Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés


Bonjour à tous;

j'ai fait une analyse ZHP et voilà ce qu'il me trouve comme infection:

[HKCU\Software\PriceGong] => Infection BT (Adware.PriceGong)

[HKLM\Software\Viewpoint] => Infection PUP (Adware.MetaStream)

O43 - CFD: 18/12/2010 - 23:41:04 - [26381568] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\OpenCandy => Infection PUP (Adware.OpenCandy)

O43 - CFD: 14/09/2011 - 22:59:32 - [1536] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\pdfforge => Infection BT (PUP.Dealio)

O43 - CFD: 18/12/2010 - 23:41:58 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\OpenCandy => Infection PUP (Adware.OpenCandy)

[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer]






[HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] => Infection BT (Adware.MetaStream)

[HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] => Infection BT (Adware.MetaStream)

[HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}] => Infection PUP (Spyware.Soft2PC)

[HKCU\Software\PriceGong] => Infection BT (Adware.PriceGong)

[HKLM\Software\Viewpoint] => Infection PUP (Adware.MetaStream)


[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\5]

C:\Documents and Settings\ca ne te ragarde pas\Application Data\OpenCandy => Infection PUP (Adware.OpenCandy)

C:\Documents and Settings\ca ne te ragarde pas\Application Data\pdfforge => Infection BT (PUP.Dealio)

C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\OpenCandy => Infection PUP (Adware.OpenCandy)


J'ai passé spybot, MAM (aux dernières versions) et ils ne trouvent rien.

Quelqu'un peut-il m'aider?

Merci d'avance




Télécharger AdwCleaner

Sous Vista et Windows 7-> Exécuter en tant qu'administrateur


Cliquez sur Recherche et postez le rapport généré C:\AdwCleaner[R1].txt




Relancez AdwCleaner avec droits administrateur

Cliquez sur Suppression et postez le rapport C:\AdwCleaner[s1].txt



ensuite relancez Zhpdiag et postez en le rapport complet,svp.


# AdwCleaner v1.309 - Rapport créé le 01/10/2011 à 18:38:58

# Mis à jour le 29/09/11 à 20h par Xplode

# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)

# Nom d'utilisateur : ca ne te ragarde pas - CMOA (Administrateur)

# Exécuté depuis : D:\logiciels\adwcleaner0.exe

# Option [Recherche]



***** [Processus] *****



***** [services] *****



***** [Fichiers / Dossiers] *****


Dossier Présent : C:\Documents and Settings\ca ne te ragarde pas\Application Data\OpenCandy

Dossier Présent : C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\OpenCandy


***** [Registre] *****


Clé Présente : HKCU\Software\PriceGong

Clé Présente : HKLM\SOFTWARE\Viewpoint

Clé Présente : HKLM\SOFTWARE\Orbit\OpenCandy

Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Clé Présente : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.DllInfo

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.Tools

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Clé Présente : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Clé Présente : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}


***** [Navigateurs] *****


-\\ Internet Explorer v8.0.6001.18702


Merci pour la rapidité de la réponse


Voilà le rapport




[OK] Le registre ne contient aucune entrée illégitime.


-\\ Mozilla Firefox v7.0 (fr)


Profil : e4v8hday.default

Fichier : C:\Documents and Settings\ca ne te ragarde pas\Application Data\Mozilla\Firefox\Profiles\e4v8hday.default\prefs.js


[OK] Le fichier ne contient aucune entrée illégitime.




AdwCleaner[R1].txt - [2279 octets] - [01/10/2011 18:38:58]


########## EOF - C:\AdwCleaner[R1].txt - [2407 octets] ##########


voici le second rapport après suppression:


# AdwCleaner v1.309 - Rapport créé le 01/10/2011 à 18:46:58

# Mis à jour le 29/09/11 à 20h par Xplode

# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)

# Nom d'utilisateur : ca ne te ragarde pas - CMOA (Administrateur)

# Exécuté depuis : D:\logiciels\adwcleaner0.exe

# Option [suppression]



***** [KillNav] *****


# firefox.exe [PID:1696] -> Tué


***** [Processus] *****



***** [services] *****



***** [Fichiers / Dossiers] *****


Dossier Supprimé : C:\Documents and Settings\ca ne te ragarde pas\Application Data\OpenCandy

Dossier Supprimé : C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\OpenCandy


***** [Registre] *****


Clé Supprimée : HKCU\Software\PriceGong

Clé Supprimée : HKLM\SOFTWARE\Viewpoint

Clé Supprimée : HKLM\SOFTWARE\Orbit\OpenCandy

Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Clé Supprimée : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.DllInfo

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText

Clé Supprimée : HKLM\SOFTWARE\Classes\pdfforge.Tools

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}


***** [Navigateurs] *****


-\\ Internet Explorer v8.0.6001.18702


[OK] Le registre ne contient aucune entrée illégitime.


-\\ Mozilla Firefox v7.0 (fr)


Profil : e4v8hday.default

Fichier : C:\Documents and Settings\ca ne te ragarde pas\Application Data\Mozilla\Firefox\Profiles\e4v8hday.default\prefs.js


[OK] Le fichier ne contient aucune entrée illégitime.




AdwCleaner[R1].txt - [2408 octets] - [01/10/2011 18:38:58]

AdwCleaner[s1].txt - [2421 octets] - [01/10/2011 18:46:58]




Dossier Temporaire : 3 dossier(s) et 2 fichier(s) supprimé(s)


########## EOF - C:\AdwCleaner[s1].txt - [2643 octets] ##########


voilà le rapport complet de ZHP après passage ADW Cleaner:



Rapport de ZHPDiag v1.28.1350 par Nicolas Coolman, Update du 20/09/2011

Run by ca ne te ragarde pas at 01/10/2011 18:58:04

Web site : ZHPDiag Outil de diagnostic



---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

MFIE: Mozilla Firefox 7.0 v7.0 (Defaut)


---\\ Windows Product Information

Windows XP Professional Service Pack 3 (Build 2600)

Windows Automatic Updates : OK

Windows Genuine Advantage : OK


---\\ System Information

~ Processor: x86 Family 6 Model 15 Stepping 6, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2046 MB (69% free)

System Restore: Activé (Enable)

System drive C: has 19 GB (29%) free of 65 GB


---\\ Logged in mode

~ Computer Name: CMOA

~ User Name: ca ne te ragarde pas

~ All Users Names: SUPPORT_388945a0, Romane, IUSR_NMPR, HelpAssistant, fille ainée, ca ne te ragarde pas, ASPNET, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator


---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Documents and Settings\ca ne te ragarde pas\Application Data\

~ %Desktop% : C:\Documents and Settings\ca ne te ragarde pas\Bureau\

~ %Favorites% : C:\Documents and Settings\ca ne te ragarde pas\Favoris\

~ %LocalAppData% : C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\

~ %StartMenu% : C:\Documents and Settings\ca ne te ragarde pas\Menu Démarrer\

~ %Windir% : C:\WINDOWS\

~ %System% : C:\WINDOWS\system32\


---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 65 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 38 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 29 Go of 41 Go)

F:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 146 Go)

H:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 8 Go)

I:\ CD-ROM drive (Free 0 Go of 1 Go)

N:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

O:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

P:\ Floppy drive, Flash card reader, USB Key (Not Inserted)




---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s




---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.01/10/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.01/10/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]

[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.01/10/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.01/10/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.01/10/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.01/10/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

~ Scan Generic Processes in 00mn 00s




---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/96

~ Mes musiques (My Musics) : 9/19

~ Mes Videos (My Videos) : 1/9

~ Mes Favoris (My Favorites) : 2/22

~ Mes Documents (My Documents) : 118/3068

~ Mon Bureau (My Desktop) : 0/109

~ Menu demarrer (Programs) : 6/67

~ Scan Hidden Files in 00mn 04s




---\\ Processus lancés

[MD5.B456A835970CDA8B65CBF5641D765474] - (.Microsoft Corporation - Utilitaire d'enregistrement des vidages Win.) -- C:\WINDOWS\system32\savedump.exe [13824] [PID.]

[MD5.457E6B550AABC987AF117ED968C2F3D9] - (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [3029208] [PID.]

[MD5.F96DF45CFBDC670584293E03C2AB602A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.1.) -- C:\WINDOWS\system32\nvsvc32.exe [163908] [PID.]

[MD5.43F37E8F60F3677E84C6AFC70C784AFD] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1793712] [PID.]

[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.]

[MD5.BA99CC4B3C36506E8627D5340E9B35EE] - (.Acronis - Acronis Scheduler 2.) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [780368] [PID.]

[MD5.E6E182BDAAD59CEE0339F0474A558015] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe [3975088] [PID.]

[MD5.03F000110C4AFF6FEE7036932E8CA7EA] - (.Intel Corporation - Intel® Alert Service.) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416] [PID.]

[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.]

[MD5.7496908263A7C08DD8CCA9BADF053EE1] - (.Diskeeper Corporation - DKSERVICE.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [942080] [PID.]

[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.]

[MD5.5D1347AA5AE6E2F77D7F4F8372D95AC9] - (.Microsoft Corporation - Media Center Receiver Service.) -- C:\WINDOWS\eHome\ehRecvr.exe [237568] [PID.]

[MD5.980EEEA91776357518892C5544768E2B] - (.Microsoft Corporation - Service de planification Media Center.) -- C:\WINDOWS\eHome\ehSched.exe [103424] [PID.]

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [135664] [PID.]

[MD5.B122BE74E283A2BC7FEBC180BFD2EFD5] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [90112] [PID.]

[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]

[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.]

[MD5.5A0C788C5BC5F2C993CB60940ADCF95E] - (.X10 - X10 Module.) -- C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [20480] [PID.]

[MD5.4BBBCED90EADF949D42EF51E6E4118EA] - (.Intel Corporation - Pas de description.) -- C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe [180224] [PID.]

[MD5.D1D579605263DB34D4BBF038DA3A6387] - (.Intel Corporation - Intel® Software services manager.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [77824] [PID.]

[MD5.0A8EDE2DE61EEEFBDB734BA4EF0482EC] - (.Intel Corporation - MCL Application Tracker.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [147456] [PID.]

[MD5.091BE9A85F5681632E3C035E4F559448] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe [842584] [PID.3348]

[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3388]

[MD5.895E17BFF96D3114FD19CEC65A0E749E] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2554696] [PID.3484]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]

[MD5.D5D5EA09EE061AFE1857B8EE2BD451DC] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1540096] [PID.3800]

[MD5.EB57C549E492FEE352A8546757468CBB] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [391128] [PID.3828]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [PID.]

[MD5.414964844F4793ACB868D057E8ED997E] - (.Microsoft Corporation - Microsoft RSVP.) -- C:\WINDOWS\system32\rsvp.exe [132608] [PID.]

[MD5.B89CB10DAA6B058F6EEAF4A2F489CFBF] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [2924032] [PID.4592]

[MD5.B26A2F3CD6459548DB6891D138080876] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZebHelpProcess\ZHPDiag.exe [2121216] [PID.4720]

~ Scan Processes Running in 00mn 00s




---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Documents and Settings\ca ne te ragarde pas\Application Data\Mozilla\Firefox\Profiles\e4v8hday.default\prefs.js

C:\Documents and Settings\ca ne te ragarde pas\Application Data\Mozilla\Firefox\Profiles\e4v8hday.default\user.js (.not file.)

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M3 - MFPP: Plugins - [ca ne te ragarde pas] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml

M2 - MFEP: prefs.js [ca ne te ragarde pas - e4v8hday.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.5 (.Michel Gutierrez.)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 10.2.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN: [HKLM] [] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [;version=] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [;version=] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [;version=] - (.RealNetworks, Inc. - -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

P2 - FPN: [HKLM] [;version=1.0] - (...) -- (.not file.)

P2 - FPN: [HKLM] [ Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [ Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

~ Scan Firefox Browser in 00mn 00s




---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R0 - HKUS\S-1-5-21-1005697453-1282688877-4037028657-1008-1005697453-1282688877-4037028657-1006\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =

R1 - HKUS\S-1-5-21-1005697453-1282688877-4037028657-1008-1005697453-1282688877-4037028657-1006\Software\Microsoft\Internet Explorer\Main,Search Page =

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

~ Scan IE Browser in 00mn 00s




---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s




---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s




---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 01s




---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 7.0 for Act.) -- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

~ Scan BHO in 00mn 00s




---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} . (.Pas de propriétaire - Grab Pro.) -- C:\Program Files\Orbitdownloader\GrabPro.dll

~ Scan Toolbar in 00mn 00s




---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline

O4 - HKLM\..\Run: [service Scheduler2 Acronis] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe

O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline

O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-21-1005697453-1282688877-4037028657-1008-1005697453-1282688877-4037028657-1006\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

~ Scan Application in 00mn 00s




---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 7.0.8.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A70800000002}\SC_Reader_PM.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.) -- C:\Program Files\Audacity 1.3 Beta (Unicode)\audacity.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- C:\Program Files\CDBurnerXP\cdbxpp.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Media Center.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\ehome\ehshell.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Money.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Money\MSMONEY.EXE

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office Excel Viewer 2003.lnk . (...) -- C:\WINDOWS\Installer\{9084040C-6000-11D3-8CFE-0150048383C9}\xlvicon.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Visionneuse Journal Windows.lnk . (.InstallShield Software Corp..) -- C:\WINDOWS\Installer\{43DCF766-6838-4F9A-8C91-D92DA586DFA8}\_C68C351F090F4EF39AFB6B7B54014C9E.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Media Connect.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Connect 2\WMCCFG.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\ca ne te ragarde pas\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\ca ne te ragarde pas\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\ca ne te ragarde pas\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\ca ne te ragarde pas\Menu Démarrer\Programmes\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files\Spotify\spotify.exe

O4 - Global Startup: C:\Documents And Settings\ca ne te ragarde pas\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 01s




---\\ Restriction de l'accès aux options IE par l'Administrateur (O6)

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restriction présente

~ Scan IE Restrictions in 00mn 00s




---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Download by Orbit . ( - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

O8 - Extra context menu item: &Grab video by Orbit . ( - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

O8 - Extra context menu item: Do&wnload selected by Orbit . ( - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

O8 - Extra context menu item: Down&load all by Orbit . ( - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

~ Scan IE Menu Contextuel in 00mn 00s




---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

~ Scan IE Extra Buttons in 00mn 00s




---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

~ Scan Winsock in 00mn 00s




---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) -

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

~ Scan Objets ActiveX in 00mn 00s




---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{03B87B40-4DD3-49EB-AD1B-E14546CDC29A}: DhcpNameServer =

O17 - HKLM\System\CS2\Services\Tcpip\..\{03B87B40-4DD3-49EB-AD1B-E14546CDC29A}: DhcpNameServer =

O17 - HKLM\System\CS3\Services\Tcpip\..\{03B87B40-4DD3-49EB-AD1B-E14546CDC29A}: DhcpNameServer =

~ Scan Domain in 00mn 00s




---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} . (.Skyline software systems Inc. - TerraExplorerX DLL.) -- C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

~ Scan Protocole Additionnel in 00mn 00s




---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

~ Scan Winlogon in 00mn 00s




---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - AppInit_DLLs: . (...) - C:\WINDOWS\system32\guard32.dll (.not file.)

~ Scan AppInit DLL in 00mn 00s




---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

~ Scan SSODL in 00mn 00s




---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s




---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe

O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

O23 - Service: Intel® Alert Service (AlertService) . (.Intel Corporation - Intel® Alert Service.) - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Diskeeper (Diskeeper) . (.Diskeeper Corporation - DKSERVICE.EXE.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® Quick Resume technology (ELService) . (.Intel Corporation - Pas de description.) - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: Intel® Software Services Manager (ISSM) . (.Intel Corporation - Intel® Software services manager.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Serveur Média Intel® Viiv (M1 Server) . (...) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

O23 - Service: Intel® Application Tracker (MCLServiceATL) . (.Intel Corporation - MCL Application Tracker.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

O23 - Service: NMSAccess (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.1.) - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Intel® Remoting Service (Remote UI Service) . (.Intel Corporation - Remote UI Service.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

O23 - Service: X10 Device Network Service (x10nets) . (.X10 - X10 Module.) - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

~ Scan Services in 00mn 00s




---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s




---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cc6f0bf823abf4.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IcePick_exe.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_rundll32_exe.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_setup_exe.job

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore1cc6f0bf823abf4] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [Microsoft_Hardware_Launch_IcePick_exe] (...) -- C:\Program Files\Microsoft LifeCam\IcePick.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Microsoft_Hardware_Launch_LifeExp_exe] (...) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Microsoft_Hardware_Launch_setup_exe] (...) -- G:\setup.exe (.not file.)

~ Scan Scheduled Task in 00mn 00s




---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys

O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\WINDOWS\system32\DRIVERS\cmdguard.sys

O41 - Driver: (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\WINDOWS\system32\DRIVERS\cmdhlp.sys

O41 - Driver: (ELhid) . (.Intel Corporation - Pas de description.) - C:\WINDOWS\system32\Drivers\Elhid.sys

O41 - Driver: (ELkbd) . (.Intel Corporation - Pas de description.) - C:\WINDOWS\system32\Drivers\Elkbd.sys

O41 - Driver: (ELmon) . (.Intel Corporation - Pas de description.) - C:\WINDOWS\system32\Drivers\Elmon.sys

O41 - Driver: (ELmou) . (.Intel Corporation - Pas de description.) - C:\WINDOWS\system32\Drivers\Elmou.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys

O41 - Driver: (prodrv06) . (.Protection Technology - StarForce Protection Environment Driver.) - C:\WINDOWS\system32\drivers\prodrv06.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (a2injectiondriver) . (.Emsi Software GmbH - Emsisoft Anti-Malware Behavior Blocker.) - C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys

O41 - Driver: (a2util) . (.Emsi Software GmbH - a-squared Malware-IDS utility driver.) - C:\Program Files\Emsisoft Anti-Malware\a2util32.sys

~ Scan Drivers in 00mn 02s




---\\ Logiciels installés (O42)

O42 - Logiciel: ACE Mega CoDecS Pack - (.ACE DESIGN Software.) [HKLM] -- {FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Aspell - (.Pas de propriétaire.) [HKLM] -- Aspell

O42 - Logiciel: Aspell - (.Pas de propriétaire.) [HKLM] -- Aspell-fr

O42 - Logiciel: Aspell French Dictionary-0.50-3 - (.GNU.) [HKLM] -- Aspell French Dictionary_is1

O42 - Logiciel: Audacity 1.3.6 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1

O42 - Logiciel: CDex extraction audio - (.Pas de propriétaire.) [HKLM] -- CDex

O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 3.0

O42 - Logiciel: Canon MP560 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series

O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter

O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu

O42 - Logiciel: Colin McRae Rally 2005 - (.Pas de propriétaire.) [HKLM] -- {CC67770B-581D-4E96-B72A-A7907CE18725}

O42 - Logiciel: ConvertHelper 2.2 - (.DownloadHelper.) [HKLM] -- {27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: Dalian CD-Rom - (.Editions Dalian.) [HKLM] -- Dalian CD-Rom

O42 - Logiciel: Data Lifeguard Tools - (.Pas de propriétaire.) [HKLM] -- {2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}

O42 - Logiciel: EXPERTool 6.6 - (.Gainward Co., Ltd.) [HKLM] -- EXPERTool_is1

O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM] -- Emsisoft Anti-Malware_is1

O42 - Logiciel: Enregistrement utilisateur de Canon MP560 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP560 series

O42 - Logiciel: FastStone Image Viewer 4.6 - (.FastStone Soft.) [HKLM] -- FastStone Image Viewer

O42 - Logiciel: GNU Aspell 0.50-3 - (.GNU.) [HKLM] -- GNU Aspell_is1

O42 - Logiciel: GemMaster Mystic - (.Pas de propriétaire.) [HKLM] -- 99A88D57-2C93-491B-87B8-E41A870FB6BE

O42 - Logiciel: GetDataBack for FAT - (.Runtime Software.) [HKLM] -- {2EEEC858-21F8-419B-8FE2-820621BFFCD7}

O42 - Logiciel: GetDataBack for NTFS - (.Runtime Software.) [HKLM] -- {56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}

O42 - Logiciel: Géorando - Finistère / Morbihan - (.IGN France.) [HKLM] -- {D6CE1168-3ACD-4094-B7AF-7CC35BD4306D}

O42 - Logiciel: HD Tune 2.10 - (.EFD Software.) [HKLM] -- HD Tune_is1

O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - (.Microsoft Corporation.) [HKLM] -- KB932471.T301_380ToU433_380

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399

O42 - Logiciel: Hotfix for Windows Media Player 10 (KB903157) - (.Microsoft Corporation.) [HKLM] -- KB903157

O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Intel® Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Intel® Quick Resume Technology Drivers - (.Pas de propriétaire.) [HKLM] -- EL

O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader

O42 - Logiciel: Learn2 Player (Uninstall Only) - (.Pas de propriétaire.) [HKLM] -- StreetPlugin

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: Les Sims 2 Deluxe - (.Pas de propriétaire.) [HKLM] -- {9C244239-ED8E-40f1-937F-51C706CD2160}

O42 - Logiciel: Les Sims 2 Fun en Famille Kit - (.Pas de propriétaire.) [HKLM] -- {6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}

O42 - Logiciel: Les Sims 2 Animaux & Cie - (.Pas de propriétaire.) [HKLM] -- {4817189D-1785-4627-A33C-39FD90919300}

O42 - Logiciel: Les Sims 2 Tout pour les ados Kit - (.Electronic Arts.) [HKLM] -- {5C648FDB-0138-4619-B66E-230EF53E8E2C}

O42 - Logiciel: Les Sims 2 Bon Voyage - (.Electronic Arts.) [HKLM] -- {F248ADFA-64E0-4b03-8A83-059078BED6A0}

O42 - Logiciel: Malwarebytes' Anti-Malware version - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wdf01005

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009

O42 - Logiciel: Microsoft Money 99 - (.Pas de propriétaire.) [HKLM] -- MSMONEYV70

O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009

O42 - Logiciel: Microsoft Zoo Tycoon - (.Pas de propriétaire.) [HKLM] -- Zoo Tycoon 1.0

O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.0 French Language Pack

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Mozilla Firefox 7.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0 (x86 fr)

O42 - Logiciel: Mozilla Thunderbird (6.0.2) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (6.0.2)

O42 - Logiciel: Mp3tag v2.49 - (.Florian Heidenreich.) [HKLM] -- Mp3tag

O42 - Logiciel: MyFreeCodec - (.Pas de propriétaire.) [HKCU] -- MyFreeCodec

O42 - Logiciel: MyFreeCodec - (.Pas de propriétaire.) [HKLM] -- MyFreeCodec

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: Nero Suite - (.Pas de propriétaire.) [HKLM] -- NeroMultiInstaller!UninstallKey

O42 - Logiciel: Neuf - Kit de connexion - (.Neuf.) [HKLM] -- Neuf_Kit

O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite

O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite

O42 - Logiciel: Orbit Downloader - ( [HKLM] -- Orbit_is1

O42 - Logiciel: Otto - (.Pas de propriétaire.) [HKLM] -- 0D20D36D-A11C-444c-9AF7-70CBFED42ECF

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PE Builder 3.1.10a - (.Bart Lagerweij.) [HKLM] -- PE Builder_is1

O42 - Logiciel: PHOTOfunSTUDIO -viewer- - (.Panasonic.) [HKLM] -- {9A9DBEBC-C800-4776-A970-D76D6AA405B1}

O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce - (.Microsoft Corporation.) [HKLM] -- KB909520

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (06/09/2010 - (.Nokia.) [HKLM] -- E5372C32E8562C76C24DBA6525002B1031495F34

O42 - Logiciel: Package de pilotes Windows - Nokia Modem (10/07/2010 4.6) - (.Nokia.) [HKLM] -- 6DA48AFDE796708D5A4C9121A83E7617A63A9A15

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre

O42 - Logiciel: PowerQuest PartitionMagic 8.0 Demo - (.PowerQuest.) [HKLM] -- InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}

O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}

O42 - Logiciel: RealPlayer - (.Pas de propriétaire.) [HKLM] -- RealPlayer 6.0

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: SFR - Media Center - (.SFR.) [HKLM] -- SFR_Media Center

O42 - Logiciel: SILKYPIX Developer Studio 2.0 SE - (.Nom de votre société.) [HKLM] -- InstallShield_{5B25274F-088A-4A24-AE12-4AEE9278025A}

O42 - Logiciel: STDU Viewer version 1.5.622.0 - (.STDUtility.) [HKLM] -- STDU Viewer_is1

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Speccy - (.Piriform.) [HKLM] -- Speccy

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: TeamViewer 4 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 4

O42 - Logiciel: TerraExplorer - (.Skyline Software Systems, Inc..) [HKLM] -- TerraExplorer

O42 - Logiciel: TmUnitedForever - (.Nadeo.) [HKLM] -- TmUnitedForever_is1

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: WinPcap 3.1 beta4 - (.Politecnico di Torino.) [HKLM] -- WinPcapInst

O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- WGA

O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC

O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Media Connect - (.Microsoft Corporation.) [HKLM] -- WMCSetup

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122 - (.Microsoft Corporation.) [HKLM] -- KB891122

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: Windows XP Media Center Edition 2005 KB2502898 - (.Microsoft Corporation.) [HKLM] -- KB2502898

O42 - Logiciel: Windows XP Media Center Edition 2005 KB908246 - (.Microsoft Corporation.) [HKLM] -- KB908246

O42 - Logiciel: Windows XP Media Center Edition 2005 KB925766 - (.Microsoft Corporation.) [HKLM] -- KB925766

O42 - Logiciel: Windows XP Media Center Edition 2005 KB973768 - (.Microsoft Corporation.) [HKLM] -- KB973768

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service

O42 - Logiciel: Winmail Reader 1.1.12 - (.Kopf.) [HKLM] -- Winmail Reader_is1

O42 - Logiciel: X10 Hardware - (.Pas de propriétaire.) [HKLM] -- X10Hardware

O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP

O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC

O42 - Logiciel: ZebHelpProcess 2.51 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1

O42 - Logiciel: aMSN 0.98.4 - (.Pas de propriétaire.) [HKLM] -- aMSN

O42 - Logiciel: adsl TV - (.adsl TV / FM.) [HKLM] -- {3AFDD2C6-8663-46B5-B195-6CEB00D44768}

O42 - Logiciel: gestimg - (.Pas de propriétaire.) [HKCU] -- GESTIMG

O42 - Logiciel: nLite - (.Dino Nuhagic (nuhi).) [HKLM] -- nLite_is1

O42 - Logiciel: neuf Talk 1.4 - (.neuf_Talk.) [HKLM] -- neuf Talk


---\\ HKCU & HKLM Software Keys


[HKCU\Software\ACD Systems]

[HKCU\Software\ALWIL Software]






[HKCU\Software\Alcohol Soft]


[HKCU\Software\America Online]





[HKCU\Software\Applications WinDev]







[HKCU\Software\Canneverbe Limited]










[HKCU\Software\Cygnus Solutions]


[HKCU\Software\DVD Shrink]

[HKCU\Software\Digital River]


[HKCU\Software\Earth Resource Mapping]








[HKCU\Software\Genesis Digital Innovations]

[HKCU\Software\Google Hacks]










[HKCU\Software\Kernel Outlook PST Viewer last1437yy]







[HKCU\Software\Local AppWizard-Generated Applications]




[HKCU\Software\Malwarebytes' Anti-Malware]






[HKCU\Software\Myfree Codec]

[HKCU\Software\NVIDIA Corporation]












[HKCU\Software\Oshima Technology laboratory]

[HKCU\Software\PC SOFT]


[HKCU\Software\Paradigm Matrix]


[HKCU\Software\PepiMK Software]





[HKCU\Software\QDesign Corporation]





[HKCU\Software\Recover Keys]



[HKCU\Software\Safer Networking Limited]













[HKCU\Software\TCP Optimizer]






[HKCU\Software\Unlimited Possibilities]

[HKCU\Software\VB and VBA Program Settings]


[HKCU\Software\WinRAR SFX]






[HKCU\Software\Zone Labs]



[HKCU\Software\eFilm Medical]








[HKLM\Software\ACD Systems]

[HKLM\Software\ACE Compression Software]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ALWIL Software]







[HKLM\Software\Alcohol Soft]

[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]















[HKLM\Software\Common Toolkit Suite]



[HKLM\Software\Cygnus Solutions]

[HKLM\Software\Diskeeper Corporation]


[HKLM\Software\EA GAMES]

[HKLM\Software\Earth Resource Mapping]

[HKLM\Software\Electronic Arts]

[HKLM\Software\Emsi Software GmbH]



[HKLM\Software\FileZilla 3]

[HKLM\Software\Florian Heidenreich]








[HKLM\Software\IGN France]


[HKLM\Software\ImgBurn Fr]






[HKLM\Software\LEAD Technologies, Inc.]





[HKLM\Software\Ligos Corporation]


[HKLM\Software\Malwarebytes' Anti-Malware]



[HKLM\Software\Mozilla Thunderbird]



[HKLM\Software\Myfree Codec]

[HKLM\Software\NVIDIA Corporation]



[HKLM\Software\Nokia Mobile Phones]









[HKLM\Software\PC Connectivity Solution]






[HKLM\Software\PepiMK Software]




[HKLM\Software\Program Groups]



[HKLM\Software\Realtek Semiconductor Corp.]




[HKLM\Software\Runtime Software]




[HKLM\Software\Safer Networking Limited]








[HKLM\Software\Sun Microsystems]









[HKLM\Software\Western Digital]

[HKLM\Software\Windows 3.1 Migration Status]



[HKLM\Software\Xing Technology Corp.]


[HKLM\Software\Zone Labs]


[HKLM\Software\eFilm Medical]



~ Scan Softwares in 00mn 00s




---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 06/05/2008 - 19:15:32 - [16275679] ----D- C:\Program Files\ACE Mega CoDecS Pack

O43 - CFD: 27/02/2011 - 21:26:00 - [137674343] ----D- C:\Program Files\Acronis

O43 - CFD: 25/07/2006 - 08:49:38 - [118555376] ----D- C:\Program Files\Adobe

O43 - CFD: 15/05/2011 - 13:21:54 - [55327157] ----D- C:\Program Files\adslTV

O43 - CFD: 14/01/2009 - 18:14:38 - [134543615] ----D- C:\Program Files\AGEIA Technologies

O43 - CFD: 21/12/2008 - 11:45:04 - [219826592] ----D- C:\Program Files\Ahead

O43 - CFD: 19/12/2010 - 11:27:50 - [57996533] ----D- C:\Program Files\aMSN

O43 - CFD: 08/09/2007 - 10:00:48 - [26363351] ----D- C:\Program Files\Aspell

O43 - CFD: 29/07/2009 - 11:32:16 - [19333759] ----D- C:\Program Files\Audacity 1.3 Beta (Unicode)

O43 - CFD: 03/07/2010 - 20:41:12 - [156841030] ----D- C:\Program Files\Avira

O43 - CFD: 03/03/2010 - 19:44:06 - [107748473] ----D- C:\Program Files\Canon

O43 - CFD: 03/03/2010 - 19:39:24 - [15920849] --H-D- C:\Program Files\CanonBJ

O43 - CFD: 16/08/2011 - 10:04:10 - [3966552] ----D- C:\Program Files\CCleaner

O43 - CFD: 29/08/2011 - 07:30:14 - [12726566] ----D- C:\Program Files\CDBurnerXP

O43 - CFD: 26/12/2007 - 11:09:00 - [3208253] ----D- C:\Program Files\CDex_150

O43 - CFD: 03/05/2010 - 22:28:06 - [66396] ----D- C:\Program Files\CheckPoint

O43 - CFD: 26/11/2006 - 13:23:56 - [3599400981] ----D- C:\Program Files\Codemasters

O43 - CFD: 05/02/2011 - 12:33:00 - [1515726] ----D- C:\Program Files\Common Files

O43 - CFD: 02/06/2011 - 11:59:30 - [102339763] ----D- C:\Program Files\COMODO

O43 - CFD: 27/12/2010 - 11:32:14 - [30845644] ----D- C:\Program Files\ConvertHelper

O43 - CFD: 12/04/2010 - 14:19:08 - [67228368] ----D- C:\Program Files\DalianCD

O43 - CFD: 16/07/2009 - 11:50:28 - [1595928] ----D- C:\Program Files\DIFX

O43 - CFD: 13/04/2007 - 20:11:06 - [14819721] ----D- C:\Program Files\Diskeeper Corporation

O43 - CFD: 01/09/2006 - 17:12:50 - [979904] ----D- C:\Program Files\DVD Shrink

O43 - CFD: 21/01/2009 - 15:19:28 - [6920541055] ----D- C:\Program Files\EA GAMES

O43 - CFD: 14/08/2011 - 20:08:58 - [168568490] ----D- C:\Program Files\Emsisoft Anti-Malware

O43 - CFD: 14/01/2009 - 23:22:20 - [11678340] ----D- C:\Program Files\EXPERTool

O43 - CFD: 18/08/2011 - 11:52:12 - [9568993] ----D- C:\Program Files\FastStone Image Viewer

O43 - CFD: 03/04/2011 - 17:07:32 - [490037924] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 05/02/2011 - 16:22:42 - [16451399] ----D- C:\Program Files\FileZilla FTP Client

O43 - CFD: 25/07/2006 - 08:53:40 - [13378677] ----D- C:\Program Files\FrenchOtto

O43 - CFD: 25/07/2006 - 08:53:42 - [5071796] ----D- C:\Program Files\GemMasterFrench

O43 - CFD: 09/07/2011 - 14:58:44 - [92287972] ----D- C:\Program Files\Google

O43 - CFD: 04/03/2010 - 00:04:22 - [2144760] ----D- C:\Program Files\Google Hacks

O43 - CFD: 15/05/2009 - 08:50:10 - [591319] ----D- C:\Program Files\HD Tune

O43 - CFD: 10/09/2006 - 19:21:34 - [3531243704] ----D- C:\Program Files\IGN France

O43 - CFD: 28/08/2006 - 23:53:48 - [520538477] ----D- C:\Program Files\IGN Rando

O43 - CFD: 05/02/2011 - 13:05:34 - [31894004] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 28/07/2006 - 16:55:54 - [35684673] ----D- C:\Program Files\Intel

O43 - CFD: 14/08/2011 - 09:26:12 - [5499789] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 01/03/2008 - 14:52:48 - [19456833] ----D- C:\Program Files\ISL

O43 - CFD: 26/03/2011 - 12:05:52 - [90669563] ----D- C:\Program Files\Java

O43 - CFD: 11/09/2011 - 16:22:44 - [58301988] ----D- C:\Program Files\JDownloader

O43 - CFD: 26/05/2008 - 12:37:16 - [98088] ----D- C:\Program Files\Juice

O43 - CFD: 26/08/2006 - 23:22:24 - [134] ----D- C:\Program Files\Lavalys

O43 - CFD: 25/07/2006 - 09:56:48 - [711772] ----D- C:\Program Files\

O43 - CFD: 01/10/2011 - 13:42:50 - [7149935] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 29/06/2010 - 15:50:18 - [397824] ----D- C:\Program Files\MarkAny

O43 - CFD: 17/09/2010 - 14:04:24 - [2152579] ----D- C:\Program Files\Messenger

O43 - CFD: 21/12/2008 - 16:52:12 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 23/03/2007 - 16:20:42 - [518585168] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 31/08/2007 - 18:39:20 - [12202145] ----D- C:\Program Files\Microsoft IntelliPoint

O43 - CFD: 06/09/2006 - 22:38:12 - [27183303] ----D- C:\Program Files\Microsoft Money

O43 - CFD: 24/01/2011 - 13:32:14 - [7823540] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 18/06/2011 - 13:13:28 - [38411899] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 09/10/2010 - 11:17:52 - [10949041] ----D- C:\Program Files\Movie Maker

O43 - CFD: 01/10/2011 - 10:13:00 - [37297228] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 14/09/2011 - 22:46:26 - [39647112] ----D- C:\Program Files\Mozilla Thunderbird

O43 - CFD: 05/06/2011 - 12:03:20 - [6776635] ----D- C:\Program Files\Mp3tag

O43 - CFD: 12/10/2010 - 21:23:42 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 24/07/2006 - 16:12:58 - [19278399] ----D- C:\Program Files\MSN

O43 - CFD: 24/07/2006 - 16:13:30 - [8745735] ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 06/04/2009 - 21:30:54 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 10/05/2007 - 20:11:44 - [6849] ----D- C:\Program Files\MSXML 6.0

O43 - CFD: 29/06/2010 - 16:58:18 - [11033139] ----D- C:\Program Files\MyFree Codec

O43 - CFD: 17/09/2010 - 13:59:12 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 19/06/2007 - 17:55:56 - [13375656] ----D- C:\Program Files\Neuf

O43 - CFD: 21/12/2007 - 10:01:54 - [23019534] ----D- C:\Program Files\neuf Talk

O43 - CFD: 01/03/2011 - 20:34:08 - [9739407] ----D- C:\Program Files\nLite

O43 - CFD: 21/07/2011 - 20:19:30 - [139193626] ----D- C:\Program Files\Nokia

O43 - CFD: 22/11/2009 - 17:15:48 - [0] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 24/07/2006 - 16:14:24 - [1804] ----D- C:\Program Files\Online Services

O43 - CFD: 02/02/2011 - 15:58:48 - [681698147] ----D- C:\Program Files\ 3

O43 - CFD: 24/12/2010 - 14:18:40 - [13945637] ----D- C:\Program Files\Orbitdownloader

O43 - CFD: 18/12/2010 - 10:36:42 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 09/03/2008 - 09:56:02 - [40530191] ----D- C:\Program Files\Panasonic

O43 - CFD: 11/09/2011 - 17:53:26 - [13591630] ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD: 14/09/2011 - 22:59:42 - [29405226] ----D- C:\Program Files\PDFCreator

O43 - CFD: 09/05/2010 - 18:01:02 - [3773186] ----D- C:\Program Files\PhotoFiltre

O43 - CFD: 25/08/2006 - 12:29:10 - [13247564] ----D- C:\Program Files\PowerQuest

O43 - CFD: 27/08/2006 - 09:18:44 - [73134892] ----D- C:\Program Files\QuickTime

O43 - CFD: 25/07/2006 - 09:14:20 - [42320343] ----D- C:\Program Files\Real

O43 - CFD: 24/07/2006 - 18:41:32 - [47701840] ----D- C:\Program Files\Realtek

O43 - CFD: 06/10/2007 - 18:37:04 - [37949185] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 24/04/2011 - 08:42:38 - [4220] ----D- C:\Program Files\RegSupreme

O43 - CFD: 06/04/2008 - 14:42:00 - [4790931] ----D- C:\Program Files\Runtime Software

O43 - CFD: 24/07/2006 - 16:16:22 - [1025] ----D- C:\Program Files\Services en ligne

O43 - CFD: 01/09/2011 - 18:37:34 - [12531444] ----D- C:\Program Files\SFR

O43 - CFD: 05/06/2011 - 10:52:22 - [34891716] ----D- C:\Program Files\Skyline

O43 - CFD: 03/05/2010 - 22:36:34 - [30309135] R---D- C:\Program Files\Skype

O43 - CFD: 14/04/2011 - 08:52:26 - [4283416] ----D- C:\Program Files\Speccy

O43 - CFD: 01/10/2011 - 10:36:00 - [6768818] ----D- C:\Program Files\Spotify

O43 - CFD: 19/11/2009 - 23:35:08 - [96492892] ----D- C:\Program Files\Spybot - Search & Destroy

O43 - CFD: 30/03/2011 - 23:14:16 - [3432083] ----D- C:\Program Files\STDU Viewer

O43 - CFD: 30/10/2010 - 10:24:04 - [11875116] ----D- C:\Program Files\Support Tools

O43 - CFD: 29/09/2009 - 11:45:20 - [5331958] ----D- C:\Program Files\TeamViewer

O43 - CFD: 28/12/2010 - 11:52:48 - [1814318818] ----D- C:\Program Files\TmUnitedForever

O43 - CFD: 22/07/2011 - 12:09:26 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 22/12/2007 - 20:19:44 - [120087992] ----D- C:\Program Files\VideoLAN

O43 - CFD: 03/07/2007 - 19:31:10 - [317302] ----D- C:\Program Files\Virtualis

O43 - CFD: 11/11/2007 - 18:39:56 - [8161704] ----D- C:\Program Files\Western Digital

O43 - CFD: 01/10/2011 - 13:52:08 - [46263869] ----D- C:\Program Files\Winamp

O43 - CFD: 24/07/2006 - 18:53:46 - [2092544] ----D- C:\Program Files\Windows Journal Viewer

O43 - CFD: 08/07/2011 - 11:55:12 - [3581070] ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD: 08/07/2011 - 11:55:12 - [10797082] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 17/09/2010 - 13:59:10 - [3942655] ----D- C:\Program Files\Windows NT

O43 - CFD: 24/07/2006 - 16:14:08 - [41055406] ----D- C:\Program Files\Windows Plus

O43 - CFD: 27/04/2011 - 19:04:18 - [1921835] ----D- C:\Program Files\Winmail Reader

O43 - CFD: 25/08/2011 - 18:56:50 - [395333] ----D- C:\Program Files\WinPcap

O43 - CFD: 08/05/2009 - 11:48:34 - [3539725] ----D- C:\Program Files\WinRAR

O43 - CFD: 24/07/2006 - 18:39:04 - [18272] ----D- C:\Program Files\X10 Hardware

O43 - CFD: 21/12/2008 - 16:52:12 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 14/08/2011 - 16:23:36 - [58382596] ----D- C:\Program Files\Zeb-Utility

O43 - CFD: 01/10/2011 - 18:58:14 - [123915957] ----D- C:\Program Files\ZebHelpProcess

O43 - CFD: 19/12/2009 - 14:43:54 - [2158] --H-D- C:\Program Files\Zero G Registry

O43 - CFD: 01/10/2011 - 12:44:26 - [6401742] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 16/08/2011 - 19:44:38 - [2090147] ----D- C:\Program Files\ZHPFix

O43 - CFD: 02/07/2009 - 18:33:28 - [511] ----D- C:\Program Files\Common Files\Download Manager

O43 - CFD: 24/07/2006 - 18:38:58 - [1515215] ----D- C:\Program Files\Common Files\X10

O43 - CFD: 27/02/2011 - 21:26:58 - [102672541] ----D- C:\Program Files\Fichiers Communs\Acronis

O43 - CFD: 25/07/2006 - 08:50:18 - [295584] ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 11/11/2006 - 18:40:26 - [30233810] ----D- C:\Program Files\Fichiers Communs\Ahead

O43 - CFD: 27/08/2006 - 09:18:38 - [1007140] ----D- C:\Program Files\Fichiers Communs\AOL

O43 - CFD: 24/11/2010 - 22:57:30 - [7675825] ----D- C:\Program Files\Fichiers Communs\Borland Shared

O43 - CFD: 03/03/2010 - 19:43:52 - [560] ----D- C:\Program Files\Fichiers Communs\CANON

O43 - CFD: 29/06/2007 - 19:36:24 - [2150] ----D- C:\Program Files\Fichiers Communs\GTK

O43 - CFD: 25/07/2006 - 09:06:36 - [21007430] ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 24/07/2006 - 18:45:22 - [62013920] ----D- C:\Program Files\Fichiers Communs\Intel

O43 - CFD: 26/03/2011 - 12:07:40 - [68721995] ----D- C:\Program Files\Fichiers Communs\Java

O43 - CFD: 24/01/2011 - 13:32:14 - [27596865] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 24/07/2006 - 16:15:38 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 11/11/2006 - 18:42:18 - [2258429] ----D- C:\Program Files\Fichiers Communs\Nero

O43 - CFD: 08/07/2011 - 12:27:42 - [84936782] ----D- C:\Program Files\Fichiers Communs\Nokia

O43 - CFD: 25/07/2006 - 09:56:40 - [2392177] ----D- C:\Program Files\Fichiers Communs\Nullsoft

O43 - CFD: 03/04/2011 - 17:07:32 - [88064] ----D- C:\Program Files\Fichiers Communs\PCSuite

O43 - CFD: 25/07/2006 - 09:14:26 - [20704277] ----D- C:\Program Files\Fichiers Communs\Real

O43 - CFD: 29/06/2010 - 15:50:00 - [62611] ----D- C:\Program Files\Fichiers Communs\Samsung

O43 - CFD: 24/07/2006 - 16:15:42 - [8106] ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 12/05/2010 - 16:32:52 - [2135336] ----D- C:\Program Files\Fichiers Communs\Skype

O43 - CFD: 24/07/2006 - 18:09:22 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 30/03/2011 - 23:14:12 - [3997696] ----D- C:\Program Files\Fichiers Communs\STDUtility

O43 - CFD: 12/10/2010 - 21:27:48 - [13626469] ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 22/11/2009 - 17:16:44 - [34176512] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard

O43 - CFD: 25/07/2006 - 09:14:26 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared

O43 - CFD: 17/02/2009 - 12:41:08 - [300409] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\.purple

O43 - CFD: 30/10/2008 - 17:20:22 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\AccurateRip

O43 - CFD: 27/02/2011 - 23:51:18 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Acronis

O43 - CFD: 22/12/2007 - 21:13:50 - [5802176] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Adobe

O43 - CFD: 25/08/2006 - 23:52:28 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\AdobeUM

O43 - CFD: 05/06/2011 - 11:56:02 - [64420] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Ahead

O43 - CFD: 24/11/2007 - 17:40:42 - [1194] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Ambient Design

O43 - CFD: 25/08/2006 - 11:29:00 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\AOL

O43 - CFD: 24/12/2010 - 12:51:18 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Apowersoft

O43 - CFD: 25/07/2006 - 11:12:54 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Apple Computer

O43 - CFD: 27/11/2007 - 23:20:26 - [650946] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Artweaver

O43 - CFD: 19/06/2011 - 16:36:48 - [4507] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Audacity

O43 - CFD: 22/09/2010 - 15:55:02 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Avira

O43 - CFD: 05/06/2011 - 11:09:44 - [1575] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Canneverbe Limited

O43 - CFD: 11/11/2010 - 19:16:40 - [182795420] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Canon

O43 - CFD: 03/05/2010 - 22:28:30 - [18304] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\CheckPoint

O43 - CFD: 25/07/2006 - 10:03:28 - [7168] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\CyberLink

O43 - CFD: 11/09/2011 - 13:13:38 - [1943] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\dvdcss

O43 - CFD: 18/08/2011 - 11:52:22 - [3449515] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\FastStone

O43 - CFD: 03/06/2011 - 11:11:32 - [14088] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\FileZilla

O43 - CFD: 26/12/2009 - 20:59:42 - [7406] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Foxit

O43 - CFD: 21/06/2007 - 20:46:30 - [5654909] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Google

O43 - CFD: 24/12/2010 - 14:31:40 - [154] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\GrabPro

O43 - CFD: 24/07/2006 - 18:45:42 - [1736] --H-D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\GTek

O43 - CFD: 26/06/2008 - 10:53:58 - [213] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\gtk-2.0

O43 - CFD: 27/09/2006 - 18:43:30 - [621] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\gtopala

O43 - CFD: 25/07/2006 - 09:58:58 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Help

O43 - CFD: 24/07/2006 - 16:25:08 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Identities

O43 - CFD: 06/03/2010 - 10:20:12 - [3028] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\IGN2K5

O43 - CFD: 02/09/2008 - 18:06:02 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\InstallShield

O43 - CFD: 26/05/2008 - 12:11:06 - [61164613] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\iPodder

O43 - CFD: 01/11/2008 - 19:06:14 - [46] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\

O43 - CFD: 13/04/2007 - 20:11:24 - [258] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Leadertech

O43 - CFD: 28/08/2006 - 22:32:22 - [39] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\

O43 - CFD: 25/07/2006 - 11:10:02 - [6244197] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Macromedia

O43 - CFD: 08/08/2009 - 10:06:56 - [2072825] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Malwarebytes

O43 - CFD: 27/02/2011 - 21:27:00 - [6011268] -S--D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Microsoft

O43 - CFD: 22/09/2009 - 10:12:10 - [26416794] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Mozilla

O43 - CFD: 05/06/2011 - 12:05:56 - [57458] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Mp3tag

O43 - CFD: 19/06/2007 - 20:05:02 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\MusicIP

O43 - CFD: 09/04/2011 - 12:53:56 - [75541600] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Nokia

O43 - CFD: 11/02/2011 - 19:13:22 - [33391] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Nokia Ovi Suite

O43 - CFD: 27/07/2009 - 11:57:14 - [1868] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Nseries

O43 - CFD: 22/11/2008 - 10:44:34 - [122236367] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\

O43 - CFD: 09/12/2008 - 18:59:32 - [24002652] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\OpenOffice.org2

O43 - CFD: 10/04/2011 - 11:24:44 - [7074399] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Orbit

O43 - CFD: 26/08/2006 - 20:27:16 - [18] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Otto

O43 - CFD: 01/03/2008 - 13:32:52 - [135024640] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Panasonic

O43 - CFD: 14/01/2010 - 18:37:00 - [15652399] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\PC Suite

O43 - CFD: 14/09/2011 - 22:59:32 - [1536] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\pdfforge

O43 - CFD: 24/12/2010 - 14:18:44 - [435] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\ProgSense

O43 - CFD: 25/07/2006 - 09:22:20 - [451524] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Real

O43 - CFD: 21/01/2009 - 15:22:34 - [0] R-H-D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\SecuROM

O43 - CFD: 07/12/2007 - 21:26:48 - [14058] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Skyline

O43 - CFD: 22/07/2011 - 12:13:54 - [4137196] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Skype

O43 - CFD: 22/07/2011 - 12:13:24 - [10544] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\skypePM

O43 - CFD: 08/05/2009 - 12:23:36 - [1297] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Softplicity

O43 - CFD: 01/10/2011 - 10:41:02 - [1177370] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Spotify

O43 - CFD: 22/12/2007 - 17:07:46 - [8526142] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Sun

O43 - CFD: 25/08/2006 - 13:43:24 - [52718] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Talkback

O43 - CFD: 29/09/2009 - 11:47:34 - [273482] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\TeamViewer

O43 - CFD: 02/01/2010 - 17:28:52 - [45686781] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Thunderbird

O43 - CFD: 14/05/2010 - 18:08:10 - [3604480] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\U3

O43 - CFD: 13/09/2008 - 08:39:02 - [6384104] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Uniblue

O43 - CFD: 27/08/2011 - 20:55:14 - [1099802] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\uTorrent

O43 - CFD: 16/07/2011 - 20:15:28 - [1122786] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\vlc

O43 - CFD: 01/10/2010 - 18:00:58 - [1986180] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Winamp

O43 - CFD: 21/11/2009 - 17:13:04 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\Windows Search

O43 - CFD: 19/01/2010 - 22:52:30 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\WinRAR

O43 - CFD: 25/07/2006 - 09:56:48 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Application Data\You've Got Pictures Screensaver

O43 - CFD: 25/08/2006 - 22:26:28 - [16567] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Adobe

O43 - CFD: 25/07/2006 - 10:30:10 - [1950597] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Ahead

O43 - CFD: 25/07/2006 - 11:12:40 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Apple Computer

O43 - CFD: 11/09/2011 - 12:13:24 - [38944] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\ApplicationHistory

O43 - CFD: 26/03/2011 - 13:02:42 - [183077840] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Google

O43 - CFD: 03/09/2006 - 14:40:28 - [33988] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Help

O43 - CFD: 27/12/2006 - 11:41:38 - [532896] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Identities

O43 - CFD: 01/03/2008 - 14:53:06 - [1647] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\ISL

O43 - CFD: 16/07/2009 - 12:00:22 - [25986] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\IsolatedStorage

O43 - CFD: 28/08/2006 - 22:32:22 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\

O43 - CFD: 12/10/2010 - 21:12:38 - [13453207] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Microsoft

O43 - CFD: 16/08/2011 - 09:53:04 - [13238] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Microsoft Corporation

O43 - CFD: 12/10/2010 - 21:07:54 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Microsoft Help

O43 - CFD: 08/09/2006 - 11:19:08 - [52901802] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Mozilla

O43 - CFD: 01/09/2011 - 18:40:46 - [9872] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Neuf

O43 - CFD: 08/07/2011 - 12:27:50 - [25031931] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Nokia

O43 - CFD: 11/02/2011 - 18:34:40 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\NokiaAccount

O43 - CFD: 27/08/2011 - 12:34:46 - [192] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\SFR

O43 - CFD: 01/10/2011 - 10:36:10 - [1221864958] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Spotify

O43 - CFD: 16/07/2011 - 11:49:40 - [184957] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\STDUViewer

O43 - CFD: 01/05/2011 - 15:00:24 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Temp

O43 - CFD: 13/09/2007 - 20:52:44 - [219481] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\The Weather Channel

O43 - CFD: 11/07/2009 - 22:37:40 - [3175166] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\Thunderbird

O43 - CFD: 24/07/2006 - 18:50:22 - [0] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\WMTools Downloaded Files

O43 - CFD: 25/11/2007 - 11:00:22 - [67] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\X10 Commander

O43 - CFD: 25/07/2006 - 08:51:12 - [14515200] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150070}

O43 - CFD: 01/03/2008 - 14:52:32 - [40604834] ----D- C:\Documents and Settings\ca ne te ragarde pas\Local Settings\Application Data\{726688F4-05C5-424B-8570-082779572F8E}

~ Scan Program Folder in 00mn 58s




---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.54451E861F271E7C423777740636B6CC] - 01/10/2011 - 17:57:18 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206]

O44 - LFC:[MD5.2A2C985AF87222FBF6953F36947683F9] - 01/10/2011 - 17:56:43 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1646576]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/10/2011 - 17:56:40 ---A- . (...) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.8B2F57D8EEA4233DD8AAD2FE524A3FB4] - 01/10/2011 - 17:55:34 ---A- . (...) -- C:\WINDOWS\system32\NvApps.xml [191572]

O44 - LFC:[MD5.DF209A6B1BD2F8DC9E23A04B38E9522F] - 01/10/2011 - 17:55:24 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.35FB09CB481E2C39F64FBD3701D53279] - 01/10/2011 - 17:55:21 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.0877AC09CAA217471589644C398FA572] - 01/10/2011 - 17:54:43 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.2822C5EE036EDCFDD824D81A9D45C01F] - 01/10/2011 - 17:54:35 ---A- . (...) -- C:\WINDOWS\MEMORY.DMP [207286272]

O44 - LFC:[MD5.998E31A0A3848CBADABF6AB419566343] - 01/10/2011 - 17:52:23 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.F619298FD83C2511BB2A6159D051B36E] - 01/10/2011 - 17:47:09 ---A- . (...) -- C:\AdwCleaner[s1].txt [2644]

O44 - LFC:[MD5.DFC458B4CCFBB3BC8B65062A1B6E8E5D] - 01/10/2011 - 17:38:59 ---A- . (...) -- C:\AdwCleaner[R1].txt [2408]

O44 - LFC:[MD5.7767CEEEB6ABCF44DC0D3799CAE30287] - 01/10/2011 - 16:05:53 ---A- . (...) -- C:\WINDOWS\setupapi.log [1988]

O44 - LFC:[MD5.E1A308B113A1C6CDD764E73B4BA950D1] - 01/10/2011 - 16:05:20 ---A- . (...) -- C:\PDOXUSRS.NET [13030]

O44 - LFC:[MD5.1C5205D9049A34F1DD77FEDE83C1395B] - 01/10/2011 - 09:46:14 ---A- . (...) -- C:\WINDOWS\ModemLog_Olitec Speed'Com 2000 V2.txt [8980]

O44 - LFC:[MD5.A66B80B70D99E31EC278C8CDCD379F1F] - 28/09/2011 - 22:10:16 ---A- . (...) -- C:\WINDOWS\ModemLog_Nokia N85 USB Modem.txt [5012]

O44 - LFC:[MD5.EEBACD996A2059BAE2181BB60673B938] - 22/09/2011 - 21:13:55 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640]

O44 - LFC:[MD5.9B049B76D0337C13805AC58134E66BB0] - 11/09/2011 - 21:42:40 ---A- . (...) -- C:\WINDOWS\system32\d3d9caps.dat [1324]

O44 - LFC:[MD5.3CC83B869F23598AC99A0CC034501F66] - 07/09/2011 - 17:47:31 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [639152]

~ Scan Files in 01mn 04s




---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\AOL.exe" [Enabled] .(...) -- C:\Program Files\AOL 9.0\AOL.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\WAOL.exe" [Enabled] .(...) -- C:\Program Files\AOL 9.0\WAOL.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLACSD.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLACSD.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDIAL.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLDIAL.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\fxsclnt.exe" [Enabled] .(.Microsoft Corporation - Microsoft Fax Console.) -- C:\WINDOWS\system32\fxsclnt.exe

O47 - AAKE:Key Export SP - "C:\Program Files\CA\eTrust Antivirus\InocIT.exe" [Enabled] .(...) -- C:\Program Files\CA\eTrust Antivirus\InocIT.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\CA\eTrust Antivirus\Realmon.exe" [Enabled] .(...) -- C:\Program Files\CA\eTrust Antivirus\Realmon.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\CA\eTrust Antivirus\InoRpc.exe" [Enabled] .(...) -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\NetMeeting\Conf.exe" [Enabled] .(.Microsoft Corporation - Windows® NetMeeting®.) -- C:\Program Files\NetMeeting\Conf.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe" [Enabled] .(.Ahead Software AG - Nero MediaHome.) -- C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Winamp Remote\bin\Orb.exe" [Enabled] .(...) -- C:\Program Files\Winamp Remote\bin\Orb.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\Winamp Remote\bin\OrbTray.exe" [Enabled] .(...) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe" [Enabled] .(...) -- C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\\maconfservice.exe" [Enabled] .(...) -- C:\Program Files\\maconfservice.exe (.not file.)

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Orbitdownloader\orbitdm.exe" [Enabled] .( - Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitdm.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Orbitdownloader\orbitnet.exe" [Enabled] .( - P2P service of Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitnet.exe

O47 - AAKE:Key Export SP - "C:\Documents and Settings\ca ne te ragarde pas\Bureau\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Documents and Settings\ca ne te ragarde pas\Bureau\uTorrent.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe" [Enabled] .(...) -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe" [Enabled] .(...) -- C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\TmUnitedForever\TmForever.exe" [Enabled] .(...) -- C:\Program Files\TmUnitedForever\TmForever.exe

O47 - AAKE:Key Export SP - "C:\Program Files\aMSN\bin\wish.exe" [Enabled] .(.ActiveState Corporation - Wish Application.) -- C:\Program Files\aMSN\bin\wish.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Java\jre6\bin\javaw.exe" [Enabled] .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe

O47 - AAKE:Key Export SP - "C:\trackmaniaNation\TmNationsForever\TmForever.exe" [Enabled] .(...) -- C:\trackmaniaNation\TmNationsForever\TmForever.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Documents and Settings\ca ne te ragarde pas\Bureau\spotify.exe" [Enabled] .(...) -- C:\Documents and Settings\ca ne te ragarde pas\Bureau\spotify.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Spotify\spotify.exe" [Enabled] .(.Spotify Ltd - Spotify.) -- C:\Program Files\Spotify\spotify.exe

O47 - AAKE:Key Export SP - "C:\Program Files\SFR\Media Center\httpd\httpd.exe" [Enabled] Clé orpheline

O47 - AAKE:Key Export DP - "C:\WINDOWS\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O47 - AAKE:Key Export DP - "C:\Program Files\AOL 9.0\AOL.exe" [Enabled] .(...) -- C:\Program Files\AOL 9.0\AOL.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\Program Files\AOL 9.0\WAOL.exe" [Enabled] .(...) -- C:\Program Files\AOL 9.0\WAOL.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLACSD.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLACSD.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\Program Files\Fichiers communs\AOL\ACS\AOLDIAL.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLDIAL.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\WINDOWS\system32\fxsclnt.exe" [Enabled] .(.Microsoft Corporation - Microsoft Fax Console.) -- C:\WINDOWS\system32\fxsclnt.exe

O47 - AAKE:Key Export DP - "C:\Program Files\CA\eTrust Antivirus\InocIT.exe" [Enabled] .(...) -- C:\Program Files\CA\eTrust Antivirus\InocIT.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\Program Files\CA\eTrust Antivirus\Realmon.exe" [Enabled] .(...) -- C:\Program Files\CA\eTrust Antivirus\Realmon.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\Program Files\CA\eTrust Antivirus\InoRpc.exe" [Enabled] .(...) -- C:\Program Files\CA\eTrust Antivirus\InoRpc.exe (.not file.)

O47 - AAKE:Key Export DP - "C:\Program Files\NetMeeting\Conf.exe" [Enabled] .(.Microsoft Corporation - Windows® NetMeeting®.) -- C:\Program Files\NetMeeting\Conf.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe" [Enabled] .(.Ahead Software AG - Nero MediaHome.) -- C:\Program Files\Ahead\Nero MediaHome\NeroMediaHome.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

~ Scan Keys in 00mn 00s




---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys . (...) -- C:\WINDOWS\system32\Drivers\nm.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys

~ Scan CSB in 00mn 00s




---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

~ Scan IFEO in 00mn 00s




---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.VP60"="C:\WINDOWS\system32\vp6vfw.dll" . ( - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp6vfw.dll

O52 - TDSD: \Drivers32\"vidc.VP61"="C:\WINDOWS\system32\vp6vfw.dll" . ( - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp6vfw.dll

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . ( - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp6vfw.dll

~ Scan Keys in 00mn 00s




---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

~ Scan Keys in 00mn 00s




---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "InstallVisualStyle"=

O55 - MWPS:[HKLM\...\Policies\System] - "InstallTheme"=

O55 - MWPS:[HKLM\...\Policies\System] - "NoInternetOpenWith"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

~ Scan Keys in 00mn 00s




---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=255

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWindowsUpdate"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoFavoritesMenu"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMMyDocs"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMMyPictures"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuMyMusic"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsHistory"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "ClearRecentDocsOnExit"=1

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsNetHood"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMHelp"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRun"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoUserNameInStartMenu"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartMenuPinnedList"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "ForceStartMenuLogoff"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSharedDocuments"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsMenu"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoFavoritesMenu"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSMMyDocs"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSMMyPictures"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoStartMenuMyMusic"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsHistory"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRecentDocsNetHood"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSMHelp"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoInstrumentation"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoSimpleStartMenu"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=255

~ Scan Keys in 00mn 00s




---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.4393B673D29A0D118E9730B67AB7D959] - 01/10/2011 - 15:34:00 R--A- . (.Philips Semiconductors GmbH - 3xHybrid.) -- C:\WINDOWS\system32\drivers\3xHybrid.sys [882688]

O58 - SDL:[MD5.1F61CACACB521215F39061789147968C] - 01/10/2011 - 09:37:02 ---A- . (.Pas de propriétaire - Plug and Play BIOS Extension.) -- C:\WINDOWS\system32\drivers\a347bus.sys [160640]

O58 - SDL:[MD5.A7B8A3A79D35215D798A300DF49ED23F] - 01/10/2011 - 22:58:56 ---A- . (.Arcsoft, Inc. - Arcsoft® ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [11776]

O58 - SDL:[MD5.927CF84B23FCAC998193563BD465FD58] - 01/10/2011 - 20:26:57 ---A- . (.Acronis - File Level CDP Kernel Helper.) -- C:\WINDOWS\system32\drivers\afcdp.sys [163232]

O58 - SDL:[MD5.B979979AB8027F7F53FB16EC4229B7DB] - 01/10/2011 - 12:06:00 ---A- . (.Adaptec - ASPI for WIN32 Kernel Driver.) -- C:\WINDOWS\system32\drivers\aspi32.sys [25244]

O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 01/10/2011 - 11:17:49 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys [45416]

O58 - SDL:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 01/10/2011 - 11:22:40 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys [66616]

O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 01/10/2011 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys [22360]

O58 - SDL:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 01/10/2011 - 11:22:41 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys [138192]

O58 - SDL:[MD5.8D0923F767970D0AE7E01197C27C1575] - 01/10/2011 - 15:21:32 ---A- . (.Service & Quality Technology. - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\drivers\Camd905c.sys [24605]

O58 - SDL:[MD5.80BBA4F191AD76EF2D31DAB9162D3FAE] - 01/10/2011 - 11:08:20 ---A- . (.Service & Quality Technology. - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\drivers\Capt905c.sys [33890]

O58 - SDL:[MD5.CFE3462A9E94A57DCD9676F6B7FE7F67] - 01/10/2011 - 09:12:28 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176]

O58 - SDL:[MD5.8F2A94F991F8C73CEC26B4B5620D1EDC] - 01/10/2011 - 09:12:32 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [23168]

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 01/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]

O58 - SDL:[MD5.D58B707F3D12AE410CA07D257FD28098] - 01/10/2011 - 13:01:15 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\WINDOWS\system32\drivers\cmderd.sys [17416]

O58 - SDL:[MD5.251F906328AF49E7927A1AD12B543A2F] - 01/10/2011 - 13:01:14 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\WINDOWS\system32\drivers\cmdGuard.sys [242600]

O58 - SDL:[MD5.207F06D08AFCDD3BBC801EAB1A845CFB] - 01/10/2011 - 13:01:15 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\WINDOWS\system32\drivers\cmdhlp.sys [29400]

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 01/10/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]

O58 - SDL:[MD5.6F7CCD3C02B26D530900F06D98171A69] - 01/10/2011 - 12:49:08 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 5.2 deserialized driver.) -- C:\WINDOWS\system32\drivers\e1e5132.sys [230400]

O58 - SDL:[MD5.C9E04311E2810131EEB4DC5C3E3B8181] - 01/10/2011 - 12:45:48 ---A- . (.Intel Corporation - Pas de description.) -- C:\WINDOWS\system32\drivers\ELacpi.sys [9728]

O58 - SDL:[MD5.5E58F151A79A8AC76CDB747E34186E8C] - 01/10/2011 - 12:45:24 ---A- . (.Intel Corporation - Pas de description.) -- C:\WINDOWS\system32\drivers\Elhid.sys [10112]

O58 - SDL:[MD5.CC1ADACC2099C942CC8DAD0C6A58F4F4] - 01/10/2011 - 12:45:28 ---A- . (.Intel Corporation - Pas de description.) -- C:\WINDOWS\system32\drivers\Elkbd.sys [6912]

O58 - SDL:[MD5.B4280D16C080715BC073BCF03EAE42BB] - 01/10/2011 - 12:45:46 ---A- . (.Intel Corporation - Pas de description.) -- C:\WINDOWS\system32\drivers\Elmon.sys [7040]

O58 - SDL:[MD5.C5204040F97EB81631615BDC87E1DA6A] - 01/10/2011 - 12:45:26 ---A- . (.Intel Corporation - Pas de description.) -- C:\WINDOWS\system32\drivers\Elmou.sys [6400]

O58 - SDL:[MD5.3800262165CE4A2B9D1ED09E2BCE3E9C] - 01/10/2011 - 17:45:38 ---A- . (.Gteko Ltd. - Gteko's GoProto protocol driver.) -- C:\WINDOWS\system32\drivers\goprot51.sys [29184]

O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 01/10/2011 - 17:36:05 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]

O58 - SDL:[MD5.2A013E7530BEAB6E569FAA83F517E836] - 01/10/2011 - 16:07:16 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\drivers\Hdaudio.sys [145920]

O58 - SDL:[MD5.970178E8E003EB1481293830069624B9] - 01/10/2011 - 22:41:48 ---A- . (.Conexant Systems, Inc. - HSF_HWB2 WDM driver.) -- C:\WINDOWS\system32\drivers\HSFBS2S2.sys [220032]

O58 - SDL:[MD5.1225EBEA76AAC3C84DF6C54FE5E5D8BE] - 01/10/2011 - 22:41:50 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSFCXTS2.sys [685056]

O58 - SDL:[MD5.EBB354438A4C5A3327FB97306260714A] - 01/10/2011 - 22:41:56 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSFDPSP2.sys [1041536]

O58 - SDL:[MD5.C0BAF70FCF73409AC25620FF26C06B48] - 01/10/2011 - 11:20:48 ---A- . (.Intel Corporation - NDIS 5.1 Advanced Networking Services..) -- C:\WINDOWS\system32\drivers\ianswxp.sys [119296]

O58 - SDL:[MD5.019CF5F31C67030841233C545A0E217A] - 01/10/2011 - 05:59:42 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver.) -- C:\WINDOWS\system32\drivers\iaStor.sys [246784]

O58 - SDL:[MD5.C9953067B2C9E3D3DD44EC22D1E0815A] - 01/10/2011 - 13:01:15 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\WINDOWS\system32\drivers\inspect.sys [97504]

O58 - SDL:[MD5.1E59AAED42A5E3A5ED86EC403F9C0776] - 01/10/2011 - 02:39:56 ---A- . (.Intel Corporation - Intel® Network Adapter Diagnostic Driver.) -- C:\WINDOWS\system32\drivers\iqvw32.sys [24064]

O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 01/10/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]

O58 - SDL:[MD5.195741AEE20369980796B557358CD774] - 01/10/2011 - 22:41:56 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [11868]

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]

O58 - SDL:[MD5.05F6BE0427ECB1D4F0985217F30F49F2] - 01/10/2011 - 14:14:04 ---A- . (.NetGroup - Politecnico di Torino - npf.) -- C:\WINDOWS\system32\drivers\npf.sys [32000]

O58 - SDL:[MD5.70CB8915895CCB92DDF23CE890C4F5BE] - 01/10/2011 - 22:55:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 178.13.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [6132576]

O58 - SDL:[MD5.07C02C892E8E1A72D6BF35004F0E9C5E] - 01/10/2011 - 02:13:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\PCASp50.sys [20096]

O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 01/10/2011 - 09:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]

O58 - SDL:[MD5.87D211BA1E9759E26B6296E625A31CE8] - 01/10/2011 - 17:07:24 ---A- . (.PowerQuest Corporation - PowerQuest Boot Mode Driver..) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys [4228]

O58 - SDL:[MD5.139AF08BD63738EF25B1F61528282F98] - 01/10/2011 - 17:32:01 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\system32\drivers\prodrv06.sys [54368]

O58 - SDL:[MD5.5F74753CB5CBB4766542960390C371EE] - 01/10/2011 - 17:36:06 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\drivers\prohlp02.sys [77248]

O58 - SDL:[MD5.353499497510F2781D647C6DB9226A70] - 01/10/2011 - 10:16:58 ---A- . (.Protection Technology - StarForce Protection Synchronization Driver.) -- C:\WINDOWS\system32\drivers\prosync1.sys [7136]

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 01/10/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 01/10/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]

O58 - SDL:[MD5.FA9A9468F982835E99C1EC21257F7E60] - 01/10/2011 - 16:32:58 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys [4275712]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 01/10/2011 - 11:25:54 R--A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.4C0D673281178CB496011A2E28571FC8] - 01/10/2011 - 13:44:04 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\system32\drivers\sfdrv01.sys [50688]

O58 - SDL:[MD5.462AEE0EA0481EA8BD45CAC876A4CCC4] - 01/10/2011 - 16:20:52 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\drivers\sfhlp01.sys [4832]

O58 - SDL:[MD5.15BE2B5E4DC5B8623CF167720682ABC9] - 01/10/2011 - 14:20:39 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\drivers\sfhlp02.sys [6656]

O58 - SDL:[MD5.D5A7E09D2C6A702809E49190D52ADC9F] - 01/10/2011 - 15:40:07 ---A- . (.Protection Technology - StarForce Protection VFS Driver.) -- C:\WINDOWS\system32\drivers\sfvfs02.sys [63488]

O58 - SDL:[MD5.85BADA660D57BC5AEF52B11CABD6D8F9] - 01/10/2011 - 20:26:28 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\WINDOWS\system32\drivers\snapman.sys [170464]

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 01/10/2011 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys [28520]

O58 - SDL:[MD5.E57B778208C783D8DEBAB320C16A1B82] - 01/10/2011 - 13:48:56 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5504]

O58 - SDL:[MD5.4D46F63F7DDC2442941D63327C360B90] - 01/10/2011 - 16:47:20 ---A- . (.RapidSolution Software AG - Tunebite High-Speed Dubbing.) -- C:\WINDOWS\system32\drivers\tbhsd.sys [37920]

O58 - SDL:[MD5.04E1C782CF14B7282EBC633B0FD3ED16] - 01/10/2011 - 10:11:38 ---A- . (.Windows ® 2000 DDK provider - Display Control Program.) -- C:\WINDOWS\system32\drivers\TBPanel.sys [12256]

O58 - SDL:[MD5.431801FCC97034E04A6EFF81136578D7] - 01/10/2011 - 20:26:52 ---A- . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\WINDOWS\system32\drivers\tdrpm273.sys [752128]

O58 - SDL:[MD5.B84B82C0CBEB1B0D7EB7A946BADE5830] - 01/10/2011 - 17:31:41 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\WINDOWS\system32\drivers\tifsfilt.sys [32768]

O58 - SDL:[MD5.A34D7024BB7140EC785C86BC065D4F60] - 01/10/2011 - 20:26:51 ---A- . (.Acronis - Acronis Backup Archive Explorer.) -- C:\WINDOWS\system32\drivers\timntr.sys [600928]

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 01/10/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]

O58 - SDL:[MD5.EC01DA44B090D2651FC032C8B9257232] - 01/10/2011 - 09:12:36 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192]

O58 - SDL:[MD5.4ABD37CFBD710E64F01F9DA8710C73F7] - 01/10/2011 - 09:12:38 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192]

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 01/10/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]

O58 - SDL:[MD5.B67632451F760797BB183E1FB99F4B39] - 01/10/2011 - 15:22:00 ---A- . (.RDV Soft - VNC Communication.) -- C:\WINDOWS\system32\drivers\vnccom.SYS [6016]

O58 - SDL:[MD5.4EC979B157D1AA075330362ACB5424E5] - 01/10/2011 - 15:22:00 ---A- . (.RDV Soft - Ultravnc Mirror Driver.) -- C:\WINDOWS\system32\drivers\vncdrv.sys [4736]

O58 - SDL:[MD5.C5BD340FBF2A7A584BD2928448FF8F55] - 01/10/2011 - 14:58:12 ---A- . (.Windows ® Codename Longhorn DDK provider - Support Device.) -- C:\WINDOWS\system32\drivers\WmaCAudio.sys [23096]

O58 - SDL:[MD5.81E8DA36CE70858898D5EB81E28A47D2] - 01/10/2011 - 09:45:16 ---A- . (.X10 Wireless Technology, Inc. - X10 HID Control Interface.) -- C:\WINDOWS\system32\drivers\x10hid.sys [7040]

O58 - SDL:[MD5.41CF36A3CC7786575247ED456918E112] - 01/10/2011 - 14:52:58 ---A- . (.X10 Wireless Technology, Inc. - X10 USB Control Interface.) -- C:\WINDOWS\system32\drivers\x10ufx2.sys [17792]

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:[MD5.8EDD7B9E4A4B4C16E2DAB9188CAA861B] - 01/10/2011 - 08:29:56 ---A- . (.Gteko Ltd. - DDMI Service.) -- C:\WINDOWS\system32\DDMI2.sys [6977]

O58 - SDL:[MD5.1E5D55CC886AFE8A3C54C403AE7DEBCC] - 01/10/2011 - 15:54:00 ---A- . (.GTek Technologies Ltd. - DLPT Service.) -- C:\WINDOWS\system32\DLPT2.sys [6656]

O58 - SDL:[MD5.B07663A810E861EEBFD0EAC7E82CA62D] - 01/10/2011 - 03:31:26 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36640]

O58 - SDL:[MD5.3C759D4AABC3AA457E9D489D65F8BF6D] - 01/10/2011 - 11:37:52 ---A- . (.Gteko Ltd. - GPCIEnum.) -- C:\WINDOWS\system32\GPCIEnum.sys [7626]

O58 - SDL:[MD5.D0A36615A3814D36DC9DDC686D4E24DD] - 01/10/2011 - 14:55:56 ---A- . (.Gteko Ltd. - GCMOS.) -- C:\WINDOWS\system32\GTKCMOS.sys [7882]

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 01/10/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

O58 - SDL:[MD5.354585D8E53F2FF9B8AD5E1E2EF68CEF] - 01/10/2011 - 19:44:16 ---A- . (.Matsushita Electric Industrial Co., Ltd. - Phoebe Photo Distribution Manager.) -- C:\WINDOWS\system32\PhDi2.sys [45056]

~ Scan Drivers in 00mn 01s




---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: ZHPFix 1.12 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1

O63 - Logiciel: Toolbar SD - (.IDN Team.)

~ Scan ADS in 00mn 00s




---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 14/08/2011 - C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys - a2acc(a2acc) .(.Emsi Software GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC

O64 - Services: CurCS - 14/08/2011 - C:\Program Files\Emsisoft Anti-Malware\a2service.exe - Emsisoft Anti-Malware 5.0 - Service(a2AntiMalware) .(.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - LEGACY_A2ANTIMALWARE

O64 - Services: CurCS - ??/??/???? - C:\WINDOWS\system32\Drivers\a347scsi.sys (.not file.) - a347scsi (a347scsi) .(...) - LEGACY_A347SCSI

O64 - Services: CurCS - ??/??/???? - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (.not file.) - Ad-Aware 2007 Service (aawservice) .(...) - LEGACY_AAWSERVICE

O64 - Services: CurCS - 08/09/2010 - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe - Acronis Scheduler2 Service(AcrSch2Svc) .(.Acronis - Acronis Scheduler 2.) - LEGACY_ACRSCH2SVC

O64 - Services: CurCS - 27/02/2011 - C:\WINDOWS\system32\DRIVERS\afcdp.sys - afcdp(afcdp) .(.Acronis - File Level CDP Kernel Helper.) - LEGACY_AFCDP

O64 - Services: CurCS - 27/02/2011 - C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe - Acronis Nonstop Backup service(afcdpsrv) .(.Acronis - File Level CDP Manager Service.) - LEGACY_AFCDPSRV

O64 - Services: CurCS - 10/07/2006 - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe - Intel® Alert Service(AlertService) .(.Intel Corporation - Intel® Alert Service.) - LEGACY_ALERTSERVICE

O64 - Services: CurCS - 21/04/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE

O64 - Services: CurCS - 21/07/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE

O64 - Services: CurCS - 10/09/1999 - C:\WINDOWS\system32\drivers\aspi32.sys - Aspi32(Aspi32) .(.Adaptec - ASPI for WIN32 Kernel Driver.) - LEGACY_ASPI32

O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO

O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - 17/07/2011 - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe - COMODO Internet Security Helper Service(cmdAgent) .(.COMODO - COMODO Internet Security.) - LEGACY_CMDAGENT

O64 - Services: CurCS - 17/07/2011 - C:\WINDOWS\system32\DRIVERS\cmdguard.sys - COMODO Internet Security Sandbox Driver(cmdGuard) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD

O64 - Services: CurCS - 17/07/2011 - C:\WINDOWS\system32\DRIVERS\cmdhlp.sys - COMODO Internet Security Helper Driver(cmdHlp) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP

O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\CANETE~1\LOCALS~1\Temp\cpuz_x32.sys (.not file.) - cpuz129 (cpuz129) .(...) - LEGACY_CPUZ129

O64 - Services: CurCS - ??/??/???? - C:\WINDOWS\system32\drivers\dgderdrv.sys (.not file.) - dgderdrv (dgderdrv) .(...) - LEGACY_DGDERDRV

O64 - Services: CurCS - 07/06/2006 - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe - Diskeeper(Diskeeper) .(.Diskeeper Corporation - DKSERVICE.EXE.) - LEGACY_DISKEEPER

O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - 24/03/2006 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - ??/??/???? - C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys (.not file.) - DSDrv4 (DSDrv4) .(...) - LEGACY_DSDRV4

O64 - Services: CurCS - 01/06/2006 - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe - Intel® Quick Resume technology(ELService) .(.Intel Corporation - Pas de description.) - LEGACY_ELSERVICE

O64 - Services: CurCS - 22/12/2009 - C:\WINDOWS\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK

O64 - Services: CurCS - 24/07/2006 - C:\WINDOWS\system32\DRIVERS\goprot51.sys - GoProto Protocol Driver(GoProto) .(.Gteko Ltd. - Gteko's GoProto protocol driver.) - LEGACY_GOPROTO

O64 - Services: CurCS - 29/05/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE

O64 - Services: CurCS - 06/07/2006 - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe - Intel® Matrix Storage Event Monitor(IAANTMON) .(.Intel Corporation - RAID Monitor.) - LEGACY_IAANTMON

O64 - Services: CurCS - 14/11/2005 - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT

O64 - Services: CurCS - 17/07/2011 - C:\WINDOWS\system32\DRIVERS\inspect.sys - COMODO Internet Security Firewall Driver(Inspect) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT

O64 - Services: CurCS - 10/07/2006 - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe - Intel® Software Services Manager(ISSM) .(.Intel Corporation - Intel® Software services manager.) - LEGACY_ISSM

O64 - Services: CurCS - 02/02/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - ??/??/???? - C:\WINDOWS\system32\DRIVERS\Lbd.sys (.not file.) - Lbd (Lbd) .(...) - LEGACY_LBD

O64 - Services: CurCS - 10/07/2006 - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe - Intel® Application Tracker(MCLServiceATL) .(.Intel Corporation - MCL Application Tracker.) - LEGACY_MCLSERVICEATL

O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys - mdmxsdk(mdmxsdk) .(.Conexant - Diagnostic Interface DRIVER.) - LEGACY_MDMXSDK

O64 - Services: CurCS - 05/06/2006 - C:\WINDOWS\system32\Drivers\iqvw32.sys - No object(No service) .(.Intel Corporation - Intel® Network Adapter Diagnostic Driver.) - LEGACY_NAL

O64 - Services: CurCS - 04/03/2010 - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccess (NMSAccess) .(...) - LEGACY_NMSACCESS

O64 - Services: CurCS - 17/09/2008 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.1.) - LEGACY_NVSVC

O64 - Services: CurCS - 19/11/2005 - C:\WINDOWS\system32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver(PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50

O64 - Services: CurCS - 25/11/2004 - C:\WINDOWS\system32\drivers\prodrv06.sys - StarForce Protection Environment Driver v6(prodrv06) .(.Protection Technology - StarForce Protection Environment Driver.) - LEGACY_PRODRV06

O64 - Services: CurCS - 25/11/2004 - C:\WINDOWS\system32\drivers\prohlp02.sys - StarForce Protection Helper Driver v2(prohlp02) .(.Protection Technology - StarForce Protection Helper Driver.) - LEGACY_PROHLP02

O64 - Services: CurCS - 21/12/2005 - C:\WINDOWS\system32\drivers\prosync1.sys - StarForce Protection Synchronization Driver v1(prosync1) .(.Protection Technology - StarForce Protection Synchronization Driver.) - LEGACY_PROSYNC1

O64 - Services: CurCS - 13/11/2007 - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv(Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 08/06/2011 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER

O64 - Services: CurCS - 10/08/2005 - C:\WINDOWS\system32\drivers\sfdrv01.sys - StarForce Protection Environment Driver (version 1.x)(sfdrv01) .(.Protection Technology - StarForce Protection Environment Driver.) - LEGACY_SFDRV01

O64 - Services: CurCS - 01/12/2003 - C:\WINDOWS\system32\drivers\sfhlp01.sys - StarForce Protection Helper Driver(sfhlp01) .(.Protection Technology - StarForce Protection Helper Driver.) - LEGACY_SFHLP01

O64 - Services: CurCS - 16/05/2005 - C:\WINDOWS\system32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x)(sfhlp02) .(.Protection Technology - StarForce Protection Helper Driver.) - LEGACY_SFHLP02

O64 - Services: CurCS - 03/11/2005 - C:\WINDOWS\system32\drivers\sfvfs02.sys - StarForce Protection VFS Driver (version 2.x)(sfvfs02) .(.Protection Technology - StarForce Protection VFS Driver.) - LEGACY_SFVFS02

O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - 26/06/2004 - C:\WINDOWS\system32\Drivers\vnccom.sys - vnccom(vnccom) .(.RDV Soft - VNC Communication.) - LEGACY_VNCCOM

O64 - Services: CurCS - ??/??/???? - C:\Program Files\UltraVNC\winvnc.exe (.not file.) - VNC Server (winvnc) .(...) - LEGACY_WINVNC

O64 - Services: CurCS - 12/11/2001 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe - X10 Device Network Service(x10nets) .(.X10 - X10 Module.) - LEGACY_X10NETS

~ Scan Services in 00mn 01s




---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

~ Scan Keys in 00mn 00s




---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s




---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {1FAD1004-26C7-414D-9C45-43D5B7462D2A} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {B0FD0E61-5EED-4ADB-9F25-B763824C8384} - (Yahoo! Search) - Yahoo! Search - Recherche Web

~ Scan Keys in 00mn 00s




---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.3FB01C27406F067291633B23828A2CED] [sPRF][09/11/2009] (.BitTorrent, Inc. - µTorrent.) -- C:\Documents and Settings\ca ne te ragarde pas\Bureau\uTorrent.exe [289072]

[MD5.55D44C89EC83B7BFD007C0F2112B9A02] [sPRF][17/01/2006] (.F-Secure Corporation - daas.) -- C:\WINDOWS\Downloaded Program Files\daas_s.dll [580663]

[MD5.6FEDC10A27B5361B1B3876B349A3AF5B] [sPRF][03/02/2006] (.FS - bwcli.) -- C:\WINDOWS\Downloaded Program Files\fsauc.dll [188416]

[MD5.E395421EB792944C999CBAA64477EC81] [sPRF][16/06/2006] (.F-Secure Corporation - fscax module.) -- C:\WINDOWS\Downloaded Program Files\fscax.dll [181856]

~ Scan Files in 00mn 00s




---\\ Scan Additionnel (O88)

Database Version : 8645 - (20/09/2011)

Clés trouvées (Keys found) : 6

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 1

Fichiers trouvés (Files found) : 0


[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer] =>Adware.MetaStream

[HKLM\Software\Classes\Toolbar.CT2542115] =>Adware.Hotbar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0A94B111-4504-4e26-AB05-E61E474AA38B}] =>Toolbar.AskTBar

[HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}] =>Spyware.Soft2PC

[HKLM\Software\aMSN\OpenCandy] =>Adware.OpenCandy

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\5] =>Hijack.Zones

C:\Documents and Settings\ca ne te ragarde pas\Application Data\pdfforge =>PUP.Dealio

~ Scan Additionnel in 00mn 06s




---\\ Recherche détournement de DNS routeur (O89)

Serveur : neufbox


Nom :



~ Scan DNS in 00mn 02s




---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 01/10/2011 3029208 | C:\Program Files\Emsisoft Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe

SS - | Demand 0 | (aawservice) . (...) - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

SR - | Auto 01/10/2011 780368 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe

SR - | Auto 01/10/2011 3975088 | (afcdpsrv) . (.Acronis.) - C:\Program Files\Fichiers communs\Acronis\CDP\afcdpsrv.exe

SR - | Auto 01/10/2011 188416 | (AlertService) . (.Intel Corporation.) - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

SR - | Auto 01/10/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

SR - | Auto 01/10/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 01/10/2011 1793712 | C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

SR - | Auto 01/10/2011 942080 | (Diskeeper) . (.Diskeeper Corporation.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

SS - | Demand 01/10/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SR - | Auto 01/10/2011 180224 | (ELService) . (.Intel Corporation.) - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe

SS - | Auto 01/10/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 01/10/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 01/10/2011 90112 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

SS - | Demand 01/10/2011 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

SR - | Auto 01/10/2011 77824 | (ISSM) . (.Intel Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

SR - | Auto 01/10/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe

SR - | Auto 25600 | (M1 Server) . (...) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

SR - | Auto 01/10/2011 147456 | (MCLServiceATL) . (.Intel Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

SR - | Auto 71096 | (NMSAccess) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

SR - | Auto 01/10/2011 163908 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe

SR - | Auto 01/10/2011 397312 | (Remote UI Service) . (.Intel Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

SS - | Demand 01/10/2011 86016 | Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.NetGroup - Politecnico di Torino.) - C:\Program Files\WinPcap\rpcapd.exe

SS - | Demand 01/10/2011 633856 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

SS - | Disabled 0 | (winvnc) . (...) - C:\Program Files\UltraVNC\winvnc.exe

SR - | Auto 01/10/2011 20480 | (x10nets) . (.X10.) - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

~ Scan Services in 00mn 02s




---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by ca ne te ragarde pas at 01/10/2011 19:00:39


device: opened successfully

user: MBR read successfully


Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys prosync1.sys hal.dll iaStor.sys

C:\WINDOWS\system32\drivers\prosync1.sys Protection Technology StarForce Protection System

C:\WINDOWS\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8AF16AB8]

3 CLASSPNP[0xB8108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-0[0x8AF19030]

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 04s




---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by ca ne te ragarde pas at 01/10/2011 19:00:41


********* Dump file Name *********


~ Scan MBR in 00mn 06s




End of the scan (1604 lines in 02mn 36s)(0)

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
  • Créer...