7483FE8EA}
    2011-04-28 20:34 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
    2011-04-28 20:34 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
    2011-04-28 20:34 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2011-04-28 20:34 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
    2011-04-28 20:34 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
    2011-04-28 20:34 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
    2011-04-28 20:34 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
    2011-04-28 20:34 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
    2011-04-28 20:34 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
    2011-04-28 20:34 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
    2011-04-28 20:34 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
    2011-04-28 20:33 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
    2011-04-28 20:33 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-04-28 20:33 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
    2011-04-28 20:33 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
    2011-04-28 20:33 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
    2011-04-28 20:33 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
    2011-04-26 02:44 . 2011-04-28 14:45 -------- d-----w- c:\users\Bool\AppData\Local\{2420A446-4735-4183-9894-885FD0B28DDC}
    2011-04-25 14:43 . 2011-04-25 14:43 -------- d-----w- c:\users\Bool\AppData\Local\{D22D5EFD-0357-40CA-B35B-8DC77AF83803}
    2011-04-25 02:43 . 2011-04-25 02:43 -------- d-----w- c:\users\Bool\AppData\Local\{7944CF6F-742C-46C1-90DA-641DCEB9E0F4}
    2011-04-24 14:43 . 2011-04-24 14:43 -------- d-----w- c:\users\Bool\AppData\Local\{DE8B4702-6F5B-491D-858E-DC3F59C4512D}
    2011-04-24 02:43 . 2011-04-24 02:43 -------- d-----w- c:\users\Bool\AppData\Local\{CBAE5443-B6CD-401F-9D1A-F02DE6918EF1}
    2011-04-23 14:43 . 2011-04-23 14:43 -------- d-----w- c:\users\Bool\AppData\Local\{53242DD5-DFF9-4E0D-93AA-138C7F45D277}
    2011-04-23 02:42 . 2011-04-23 02:42 -------- d-----w- c:\users\Bool\AppData\Local\{8094A909-0159-412D-9C55-0C4D95869DCB}
    2011-04-22 14:42 . 2011-04-22 14:42 -------- d-----w- c:\users\Bool\AppData\Local\{A11D90A3-961F-4911-9C12-D369812A7617}
    2011-04-22 02:42 . 2011-04-22 02:42 -------- d-----w- c:\users\Bool\AppData\Local\{BB89B1D3-D339-44EE-9FD6-06D3F1C2C3D2}
    2011-04-21 17:30 . 2011-04-21 18:08 -------- d-----w- c:\programdata\ThumbnailCache4R
    2011-04-21 17:26 . 2011-04-21 17:26 -------- d-----w- c:\users\Bool\AppData\Roaming\Lexmark Productivity Studio
    2011-04-21 17:22 . 2011-05-04 19:26 -------- d-----w- c:\programdata\Lx_cats
    2011-04-21 17:22 . 2009-10-16 11:12 177664 ----a-w- c:\windows\system32\Spool\prtprocs\x64\lxdxdrpp.dll
    2011-04-21 17:20 . 2009-10-16 08:28 745984 ----a-w- c:\windows\system32\lxdxcoin.dll
    2011-04-21 17:20 . 2008-05-14 17:41 1462272 ----a-w- c:\windows\system32\lxdxg.dll
    2011-04-21 17:20 . 2011-04-21 17:20 -------- d-----w- C:\drivers
    2011-04-21 15:44 . 2011-04-21 15:44 -------- d-----w- c:\users\Bool\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
    2011-04-21 15:44 . 2011-04-21 15:44 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
    2011-04-21 15:43 . 2011-04-21 15:43 -------- d-----w- c:\users\Bool\AppData\Local\Adobe
    2011-04-21 14:42 . 2011-04-21 14:42 -------- d-----w- c:\users\Bool\AppData\Local\{0D327EE2-34F2-4278-9FF3-2BF2C934C830}
    2011-04-21 02:41 . 2011-04-21 02:42 -------- d-----w- c:\users\Bool\AppData\Local\{0E9DFDAC-119C-410F-86A5-10BE37E6B887}
    2011-04-20 21:12 . 2011-04-20 21:12 2306328 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
    2011-04-20 21:12 . 2011-04-20 21:12 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2011-04-20 19:02 . 2011-04-20 19:02 -------- d-----w- c:\programdata\Splashtop
    2011-04-20 19:02 . 2011-04-20 19:02 -------- d-----w- c:\program files (x86)\Splashtop
    2011-04-20 19:02 . 2011-05-15 13:50 -------- d-----w- c:\program files (x86)\Downloaded Installations
    2011-04-20 14:41 . 2011-04-20 14:41 -------- d-----w- c:\users\Bool\AppData\Local\{009820CE-B03F-436E-9B69-C91D122F1489}
    2011-04-20 02:41 . 2011-04-20 02:41 -------- d-----w- c:\users\Bool\AppData\Local\{22AFDA94-94EC-4DD1-AB6C-AA5ECC377B87}
    2011-04-19 14:41 . 2011-04-19 14:41 -------- d-----w- c:\users\Bool\AppData\Local\{7C755DD6-CEF9-4838-9F76-7AAD01E7E056}
    2011-04-19 02:41 . 2011-04-19 02:41 -------- d-----w- c:\users\Bool\AppData\Local\{FD83D4C0-ED98-4B68-AFE0-76ECB9576519}
    2011-04-18 14:41 . 2011-04-18 14:41 -------- d-----w- c:\users\Bool\AppData\Local\{046EC97A-6DC8-4083-88A7-C45A56F77BE5}
    2011-04-18 02:40 . 2011-04-18 02:40 -------- d-----w- c:\users\Bool\AppData\Local\{4AA732C7-280A-4F0C-9262-18849A1E15E8}
    2011-04-17 14:40 . 2011-04-17 14:40 -------- d-----w- c:\users\Bool\AppData\Local\{A608215D-10DB-433B-A744-51D0BF46284C}
    .
    .
    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-05-16 15:58 . 2011-04-08 15:51 30528 ----a-w- c:\windows\GVTDrv64.sys
    2011-05-16 15:58 . 2011-04-08 15:51 25640 ----a-w- c:\windows\gdrv.sys
    2011-05-16 15:58 . 2011-04-10 13:44 151552 ----a-w- c:\windows\KMSEmulator.exe
    2011-04-28 17:55 . 2011-04-10 14:10 419840 ----a-w- c:\windows\system32\systemcpl.dll
    2011-04-28 17:55 . 2011-04-10 14:10 14848 ----a-w- c:\windows\system32\slwga.dll
    2011-04-28 17:55 . 2011-04-10 14:10 13824 ----a-w- c:\windows\SysWow64\slwga.dll
    2011-04-11 18:11 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-04-10 14:17 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2011-04-10 14:17 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2011-04-10 13:00 . 2011-04-10 13:00 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
    2011-04-10 13:00 . 2011-04-10 13:00 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
    2011-04-09 10:44 . 2011-04-09 10:44 2724120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2011-04-09 10:43 . 2011-04-09 10:43 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2011-04-09 10:43 . 2011-04-09 10:43 639296 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-04-09 08:07 . 2011-04-09 08:07 25640 ----a-w- c:\windows\etdrv.sys
    2011-04-09 06:04 . 2011-04-09 06:04 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-04-09 06:04 . 2011-04-09 06:04 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-04-09 06:04 . 2011-04-09 06:04 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2011-04-09 06:04 . 2011-04-09 06:04 85504 ----a-w- c:\windows\system32\iesetup.dll
    2011-04-09 06:04 . 2011-04-09 06:04 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2011-04-09 06:04 . 2011-04-09 06:04 76800 ----a-w- c:\windows\system32\tdc.ocx
    2011-04-09 06:04 . 2011-04-09 06:04 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2011-04-09 06:04 . 2011-04-09 06:04 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2011-04-09 06:04 . 2011-04-09 06:04 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2011-04-09 06:04 . 2011-04-09 06:04 603648 ----a-w- c:\windows\system32\vbscript.dll
    2011-04-09 06:04 . 2011-04-09 06:04 49664 ----a-w- c:\windows\system32\imgutil.dll
    2011-04-09 06:04 . 2011-04-09 06:04 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2011-04-09 06:04 . 2011-04-09 06:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-04-09 06:04 . 2011-04-09 06:04 448512 ----a-w- c:\windows\system32\html.iec
    2011-04-09 06:04 . 2011-04-09 06:04 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
    2011-04-09 06:04 . 2011-04-09 06:04 367104 ----a-w- c:\windows\SysWow64\html.iec
    2011-04-09 06:04 . 2011-04-09 06:04 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2011-04-09 06:04 . 2011-04-09 06:04 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2011-04-09 06:04 . 2011-04-09 06:04 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2011-04-09 06:04 . 2011-04-09 06:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-04-09 06:04 . 2011-04-09 06:04 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2011-04-09 06:04 . 2011-04-09 06:04 2303488 ----a-w- c:\windows\system32\jscript9.dll
    2011-04-09 06:04 . 2011-04-09 06:04 222208 ----a-w- c:\windows\system32\msls31.dll
    2011-04-09 06:04 . 2011-04-09 06:04 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
    2011-04-09 06:04 . 2011-04-09 06:04 173056 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-04-09 06:04 . 2011-04-09 06:04 165888 ----a-w- c:\windows\system32\iexpress.exe
    2011-04-09 06:04 . 2011-04-09 06:04 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2011-04-09 06:04 . 2011-04-09 06:04 160256 ----a-w- c:\windows\system32\wextract.exe
    2011-04-09 06:04 . 2011-04-09 06:04 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2011-04-09 06:04 . 2011-04-09 06:04 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2011-04-09 06:04 . 2011-04-09 06:04 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-04-09 06:04 . 2011-04-09 06:04 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2011-04-09 06:04 . 2011-04-09 06:04 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2011-04-09 06:04 . 2011-04-09 06:04 1389056 ----a-w- c:\windows\system32\wininet.dll
    2011-04-09 06:04 . 2011-04-09 06:04 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-04-09 06:04 . 2011-04-09 06:04 12288 ----a-w- c:\windows\system32\mshta.exe
    2011-04-09 06:04 . 2011-04-09 06:04 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2011-04-09 06:04 . 2011-04-09 06:04 114176 ----a-w- c:\windows\system32\admparse.dll
    2011-04-09 06:04 . 2011-04-09 06:04 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
    2011-04-09 06:04 . 2011-04-09 06:04 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2011-04-09 06:04 . 2011-04-09 06:04 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2011-04-09 06:04 . 2011-04-09 06:04 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2011-03-23 08:11 . 2011-04-08 16:42 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B300077F-A195-4085-A007-4C652B190A5C}\mpengine.dll
    2011-03-11 06:34 . 2011-04-13 15:29 1359872 ----a-w- c:\windows\system32\mfc42u.dll
    2011-03-11 06:34 . 2011-04-13 15:29 1395712 ----a-w- c:\windows\system32\mfc42.dll
    2011-03-11 05:33 . 2011-04-13 15:29 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
    2011-03-11 05:33 . 2011-04-13 15:29 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
    2011-03-08 06:29 . 2011-04-13 15:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
    2011-03-08 05:28 . 2011-04-13 15:29 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
    2011-03-04 06:19 . 2011-04-28 20:33 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2011-03-04 06:19 . 2011-04-28 20:33 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2011-03-03 06:24 . 2011-04-13 15:29 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
    2011-03-03 06:21 . 2011-04-13 15:29 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
    2011-03-03 05:36 . 2011-04-13 15:29 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
    2011-03-03 03:52 . 2011-04-13 15:29 3135488 ----a-w- c:\windows\system32\win32k.sys
    2011-03-01 10:12 . 2011-04-11 16:05 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
    2011-03-01 10:12 . 2011-04-11 16:05 33152 ----a-w- c:\windows\system32\LMIport.dll
    2011-03-01 10:12 . 2011-04-11 16:05 80768 ----a-w- c:\windows\system32\LMIinit.dll
    2011-02-28 06:09 . 2011-04-08 15:43 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
    2011-02-24 06:15 . 2011-04-13 15:29 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2011-02-24 05:38 . 2011-04-13 15:29 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
    2011-02-23 04:56 . 2011-04-13 15:28 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-02-23 04:56 . 2011-04-13 15:29 467456 ----a-w- c:\windows\system32\drivers\srv.sys
    2011-02-23 04:56 . 2011-04-13 15:29 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-02-23 04:55 . 2011-04-13 15:29 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-02-23 04:55 . 2011-04-13 15:28 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-02-23 04:55 . 2011-04-13 15:28 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2011-02-23 04:55 . 2011-04-13 15:28 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
    2011-02-22 10:59 . 2011-04-08 15:46 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
    2011-02-19 12:05 . 2011-04-09 05:59 1139200 ----a-w- c:\windows\system32\FntCache.dll
    2011-02-19 12:04 . 2011-04-09 05:59 1544192 ----a-w- c:\windows\system32\DWrite.dll
    2011-02-19 12:04 . 2011-04-09 05:59 902656 ----a-w- c:\windows\system32\d2d1.dll
    2011-02-19 12:03 . 2011-04-13 15:29 46080 ----a-w- c:\windows\system32\atmlib.dll
    2011-02-19 09:00 . 2011-04-13 15:29 367616 ----a-w- c:\windows\system32\atmfd.dll
    2011-02-19 06:30 . 2011-04-09 05:59 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
    2011-02-19 06:30 . 2011-04-09 05:59 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
    2011-02-19 06:30 . 2011-04-13 15:29 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2011-02-19 04:34 . 2011-04-13 15:29 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
    2011-02-18 14:36 . 2011-02-18 14:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
    2011-02-18 14:36 . 2011-02-18 14:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
    .
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    2010-09-28 20:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
    .
    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
    "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
    "ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
    "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "BCSSync"="d:\installation programmes\Microsoft office 2010\Office14\BCSSync.exe" [2010-03-13 91520]
    "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe [2009-10-16 29184]
    R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
    R3 DfSdkS;Defragmentation-Service;d:\installation programmes\Ashampoo WinOptimizer 8\DfsdkS64.exe [2011-05-12 544768]
    R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872]
    R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-04-09 25640]
    R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-05-16 30528]
    R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-03-10 311744]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;d:\installation programmes\Microsoft office 2010\Office14\GROOVE.EXE [2010-03-25 30969208]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 WO_LiveService;Ashampoo LiveTuner Service;d:\installation programmes\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-05-12 884608]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
    S2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;d:\installation programmes\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys [2011-05-12 12824]
    S2 LMIGuardianSvc;LMIGuardianSvc;d:\installation programmes\LogMeIn\x64\LMIGuardianSvc.exe [2011-03-01 373640]
    S2 LMIInfo;LogMeIn Kernel Information Provider;d:\installation programmes\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
    S2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe [2009-10-16 1039872]
    S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]
    S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2011-05-11 1771336]
    S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-03-08 341832]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
    S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [x]
    S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [x]
    S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    S3 radpms;Driver for RADPMS Device;c:\windows\system32\DRIVERS\radpms.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    Contenu du dossier 'Tâches planifiées'
    .
    2011-05-16 c:\windows\Tasks\AutoKMS.job
    - c:\windows\AutoKMS\AutoKMS.exe [2011-04-10 13:44]
    .
    2011-05-16 c:\windows\Tasks\AutoKMSDaily.job
    - c:\windows\AutoKMS\AutoKMS.exe [2011-04-10 13:44]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]
    2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-05 444752]
    .
    [HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
    "LogMeIn GUI"="d:\installation programmes\LogMeIn\x64\LogMeInSystray.exe" [2010-09-17 57928]
    "lxdxmon.exe"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe" [2010-02-03 672424]
    "lxdxamon"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe" [2010-02-03 16040]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2010-08-23 2552320]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Examen supplémentaire -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://mythos-europe.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: &Envoyer à OneNote - d:\instal~1\MICROS~1\Office14\ONBttnIE.dll/105
    IE: E&xporter vers Microsoft Excel - d:\instal~1\MICROS~1\Office14\EXCEL.EXE/3000
    FF - ProfilePath - c:\users\Bool\AppData\Roaming\Mozilla\Firefox\Profiles\1v62jq6a.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    user_pref(surfcanyon.inst_id,'fdb9f4f1733f463a');
    user_pref(surfcanyon.inst_timestamp,09 04 2011 Saturday 7 47 20);
    user_pref(surfcanyon.partner_code,'AFA');
    user_pref(extensions.kwiclick.channel.campaign,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.content,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.id,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.cse,'009607407620987551725:3hfwsbgoj80');
    user_pref(extensions.kwiclick.channel.medium,'cpa');
    user_pref(extensions.kwiclick.channel.source,'AddonFoxInt');
    user_pref(extensions.kwiclick.channel.set,true);
    .
    - - - - ORPHELINS SUPPRIMES - - - -
    .
    URLSearchHooks-{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
    Wow6432Node-HKCU-Run-cacaoweb - c:\users\Bool\AppData\Roaming\cacaoweb\cacaoweb.exe
    Wow6432Node-HKCU-Run-W6RHW3IVYITR8 - c:\users\Bool\AppData\Roaming\TN7EN7H4A66.exe
    Wow6432Node-HKLM-Run-W6RHW3IVYITR8 - c:\users\Bool\AppData\Roaming\TN7EN7H4A66.exe
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    .
    .
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Heure de fin: 2011-05-16 20:32:10
    ComboFix-quarantined-files.txt 2011-05-16 18:32
    .
    Avant-CF: 34 890 825 728 octets libres
    Après-CF: 34 625 482 752 octets libres
    .
    - - End Of File - - 7908FA89A9FCC6D282CA7A1A598EBF06
    0
  4. Vent d'ouest Messages postés 714 Statut Membre 41
     
    Ok gdbob....

    L'outil que ns venons d'"utiliser a bien travaillé !

    La détection de Antivir à savoir :

    c:\users\Bool\AppData\Roaming\TN7EN7H4A66.exe , a été virée...

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

    c:\users\Bool\AppData\Roaming\TN7EN7H4A66.exe

    mais il en reste ....

    1)
    Télécharge MBAM et installe le selon l'emplacement par défaut
    http://www.malwarebytes.org/mbam.php
    * Effectue la mise à jour et lance Malwarebytes' Anti-Malware
    * Clique dans l'onglet du haut "Recherche"
    * Coche l'option "Exécuter un examen rapide" puis sur le bouton "Rechercher"
    * Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

    A la fin de l'analyse, si MBAM n'a rien trouvé :

    * Clique sur OK, le rapport s'ouvre spontanément

    Si des menaces ont été détectées :

    * Clique sur OK puis "Afficher les résultats"
    * Choisis l'option "Supprimer la sélection"
    * Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
    * Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
    * Sinon le rapport s'ouvre automatiquement après la suppression

    Quelque soit le résultat, copie/colle le rapport dans le prochain message

    2)
    * Télécharge de AD-Remover sur ton Bureau. (Merci à C_XX)
    http://www.teamxscript.org/adremoverTelechargement.html

    /!\ Déconnecte-toi d'internet et ferme toutes applications en cours /!\

    Désactive provisoirement et seulement le temps de l'utilisation de ADremover, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    - Double-clique sur l'icône Ad-remover située sur ton Bureau.
    - Sur la page, clique sur le bouton « NETTOYER »
    - Confirme lancement du scan
    - Laisse travailler l'outil.
    - Poste le rapport qui apparaît à la fin.

    (Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. gdbod Messages postés 14 Statut Membre
     
    le rapport MBAM :

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6592

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    16/05/2011 21:17:14
    mbam-log-2011-05-16 (21-17-14).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 154775
    Temps écoulé: 46 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    et le rapport ad-Remover :
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:42:03 le 16/05/2011, Mode normal

    Microsoft Windows 7 Professionnel Service Pack 1 (X64)
    Bool@BOOL-PC (Gigabyte Technology Co., Ltd. P61-USB3-B3)

    ============== ACTION(S) ==============

    Dossier supprimé: C:\Users\Bool\AppData\Roaming\Mozilla\FireFox\Profiles\1v62jq6a.default\conduit
    Dossier supprimé: C:\Program Files (x86)\Ask.com
    Dossier supprimé: C:\Users\Bool\AppData\LocalLow\AskToolbar

    (!) -- Fichiers temporaires supprimés.

    -- Fichier ouvert: C:\Users\Bool\AppData\Roaming\Mozilla\FireFox\Profiles\1v62jq6a.default\Prefs.js --
    Ligne supprimée: user_pref("CT2851639.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\"...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", ...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639",...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2851639/CT2851639...
    Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"634...
    Ligne supprimée: user_pref("CommunityToolbar.EngineOwner", "CT2851639");
    Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerGuid", "{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}");
    Ligne supprimée: user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar_fr");
    Ligne supprimée: user_pref("CommunityToolbar.IsEngineShown", true);
    Ligne supprimée: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
    Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwner", "");
    Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
    Ligne supprimée: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
    Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe...
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2851639");
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2851639");
    Ligne supprimée: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 09 2011 12:20:10 GMT+02...
    Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
    Ligne supprimée: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Apr 09 2011 14:19:24 GMT+0200");
    Ligne supprimée: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Ligne supprimée: user_pref("CommunityToolbar.alert.locale", "en");
    Ligne supprimée: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
    Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Apr 09 2011 12:20:07 GMT+0200");
    Ligne supprimée: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
    Ligne supprimée: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
    Ligne supprimée: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Ligne supprimée: user_pref("CommunityToolbar.alert.showTrayIcon", false);
    Ligne supprimée: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
    Ligne supprimée: user_pref("CommunityToolbar.alert.userId", "0d91d3cf-533a-4d9f-9551-aee7e80e938c");
    Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Apr 09 2011 12:20:08 GMT+0200");
    Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "ba245702-7d4e-4d96-b200-92b2e36bed7e");
    Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Ligne supprimée: user_pref("extensions.asktb.cbid", "F4");
    Ligne supprimée: user_pref("extensions.asktb.crumb", "2011.04.12+10.46.55-toolbar001iad-FR-UG9pdGllcnMsRnJhbmNl");
    Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
    Ligne supprimée: user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
    Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
    Ligne supprimée: user_pref("extensions.asktb.l", "dis");
    Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1302630415867");
    Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
    Ligne supprimée: user_pref("extensions.asktb.o", "101699");
    Ligne supprimée: user_pref("extensions.asktb.options-lang", "fr");
    Ligne supprimée: user_pref("extensions.asktb.options-locale", "UK");
    Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
    Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
    Ligne supprimée: user_pref("extensions.asktb.r", "4");
    Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", false);
    -- Fichier Fermé --

    Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé supprimée: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
    Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
    Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKCU\Software\Ask.com
    Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
    Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar
    Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [4.0.1 (fr)] ****

    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Components\browsercomps.dll (Mozilla Foundation)

    -- C:\Users\Bool\AppData\Roaming\Mozilla\FireFox\Profiles\1v62jq6a.default --
    Extensions\cacaoweb@cacaoweb.org (cacaoweb)
    Extensions\LogMeInClient@logmein.com (LogMeIn, Inc. Remote Access Plugin)
    Prefs.js - browser.download.dir, D:\\Téléchargement
    Prefs.js - browser.startup.homepage, hxxp://www.google.com/
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
    Prefs.js - keyword.URL, hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
    HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - D:\Installation programmes\Veetle\Player\vtl_hfs.exe (?)
    HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - D:\Installation programmes\Veetle\Player\player.exe (?)
    HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - D:\Installation programmes\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - D:\Installation programmes\Veetle\Player\vtl_hfs.exe (?)
    HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - D:\Installation programmes\Veetle\Player\player.exe (?)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
    HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - D:\Installation programmes\Veetle\Player\vtl_hfax.exe (?)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 34 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 16/05/2011 21:44:13 (11410 Octet(s))

    Fin à: 21:44:46, 16/05/2011

    ============== E.O.F ==============
    0
  7. Vent d'ouest Messages postés 714 Statut Membre 41
     
    Merci....

    Peux tu me refaire un nouveau ZHPdiag et me dire ou en sont tes soucis stp?
    0
  8. gdbod Messages postés 14 Statut Membre
     
    je n'ai pour l'instant pas fait de zhpdiag, comment dois-je procéder.

    encore merci.
    0
  9. gdbod Messages postés 14 Statut Membre
     
    c'est bon je suis entrain de faire le diag.
    0
  10. Vent d'ouest Messages postés 714 Statut Membre 41
     
    Effectivement....

    Pour un diagnostic du pc:

    Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau
    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

    Une fois le téléchargement achevé, double clique sur ZHPDiag.exe et suis les instructions.

    /!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »

    N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
    - Double clique sur le raccourci ZHPDiag sur ton Bureau pour le lancer.
    (/!\L'outil a créé 2 icônes ZHPDiag et ZHPFix)
    - Clique sur la loupe pour lancer l'analyse.
    - Laisse l'outil travailler, il peut être assez long.
    - Ferme ZHPDiag en fin d'analyse.
    - Pour transmettre le rapport clique sur ce lien : http://www.cijoint.fr/
    - Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
    - Sélectionne le fichier ZHPDiag.txt.
    - Clique sur "Cliquez ici pour déposer le fichier".
    - Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt est ajouté dans la page.
    - Copie ce lien dans ta réponse.
    0
  11. gdbod Messages postés 14 Statut Membre
     
    Voici le rapport posté en plusieurs parties :

    Rapport de ZHPDiag v1.27.204 par Nicolas Coolman, Update du 14/05/2011
    Run by Bool at 16/05/2011 22:21:53
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

    ---\\ Web Browser
    MSIE: Internet Explorer v9.0.8112.16421
    MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut)

    ---\\ System Information
    Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
    Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 4079 MB (68% free)
    System Restore: Activé (Enable)
    System drive C: has 32 GB (55%) free of 58 GB

    ---\\ Logged in mode
    Computer Name: BOOL-PC
    User Name: Bool
    All Users Names: LogMeInRemoteUser, Bool, Administrateur,
    Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    %AppData%=C:\Users\Bool\AppData\Roaming
    %LocalAppData%=C:\Users\Bool\AppData\Local
    %StartMenu%=C:\Users\Bool\AppData\Roaming\Microsoft\Windows\Start Menu

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 58 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 363 Go of 407 Go)
    E:\ CD-ROM drive (Not Inserted)
    F:\ CD-ROM drive (Free 0 Go of 7 Go)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

    ---\\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
    [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
    [MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.09/04/2011 07:04:15.) -- C:\Windows\system32\wininet.dll [1126912]

    ---\\ Processus lancés
    [MD5.BE0D4F98717DBAABBE0A785C9B854F21] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe [672424]
    [MD5.94FC17328A678EC9C2B0BCF3E4C4C538] - (.Pas de propriétaire - Printer Card Transfer Monitor.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxMsdMon.exe [25256]
    [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768]
    [MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [249064]
    [MD5.D2AEADFD998706B4216315B2BD3FA79E] - (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920]
    [MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632]
    [MD5.AC42E793F760034FC6F0BACB17E94003] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [646144]

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    M3 - MFPP: Plugins - [Bool] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
    M3 - MFPP: Plugins - [Bool] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
    M3 - MFPP: Plugins - [Bool] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
    M3 - MFPP: Plugins - [Bool] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
    M3 - MFPP: Plugins - [Bool] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
    M3 - MFPP: Plugins - [Bool] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
    M3 - MFPP: Plugins - [Bool] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
    P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.dll
    M0 - MFSP: prefs.js [Bool - 1v62jq6a.default] https://www.google.com/?gws_rd=ssl
    M2 - MFEP: prefs.js [Bool - 1v62jq6a.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.15 (.http://www.cacaoweb.org/
    M2 - MFEP: prefs.js [Bool - 1v62jq6a.default\LogMeInClient@logmein.com] [] LogMeIn, Inc. Remote Access Plugin v1.0.0.652 (.LogMeIn, Inc..)

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
    R0 - HKUS\S-1-5-21-724938534-2859154375-2452524616-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
    R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
    R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
    R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

    ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: GBHO.BHO [64Bits] - {45d30484-7ded-43d9-957a-d2fd1f046511} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- mscoree.dll
    O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: Smart Recovery 2 [64Bits] - {1d09c093-f71e-43c3-b948-19316cbd695e} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

    ---\\ ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    O4 - HKLM\..\Run: [LogMeIn GUI] . (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- D:\Installation programmes\LogMeIn\x64\LogMeInSystray.exe
    O4 - HKLM\..\Run: [lxdxmon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
    O4 - HKLM\..\Run: [lxdxamon] . (...) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe
    O4 - HKLM\..\RunOnce: [RPMKickstart] . (.Gigabyte Technology CO., LTD. - Smart Recovery Kickstart Application.) -- C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
    O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
    O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Wow6432Node\Run: [ATICustomerCare] . (.Advanced Micro Devices, Inc. - ATI Customer Care.) -- C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe
    O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- D:\Installation programmes\Microsoft office 2010\Office14\BCSSync.exe
    O4 - HKLM\..\Wow6432Node\Run: [ISUSScheduler] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
    O4 - HKUS\S-1-5-21-724938534-2859154375-2452524616-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
    O4 - HKUS\S-1-5-21-724938534-2859154375-2452524616-1000\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe
    O4 - HKUS\S-1-5-21-724938534-2859154375-2452524616-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

    ---\\ ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Users\Bool\Desktop\AD-R.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe
    O4 - Global Startup: C:\Users\Bool\Desktop\HiJackThis.lnk . (.Trend Micro Inc..) -- C:\Users\Bool\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    O4 - Global Startup: C:\Users\Bool\Desktop\Ordinateur.lnk - Clé orpheline

    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- D:\INSTAL~1\MICROS~1\Office14\ONBttnIE.dll
    O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- D:\INSTAL~1\MICROS~1\Office14\EXCEL.exe

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll
    O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~1\Office14\ONBTTN~1.dll

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
    O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
    O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
    O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
    O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
    O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C405522D-F779-4365-ABDD-3033BA698CD0}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CS1\Services\Tcpip\..\{C405522D-F779-4365-ABDD-3033BA698CD0}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CS2\Services\Tcpip\..\{C405522D-F779-4365-ABDD-3033BA698CD0}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240

    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: C:\Windows\system32\Alg.exe (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
    O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: (AppleChargerSrv) . (...) - C:\system32\AppleChargerSrv.exe
    O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: (DfSdkS) . (.mst software GmbH, Germany - mst Defrag SDK Service.) - D:\Installation programmes\Ashampoo WinOptimizer 8\DfsdkS64.exe
    O23 - Service: (IDriverT) . (.Macrovision Corporation - IDriverT Module.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (64-bit).) - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - D:\Installation programmes\LogMeIn\x64\LMIGuardianSvc.exe
    O23 - Service: (LMIMaint) . (.LogMeIn, Inc. - LogMeIn Maintenance Service.) - D:\Installation programmes\LogMeIn\x64\RaMaint.exe
    O23 - Service: (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: (LogMeIn) . (.LogMeIn, Inc. - LogMeIn.) - D:\Installation programmes\LogMeIn\x64\LogMeIn.exe
    O23 - Service: (lxdxCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\Windows\system32\spool\DRIVERS\x64\3\lxdxserv.exe
    O23 - Service: (lxdx_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxdxcoms.exe
    O23 - Service: (maconfservice) . (.CybelSoft - Service de détection matériel.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe
    O23 - Service: (Microsoft SharePoint Workspace Audit Service) - Clé orpheline
    O23 - Service: (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: (Smart TimeLock) . (.Gigabyte Technology CO., LTD. - Smart TimeLock Service.) - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
    O23 - Service: (SplashtopRemoteService) . (.Splashtop Inc. - Splashtop® Remote Streamer Service.) - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    O23 - Service: (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    O23 - Service: (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe
    O23 - Service: (WO_LiveService) . (...) - D:\Installation programmes\Ashampoo WinOptimizer 8\LiveTunerService.exe

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(...) - (.not file.)

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMSDaily.job
    [MD5.CCA616647DB9370C88998AE25DA6997F] [APT] [AutoKMS] (.Pas de propriétaire.) -- C:\Windows\AutoKMS\AutoKMS.exe
    [MD5.CCA616647DB9370C88998AE25DA6997F] [APT] [AutoKMSDaily] (.Pas de propriétaire.) -- C:\Windows\AutoKMS\AutoKMS.exe
    [MD5.415BE7CBC49A34E501D869706E01E656] [APT] [Installation App Launcher] (.Pas de propriétaire.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe
    [MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (.Pas de propriétaire.) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.)

    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
    O41 - Driver: (AppleCharger) . (...) - C:\Windows\System32\DRIVERS\AppleCharger.sys
    O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
    O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
    O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
    O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
    O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
    O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
    O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
    O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
    O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
    O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
    O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
    O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
    O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
    O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
    O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
    O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
    O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
    O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
    O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
    0
  12. gdbod Messages postés 14 Statut Membre
     
    ---\\ Logiciels installés (O42)
    O42 - Logiciel: @BIOS - (.GIGABYTE.) [HKLM][64Bits] -- {B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}
    O42 - Logiciel: AMD Drag and Drop Transcoding - (.ATI Technologies Inc..) [HKLM] -- {6A9B5F9E-CAF3-2264-9DA0-E374F9A34279}
    O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {AE57C044-8912-A181-A0E4-BC2DAB3A092A}
    O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM][64Bits] -- {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
    O42 - Logiciel: ATI Stream SDK v2 Developer - (.ATI Technologies Inc..) [HKLM] -- {22441735-5983-AD2A-5CC5-FA2CCD7EF732}
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
    O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
    O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
    O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
    O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8F473675-D702-45F9-8EBC-342B40C17BF5}
    O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
    O42 - Logiciel: Ashampoo WinOptimizer 8 v.8.05 - (.Ashampoo GmbH & Co. KG.) [HKLM][64Bits] -- Ashampoo WinOptimizer 8_is1
    O42 - Logiciel: Assassin's Creed Brotherhood - (.Ubisoft.) [HKLM][64Bits] -- {BE4BA698-8533-4F77-9559-C7F3F78C0B05}
    O42 - Logiciel: AutoGreen B10.1021.1 - (.GIGABYTE.) [HKLM][64Bits] -- InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}
    O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM][64Bits] -- Avira AntiVir Desktop
    O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}
    O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
    O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {5FD89EA1-99C2-40EE-BBF5-20F8991ED756}
    O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}
    O42 - Logiciel: Easy Tune 6 B10.1216.1 - (.GIGABYTE.) [HKLM][64Bits] -- InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}
    O42 - Logiciel: Etron USB3.0 Host Controller - (.Etron Technology.) [HKLM][64Bits] -- InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
    O42 - Logiciel: Etron USB3.0 Host Controller - (.Etron Technology.) [HKLM][64Bits] -- {DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
    O42 - Logiciel: Foxit Reader - (.Foxit Corporation.) [HKLM][64Bits] -- Foxit Reader
    O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
    O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 - Logiciel: Internet TV pour Windows Media Center - (.Microsoft Corporation.) [HKLM][64Bits] -- {9D318C86-AF4C-409F-A6AC-7183FF4CF424}
    O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF}
    O42 - Logiciel: Lexmark 3600-4600 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark 3600-4600 Series
    O42 - Logiciel: LogMeIn - (.LogMeIn, Inc..) [HKLM][64Bits] -- {65179FD8-04C0-40A7-87FC-007F2CD5BF1E}
    O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM][64Bits] -- {0810B8B7-7539-41D3-983E-6127FCF1CC9E}
    O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
    O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
    O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0015-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0016-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00BA-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0044-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Office 64-bit Components 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-00A1-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001A-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0018-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.PROPLUSR
    O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0401-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0413-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0409-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0407-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001F-0C0A-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-002C-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-0019-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-040C-1000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-006E-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90140000-001B-040C-0000-0000000FF1CE}
    O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM][64Bits] -- {770657D0-A123-3C07-8E44-1C83EC895118}
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
    O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM][64Bits] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
    O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
    O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
    O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 4.0.1 (x86 fr)
    O42 - Logiciel: Mythos - (.Frogster Online Gaming GmbH.) [HKLM][64Bits] -- {A2F166A0-F031-4E27-A057-C69733219435}_is1
    O42 - Logiciel: ON_OFF Charge B11.0110.1 - (.GIGABYTE.) [HKLM][64Bits] -- {3DECD372-76A1-4483-BF10-B547790A3261}
    O42 - Logiciel: Portal 2 - (.Pas de propriétaire.) [HKLM][64Bits] -- Postal 2_is1
    O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
    O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
    O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
    O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
    O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2466146) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4D3B2D30-46D3-4DC0-BA73-85306B10E0AE}
    O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{1D1A4F08-2F17-475B-BA72-476CE5992FEE}
    O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289161) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F134C2C6-30B3-4169-A325-58482B4CE6FC}
    O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}
    O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{C3C277D5-36E3-4B1A-926A-175B2BC019CF}
    O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}
    O42 - Logiciel: Smart 6 B10.1221.1 - (.GIGABYTE.) [HKLM][64Bits] -- {3B35725F-C623-4A1E-B5CC-99C0868679E3}
    O42 - Logiciel: Splashtop Remote - (.Splashtop Inc..) [HKLM][64Bits] -- InstallShield_{94A1911F-CD2F-4B9C-B171-2B43DCD213AA}
    O42 - Logiciel: Splashtop Remote - (.Splashtop Inc..) [HKLM][64Bits] -- {94A1911F-CD2F-4B9C-B171-2B43DCD213AA}
    O42 - Logiciel: System Requirements Lab CYRI - (.Husdawg, LLC.) [HKLM][64Bits] -- {679F739E-5C76-4A41-B562-F9392156B6DD}
    O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM][64Bits] -- {888F1505-C2B3-4FDE-835D-36353EBD4754}
    O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{556146F7-74AE-4E0A-B64F-5B8B93469F61}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B5516874-E926-4BFD-B412-D0E70112F244}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D6CE7280-6EE3-419A-8F47-DB111C040B1B}
    O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}
    O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{309EEC22-83CE-4109-B019-BA9392FAA322}
    O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2441641) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}
    O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
    O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM][64Bits] -- Veetle TV
    O42 - Logiciel: WMV9/VC-1 Video Playback - (.ATI Technologies Inc..) [HKLM] -- {5E2BDF97-E0C7-75AE-29E1-5EA9DA262F2F}
    O42 - Logiciel: WinRAR 4.00 (64-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
    O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM][64Bits] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
    O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM][64Bits] -- {EF70C3CE-C4DD-B78B-6381-0FED2DBAC5B8}
    O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite
    O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
    O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
    O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}
    O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
    O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {D07A61E5-A59C-433C-BCBD-22025FA2287B}
    O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
    O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
    O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {83C292B7-38A5-440B-A731-07070E81A64F}
    O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
    O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM][64Bits] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
    O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM][64Bits] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
    O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM][64Bits] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
    O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
    O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {05E379CC-F626-4E7D-8354-463865B303BF}
    O42 - Logiciel: [HKLM\Software\Postal 2_is1] - (.Pas de propriétaire.) [HKLM][64Bits] -- PunkBusterSvc
    O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {9545E9DB-6F4C-4404-BF25-E221BE8B44C5}
    O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM][64Bits] -- uTorrent

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\AMD]
    [HKCU\Software\ATI]
    [HKCU\Software\Ad-Remover]
    [HKCU\Software\Alcohol Soft]
    [HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
    [HKCU\Software\AppDataLow\Software]
    [HKCU\Software\AppDataLow]
    [HKCU\Software\Apple Computer, Inc.]
    [HKCU\Software\Apple Inc.]
    [HKCU\Software\Ashampoo]
    [HKCU\Software\Avira]
    [HKCU\Software\BitTorrent]
    [HKCU\Software\Classes]
    [HKCU\Software\Clients]
    [HKCU\Software\DownloadCenter]
    [HKCU\Software\Foxit Software]
    [HKCU\Software\Frogster Online Gaming]
    [HKCU\Software\Gigabyte]
    [HKCU\Software\HookNetwork]
    [HKCU\Software\IM Providers]
    [HKCU\Software\InstallShield]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\LexmarkInkjet]
    [HKCU\Software\Local AppWizard-Generated Applications]
    [HKCU\Software\LogMeIn]
    [HKCU\Software\Macromedia]
    [HKCU\Software\Malwarebytes' Anti-Malware]
    [HKCU\Software\Mozilla]
    [HKCU\Software\Mth]
    [HKCU\Software\Netscape]
    [HKCU\Software\ODBC]
    [HKCU\Software\Piriform]
    [HKCU\Software\Policies]
    [HKCU\Software\Realtek]
    [HKCU\Software\Splashtop Inc.]
    [HKCU\Software\StarSynergy]
    [HKCU\Software\SuperSoftwarePackage]
    [HKCU\Software\Sysinternals]
    [HKCU\Software\System Requirements Lab]
    [HKCU\Software\Trend Micro]
    [HKCU\Software\Valve]
    [HKCU\Software\Veetle]
    [HKCU\Software\Wget]
    [HKCU\Software\WinRAR SFX]
    [HKCU\Software\WinRAR]
    [HKCU\Software\Wow6432Node]
    [HKCU\Software\YahooPartnerToolbar]
    [HKCU\Software\cacaoweb]
    [HKCU\Software\cybelsoft]
    [HKLM\Software\AMD]
    [HKLM\Software\ATI Technologies]
    [HKLM\Software\ATI]
    [HKLM\Software\Adobe]
    [HKLM\Software\Alcohol Soft]
    [HKLM\Software\Apple Computer, Inc.]
    [HKLM\Software\Apple Inc.]
    [HKLM\Software\Ashampoo]
    [HKLM\Software\Avira]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\Creative Tech]
    [HKLM\Software\Even Balance]
    [HKLM\Software\Foxit Software]
    [HKLM\Software\Frogster Online Gaming]
    [HKLM\Software\GEAR Software]
    [HKLM\Software\GIGABYTE]
    [HKLM\Software\Google]
    [HKLM\Software\InstallShield]
    [HKLM\Software\Intel]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\Khronos]
    [HKLM\Software\LexmarkInkjet]
    [HKLM\Software\Lexmark]
    [HKLM\Software\LogMeIn, Inc.]
    [HKLM\Software\LogMeIn]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Malwarebytes' Anti-Malware]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\Mth]
    [HKLM\Software\Nevron]
    [HKLM\Software\ODBC]
    [HKLM\Software\Piriform]
    [HKLM\Software\Policies]
    [HKLM\Software\RTLSetup]
    [HKLM\Software\Realtek Semiconductor Corp.]
    [HKLM\Software\Realtek]
    [HKLM\Software\RegisteredApplications]
    [HKLM\Software\SRS Labs]
    [HKLM\Software\Sonic]
    [HKLM\Software\Splashtop Inc.]
    [HKLM\Software\Swearware]
    [HKLM\Software\TrendMicro]
    [HKLM\Software\Ubisoft]
    [HKLM\Software\Valve]
    [HKLM\Software\Veetle]
    [HKLM\Software\VideoLAN]
    [HKLM\Software\Waves Audio]
    [HKLM\Software\WinRAR]
    [HKLM\Software\Wow6432Node]
    [HKLM\Software\X-AVCSD]
    [HKLM\Software\cybelsoft]
    [HKLM\Software\mozilla.org]
    [HKLM\Software\swearware]

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 08/04/2011 - 17:58:36 - [23410969] ----D- C:\Program Files\ATI
    O43 - CFD: 08/04/2011 - 17:59:06 - [28] ----D- C:\Program Files\ATI Technologies
    O43 - CFD: 09/04/2011 - 11:17:24 - [195920] ----D- C:\Program Files\Bonjour
    O43 - CFD: 16/05/2011 - 17:57:24 - [7278424] ----D- C:\Program Files\CCleaner
    O43 - CFD: 16/05/2011 - 20:29:44 - [106985228] ----D- C:\Program Files\Common Files
    O43 - CFD: 10/04/2011 - 16:29:18 - [90256916] ----D- C:\Program Files\DVD Maker
    O43 - CFD: 08/04/2011 - 17:31:02 - [0] -SH-D- C:\Program Files\Fichiers communs
    O43 - CFD: 08/04/2011 - 17:48:38 - [47900138] ----D- C:\Program Files\GIGABYTE
    O43 - CFD: 09/04/2011 - 08:05:56 - [6436368] ----D- C:\Program Files\Internet Explorer
    O43 - CFD: 09/04/2011 - 11:18:10 - [1939563] ----D- C:\Program Files\iPod
    O43 - CFD: 09/04/2011 - 11:18:18 - [2345448] ----D- C:\Program Files\iTunes
    O43 - CFD: 21/04/2011 - 19:21:40 - [77154050] ----D- C:\Program Files\Lexmark 3600-4600 Series
    O43 - CFD: 10/04/2011 - 15:40:10 - [22869873] ----D- C:\Program Files\Microsoft Office
    O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
    O43 - CFD: 08/04/2011 - 17:44:46 - [17625312] ----D- C:\Program Files\Realtek
    O43 - CFD: 14/07/2009 - 07:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies
    O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
    O43 - CFD: 10/04/2011 - 16:29:16 - [4039680] ----D- C:\Program Files\Windows Defender
    O43 - CFD: 10/04/2011 - 16:29:18 - [9224824] ----D- C:\Program Files\Windows Journal
    O43 - CFD: 10/04/2011 - 16:29:18 - [6667776] ----D- C:\Program Files\Windows Mail
    O43 - CFD: 10/04/2011 - 16:29:18 - [7687085] ----D- C:\Program Files\Windows Media Player
    O43 - CFD: 08/04/2011 - 17:31:02 - [12627636] ----D- C:\Program Files\Windows NT
    O43 - CFD: 10/04/2011 - 16:29:18 - [5516056] ----D- C:\Program Files\Windows Photo Viewer
    O43 - CFD: 10/04/2011 - 16:29:18 - [244736] ----D- C:\Program Files\Windows Portable Devices
    O43 - CFD: 10/04/2011 - 16:29:18 - [7044767] ----D- C:\Program Files\Windows Sidebar
    O43 - CFD: 10/04/2011 - 04:34:40 - [5933677] ----D- C:\Program Files\WinRAR
    O43 - CFD: 09/04/2011 - 11:17:34 - [6246981] ----D- C:\Program Files\Common Files\Apple
    O43 - CFD: 08/04/2011 - 17:59:14 - [241928] ----D- C:\Program Files\Common Files\ATI Technologies
    O43 - CFD: 11/04/2011 - 20:11:48 - [87690558] ----D- C:\Program Files\Common Files\Microsoft Shared
    O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
    O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
    O43 - CFD: 14/07/2009 - 17:24:10 - [12194291] ----D- C:\Program Files\Common Files\System
    O43 - CFD: 21/04/2011 - 17:44:44 - [0] ----D- C:\ProgramData\Adobe
    O43 - CFD: 09/04/2011 - 11:31:12 - [37562904] ----D- C:\ProgramData\Apple
    O43 - CFD: 09/04/2011 - 11:18:10 - [65821472] ----D- C:\ProgramData\Apple Computer
    O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
    O43 - CFD: 08/04/2011 - 18:03:20 - [188] ----D- C:\ProgramData\ATI
    O43 - CFD: 08/04/2011 - 18:44:28 - [111347307] ----D- C:\ProgramData\Avira
    O43 - CFD: 08/04/2011 - 17:31:02 - [0] -SH-D- C:\ProgramData\Bureau
    O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
    O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
    O43 - CFD: 08/04/2011 - 17:31:02 - [0] -SH-D- C:\ProgramData\Favoris
    O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
    O43 - CFD: 08/04/2011 - 17:49:14 - [894] ----D- C:\ProgramData\InstallShield
    O43 - CFD: 16/05/2011 - 17:53:12 - [390405] ----D- C:\ProgramData\LogMeIn
    O43 - CFD: 04/05/2011 - 21:26:48 - [10871] ----D- C:\ProgramData\Lx_cats
    O43 - CFD: 08/04/2011 - 17:54:14 - [1210924] ----D- C:\ProgramData\ma-config.com
    O43 - CFD: 16/05/2011 - 21:13:48 - [6699137] ----D- C:\ProgramData\Malwarebytes
    O43 - CFD: 08/04/2011 - 17:31:02 - [0] -SH-D- C:\ProgramData\Menu Démarrer
    O43 - CFD: 28/04/2011 - 19:59:18 - [225456693] -S--D- C:\ProgramData\Microsoft
    O43 - CFD: 13/04/2011 - 17:37:38 - [66306] ----D- C:\ProgramData\Microsoft Help
    O43 - CFD: 08/04/2011 - 17:31:02 - [0] -SH-D- C:\ProgramData\Modèles
    O43 - CFD: 20/04/2011 - 21:02:52 - [0] ----D- C:\ProgramData\Splashtop
    O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
    O43 - CFD: 09/04/2011 - 18:46:20 - [154] ----D- C:\ProgramData\Sun
    O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
    O43 - CFD: 21/04/2011 - 20:08:54 - [0] ----D- C:\ProgramData\ThumbnailCache4R
    O43 - CFD: 10/04/2011 - 15:08:04 - [0] ----D- C:\ProgramData\Ubisoft
    O43 - CFD: 21/04/2011 - 17:44:42 - [2489352] ----D- C:\Users\Bool\AppData\Roaming\Adobe
    O43 - CFD: 09/04/2011 - 11:36:22 - [12376045] ----D- C:\Users\Bool\AppData\Roaming\Apple Computer
    O43 - CFD: 09/04/2011 - 13:27:32 - [0] ----D- C:\Users\Bool\AppData\Roaming\ATI
    O43 - CFD: 09/04/2011 - 10:47:24 - [0] ----D- C:\Users\Bool\AppData\Roaming\Avira
    O43 - CFD: 12/04/2011 - 19:41:04 - [0] ----D- C:\Users\Bool\AppData\Roaming\Foxit Software
    O43 - CFD: 21/04/2011 - 19:26:28 - [137375] ----D- C:\Users\Bool\AppData\Roaming\Lexmark Productivity Studio
    O43 - CFD: 09/04/2011 - 08:41:44 - [1989] ----D- C:\Users\Bool\AppData\Roaming\Macromedia
    O43 - CFD: 16/05/2011 - 21:13:54 - [2081] ----D- C:\Users\Bool\AppData\Roaming\Malwarebytes
    O43 - CFD: 28/04/2011 - 19:58:42 - [16184403] -S--D- C:\Users\Bool\AppData\Roaming\Microsoft
    O43 - CFD: 09/04/2011 - 08:31:22 - [22862296] ----D- C:\Users\Bool\AppData\Roaming\Mozilla
    O43 - CFD: 10/04/2011 - 15:00:44 - [835440] ----D- C:\Users\Bool\AppData\Roaming\PunkBuster
    O43 - CFD: 16/05/2011 - 17:57:24 - [1993732] ----D- C:\Users\Bool\AppData\Roaming\uTorrent
    O43 - CFD: 11/04/2011 - 19:02:40 - [1479734] ----D- C:\Users\Bool\AppData\Roaming\vlc
    O43 - CFD: 21/04/2011 - 17:44:44 - [2382490] ----D- C:\Users\Bool\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
    O43 - CFD: 10/04/2011 - 04:35:24 - [1237116] ----D- C:\Users\Bool\AppData\Roaming\WinRAR
    O43 - CFD: 10/04/2011 - 11:01:06 - [4] ----D- C:\Users\Bool\Appdata\Local\Activision
    O43 - CFD: 21/04/2011 - 17:43:26 - [228366] ----D- C:\Users\Bool\Appdata\Local\Adobe
    O43 - CFD: 09/04/2011 - 11:17:42 - [0] ----D- C:\Users\Bool\Appdata\Local\Apple
    O43 - CFD: 10/04/2011 - 04:53:26 - [17410385] ----D- C:\Users\Bool\Appdata\Local\Apple Computer
    O43 - CFD: 09/04/2011 - 08:43:54 - [61172] ----D- C:\Users\Bool\Appdata\Local\ATI
    O43 - CFD: 04/05/2011 - 21:05:50 - [126503] ----D- C:\Users\Bool\Appdata\Local\ElevatedDiagnostics
    O43 - CFD: 11/04/2011 - 18:05:30 - [0] ----D- C:\Users\Bool\Appdata\Local\LogMeIn
    O43 - CFD: 04/05/2011 - 21:21:56 - [124691179] ----D- C:\Users\Bool\Appdata\Local\Microsoft
    O43 - CFD: 10/04/2011 - 15:39:36 - [0] ----D- C:\Users\Bool\Appdata\Local\Microsoft Help
    O43 - CFD: 09/04/2011 - 08:31:20 - [50823202] ----D- C:\Users\Bool\Appdata\Local\Mozilla
    O43 - CFD: 15/05/2011 - 14:04:28 - [313] ----D- C:\Users\Bool\Appdata\Local\SKIDROW
    O43 - CFD: 16/05/2011 - 22:21:32 - [5764858] ----D- C:\Users\Bool\Appdata\Local\Temp
    O43 - CFD: 16/05/2011 - 21:46:16 - [0] ----D- C:\Users\Bool\Appdata\Local\VirtualStore
    O43 - CFD: 14/04/2011 - 08:43:38 - [36864] ----D- C:\Users\Bool\Appdata\Local\Windows Live
    O43 - CFD: 10/04/2011 - 11:53:20 - [77024550] ----D- C:\Program Files (x86)\Activision
    O43 - CFD: 16/05/2011 - 21:42:04 - [92577206] ----D- C:\Program Files (x86)\Ad-Remover
    O43 - CFD: 21/04/2011 - 17:44:42 - [56466] ----D- C:\Program Files (x86)\Adobe
    O43 - CFD: 10/04/2011 - 04:40:30 - [10822478] ----D- C:\Program Files (x86)\Alcohol Soft
    O43 - CFD: 08/04/2011 - 17:47:56 - [0] ----D- C:\Program Files (x86)\AMD
    O43 - CFD: 09/04/2011 - 11:17:40 - [2306366] ----D- C:\Program Files (x86)\Apple Software Update
    O43 - CFD: 08/04/2011 - 17:59:10 - [556132] ----D- C:\Program Files (x86)\ATI
    O43 - CFD: 08/04/2011 - 17:59:12 - [54221243] ----D- C:\Program Files (x86)\ATI Stream
    O43 - CFD: 08/04/2011 - 17:58:48 - [40623439] ----D- C:\Program Files (x86)\ATI Technologies
    O43 - CFD: 08/04/2011 - 18:44:28 - [119047042] ----D- C:\Program Files (x86)\Avira
    O43 - CFD: 09/04/2011 - 09:48:32 - [0] ----D- C:\Program Files (x86)\Babylon
    O43 - CFD: 09/04/2011 - 11:17:24 - [617144] ----D- C:\Program Files (x86)\Bonjour
    O43 - CFD: 16/05/2011 - 20:29:44 - [506822534] ----D- C:\Program Files (x86)\Common Files
    O43 - CFD: 15/05/2011 - 15:50:10 - [11148808] ----D- C:\Program Files (x86)\Downloaded Installations
    O43 - CFD: 08/04/2011 - 17:46:08 - [1171582] ----D- C:\Program Files (x86)\Etron Technology
    O43 - CFD: 08/04/2011 - 17:49:28 - [133694222] ----D- C:\Program Files (x86)\GIGABYTE
    O43 - CFD: 16/05/2011 - 17:57:24 - [38211705] --H-D- C:\Program Files (x86)\InstallShield Installation Information
    O43 - CFD: 08/04/2011 - 17:46:38 - [11188611] ----D- C:\Program Files (x86)\Intel
    O43 - CFD: 09/04/2011 - 11:17:54 - [6275704] ----D- C:\Program Files (x86)\Internet Explorer
    O43 - CFD: 09/04/2011 - 11:18:18 - [125826839] ----D- C:\Program Files (x86)\iTunes
    O43 - CFD: 10/04/2011 - 10:28:02 - [88363038] ----D- C:\Program Files (x86)\Java
    O43 - CFD: 21/04/2011 - 19:22:14 - [69973965] ----D- C:\Program Files (x86)\Lexmark 3600-4600 Series
    O43 - CFD: 21/04/2011 - 19:21:36 - [2315014] ----D- C:\Program Files (x86)\Lexmark Toolbar
    O43 - CFD: 08/04/2011 - 17:54:16 - [5657562] ----D- C:\Program Files (x86)\ma-config.com
    O43 - CFD: 10/04/2011 - 15:39:52 - [39848379] ----D- C:\Program Files (x86)\Microsoft Analysis Services
    O43 - CFD: 25/04/2011 - 20:29:10 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight
    O43 - CFD: 10/04/2011 - 15:41:36 - [1805760] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    O43 - CFD: 10/04/2011 - 15:41:36 - [793991] ----D- C:\Program Files (x86)\Microsoft Sync Framework
    O43 - CFD: 10/04/2011 - 15:41:56 - [326800] ----D- C:\Program Files (x86)\Microsoft Synchronization Services
    O43 - CFD: 10/04/2011 - 15:40:32 - [1378033] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
    O43 - CFD: 10/04/2011 - 16:38:50 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
    O43 - CFD: 30/04/2011 - 16:40:36 - [32660770] ----D- C:\Program Files (x86)\Mozilla Firefox
    O43 - CFD: 10/04/2011 - 15:42:10 - [26521] ----D- C:\Program Files (x86)\MSBuild
    O43 - CFD: 09/04/2011 - 11:17:52 - [76322555] ----D- C:\Program Files (x86)\QuickTime
    O43 - CFD: 08/04/2011 - 18:09:26 - [5936185] ----D- C:\Program Files (x86)\Realtek
    O43 - CFD: 14/07/2009 - 07:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies
    O43 - CFD: 20/04/2011 - 21:02:48 - [19444649] ----D- C:\Program Files (x86)\Splashtop
    O43 - CFD: 10/04/2011 - 04:06:56 - [479232] ----D- C:\Program Files (x86)\SystemRequirementsLab
    O43 - CFD: 08/04/2011 - 18:23:50 - [0] --H-D- C:\Program Files (x86)\Temp
    O43 - CFD: 16/05/2011 - 17:28:10 - [413812] ----D- C:\Program Files (x86)\Trend Micro
    O43 - CFD: 10/04/2011 - 15:00:12 - [19557952] ----D- C:\Program Files (x86)\Ubisoft
    O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
    O43 - CFD: 09/04/2011 - 12:02:40 - [399736] ----D- C:\Program Files (x86)\uTorrent
    O43 - CFD: 09/04/2011 - 09:48:14 - [82554289] ----D- C:\Program Files (x86)\VideoLAN
    O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender
    O43 - CFD: 11/04/2011 - 20:17:02 - [61030375] ----D- C:\Program Files (x86)\Windows Live
    O43 - CFD: 10/04/2011 - 16:29:22 - [6181376] ----D- C:\Program Files (x86)\Windows Mail
    O43 - CFD: 10/04/2011 - 16:29:22 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player
    O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
    O43 - CFD: 10/04/2011 - 16:29:22 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
    O43 - CFD: 10/04/2011 - 16:29:22 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices
    O43 - CFD: 10/04/2011 - 16:29:22 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar
    O43 - CFD: 16/05/2011 - 22:21:58 - [3829597] ----D- C:\Program Files (x86)\ZHPDiag
    O43 - CFD: 21/04/2011 - 17:44:42 - [31116142] ----D- C:\Program Files (x86)\Common Files\Adobe AIR
    O43 - CFD: 09/04/2011 - 11:18:10 - [98096419] ----D- C:\Program Files (x86)\Common Files\Apple
    O43 - CFD: 08/04/2011 - 17:59:14 - [198408] ----D- C:\Program Files (x86)\Common Files\ATI Technologies
    O43 - CFD: 10/04/2011 - 15:41:54 - [99136] ----D- C:\Program Files (x86)\Common Files\DESIGNER
    O43 - CFD: 08/04/2011 - 17:48:38 - [9345028] ----D- C:\Program Files (x86)\Common Files\InstallShield
    O43 - CFD: 10/04/2011 - 10:28:12 - [1247175] ----D- C:\Program Files (x86)\Common Files\Java
    O43 - CFD: 11/04/2011 - 20:11:12 - [209676464] ----D- C:\Program Files (x86)\Common Files\microsoft shared
    O43 - CFD: 08/04/2011 - 17:46:32 - [162236] ----D- C:\Program Files (x86)\Common Files\postureAgent
    O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
    O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
    O43 - CFD: 10/04/2011 - 15:40:06 - [10861683] ----D- C:\Program Files (x86)\Common Files\System
    O43 - CFD: 11/04/2011 - 20:08:46 - [104913358] ----D- C:\Program Files (x86)\Common Files\Windows Live
    0
  13. gdbod Messages postés 14 Statut Membre
     
    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.5C000000000000000000000068EF1800] - 16/05/2011 - 20:48:59 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1354291]
    O44 - LFC:[MD5.485055033BCDDFDE56325C0D2FEEA4F2] - 16/05/2011 - 20:46:03 ---A- . (...) -- C:\Windows\KMSEmulator.exe [151552]
    O44 - LFC:[MD5.7907E14F9BCF3A4689C9A74A1A873CB6] - 16/05/2011 - 20:46:02 ---A- . (.Windows (R) Server 2003 DDK provider - GIGABYTE Tools.) -- C:\Windows\gdrv.sys [25640]
    O44 - LFC:[MD5.9982DE5B241F4776F71698EB4D4FC7E9] - 16/05/2011 - 20:45:50 ---A- . (...) -- C:\Windows\setupact.log [168]
    O44 - LFC:[MD5.E8CDEAAC90FB1B5DA5E5CDD8B47DACD1] - 16/05/2011 - 20:45:45 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
    O44 - LFC:[MD5.F243654FA467C2589709C9A9395F2F99] - 16/05/2011 - 20:44:46 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [11550]
    O44 - LFC:[MD5.CDA7488584D6D2098F05B37F73B9D80F] - 16/05/2011 - 19:32:10 ---A- . (...) -- C:\ComboFix.txt [33849]
    O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 16/05/2011 - 19:31:15 ---A- . (...) -- C:\Windows\system.ini [215]
    O44 - LFC:[MD5.AE72E8619CB31D84DA25E2435E55003C] - 16/05/2011 - 19:27:28 ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [31232]
    O44 - LFC:[MD5.01D95A1F8CF13D07CC564AABB36BCC0B] - 16/05/2011 - 19:27:28 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [161792]
    O44 - LFC:[MD5.B7517DB073B28F5696A1E5528ABEB5D0] - 16/05/2011 - 19:27:28 ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [136704]
    O44 - LFC:[MD5.B1A9CF0B6F80611D31987C247EC630B4] - 16/05/2011 - 19:26:33 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\Windows\SWXCACLS.exe [212480]
    O44 - LFC:[MD5.8126331FBD4ED29EB3B356F9C905064D] - 16/05/2011 - 16:58:37 ---A- . (...) -- C:\Windows\GVTDrv64.sys [30528]
    O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/05/2011 - 16:54:39 ---A- . (...) -- C:\Windows\setuperr.log [0]
    O44 - LFC:[MD5.2322AC4F74D5033E8AF0EBD85DFC677B] - 14/05/2011 - 09:28:45 ---A- . (.mst software GmbH, Germany - mst Defrag SDK Boot.) -- C:\Windows\SysNative\DfSdkBt.exe [34304]
    O44 - LFC:[MD5.5E8BD3CD544F8AB0B9A3843114ED8301] - 04/05/2011 - 20:06:19 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]
    O44 - LFC:[MD5.2EEED9DB556A580D008C133988A10DFD] - 04/05/2011 - 20:06:19 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190]
    O44 - LFC:[MD5.F4987B1AFDACCE3D56B54D7165E7ED10] - 04/05/2011 - 20:06:19 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548]
    O44 - LFC:[MD5.0978E4F75377A469D024D85F61700A33] - 04/05/2011 - 20:06:19 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810]
    O44 - LFC:[MD5.E3296C607657B2E664732719A65ABF83] - 04/05/2011 - 20:06:19 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242]
    O44 - LFC:[MD5.A10C7A2FE64368251D8B96733AF5F504] - 21/04/2011 - 18:22:06 ---A- . (...) -- C:\Windows\SysNative\LexFiles.ulf [80368]
    O44 - LFC:[MD5.FDBFC8E6AADE302E1B475D343B46376F] - 21/04/2011 - 18:21:50 ---A- . (.Pas de propriétaire - VendorSetup.) -- C:\Windows\SysNative\lxdxvs.dll [109056]
    O44 - LFC:[MD5.CB9253F26497B08F50758A8C6EBB913C] - 21/04/2011 - 18:21:40 ---A- . (.Lexmark International - config.) -- C:\Windows\SysNative\lxdxcfg64.dll [65536]
    O44 - LFC:[MD5.96B87C87AA642E1D2D327B0BCA60DB6B] - 21/04/2011 - 18:21:40 ---A- . (.Pas de propriétaire - Data Retriever.) -- C:\Windows\SysNative\lxdxdrs64.dll [1024512]
    O44 - LFC:[MD5.F969B05D533BD336E87608BEFA49E847] - 21/04/2011 - 18:21:32 ---A- . (.Lexmark International, Inc. - Cu resource DLL.) -- C:\Windows\System32\lxdxcur.dll [36864]
    O44 - LFC:[MD5.F4C30C2554CADAB331F9537219CE67EC] - 21/04/2011 - 18:21:32 ---A- . (.Lexmark International, Inc. - Ins resource DLL.) -- C:\Windows\System32\lxdxinsr.dll [114688]
    O44 - LFC:[MD5.6C3B27F361E81A6371BA58278F83667E] - 21/04/2011 - 18:21:32 ---A- . (.Lexmark International, Inc. - Jsw resource DLL.) -- C:\Windows\System32\lxdxjswr.dll [151552]
    O44 - LFC:[MD5.123C88D04DEAA92844FC7A74E7CCB8D6] - 21/04/2011 - 18:21:32 ---A- . (.Lexmark International, Inc. - Lexmark WebUpdater Dynamic Link Library.) -- C:\Windows\SysNative\lxdxwupd.dll [110592]
    O44 - LFC:[MD5.7202853DC710A2823B6B47BE4206E949] - 21/04/2011 - 18:21:32 ---A- . (.Lexmark International, Inc. - Lexmark WebUpdater Executable.) -- C:\Windows\SysNative\lxdxwupd.exe [11264]
    O44 - LFC:[MD5.A6A3FB8EADA1295AC8A44FF06973E91A] - 21/04/2011 - 18:21:32 ---A- . (.Lexmark International, Inc. - utilities DLL.) -- C:\Windows\System32\lxdxutil.dll [544768]
    O44 - LFC:[MD5.FB4B0660FE73893558FCC46BEC908721] - 21/04/2011 - 18:21:32 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxiesc.dll [339968]
    O44 - LFC:[MD5.D040785BA94FAA006115C008C26120CD] - 21/04/2011 - 18:21:32 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxinpa.dll [364544]
    O44 - LFC:[MD5.CB9253F26497B08F50758A8C6EBB913C] - 21/04/2011 - 18:21:31 ---A- . (.Lexmark International - config.) -- C:\Windows\System32\LXDXcfg.dll [77906]
    O44 - LFC:[MD5.F6E680BD9546E67BE46D11B21ABD651E] - 21/04/2011 - 18:21:31 ---A- . (.Lexmark International, Inc. - CU bitmap resource DLL.) -- C:\Windows\System32\lxdxcub.dll [90112]
    O44 - LFC:[MD5.2974C519B87DD96554C51799F3B43291] - 21/04/2011 - 18:21:31 ---A- . (.Lexmark International, Inc. - Cu DLL.) -- C:\Windows\System32\lxdxcu.dll [77824]
    O44 - LFC:[MD5.1F5D3642C5A936371C1A7E2CD80A9235] - 21/04/2011 - 18:21:31 ---A- . (.Lexmark International, Inc. - INS bitmap resource DLL.) -- C:\Windows\System32\lxdxinsb.dll [200704]
    O44 - LFC:[MD5.C0372BCB13ACA52F6239C7464A3D864F] - 21/04/2011 - 18:21:31 ---A- . (.Lexmark International, Inc. - ins DLL.) -- C:\Windows\System32\lxdxins.dll [176128]
    O44 - LFC:[MD5.C33FBABBB81047F634ABC5E47BD81C6B] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcfg.exe [360448]
    O44 - LFC:[MD5.2591008941B08869C6B0362436E72CD7] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcomc.dll [851968]
    O44 - LFC:[MD5.819766166E2D432F68D14675C6438384] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcomm.dll [376832]
    O44 - LFC:[MD5.C33DB2399CF1AB7B8C9306A3CF3E8C80] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcoms.exe [589824]
    O44 - LFC:[MD5.132D8AB0ECE6C6807A5F21008AAFE7E5] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxhbn3.dll [663552]
    O44 - LFC:[MD5.C08423BB1853BEA6E7B965721845702F] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxih.exe [315392]
    O44 - LFC:[MD5.24C33C8E58A8FAEF423D136821D2BB75] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxlmpm.dll [569344]
    O44 - LFC:[MD5.52B9BCB492C28B26446D0DFA31C6BB87] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxpmui.dll [647168]
    O44 - LFC:[MD5.F66D81F8C4659E13EB7477EC7AD2C743] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxprox.dll [53248]
    O44 - LFC:[MD5.BD7BF1C34B99C14308BE1DF3D50ADA69] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxserv.dll [1105920]
    O44 - LFC:[MD5.33ADE76B850894DA32119936F730D32D] - 21/04/2011 - 18:21:31 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxusb1.dll [843776]
    O44 - LFC:[MD5.CB9253F26497B08F50758A8C6EBB913C] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International - config.) -- C:\Windows\SysNative\LXDXcfg.dll [65536]
    O44 - LFC:[MD5.F6E680BD9546E67BE46D11B21ABD651E] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - CU bitmap resource DLL.) -- C:\Windows\SysNative\lxdxcub.dll [73216]
    O44 - LFC:[MD5.2974C519B87DD96554C51799F3B43291] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - Cu DLL.) -- C:\Windows\SysNative\lxdxcu.dll [101888]
    O44 - LFC:[MD5.F969B05D533BD336E87608BEFA49E847] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - Cu resource DLL.) -- C:\Windows\SysNative\lxdxcur.dll [24064]
    O44 - LFC:[MD5.1F5D3642C5A936371C1A7E2CD80A9235] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - INS bitmap resource DLL.) -- C:\Windows\SysNative\lxdxinsb.dll [183296]
    O44 - LFC:[MD5.F4C30C2554CADAB331F9537219CE67EC] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - Ins resource DLL.) -- C:\Windows\SysNative\lxdxinsr.dll [97280]
    O44 - LFC:[MD5.6C3B27F361E81A6371BA58278F83667E] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - Jsw resource DLL.) -- C:\Windows\SysNative\lxdxjswr.dll [134656]
    O44 - LFC:[MD5.C0372BCB13ACA52F6239C7464A3D864F] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - ins DLL.) -- C:\Windows\SysNative\lxdxins.dll [235520]
    O44 - LFC:[MD5.A6A3FB8EADA1295AC8A44FF06973E91A] - 21/04/2011 - 18:21:21 ---A- . (.Lexmark International, Inc. - utilities DLL.) -- C:\Windows\SysNative\lxdxutil.dll [758272]
    O44 - LFC:[MD5.E7495D35998AE403514414583EE785C1] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\LXDXhcp.dll [675328]
    O44 - LFC:[MD5.C33FBABBB81047F634ABC5E47BD81C6B] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxcfg.exe [598528]
    O44 - LFC:[MD5.2591008941B08869C6B0362436E72CD7] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxcomc.dll [1472512]
    O44 - LFC:[MD5.819766166E2D432F68D14675C6438384] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxcomm.dll [578560]
    O44 - LFC:[MD5.C33DB2399CF1AB7B8C9306A3CF3E8C80] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxcoms.exe [1039872]
    O44 - LFC:[MD5.132D8AB0ECE6C6807A5F21008AAFE7E5] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxhbn3.dll [1069056]
    O44 - LFC:[MD5.FB4B0660FE73893558FCC46BEC908721] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxiesc.dll [509952]
    O44 - LFC:[MD5.C08423BB1853BEA6E7B965721845702F] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxih.exe [514048]
    O44 - LFC:[MD5.D040785BA94FAA006115C008C26120CD] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxinpa.dll [545792]
    O44 - LFC:[MD5.24C33C8E58A8FAEF423D136821D2BB75] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxlmpm.dll [884736]
    O44 - LFC:[MD5.52B9BCB492C28B26446D0DFA31C6BB87] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxpmui.dll [977920]
    O44 - LFC:[MD5.F66D81F8C4659E13EB7477EC7AD2C743] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxprox.dll [47104]
    O44 - LFC:[MD5.BD7BF1C34B99C14308BE1DF3D50ADA69] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxserv.dll [1734144]
    O44 - LFC:[MD5.33ADE76B850894DA32119936F730D32D] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysNative\lxdxusb1.dll [1319936]
    O44 - LFC:[MD5.199D043204E19FFB06E4D4151FB9C427] - 21/04/2011 - 18:21:21 ---A- . (.Pas de propriétaire - grd DLL.) -- C:\Windows\SysNative\lxdxgrd.dll [300032]
    O44 - LFC:[MD5.7BF67538EBBC2FB7D3857E255846A581] - 21/04/2011 - 18:20:29 ---A- . (.Pas de propriétaire - Generic CoInstaller.) -- C:\Windows\SysNative\lxdxcoin.dll [745984]
    O44 - LFC:[MD5.9DAA7218961710008D7385B01BD3F386] - 08/11/2010 - 00:20:24 ---A- . (...) -- C:\Windows\MBR.exe [89088]
    O44 - LFC:[MD5.F1FBA6185A6A2BC6456970914875078E] - 26/04/2010 - 14:58:12 ---A- . (...) -- C:\Windows\PEV.exe [256512]
    O44 - LFC:[MD5.D386AA7209F178C060E5911BE12D0402] - 16/10/2009 - 12:29:47 ---A- . (...) -- C:\Windows\SysNative\lxdx.loc [1875]
    O44 - LFC:[MD5.D386AA7209F178C060E5911BE12D0402] - 16/10/2009 - 12:29:47 ---A- . (...) -- C:\Windows\System32\lxdx.loc [1875]
    O44 - LFC:[MD5.204C164220C4EB90C714CF993482F1D7] - 19/08/2009 - 08:06:23 ---A- . (...) -- C:\Windows\SysNative\lxdxcaps64.dll [25600]
    O44 - LFC:[MD5.F779B1C66BE8A0DD9985C717268401BC] - 19/08/2009 - 08:00:12 ---A- . (...) -- C:\Windows\SysNative\lxdxcnv464.dll [54784]
    O44 - LFC:[MD5.838A7CE3471EF26ACFE0A9EF14B05186] - 11/03/2008 - 01:37:35 ---A- . (...) -- C:\Windows\SysNative\lxdxprpr.chm [64737]
    O44 - LFC:[MD5.BF0EBFD8F6496F2213892A0B3FAC1067] - 20/02/2008 - 16:33:14 ---A- . (...) -- C:\Windows\SysNative\LXDXinst.dll [530432]
    O44 - LFC:[MD5.BF0EBFD8F6496F2213892A0B3FAC1067] - 20/02/2008 - 15:49:25 ---A- . (...) -- C:\Windows\System32\LXDXinst.dll [348160]
    O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 31/08/2000 - 07:00:00 ---A- . (...) -- C:\Windows\grep.exe [80412]
    O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 31/08/2000 - 07:00:00 ---A- . (...) -- C:\Windows\sed.exe [98816]
    O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 31/08/2000 - 07:00:00 ---A- . (...) -- C:\Windows\zip.exe [68096]

    ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL

    ---\\ Trojan Driver Search Data (HKLM) (O52)
    O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
    O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

    ---\\ Microsoft Control Security Providers (O54)
    O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
    O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

    ---\\ Microsoft Windows Policies System (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
    O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
    O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
    O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
    O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0
    O55 - MWPS:[HKCU\...\Policies\System] - "EnableLUA"=0

    ---\\ Microsoft Windows Policies Explorer (O56)
    O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
    O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
    O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

    ---\\ Liste des Drivers Système (O58)
    O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]
    O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]
    O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]
    O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]
    O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]
    O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]
    O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]
    O58 - SDL:[MD5.6BE11AD81D4527D299F0CB5F3731AABC] - 10/01/2011 - 17:16:08 ---A- . (...) -- C:\Windows\system32\drivers\AppleCharger.sys [21104]
    O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]
    O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]
    O58 - SDL:[MD5.4BF5BCA6E2608CD8A00BC4A6673A9F47] - 17/11/2010 - 13:04:32 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW76.sys [115216]
    O58 - SDL:[MD5.DCC8177244FE79C61C4E73C65E63922A] - 27/01/2011 - 00:37:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9085952]
    O58 - SDL:[MD5.7FE67D107329DC2CF89136A8E19BCEB7] - 27/01/2011 - 23:13:32 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [299520]
    O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 04/02/2011 - 11:09:08 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120]
    O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 04/02/2011 - 11:09:08 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568]
    O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]
    O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
    O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
    O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]
    O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
    O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
    O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
    O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]
    O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]
    O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]
    O58 - SDL:[MD5.6C17A702399B0205AB7836C2B45CD806] - 26/01/2011 - 07:06:02 ---A- . (.Etron Technology Inc - Etron eXtensible Hub Driver..) -- C:\Windows\system32\drivers\EtronHub3.sys [39808]
    O58 - SDL:[MD5.B5348A55CC9541FFA930E30BB0CC8EF6] - 26/01/2011 - 07:06:00 ---A- . (.Etron Technology Inc - Etron eXtensible Host Controller Driver..) -- C:\Windows\system32\drivers\EtronXHCI.sys [64256]
    O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]
    O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 18/05/2009 - 12:17:08 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]
    O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]
    O58 - SDL:[MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - 19/10/2010 - 16:34:26 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys [56344]
    O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]
    O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]
    O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]
    O58 - SDL:[MD5.413ECDCFAD9A82804D3674C8D7EEC24E] - 17/09/2010 - 14:39:58 ---A- . (.LogMeIn, Inc. - LogMeIn Mirror Miniport Driver.) -- C:\Windows\system32\drivers\lmimirr.sys [11552]
    O58 - SDL:[MD5.C57D3FAA50E6F395759FFB7C709BD944] - 17/09/2010 - 14:40:06 ---A- . (.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) -- C:\Windows\system32\drivers\LMIRfsDriver.sys [72216]
    O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]
    O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]
    O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]
    O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]
    O58 - SDL:[MD5.3D3C4B63F11F63F50253E734F0ACE9F2] - 20/12/2010 - 17:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [24152]
    O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]
    O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]
    O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]
    O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]
    O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]
    O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]
    O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]
    O58 - SDL:[MD5.58435613C2537715A9423597EC6635CC] - 08/12/2010 - 11:21:16 ---A- . (.LogMeIn, Inc. - RemotelyAnywhereDpmsSecure Device Driver.) -- C:\Windows\system32\drivers\radpms.sys [14944]
    O58 - SDL:[MD5.712944C0A377E9B8743F95BD83E882D4] - 24/12/2010 - 08:32:54 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [412264]
    O58 - SDL:[MD5.13089F31AA37CDE1CE3784EE01A48484] - 25/01/2011 - 17:54:04 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2727912]
    O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
    O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]
    O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]
    O58 - SDL:[MD5.07000000000000000000000068EF1800] - 10/04/2011 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [834544]
    O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]
    O58 - SDL:[MD5.54D4B48D443E7228BF64CF7CDC3118AC] - 18/02/2011 - 15:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712]
    O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]
    O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]
    O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [38224]

    ---\\ Liste des outils de nettoyage (O63)
    O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM][64Bits] -- Ad-Remover
    O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1
    O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM][64Bits] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}

    ---\\ Liste des services Legacy (O64)
    O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\atikmdag.sys - amdkmdag(amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
    O64 - Services: CurCS - C:\Windows\System32\DRIVERS\AppleCharger.sys - AppleCharger (AppleCharger) .(...) - LEGACY_APPLECHARGER
    O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
    O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
    O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
    O64 - Services: CurCS - 30/08/2010 - C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys - driverhardwarev2x64(driverhardwarev2x64) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64
    O64 - Services: CurCS - 09/04/2011 - C:\Windows\etdrv.sys - etdrv(etdrv) .(.Windows (R) Server 2003 DDK provider - GIGABYTE Tools.) - LEGACY_ETDRV
    O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
    O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
    O64 - Services: CurCS - 16/05/2011 - C:\Windows\gdrv.sys - gdrv(gdrv) .(.Windows (R) Server 2003 DDK provider - GIGABYTE Tools.) - LEGACY_GDRV
    O64 - Services: CurCS - C:\Windows\GVTDrv64.sys - GVTDrv64 (GVTDrv64) .(...) - LEGACY_GVTDRV64
    O64 - Services: CurCS - D:\Installation programmes\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys - Ashampoo LiveTuner ProcessMonitor Driver (LiveTunerPM) .(...) - LEGACY_LIVETUNERPM
    O64 - Services: CurCS - 17/09/2010 - D:\Installation programmes\LogMeIn\x64\RaInfo.sys - LogMeIn Kernel Information Provider(LMIInfo) .(.LogMeIn, Inc. - RemotelyAnywhere Kernel Information Provide.) - LEGACY_LMIINFO
    O64 - Services: CurCS - 30/12/1899 - C:\Windows\system32\drivers\LMIRfsDriver.sys - LogMeIn Remote File System Driver(LMIRfsDriver) .(.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) - LEGACY_LMIRFSDRIVER
    O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
    O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
    O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
    O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
    O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
    O64 - Services: CurCS - (.not file.) - PROCEXP113 (PROCEXP113) .(...) - LEGACY_PROCEXP113
    O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
    O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
    O64 - Services: CurCS - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD

    ---\\ File Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
    O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
    O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
    O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
    O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
    O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
    O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

    ---\\ Start Menu Internet (O68)
    O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

    ---\\ Search Browser Infection (O69)
    O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
    O69 - SBI: SearchScopes [HKCU] {05AD2802-DFF2-4c43-B5CE-0F1EEB3D8EF7} - (Google) - https://www.google.com/?gws_rd=ssl
    O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
    O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
    O69 - SBI: SearchScopes [HKCU] {20308830-C8CA-469a-94A8-4E15A6A4BC04} - (Yahoo) - https://fr.search.yahoo.com/

    ---\\ Recherche particuliere à la racine de certains dossiers (O84)
    [MD5.5F877D4957B9E034FD4B66E048D44ED6] [SPRF] (.Ask - Wrapper Application.) -- C:\Users\Bool\AppData\Local\Temp\setup.exe [3325832]

    ---\\ Firewall Active Exception List (FirewallRules) (O87)
    O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
    O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Private - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
    O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)
    O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)
    O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)
    O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
    O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
    O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
    O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
    O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
    O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
    O87 - FAEL: "SPPSVC-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\sppsvc.exe (.not file.)
    O87 - FAEL: "SPPSVC-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\sppsvc.exe (.not file.)
    O87 - FAEL: "{45928543-EA10-4ACC-B658-56C8E1C20F67}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
    O87 - FAEL: "{55C75073-1611-4B67-A78E-08021D4F153F}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
    O87 - FAEL: "{72E9AD90-D986-4AE6-A7D5-5F20ECEA2613}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O87 - FAEL: "{AA3570C0-29F3-442D-8BBC-D3ABE647F73F}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O87 - FAEL: "{2A965BB0-DAD0-403C-A632-AABEA1BE9B42}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
    O87 - FAEL: "{E2C9930E-579D-4FC6-A23E-CE937A1B3A1B}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
    O87 - FAEL: "{02F5CD91-238C-4119-98ED-1FAFB36A46C4}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
    O87 - FAEL: "{32342EBB-5468-4BBE-86EC-98FD2A166472}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
    O87 - FAEL: "{1AE5E2BE-7628-455D-8C71-6ACED609C03A}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
    O87 - FAEL: "{4267CA5E-595C-46B9-A1CB-FE1FFC8E6A1B}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
    O87 - FAEL: "{5922CFEB-EAB8-4F35-9A7A-5F74871A16A3}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
    O87 - FAEL: "{3014AFF7-1FC5-4498-96AC-C70526B0693A}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
    O87 - FAEL: "{8232A7A7-F9AE-492C-B27C-87440D45BC2A}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
    O87 - FAEL: "{4A5B1E15-2108-4EF1-9849-52F6C5A85A79}" | In - Public - P6 - TRUE | .(...) -- D:\Installation jeux\Assassin's Creed Brotherhood\ACBSP.exe
    O87 - FAEL: "{F9440E5B-2100-4604-A5EC-05BD14D029FF}" | In - Public - P17 - TRUE | .(...) -- D:\Installation jeux\Assassin's Creed Brotherhood\ACBSP.exe
    O87 - FAEL: "{4B462534-B99B-47C9-A87A-13C67E9A3294}" | In - Public - P6 - TRUE | .(...) -- D:\Installation jeux\Assassin's Creed Brotherhood\ACBMP.exe
    O87 - FAEL: "{C76CF551-E3B5-41DE-B77E-6B34AC33D5A2}" | In - Public - P17 - TRUE | .(...) -- D:\Installation jeux\Assassin's Creed Brotherhood\ACBMP.exe
    O87 - FAEL: "{142E1698-0681-48AF-8A84-ADE840AC4850}" | In - Public - P6 - TRUE | .(...) -- D:\Installation jeux\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
    O87 - FAEL: "{3D938355-2E13-47E6-9B81-B9140FE7D0EB}" | In - Public - P17 - TRUE | .(...) -- D:\Installation jeux\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
    O87 - FAEL: "{AD40C46C-2166-4F75-9F9F-703AB2954722}" | In - Public - P6 - TRUE | .(.Ubisoft Entertainment - UPlayBrowser Application.) -- D:\Installation jeux\Assassin's Creed Brotherhood\UPlayBrowser.exe
    O87 - FAEL: "{0453AD7B-E964-4CD3-BDB3-005C74D2A818}" | In - Public - P17 - TRUE | .(.Ubisoft Entertainment - UPlayBrowser Application.) -- D:\Installation jeux\Assassin's Creed Brotherhood\UPlayBrowser.exe
    O87 - FAEL: "TCP Query User{6C9CA361-1358-4771-9CCA-140D139A0DED}C:\windows\kmsemulator.exe" | In - Public - P6 - TRUE | .(...) -- C:\windows\kmsemulator.exe
    O87 - FAEL: "UDP Query User{734458E2-2A70-4E85-AA6B-F7B30C0CCC43}C:\windows\kmsemulator.exe" | In - Public - P17 - TRUE | .(...) -- C:\windows\kmsemulator.exe
    O87 - FAEL: "{FD2CDA8E-45CB-4363-A2BB-51037AB5B5F0}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    O87 - FAEL: "{AE39BD65-2733-4BF6-865D-AA09FA56B59F}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
    O87 - FAEL: "TCP Query User{44BB9D34-1769-4E82-AA43-067EAC11BFF8}C:\users\bool\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\bool\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
    O87 - FAEL: "UDP Query User{80EA6A9B-5363-42DD-96F7-D145C925552D}C:\users\bool\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\bool\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.)
    O87 - FAEL: "{D27106E4-2F8A-4B48-8567-74BB0E20C0BC}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysWOW64\lxdxcoms.exe
    O87 - FAEL: "{2C1B7C0F-B6BF-436B-B40D-21C9502D6079}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\SysWOW64\lxdxcoms.exe
    O87 - FAEL: "{99EBB243-FF8D-4337-A133-E7EE51962F75}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcoms.exe
    O87 - FAEL: "{711F254D-A362-4FF6-8B4A-C1C05948467B}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcoms.exe
    O87 - FAEL: "{2B485357-4CAB-4A6E-8F6D-777B50F1E40C}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe
    O87 - FAEL: "{F2A6A94F-41E5-423A-A9AA-19A4579791A2}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe
    O87 - FAEL: "{FCDEF244-BF5A-499C-A283-F3F3F85F0CFC}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printing Application.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\frun.exe
    O87 - FAEL: "{A26F76DB-8C96-484D-917B-1FB5ED0D7107}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printing Application.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\frun.exe
    O87 - FAEL: "{0ED2DEA3-1F39-4471-9918-DBECBD005C6D}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
    O87 - FAEL: "{A1E5E9BB-A205-433E-8BDB-AE5D2B92EF68}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
    O87 - FAEL: "{273E98A1-1E49-4657-85BC-EDC10830F24F}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Status Window Interface.) -- C:\Windows\System32\spool\drivers\x64\3\lxdxpswx.exe
    O87 - FAEL: "{7663D90F-BF1C-49F0-85CE-B4754C59F6FD}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Status Window Interface.) -- C:\Windows\System32\spool\drivers\x64\3\lxdxpswx.exe
    O87 - FAEL: "{708F32EB-7F4A-4116-B74C-D6132A4E81B1}" | In - Public - P6 - TRUE | .(.Lexmark International, Inc. - Lexmark Connect Time Executable.) -- C:\Windows\System32\spool\drivers\x64\3\lxdxtime.exe
    O87 - FAEL: "{DB8EECD0-DE58-4CAD-B87A-4CBCE776AD99}" | In - Public - P17 - TRUE | .(.Lexmark International, Inc. - Lexmark Connect Time Executable.) -- C:\Windows\System32\spool\drivers\x64\3\lxdxtime.exe
    O87 - FAEL: "{BA7E56CD-9FA3-4A8A-B21A-597396007BDA}" | In - Public - P6 - TRUE | .(.Lexmark International, Inc. - Lexmark Connect Time Executable.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxtime.exe
    O87 - FAEL: "{2CF947D5-AEC1-44E5-A51A-CDA0F9E8913B}" | In - Public - P17 - TRUE | .(.Lexmark International, Inc. - Lexmark Connect Time Executable.) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxtime.exe
    O87 - FAEL: "{8D86445E-3853-4174-9F18-0E04DE8DE6AA}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Job Status Window Interface.) -- C:\Windows\System32\spool\drivers\x64\3\lxdxjswx.exe
    O87 - FAEL: "{557698E7-484A-47DA-BC49-AAB7A5BCD372}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Job Status Window Interface.) -- C:\Windows\System32\spool\drivers\x64\3\lxdxjswx.exe
    O87 - FAEL: "{A18F7CAA-5CE3-4DB6-BCFC-2C07BA7A6C59}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\Wireless\lxdxwpss.exe
    O87 - FAEL: "{6560488A-181C-4387-9055-F2F81D1B1AD3}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Lexmark 3600-4600 Series\Wireless\lxdxwpss.exe
    O87 - FAEL: "{F4180F52-FCB9-4554-A430-83C27695AC6B}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcfg.exe
    O87 - FAEL: "{952331F2-1CB8-4797-B2DE-F9D77EF32320}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxdxcfg.exe
    O87 - FAEL: "TCP Query User{1D631C51-F933-46D2-B07A-E77F37AFE09A}C:\program files (x86)\mozilla firefox\plugin-container.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation.) -- C:\program files (x86)\mozilla firefox\plugin-container.exe
    O87 - FAEL: "UDP Query User{4A088D51-D3E5-4FC1-83DF-99C8D9551B97}C:\program files (x86)\mozilla firefox\plugin-container.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation.) -- C:\program files (x86)\mozilla firefox\plugin-container.exe
    O87 - FAEL: "TCP Query User{C9E75F90-9B30-4E3D-9CE0-AAEAA023AB2E}D:\installation jeux\portal 2\portal2.exe" | In - Public - P6 - TRUE | .(...) -- D:\installation jeux\portal 2\portal2.exe
    O87 - FAEL: "UDP Query User{7F160AE9-49DC-4452-A55D-C8182ADA7C91}D:\installation jeux\portal 2\portal2.exe" | In - Public - P17 - TRUE | .(...) -- D:\installation jeux\portal 2\portal2.exe
    O87 - FAEL: "{EC81488F-4400-4A81-B02B-91E0D610640A}" | In - None - P17 - TRUE | .(.Splashtop Inc. - Splashtop® Remote Streamer.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    O87 - FAEL: "{B5B81AD3-35CB-43F1-8F27-56D38E4EE462}" | In - None - P17 - TRUE | .(.Splashtop Inc. - Splashtop® Remote Streamer Feature.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    O87 - FAEL: "{032F744A-2087-4464-B8CE-60F711B4E115}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
    O87 - FAEL: "{AEDA6F94-77F6-431C-9713-6FB562494A6B}" | In - None - P17 - TRUE | .(.Splashtop, Inc. - Splashtop® Remote Streamer Input Server.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\inputserv.exe

    ---\\ Scan Additionnel (O88)
    Database Version : 7434 - (14/05/2011)
    Clés trouvées (Keys found) : 4
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 0

    [HKCR\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Adware.AskSBar
    [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Adware.AskSBar
    [HKCU\Software\cacaoweb] =>Adware.Agent
    [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
    C:\Users\Bool\Appdata\LocalLow\uTorrentBar_FR =>Toolbar.Conduit

    ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SR - | Auto 0 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
    SR - | Auto 27/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    SR - | Auto 09/04/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    SS - | Demand 18/02/2011 0 | (AppleChargerSrv) . (...) - c:\system32\AppleChargerSrv.exe
    SR - | Auto 07/10/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    SS - | Demand 12/05/2011 544768 | (DfSdkS) . (.mst software GmbH, Germany.) - D:\Installation programmes\Ashampoo WinOptimizer 8\DfsdkS64.exe
    SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    SS - | Demand 07/03/2011 934176 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
    SR - | Auto 01/03/2011 373640 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - D:\Installation programmes\LogMeIn\x64\LMIGuardianSvc.exe
    SR - | Auto 01/03/2011 147336 | (LMIMaint) . (.LogMeIn, Inc..) - D:\Installation programmes\LogMeIn\x64\RaMaint.exe
    SR - | Auto 22/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    SR - | Auto 08/11/2010 407424 | (LogMeIn) . (.LogMeIn, Inc..) - D:\Installation programmes\LogMeIn\x64\LogMeIn.exe
    SS - | Auto 16/10/2009 29184 | (lxdxCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\x64\3\lxdxserv.exe
    SR - | Auto 16/10/2009 589824 | (lxdx_device) . (...) - C:\Windows\system32\lxdxcoms.exe
    SS - | Demand 10/03/2011 311744 | (maconfservice) . (.CybelSoft.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe
    SR - | Auto 10/04/2011 75136 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
    SR - | Auto 13/10/2009 114688 | (Smart TimeLock) . (.Gigabyte Technology CO., LTD..) - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
    SR - | Auto 11/05/2011 1771336 | (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    SR - | Auto 08/03/2011 341832 | (SSUService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    SR - | Auto 22/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    SS - | Demand 12/05/2011 884608 | (WO_LiveService) . (...) - D:\Installation programmes\Ashampoo WinOptimizer 8\LiveTunerService.exe
    SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

    ---\\ Recherche Master Boot Record Infection (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

    ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog
    Run by Bool at 16/05/2011 22:23:09

    ********* Dump file Name *********
    C:\PhysicalDisk0_MBR.bin

    ---\\ Liste des émulateurs de CD/DVD (Hook du MBR)
    O58 - SDL:[MD5.07000000000000000000000068EF1800] - 10/04/2011 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [834544]

    End of the scan (1080 lines in 01mn 16s)(0)
    0
  14. Vent d'ouest Messages postés 714 Statut Membre 41
     
    Télécharge TDSS Killer (de Kaspersky Labs) sur ton Bureau:
    https://support.kaspersky.com/downloads/utils/tdsskiller.exe
    Double-clique sur tdsskiller.exe (sous Vista/Seven, clic droit
    dessus, et sur exécuter en tant qu''administrateur)
    Clique sur Start Scan

    Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
    Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
    Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
    Si Suspicious file est indiqué, laisse l''option cochée sur Skip

    A la fin clique sur Reboot Now
    Le PC va redémarrer, et un rapport va s''ouvrir
    Copie/colle le rapport (il est sauvegardé dans C:\TDSS Killer
    N° de version_Date_Heure_log.txt) ');INSERT INTO speeches('category', 'name', 'speech') VALUES ('CCM', 'AD-R Clean', '? Relance AD-Remover, clique sur Nettoyer
    Laisse le pc redémarrer.
    Une fois revenu sur le bureau, le rapport devrait s''ouvrir : poste son contenu.
    S''il ne s''ouvre pas; il se trouve là : C:\AD-Report[CLEAN]1.txt');INSERT INTO speeches('category', 'name', 'speech') VALUES ('CCM', 'FixLop Suppression', '? Relance FixLop et clique sur Suppression
    Un backup du registre est effectué, c''est normal
    Copie/colle le rapport de suppression.
    0
  15. gdbod Messages postés 14 Statut Membre
     
    2011/05/16 22:48:48.0453 3224 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
    2011/05/16 22:48:48.0562 3224 ================================================================================
    2011/05/16 22:48:48.0562 3224 SystemInfo:
    2011/05/16 22:48:48.0562 3224
    2011/05/16 22:48:48.0562 3224 OS Version: 6.1.7601 ServicePack: 1.0
    2011/05/16 22:48:48.0562 3224 Product type: Workstation
    2011/05/16 22:48:48.0562 3224 ComputerName: BOOL-PC
    2011/05/16 22:48:48.0562 3224 UserName: Bool
    2011/05/16 22:48:48.0562 3224 Windows directory: C:\Windows
    2011/05/16 22:48:48.0562 3224 System windows directory: C:\Windows
    2011/05/16 22:48:48.0562 3224 Running under WOW64
    2011/05/16 22:48:48.0562 3224 Processor architecture: Intel x64
    2011/05/16 22:48:48.0562 3224 Number of processors: 4
    2011/05/16 22:48:48.0562 3224 Page size: 0x1000
    2011/05/16 22:48:48.0562 3224 Boot type: Normal boot
    2011/05/16 22:48:48.0562 3224 ================================================================================
    2011/05/16 22:48:48.0750 3224 Initialize success
    2011/05/16 22:49:00.0091 5100 ================================================================================
    2011/05/16 22:49:00.0091 5100 Scan started
    2011/05/16 22:49:00.0091 5100 Mode: Manual;
    2011/05/16 22:49:00.0091 5100 ================================================================================
    2011/05/16 22:49:00.0668 5100 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    2011/05/16 22:49:00.0715 5100 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    2011/05/16 22:49:00.0746 5100 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    2011/05/16 22:49:00.0808 5100 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    2011/05/16 22:49:00.0840 5100 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    2011/05/16 22:49:00.0871 5100 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    2011/05/16 22:49:00.0933 5100 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
    2011/05/16 22:49:00.0964 5100 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    2011/05/16 22:49:00.0980 5100 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    2011/05/16 22:49:00.0996 5100 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    2011/05/16 22:49:01.0027 5100 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    2011/05/16 22:49:01.0152 5100 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/05/16 22:49:01.0214 5100 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
    2011/05/16 22:49:01.0245 5100 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    2011/05/16 22:49:01.0292 5100 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    2011/05/16 22:49:01.0323 5100 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    2011/05/16 22:49:01.0339 5100 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    2011/05/16 22:49:01.0417 5100 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    2011/05/16 22:49:01.0464 5100 AppleCharger (6be11ad81d4527d299f0cb5f3731aabc) C:\Windows\system32\DRIVERS\AppleCharger.sys
    2011/05/16 22:49:01.0510 5100 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    2011/05/16 22:49:01.0510 5100 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    2011/05/16 22:49:01.0526 5100 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/05/16 22:49:01.0588 5100 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    2011/05/16 22:49:01.0620 5100 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
    2011/05/16 22:49:01.0666 5100 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
    2011/05/16 22:49:01.0698 5100 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
    2011/05/16 22:49:01.0744 5100 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    2011/05/16 22:49:01.0776 5100 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    2011/05/16 22:49:01.0791 5100 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    2011/05/16 22:49:01.0838 5100 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    2011/05/16 22:49:01.0885 5100 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    2011/05/16 22:49:01.0916 5100 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    2011/05/16 22:49:01.0932 5100 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    2011/05/16 22:49:01.0963 5100 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    2011/05/16 22:49:01.0978 5100 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    2011/05/16 22:49:01.0978 5100 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2011/05/16 22:49:01.0994 5100 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    2011/05/16 22:49:02.0010 5100 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    2011/05/16 22:49:02.0041 5100 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/05/16 22:49:02.0088 5100 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    2011/05/16 22:49:02.0103 5100 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    2011/05/16 22:49:02.0134 5100 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    2011/05/16 22:49:02.0166 5100 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    2011/05/16 22:49:02.0181 5100 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    2011/05/16 22:49:02.0228 5100 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    2011/05/16 22:49:02.0259 5100 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    2011/05/16 22:49:02.0306 5100 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    2011/05/16 22:49:02.0337 5100 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    2011/05/16 22:49:02.0368 5100 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
    2011/05/16 22:49:02.0431 5100 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    2011/05/16 22:49:02.0478 5100 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    2011/05/16 22:49:02.0509 5100 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    2011/05/16 22:49:02.0571 5100 driverhardwarev2x64 (3f9933fac064a84a293207f039860de7) C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys
    2011/05/16 22:49:02.0618 5100 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    2011/05/16 22:49:02.0696 5100 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/05/16 22:49:02.0774 5100 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    2011/05/16 22:49:02.0821 5100 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    2011/05/16 22:49:02.0852 5100 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    2011/05/16 22:49:02.0914 5100 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys
    2011/05/16 22:49:02.0946 5100 EtronHub3 (6c17a702399b0205ab7836c2b45cd806) C:\Windows\system32\Drivers\EtronHub3.sys
    2011/05/16 22:49:02.0961 5100 EtronXHCI (b5348a55cc9541ffa930e30bb0cc8ef6) C:\Windows\system32\Drivers\EtronXHCI.sys
    2011/05/16 22:49:02.0992 5100 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    2011/05/16 22:49:03.0008 5100 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    2011/05/16 22:49:03.0039 5100 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    2011/05/16 22:49:03.0055 5100 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    2011/05/16 22:49:03.0070 5100 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    2011/05/16 22:49:03.0070 5100 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/05/16 22:49:03.0117 5100 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    2011/05/16 22:49:03.0164 5100 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    2011/05/16 22:49:03.0180 5100 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/05/16 22:49:03.0226 5100 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    2011/05/16 22:49:03.0242 5100 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    2011/05/16 22:49:03.0304 5100 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
    2011/05/16 22:49:03.0351 5100 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/05/16 22:49:03.0414 5100 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys
    2011/05/16 22:49:03.0429 5100 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    2011/05/16 22:49:03.0476 5100 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    2011/05/16 22:49:03.0492 5100 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    2011/05/16 22:49:03.0507 5100 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    2011/05/16 22:49:03.0538 5100 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    2011/05/16 22:49:03.0554 5100 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    2011/05/16 22:49:03.0585 5100 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/05/16 22:49:03.0616 5100 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    2011/05/16 22:49:03.0694 5100 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    2011/05/16 22:49:03.0741 5100 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    2011/05/16 22:49:03.0757 5100 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    2011/05/16 22:49:03.0819 5100 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    2011/05/16 22:49:03.0850 5100 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    2011/05/16 22:49:03.0913 5100 IntcAzAudAddService (13089f31aa37cde1ce3784ee01a48484) C:\Windows\system32\drivers\RTKVHD64.sys
    2011/05/16 22:49:03.0960 5100 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    2011/05/16 22:49:03.0991 5100 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/05/16 22:49:04.0053 5100 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/05/16 22:49:04.0084 5100 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    2011/05/16 22:49:04.0116 5100 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    2011/05/16 22:49:04.0147 5100 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    2011/05/16 22:49:04.0194 5100 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    2011/05/16 22:49:04.0225 5100 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    2011/05/16 22:49:04.0240 5100 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    2011/05/16 22:49:04.0272 5100 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    2011/05/16 22:49:04.0318 5100 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    2011/05/16 22:49:04.0350 5100 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    2011/05/16 22:49:04.0381 5100 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    2011/05/16 22:49:04.0490 5100 LiveTunerPM (101cfc3764c27259847188581b185ea6) D:\Installation programmes\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor64.sys
    2011/05/16 22:49:04.0537 5100 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/05/16 22:49:04.0599 5100 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) D:\Installation programmes\LogMeIn\x64\RaInfo.sys
    2011/05/16 22:49:04.0662 5100 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
    2011/05/16 22:49:04.0693 5100 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
    2011/05/16 22:49:04.0724 5100 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    2011/05/16 22:49:04.0740 5100 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    2011/05/16 22:49:04.0786 5100 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    2011/05/16 22:49:04.0802 5100 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    2011/05/16 22:49:04.0802 5100 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    2011/05/16 22:49:04.0849 5100 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    2011/05/16 22:49:04.0864 5100 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    2011/05/16 22:49:04.0896 5100 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
    2011/05/16 22:49:04.0927 5100 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    2011/05/16 22:49:04.0942 5100 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    2011/05/16 22:49:05.0020 5100 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    2011/05/16 22:49:05.0052 5100 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/05/16 22:49:05.0098 5100 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    2011/05/16 22:49:05.0161 5100 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    2011/05/16 22:49:05.0176 5100 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    2011/05/16 22:49:05.0208 5100 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    2011/05/16 22:49:05.0239 5100 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/05/16 22:49:05.0286 5100 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/05/16 22:49:05.0317 5100 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/05/16 22:49:05.0332 5100 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    2011/05/16 22:49:05.0348 5100 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    2011/05/16 22:49:05.0395 5100 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    2011/05/16 22:49:05.0410 5100 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    2011/05/16 22:49:05.0426 5100 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    2011/05/16 22:49:05.0457 5100 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/05/16 22:49:05.0473 5100 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/05/16 22:49:05.0488 5100 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    2011/05/16 22:49:05.0520 5100 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    2011/05/16 22:49:05.0551 5100 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    2011/05/16 22:49:05.0566 5100 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    2011/05/16 22:49:05.0582 5100 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    2011/05/16 22:49:05.0613 5100 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    2011/05/16 22:49:05.0660 5100 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    2011/05/16 22:49:05.0707 5100 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    2011/05/16 22:49:05.0738 5100 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    2011/05/16 22:49:05.0754 5100 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    2011/05/16 22:49:05.0800 5100 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    2011/05/16 22:49:05.0847 5100 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    2011/05/16 22:49:05.0878 5100 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    2011/05/16 22:49:05.0910 5100 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    2011/05/16 22:49:05.0941 5100 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    2011/05/16 22:49:05.0972 5100 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    2011/05/16 22:49:05.0988 5100 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    2011/05/16 22:49:06.0003 5100 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    2011/05/16 22:49:06.0066 5100 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    2011/05/16 22:49:06.0112 5100 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    2011/05/16 22:49:06.0175 5100 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    2011/05/16 22:49:06.0206 5100 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    2011/05/16 22:49:06.0253 5100 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    2011/05/16 22:49:06.0284 5100 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    2011/05/16 22:49:06.0331 5100 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    2011/05/16 22:49:06.0362 5100 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    2011/05/16 22:49:06.0409 5100 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    2011/05/16 22:49:06.0424 5100 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    2011/05/16 22:49:06.0440 5100 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    2011/05/16 22:49:06.0471 5100 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    2011/05/16 22:49:06.0487 5100 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    2011/05/16 22:49:06.0580 5100 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/05/16 22:49:06.0596 5100 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    2011/05/16 22:49:06.0643 5100 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    2011/05/16 22:49:06.0690 5100 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    2011/05/16 22:49:06.0752 5100 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    2011/05/16 22:49:06.0783 5100 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    2011/05/16 22:49:06.0814 5100 radpms (58435613c2537715a9423597ec6635cc) C:\Windows\system32\DRIVERS\radpms.sys
    2011/05/16 22:49:06.0846 5100 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/05/16 22:49:06.0877 5100 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2011/05/16 22:49:06.0908 5100 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/05/16 22:49:06.0939 5100 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/05/16 22:49:06.0939 5100 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/05/16 22:49:07.0002 5100 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/05/16 22:49:07.0017 5100 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    2011/05/16 22:49:07.0048 5100 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/05/16 22:49:07.0080 5100 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
    2011/05/16 22:49:07.0095 5100 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    2011/05/16 22:49:07.0111 5100 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    2011/05/16 22:49:07.0142 5100 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    2011/05/16 22:49:07.0204 5100 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    2011/05/16 22:49:07.0236 5100 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/05/16 22:49:07.0282 5100 RTL8167 (712944c0a377e9b8743f95bd83e882d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
    2011/05/16 22:49:07.0329 5100 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
    2011/05/16 22:49:07.0360 5100 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    2011/05/16 22:49:07.0392 5100 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    2011/05/16 22:49:07.0423 5100 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    2011/05/16 22:49:07.0485 5100 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    2011/05/16 22:49:07.0516 5100 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    2011/05/16 22:49:07.0532 5100 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    2011/05/16 22:49:07.0579 5100 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    2011/05/16 22:49:07.0594 5100 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/05/16 22:49:07.0594 5100 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    2011/05/16 22:49:07.0626 5100 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    2011/05/16 22:49:07.0641 5100 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    2011/05/16 22:49:07.0657 5100 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    2011/05/16 22:49:07.0688 5100 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    2011/05/16 22:49:07.0735 5100 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    2011/05/16 22:49:07.0797 5100 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
    2011/05/16 22:49:07.0797 5100 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
    2011/05/16 22:49:07.0797 5100 sptd - detected LockedFile.Multi.Generic (1)
    2011/05/16 22:49:07.0828 5100 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
    2011/05/16 22:49:07.0875 5100 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
    2011/05/16 22:49:07.0922 5100 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/05/16 22:49:07.0984 5100 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    2011/05/16 22:49:08.0031 5100 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
    2011/05/16 22:49:08.0062 5100 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
    2011/05/16 22:49:08.0078 5100 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    2011/05/16 22:49:08.0140 5100 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
    2011/05/16 22:49:08.0187 5100 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/05/16 22:49:08.0234 5100 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    2011/05/16 22:49:08.0265 5100 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    2011/05/16 22:49:08.0281 5100 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    2011/05/16 22:49:08.0328 5100 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    2011/05/16 22:49:08.0343 5100 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    2011/05/16 22:49:08.0390 5100 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/05/16 22:49:08.0406 5100 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    2011/05/16 22:49:08.0452 5100 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/05/16 22:49:08.0468 5100 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    2011/05/16 22:49:08.0515 5100 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    2011/05/16 22:49:08.0562 5100 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    2011/05/16 22:49:08.0608 5100 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
    2011/05/16 22:49:08.0640 5100 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    2011/05/16 22:49:08.0671 5100 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
    2011/05/16 22:49:08.0718 5100 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/05/16 22:49:08.0764 5100 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    2011/05/16 22:49:08.0780 5100 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
    2011/05/16 22:49:08.0811 5100 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
    2011/05/16 22:49:08.0842 5100 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
    2011/05/16 22:49:08.0858 5100 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/05/16 22:49:08.0905 5100 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/05/16 22:49:08.0936 5100 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
    2011/05/16 22:49:08.0952 5100 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/05/16 22:49:08.0967 5100 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    2011/05/16 22:49:08.0998 5100 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/05/16 22:49:09.0014 5100 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    2011/05/16 22:49:09.0045 5100 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    2011/05/16 22:49:09.0076 5100 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    2011/05/16 22:49:09.0092 5100 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
    2011/05/16 22:49:09.0108 5100 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
    2011/05/16 22:49:09.0139 5100 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    2011/05/16 22:49:09.0170 5100 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    2011/05/16 22:49:09.0186 5100 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    2011/05/16 22:49:09.0217 5100 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    2011/05/16 22:49:09.0264 5100 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
    2011/05/16 22:49:09.0295 5100 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    2011/05/16 22:49:09.0326 5100 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/05/16 22:49:09.0326 5100 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/05/16 22:49:09.0388 5100 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    2011/05/16 22:49:09.0404 5100 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    2011/05/16 22:49:09.0435 5100 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    2011/05/16 22:49:09.0451 5100 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    2011/05/16 22:49:09.0529 5100 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    2011/05/16 22:49:09.0560 5100 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    2011/05/16 22:49:09.0607 5100 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/05/16 22:49:09.0638 5100 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    2011/05/16 22:49:09.0654 5100 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/05/16 22:49:09.0685 5100 ================================================================================
    2011/05/16 22:49:09.0685 5100 Scan finished
    2011/05/16 22:49:09.0685 5100 ================================================================================
    2011/05/16 22:49:09.0700 3628 Detected object count: 1
    2011/05/16 22:49:30.0121 3628 LockedFile.Multi.Generic(sptd) - User select action: Skip
    2011/05/16 22:49:56.0532 2008 Deinitialize success
    0
  16. gdbod Messages postés 14 Statut Membre
     
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 22:54:18 le 16/05/2011, Mode normal

    Microsoft Windows 7 Professionnel Service Pack 1 (X64)
    Bool@BOOL-PC (Gigabyte Technology Co., Ltd. P61-USB3-B3)

    ============== ACTION(S) ==============

    (!) -- Fichiers temporaires supprimés.

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [4.0.1 (fr)] ****

    Searchplugins\bing.xml ( hxxp://www.bing.com/search)
    Components\browsercomps.dll (Mozilla Foundation)

    -- C:\Users\Bool\AppData\Roaming\Mozilla\FireFox\Profiles\1v62jq6a.default --
    Extensions\cacaoweb@cacaoweb.org (cacaoweb)
    Extensions\LogMeInClient@logmein.com (LogMeIn, Inc. Remote Access Plugin)
    Prefs.js - browser.download.dir, D:\\Téléchargement
    Prefs.js - browser.startup.homepage, hxxp://www.google.com/
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1
    Prefs.js - keyword.URL, hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

    ========================================

    **** Internet Explorer Version [9.0.8112.16421] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
    HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - D:\Installation programmes\Veetle\Player\vtl_hfs.exe (?)
    HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - D:\Installation programmes\Veetle\Player\player.exe (?)
    HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - D:\Installation programmes\Veetle\Player\vtl_hfax.exe (?)
    HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
    HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
    HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - D:\Installation programmes\Veetle\Player\vtl_hfs.exe (?)
    HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - D:\Installation programmes\Veetle\Player\player.exe (?)
    HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
    HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
    HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - D:\Installation programmes\Veetle\Player\vtl_hfax.exe (?)

    ========================================

    C:\Program Files (x86)\Ad-Remover\Quarantine: 34 Fichier(s)
    C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 16/05/2011 21:44:13 (11550 Octet(s))
    C:\Ad-Report-CLEAN[2].txt - 16/05/2011 22:54:21 (3472 Octet(s))

    Fin à: 22:54:57, 16/05/2011

    ============== E.O.F ==============
    0
  17. gdbod Messages postés 14 Statut Membre
     
    qu'est ce qui se passe????
    0
    1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
       
      ComboFix -> inutile
      TDSS Killer -> inutile également
      0
    2. gdbod Messages postés 14 Statut Membre
       
      mais rien de dommageable?
      0
    3. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
       
      bah, combofix t as pété cacaoweb [pas entièrement en plus]
      0
  18. gdbod Messages postés 14 Statut Membre
     
    ####### FixLop vers 1.0.2.6 [ Suppression ] #######

    # Exécuté depuis C:\Program Files (x86)\FixLop
    # Le 16/05/2011 à 23h02
    # Utilisateur : Bool | BOOL-PC

    # S.E : Windows 7 Professional | | 64 bits
    # CPU : Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz

    # Internet Explorer version [9.0.8112.16421]
    # Mozilla Firefox : 4.0.1 (fr)

    ############## [ Processus ]

    ############## [ Dossiers & Fichiers ]

    ~~~~ Lecture fichier prefs.js ~~~~

    (!) Backup ERDNT crée avec succès dans C:\Windows

    ############## [ Clés de registres ]

    ############## [ Internet Explorer ]

    -- [ HKLM\Software\Microsoft\Internet Explorer\Main ] --

    Search Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_page_url : hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_search_url : hxxp://www.google.fr
    Start Page : hxxp://fr.msn.com/
    Local Page : C:\Windows\system32\blank.htm

    -- [ HKCU\Software\Microsoft\Internet Explorer\Main ] --

    Search Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_page_url : hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_search_url : hxxp://www.google.fr
    Start Page : hxxp://fr.msn.com/
    Local Page : C:\Windows\system32\blank.htm

    ########## [ ! Suppression finie le 16/05/2011 à 23h02 ]
    0
  19. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    Pourquoi mes messages sont disparus ?

    A+
    .::. Contributeur Sécurité .::.
    0
  20. gen-hackman
     
    salut à vous

    et dans tout ca personne a vu le crack pour microsoft office ?
    0
    1. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
       
      si le KMS
      0
    2. gdbod Messages postés 14 Statut Membre
       
      je comprend pas tout là
      0
  21. juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
     
    2011-05-16 15:58 . 2011-04-10 13:44 151552 ----a-w- c:\windows\KMSEmulator.exe

    Crack Office 2010

    A+
    0
  • 1
  • 2