Rapport de ZHPDiag v1.27.2424 par Nicolas Coolman, Update du 22/07/2011 Run by millet at 16/01/2014 13:05:35 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 26.0 v GCIE: Google Chrome v31.0.1650.63 (Defaut) ---\\ System Information Windows XP Professional Service Pack 3 (Build 2600) ~ Processor: x86 Family 15 Model 1 Stepping 2, GenuineIntel ~ Operating System: 32 Bits ~ Boot mode: ~ Normal (Normal boot) Total RAM: 510 MB (46% free) ~ System Restore: Activé (Enable) System drive C: has 18 GB (47%) free of 37 GB ---\\ Logged in mode ~ Computer Name: MILLET-D19B7410 ~ User Name: millet ~ All Users Names: SUPPORT_388945a0, millet, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 ~ Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Documents and Settings\millet\Application Data\ ~ %Desktop%=C:\Documents and Settings\millet\Bureau\ ~ %Favorites%=C:\Documents and Settings\millet\Favoris\ ~ %LocalAppData%=C:\Documents and Settings\millet\Local Settings\Application Data\ ~ %StartMenu%=C:\Documents and Settings\millet\Menu Démarrer\ ---\\ DOS/Devices A:\ Floppy drive, Flash card reader, USB Key (Not Inserted) C:\ Hard drive, Flash drive, Thumb drive (Free 18 Go of 37 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 35 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792] [MD5.D0E5BB7F1F2B2A86CE809CC8EA9CB5B5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/01/2014 - 16:04:59.) -- C:\WINDOWS\system32\wininet.dll [916992] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 6/51 ~ Mes musiques (My Musics) : 31/134 ~ Mes Videos (My Videos) : 2/2 (Modified) ~ Mes Favoris (My Favorites) : 2/7 ~ Mes Documents (My Documents) : 50/486 ~ Mon Bureau (My Desktop) : 1/129 ~ Menu demarrer (Programs) : 8/50 ---\\ Processus lancés [MD5.E077FCA2A7E79FB9BF67D3E30B5CE593] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [20472] [MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120] [MD5.1EEA64D8599B5B7BD8721498E4019CF0] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768] [MD5.3DF465B3A982807135C52BF73614DEE3] - (.Ulead Systems, Inc. - MONITOR.) -- C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [45056] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336] [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392] [MD5.7859A324140F74AF2E5486E6BD3FCD6D] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe [93376] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [MD5.9C40F419CCD930AB6CBF2F7B35316C60] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [188928] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [MD5.32BD04B415865C8BCAF77310CCCB8A10] - (.Dropbox, Inc. - Dropbox.) -- C:\Documents and Settings\millet\Application Data\Dropbox\bin\Dropbox.exe [30714312] [MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (...) -- C:\Program Files\Microsoft Office\Office\OSA.EXE [51984] [MD5.465680BDE344CE4FF6646626AA3A9125] - (.Google Inc. - Google Crash Handler.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\GoogleCrashHandler.exe [223112] [MD5.0E8A6A1BC5B08EA29E363EE5E06F7ECB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658944] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\millet\Local Settings\Application Data\Mozilla\Firefox\Profiles\nfsmdzgu.default-1362678003203\prefs.js P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll P2 - FPN: [HKLM] [@garmin.com/GpsControl] - (.GARMIN Corp. - Garmin Communicator Plug-In 4.1.0.0.) -- C:\Program Files\Garmin GPS Plugin\npGarmin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.45.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.45.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.45.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\millet\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G0 - GCSP: Preference [User Data\Default][HomePage] http://www1.delta-search.com G0 - GCSP: Preference [User Data\Default] https://www.google.fr G2 - GCE: Preference [User Data\Default] [aaaajepeddfdaihpmdgnickofffkdlpb] Ask Toolbar v.20.52310, () G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 () G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 () G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 () G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 () ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com R1 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19328 (longhorn_ie8_gdr.120824-1715)) -- C:\WINDOWS\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Simple Adblock - Simple Adblock Module.) -- C:\Program Files\Fichiers communs\Simple Adblock\SimpleAdblock.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [Ulead AutoDetector] . (.Ulead Systems, Inc. - MONITOR.) -- C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe O4 - HKLM\..\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [NBJ] . (.Ahead Software AG - Nero BackItUp Scheduler Application.) -- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe O4 - HKCU\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [NBJ] . (.Ahead Software AG - Nero BackItUp Scheduler Application.) -- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Pense-bête.lnk . (...) -- C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE (.not file.) O4 - Global Startup: C:\Documents And Settings\millet\Menu Démarrer\Programmes\Démarrage\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Documents and Settings\millet\Application Data\Dropbox\bin\Dropbox.exe O4 - Global Startup: C:\Documents And Settings\millet\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk . (...) -- C:\Program Files\Microsoft Office\Office\OSA.EXE ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Works.lnk . (...) -- C:\WINDOWS\Installer\{A3088CD2-612B-11D3-AF43-00C04F443448}\FB931E91.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PowerpointImageExtractor V1.2.lnk . (.---.) -- C:\Program Files\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - Global Startup: C:\Documents And Settings\millet\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe O4 - Global Startup: C:\Documents And Settings\millet\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Documents And Settings\millet\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe O4 - Global Startup: C:\Documents And Settings\millet\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: uStart Search - (.not file.) - C:\Documents and Settings\millet\Application Data\uStart\addtoustart.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll ---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11) O11 - Options group: [java_sun] Java (Oracle). (.Oracle Corporation - Java Deployment Library .) - C:\Program Files\Java\jre7\bin\deploy.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan O17 - HKLM\System\CS1\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan O17 - HKLM\System\CS2\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003UA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job [MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003Core] (.Google Inc..) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003UA] (.Google Inc..) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (MpKsl6968934d) . (.Microsoft Corporation - KSLDriver.) - C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F020A84-BF2D-48AD-AD06-0315B45A2326}\MpKsl6968934d.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\System32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\System32\DRIVERS\tcpip6.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: Windows Socket 2.0 Non-IFS Service Provider Support Environment (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys ---\\ Logiciels installés (O42) O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader XI (11.0.06) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth O42 - Logiciel: BlazePhoto 2.0 - (.Pas de propriétaire.) [HKLM] -- BlazePhoto 2.0_is1 O42 - Logiciel: Canon EOS 5D Pilote WIA - (.Canon.) [HKLM] -- InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68} O42 - Logiciel: Canon RAW Codec - (.Canon Inc..) [HKLM] -- Canon RAW Codec O42 - Logiciel: Canon Utilities Digital Photo Professional - (.Canon Inc..) [HKLM] -- Digital Photo Professional O42 - Logiciel: Canon Utilities EOS Utility - (.Canon Inc..) [HKLM] -- EOS Utility O42 - Logiciel: Codec Package Packages - (.Pas de propriétaire.) [HKCU] -- Codec Package Packages O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup O42 - Logiciel: DC-Bass Source 1.3.0 - (.Pas de propriétaire.) [HKLM] -- DC-Bass Source O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox O42 - Logiciel: EPSON BX300F Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON BX300F Series O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner O42 - Logiciel: EPSON Stylus Office BX300F_TX300F Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus Office BX300F_TX300F Guide d'utilisation O42 - Logiciel: FormatFactory 3.1.1 - (.Free Time.) [HKLM] -- FormatFactory O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9} O42 - Logiciel: Garmin Communicator Plugin - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {032A13FF-D26D-4844-9597-7EF698627985} O42 - Logiciel: Garmin POI Loader - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {3213ED5E-7BBE-4613-BE69-8B1E4FE520DD} O42 - Logiciel: Garmin USB Drivers - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {ABA5E381-EC46-425C-86C5-5CD15BBFB4BF} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: Jasc Paint Shop Pro 8 - (.Nom de votre société.) [HKLM] -- {81A34902-9D0B-4920-A25C-4CDC5D14B328} O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF} O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216029F0} O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (.Pas de propriétaire.) [HKLM] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1 O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702} O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {98EABC7F-B1A1-43A5-B505-5B4EC3908DCD} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} O42 - Logiciel: Microsoft Works 2000 - (.Microsoft Corporation.) [HKLM] -- {A3088CD2-612B-11D3-AF43-00C04F443448} O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C} O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403} O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack O42 - Logiciel: Mozilla Firefox 26.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 26.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: Nero Suite - (.Pas de propriétaire.) [HKLM] -- NeroMultiInstaller!UninstallKey O42 - Logiciel: OLYMPUS ib - (.OLYMPUS IMAGING CORP..) [HKLM] -- InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0} O42 - Logiciel: OLYMPUS ib - (.OLYMPUS IMAGING CORP..) [HKLM] -- {89A43E80-AC6C-4DA8-9800-F4B30ED577C0} O42 - Logiciel: OVT Scanner X86 - (.OVT.) [HKLM] -- {6B566EFE-DC1D-471F-93DD-84832663F140} O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (.Pas de propriétaire.) [HKLM] -- OpenSource Flash Video Splitter O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452 O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161 O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) - (.OLYMPUS IMAGING CORP..) [HKLM] -- E77704EF5E71F4F18CADFBFA68595AFE036D5D97 O42 - Logiciel: PhotoFiltre 7 - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre 7 O42 - Logiciel: PowerDVD - (.Pas de propriétaire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: PowerpointImageExtractor - (.Pas de propriétaire.) [HKLM] -- PowerpointImageExtractor_is1 O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2604111 O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2657424 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Simple Adblock - (.Simple Adblock.) [HKLM] -- {A9A75A7F-4785-430D-8013-77BC1FD13A4C} O42 - Logiciel: Super Blank 3.01 - (.Pas de propriétaire.) [HKLM] -- Super Blank_is1 O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2 O42 - Logiciel: Ulead Photo Explorer 8.0 SE Basic - (.Ulead Systems, Inc..) [HKLM] -- {D271DAE0-8D68-4C97-8356-A126D48A1D8C} O42 - Logiciel: Uninstall 1.0.0.1 - (.Pas de propriétaire.) [HKLM] -- Uninstall_is1 O42 - Logiciel: Uninstall OVT Scanner - (.Pas de propriétaire.) [HKLM] -- OVT Scanner O42 - Logiciel: Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211 O42 - Logiciel: Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600211 O42 - Logiciel: Update for Codec Package - (.Pas de propriétaire.) [HKCU] -- DSite O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F} O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) - (.Garmin.) [HKLM] -- 98157A226B40B173301B0F53C8E98C47805D5152 O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011 O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C} O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: WordBiz 1.8.5 - (.Pas de propriétaire.) [HKLM] -- WordBiz_0 O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: scrabbleproB 1.1.3 - (.scrabblepro.) [HKLM] -- scrabbleproB_is1 ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Aurigma] [HKCU\Software\Avery Dennison] [HKCU\Software\BD05111967PY] [HKCU\Software\BlazeVideo] [HKCU\Software\Broderbund Software] [HKCU\Software\CDDB] [HKCU\Software\Canon] [HKCU\Software\Canon_Inc_IC] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\DSP-worx] [HKCU\Software\DVDVideoSoft] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Dnote Software] [HKCU\Software\DriverTuner] [HKCU\Software\DriverTuner_Init] [HKCU\Software\EPSON] [HKCU\Software\F-Secure] [HKCU\Software\Finalhit] [HKCU\Software\FreeCDRIP] [HKCU\Software\FreeTime] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Garmin] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\IE] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\Jasc] [HKCU\Software\JavaSoft] [HKCU\Software\LAV] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\MEDIAKG] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaTek] [HKCU\Software\Micro Application] [HKCU\Software\Mindscape] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Northcode Inc] [HKCU\Software\Novell] [HKCU\Software\ODBC] [HKCU\Software\OLYMPUS] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\SEIKO EPSON] [HKCU\Software\SFX TEAM] [HKCU\Software\Sysinternals] [HKCU\Software\Techlogg.com ToneShop] [HKCU\Software\TeleCharger_v2] [HKCU\Software\Trolltech] [HKCU\Software\ULead] [HKCU\Software\Ulead Systems] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Zyrax Software] [HKCU\Software\eMule] [HKLM\Software\ABBYY] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Canon] [HKLM\Software\Canon_Inc_IC] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DVDVideoSoft] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\Dropbox] [HKLM\Software\EPSON] [HKLM\Software\EnigmaSoftwareGroup] [HKLM\Software\GNU] [HKLM\Software\Garmin] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\ISC] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\Jasc] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\McAfee.com] [HKLM\Software\Micro Application] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Nero] [HKLM\Software\Netscape] [HKLM\Software\Novell] [HKLM\Software\ODBC] [HKLM\Software\OLYMPUS] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\Schlumberger] [HKLM\Software\SecureDigitalServices] [HKLM\Software\Secure] [HKLM\Software\Serif] [HKLM\Software\Simple Adblock] [HKLM\Software\SimpleAdblock] [HKLM\Software\SmartPCFixer] [HKLM\Software\Swearware] [HKLM\Software\Ulead Systems] [HKLM\Software\VideoLAN] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 30/12/2013 - 16:24:38 - [124487825] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint O43 - CFD: 15/06/2013 - 08:22:46 - [133904040] ----D- C:\Program Files\Adobe O43 - CFD: 20/04/2011 - 15:28:08 - [96121856] ----D- C:\Program Files\Ahead O43 - CFD: 08/08/2013 - 11:50:24 - [2655233] ----D- C:\Program Files\AviSynth 2.5 O43 - CFD: 21/04/2011 - 21:29:58 - [47734370] ----D- C:\Program Files\BlazeVideo O43 - CFD: 10/02/2013 - 12:59:24 - [1667] ----D- C:\Program Files\Broderbund O43 - CFD: 04/11/2013 - 15:09:54 - [191394252] ----D- C:\Program Files\Canon O43 - CFD: 22/07/2011 - 07:12:28 - [3901432] ----D- C:\Program Files\CCleaner O43 - CFD: 22/10/2011 - 12:37:04 - [128881705] ----D- C:\Program Files\ClubDeJeux O43 - CFD: 21/04/2011 - 08:20:58 - [18193636] ----D- C:\Program Files\CyberLink O43 - CFD: 12/12/2013 - 13:16:50 - [4143048] ----D- C:\Program Files\DIFX O43 - CFD: 21/08/2013 - 07:44:12 - [2446379] ----D- C:\Program Files\DivX O43 - CFD: 24/12/2013 - 12:54:54 - [70783944] ----D- C:\Program Files\Dropbox O43 - CFD: 08/08/2013 - 17:22:56 - [713409] ----D- C:\Program Files\DSP-worx O43 - CFD: 21/07/2011 - 13:04:50 - [1477891941] ----D- C:\Program Files\eMule O43 - CFD: 19/12/2013 - 12:05:04 - [14110364] ----D- C:\Program Files\epson O43 - CFD: 26/07/2011 - 19:44:18 - [93975345] ----D- C:\Program Files\Epson Software O43 - CFD: 20/10/2013 - 10:03:44 - [300054322] ----D- C:\Program Files\Fichiers communs O43 - CFD: 12/07/2012 - 17:28:12 - [611] ----D- C:\Program Files\Free mp3 Wma Converter O43 - CFD: 08/08/2013 - 18:48:14 - [140692382] ----D- C:\Program Files\FreeTime O43 - CFD: 12/12/2013 - 13:31:14 - [17343820] ----D- C:\Program Files\Garmin O43 - CFD: 10/12/2013 - 13:02:00 - [15366488] ----D- C:\Program Files\Garmin GPS Plugin O43 - CFD: 08/08/2013 - 15:32:36 - [51727424] ----D- C:\Program Files\Google O43 - CFD: 06/09/2013 - 12:38:48 - [37883297] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 08/10/2012 - 17:44:48 - [4683368] ----D- C:\Program Files\Internet Explorer O43 - CFD: 22/04/2011 - 06:31:38 - [197234701] ----D- C:\Program Files\Jasc Software Inc O43 - CFD: 20/10/2013 - 10:03:12 - [208202003] ----D- C:\Program Files\Java O43 - CFD: 25/07/2013 - 08:14:42 - [14645881] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 17/03/2012 - 10:26:44 - [221184] ----D- C:\Program Files\MarkAnyContentSAFER O43 - CFD: 08/08/2013 - 17:47:32 - [38362] ----D- C:\Program Files\MediaCoder O43 - CFD: 19/07/2011 - 07:41:44 - [2179165] ----D- C:\Program Files\Messenger O43 - CFD: 20/07/2011 - 08:41:50 - [284389358] ----D- C:\Program Files\Micro Application O43 - CFD: 21/04/2011 - 09:17:04 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 10/01/2013 - 12:43:48 - [429514] ----D- C:\Program Files\Microsoft ActiveSync O43 - CFD: 20/04/2011 - 12:09:28 - [0] ----D- C:\Program Files\microsoft frontpage O43 - CFD: 26/07/2011 - 16:58:38 - [43148437] ----D- C:\Program Files\Microsoft Office O43 - CFD: 08/10/2012 - 17:48:58 - [22187956] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 26/07/2013 - 09:34:14 - [42834870] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 21/04/2011 - 09:18:14 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 23/11/2012 - 06:39:16 - [23935] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 20/04/2011 - 13:56:32 - [10374874] ----D- C:\Program Files\Movie Maker O43 - CFD: 22/12/2013 - 15:21:22 - [53770690] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 24/12/2013 - 08:04:08 - [226891] ----D- C:\Program Files\Mozilla Maintenance Service O43 - CFD: 17/07/2011 - 14:53:22 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 20/04/2011 - 12:02:40 - [19278399] ----D- C:\Program Files\MSN O43 - CFD: 20/04/2011 - 12:03:24 - [8745735] ----D- C:\Program Files\MSN Gaming Zone O43 - CFD: 21/04/2011 - 12:44:36 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 13/12/2012 - 06:13:34 - [1651782] ----D- C:\Program Files\NaturaBuyPhotos O43 - CFD: 04/08/2013 - 13:56:56 - [0] ----D- C:\Program Files\Nero O43 - CFD: 20/04/2011 - 12:06:06 - [3285523] ----D- C:\Program Files\NetMeeting O43 - CFD: 21/07/2011 - 16:38:06 - [128779408] ----D- C:\Program Files\Olympus O43 - CFD: 20/04/2011 - 12:03:36 - [1804] ----D- C:\Program Files\Online Services O43 - CFD: 28/12/2012 - 11:23:36 - [702266] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 08/08/2013 - 17:22:52 - [452418] ----D- C:\Program Files\OpenSource Flash Video Splitter O43 - CFD: 06/12/2013 - 11:34:24 - [4379321] ----D- C:\Program Files\Outlook Express O43 - CFD: 21/04/2011 - 21:29:04 - [0] ----D- C:\Program Files\OVT O43 - CFD: 22/07/2013 - 13:59:36 - [8324967] ----D- C:\Program Files\PhotoFiltre 7 O43 - CFD: 13/03/2012 - 08:15:10 - [1758369] ----D- C:\Program Files\PowerpointImageExtractor_V1_2 O43 - CFD: 22/05/2012 - 15:40:44 - [12647722] ----D- C:\Program Files\PSCS2 O43 - CFD: 17/07/2011 - 14:52:58 - [36409089] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 10/11/2012 - 10:06:38 - [3400801] ----D- C:\Program Files\scrabbleproB1.1 O43 - CFD: 01/12/2012 - 13:23:52 - [0] ----D- C:\Program Files\Services en ligne O43 - CFD: 08/08/2013 - 07:27:18 - [595117] ----D- C:\Program Files\SuperBlank O43 - CFD: 20/04/2011 - 14:56:10 - [1226139] ----D- C:\Program Files\SuperCopier2 O43 - CFD: 10/02/2013 - 12:58:02 - [11426242] ----D- C:\Program Files\Techlogg.com ToneShop O43 - CFD: 21/04/2011 - 21:01:10 - [38375388] ----D- C:\Program Files\Ulead Systems O43 - CFD: 20/04/2011 - 12:19:14 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 05/01/2012 - 14:14:14 - [100395881] ----D- C:\Program Files\VideoLAN O43 - CFD: 30/11/2011 - 08:15:26 - [38781766] ----D- C:\Program Files\Windows Live O43 - CFD: 21/04/2011 - 09:16:42 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 05/06/2011 - 08:31:50 - [9958665] ----D- C:\Program Files\Windows Media Player O43 - CFD: 20/04/2011 - 12:03:10 - [3942655] ----D- C:\Program Files\Windows NT O43 - CFD: 20/04/2011 - 12:06:50 - [0] --H-D- C:\Program Files\WindowsUpdate O43 - CFD: 07/08/2013 - 13:22:44 - [64355818] ----D- C:\Program Files\WinRAR O43 - CFD: 31/10/2012 - 11:18:42 - [46474061] ----D- C:\Program Files\WordBiz O43 - CFD: 20/04/2011 - 12:09:28 - [0] ----D- C:\Program Files\xerox O43 - CFD: 16/01/2014 - 13:05:46 - [56368926] ----D- C:\Program Files\ZHPDiag O43 - CFD: 15/06/2013 - 08:22:56 - [29604289] ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD: 03/08/2011 - 07:37:04 - [31517343] ----D- C:\Program Files\Fichiers Communs\Adobe AIR O43 - CFD: 20/04/2011 - 15:27:42 - [26497471] ----D- C:\Program Files\Fichiers Communs\Ahead O43 - CFD: 29/06/2013 - 10:43:28 - [1618744] ----D- C:\Program Files\Fichiers Communs\Canon O43 - CFD: 07/08/2013 - 09:00:44 - [4354243] ----D- C:\Program Files\Fichiers Communs\Canon_Inc_IC O43 - CFD: 21/08/2013 - 07:44:30 - [8830] ----D- C:\Program Files\Fichiers Communs\DivX Shared O43 - CFD: 21/07/2011 - 12:41:50 - [10417839] ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft O43 - CFD: 26/07/2011 - 07:18:04 - [9691107] ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD: 20/10/2013 - 10:03:44 - [1248523] ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD: 24/11/2012 - 08:04:48 - [80213499] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD: 20/04/2011 - 12:06:00 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD: 04/08/2013 - 13:57:40 - [2274787] ----D- C:\Program Files\Fichiers Communs\Nero O43 - CFD: 20/04/2011 - 13:49:22 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD: 20/04/2011 - 12:06:04 - [8106] ----D- C:\Program Files\Fichiers Communs\Services O43 - CFD: 03/08/2013 - 05:47:58 - [872728] ----D- C:\Program Files\Fichiers Communs\Simple Adblock O43 - CFD: 20/04/2011 - 13:49:18 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD: 31/05/2011 - 13:58:30 - [86016] ----D- C:\Program Files\Fichiers Communs\SWF Studio O43 - CFD: 20/04/2011 - 12:05:12 - [6880468] ----D- C:\Program Files\Fichiers Communs\System O43 - CFD: 21/04/2011 - 21:01:06 - [5896663] ----D- C:\Program Files\Fichiers Communs\Ulead Systems O43 - CFD: 21/04/2011 - 08:33:40 - [39966671] ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD: 24/07/2013 - 08:00:46 - [44825600] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard O43 - CFD: 27/02/2012 - 13:31:48 - [5985848] ----D- C:\Documents and Settings\millet\Application Data\.minecraft O43 - CFD: 26/07/2013 - 08:01:04 - [27019488] ----D- C:\Documents and Settings\millet\Application Data\Adobe O43 - CFD: 08/08/2013 - 06:27:20 - [0] ----D- C:\Documents and Settings\millet\Application Data\Ahead O43 - CFD: 26/07/2013 - 14:26:26 - [772762] ----D- C:\Documents and Settings\millet\Application Data\Anvsoft O43 - CFD: 08/08/2013 - 17:47:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Broad Intelligence O43 - CFD: 07/08/2013 - 09:00:28 - [42898] ----D- C:\Documents and Settings\millet\Application Data\Canon O43 - CFD: 07/08/2013 - 09:05:06 - [53545] ----D- C:\Documents and Settings\millet\Application Data\Canon_Inc_IC O43 - CFD: 08/08/2013 - 17:23:42 - [278528] ----D- C:\Documents and Settings\millet\Application Data\CDXReader O43 - CFD: 08/08/2013 - 17:24:06 - [1114624] ----D- C:\Documents and Settings\millet\Application Data\Codec Package Packages O43 - CFD: 03/11/2011 - 10:04:18 - [3072] ----D- C:\Documents and Settings\millet\Application Data\CyberLink O43 - CFD: 13/06/2013 - 12:28:06 - [22] ----D- C:\Documents and Settings\millet\Application Data\C__Documents and Settings_millet_Mes documents_Downloads_crack_SuperHideIP.exe O43 - CFD: 25/04/2011 - 10:33:14 - [235520] ----D- C:\Documents and Settings\millet\Application Data\DivX O43 - CFD: 16/01/2014 - 08:24:36 - [72180523] ----D- C:\Documents and Settings\millet\Application Data\Dropbox O43 - CFD: 21/07/2011 - 05:45:50 - [909] ----D- C:\Documents and Settings\millet\Application Data\EPSON O43 - CFD: 03/05/2011 - 07:30:52 - [0] ----D- C:\Documents and Settings\millet\Application Data\f-secure O43 - CFD: 02/09/2011 - 11:00:24 - [0] ----D- C:\Documents and Settings\millet\Application Data\FastStone O43 - CFD: 22/07/2011 - 07:57:28 - [88] ----D- C:\Documents and Settings\millet\Application Data\FreeAudioPack O43 - CFD: 22/07/2011 - 08:03:50 - [435] ----D- C:\Documents and Settings\millet\Application Data\FreeCDRipper O43 - CFD: 24/07/2013 - 10:43:40 - [0] ----D- C:\Documents and Settings\millet\Application Data\FreeSoftwareUpdater O43 - CFD: 12/12/2013 - 13:31:18 - [1824] ----D- C:\Documents and Settings\millet\Application Data\Garmin O43 - CFD: 26/11/2011 - 16:26:16 - [63] ----D- C:\Documents and Settings\millet\Application Data\Help O43 - CFD: 10/06/2013 - 12:29:52 - [45] ----D- C:\Documents and Settings\millet\Application Data\Identities O43 - CFD: 26/07/2011 - 19:39:46 - [0] ----D- C:\Documents and Settings\millet\Application Data\InstallShield O43 - CFD: 22/04/2011 - 06:31:38 - [3635510] ----D- C:\Documents and Settings\millet\Application Data\Jasc Software Inc O43 - CFD: 08/08/2013 - 17:23:46 - [10474465] ----D- C:\Documents and Settings\millet\Application Data\LavFilters O43 - CFD: 20/04/2011 - 16:38:46 - [56979] ----D- C:\Documents and Settings\millet\Application Data\Macromedia O43 - CFD: 15/07/2012 - 07:50:10 - [453992] ----D- C:\Documents and Settings\millet\Application Data\Malwarebytes O43 - CFD: 24/07/2013 - 08:53:32 - [16853200] -S--D- C:\Documents and Settings\millet\Application Data\Microsoft O43 - CFD: 26/07/2011 - 20:04:34 - [17238119] ----D- C:\Documents and Settings\millet\Application Data\Mozilla O43 - CFD: 23/07/2013 - 15:38:24 - [0] ----D- C:\Documents and Settings\millet\Application Data\mresreg O43 - CFD: 04/08/2013 - 10:44:04 - [12983] ----D- C:\Documents and Settings\millet\Application Data\Nero O43 - CFD: 20/04/2011 - 17:16:02 - [1630790] ----D- C:\Documents and Settings\millet\Application Data\OpenOffice.org O43 - CFD: 26/07/2013 - 16:51:34 - [2322305] ----D- C:\Documents and Settings\millet\Application Data\OpenOffice.org2 O43 - CFD: 12/02/2013 - 13:36:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Opera O43 - CFD: 06/02/2013 - 11:23:54 - [3186] ----D- C:\Documents and Settings\millet\Application Data\PhotoFiltre 7 O43 - CFD: 10/01/2013 - 09:45:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Samsung O43 - CFD: 10/12/2013 - 12:04:44 - [1535486] ----D- C:\Documents and Settings\millet\Application Data\Simple Adblock O43 - CFD: 20/04/2011 - 17:06:08 - [27310975] ----D- C:\Documents and Settings\millet\Application Data\Sun O43 - CFD: 08/12/2011 - 18:27:56 - [0] ----D- C:\Documents and Settings\millet\Application Data\System O43 - CFD: 28/07/2011 - 08:42:26 - [8704] ----D- C:\Documents and Settings\millet\Application Data\Template O43 - CFD: 21/04/2011 - 21:08:00 - [6266118] ----D- C:\Documents and Settings\millet\Application Data\Ulead Systems O43 - CFD: 27/12/2013 - 07:05:20 - [329453] ----D- C:\Documents and Settings\millet\Application Data\vlc O43 - CFD: 04/05/2011 - 18:01:06 - [0] ----D- C:\Documents and Settings\millet\Application Data\WinRAR O43 - CFD: 03/08/2013 - 17:12:14 - [5251042] ----D- C:\Documents and Settings\millet\Application Data\XnView O43 - CFD: 26/07/2013 - 13:42:54 - [14539283] ----D- C:\Documents and Settings\millet\Application Data\XnViewMP O43 - CFD: 29/06/2013 - 11:06:16 - [0] ----D- C:\Documents and Settings\millet\Application Data\ZoomBrowser EX O43 - CFD: 23/11/2013 - 09:34:10 - [35851271] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Adobe O43 - CFD: 02/05/2011 - 18:07:34 - [1950597] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Ahead O43 - CFD: 06/08/2013 - 12:43:26 - [8019] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\CANON_INC O43 - CFD: 14/08/2013 - 07:24:00 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Deployment O43 - CFD: 18/12/2013 - 08:01:52 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\DriverTuner O43 - CFD: 12/12/2013 - 13:31:26 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Garmin O43 - CFD: 08/08/2013 - 15:32:10 - [588574156] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Google O43 - CFD: 25/05/2011 - 06:01:54 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Help O43 - CFD: 21/04/2011 - 11:34:30 - [33767726] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Identities O43 - CFD: 06/12/2013 - 06:46:50 - [141612366] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Microsoft O43 - CFD: 26/07/2011 - 20:04:30 - [5044435] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Mozilla O43 - CFD: 04/08/2013 - 20:23:18 - [124976568] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Nero O43 - CFD: 04/08/2013 - 11:29:46 - [8326] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Nero_AG O43 - CFD: 21/07/2011 - 16:42:48 - [27725885] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\OLYMPUS O43 - CFD: 12/02/2013 - 13:36:32 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Opera O43 - CFD: 01/05/2012 - 16:31:30 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\PCHealth O43 - CFD: 10/07/2013 - 10:00:36 - [250482] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\PoiEdit O43 - CFD: 01/03/2013 - 09:48:18 - [531185] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Sun O43 - CFD: 10/01/2013 - 15:00:36 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Temp O43 - CFD: 10/08/2013 - 18:36:18 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\WMTools Downloaded Files ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.43CBCA543239DB1453F574E8F534D8F3] - 16/01/2014 - 12:55:08 ---A- . (...) -- C:\AdwCleaner[R37].txt [1978] O44 - LFC:[MD5.109AAD5F2A04587ABEEB397085182610] - 16/01/2014 - 08:23:29 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [13646] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/01/2014 - 08:22:08 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.22EF73CA3904EB2CC2D909FCE63542A3] - 07/01/2014 - 09:50:43 ---A- . (...) -- C:\AdwCleaner[R36].txt [1917] O44 - LFC:[MD5.EDCEAF74C3345517A2F792ED64558A92] - 21/12/2013 - 10:14:57 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.DB2D14B183726F5894667A3AA2EBA277] - 19/12/2013 - 10:57:45 ---A- . (.SEIKO EPSON CORP. - EPSON WIA Module.) -- C:\WINDOWS\System32\escwiad.dll [71680] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Lphant Applications\Lphant\Lphant.exe" [Enabled] .(...) -- C:\Program Files\Lphant Applications\Lphant\Lphant.exe (.not file.) O47 - AAKE:Key Export DP - "C:\Program Files\Lphant Applications\Lphant\Lphant.exe" [Enabled] .(...) -- C:\Program Files\Lphant Applications\Lphant\Lphant.exe (.not file.) ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\77656854.sys . (...) -- C:\WINDOWS\System32\Drivers\77656854.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\WINDOWS\System32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\77656854.sys . (...) -- C:\WINDOWS\System32\Drivers\77656854.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\WINDOWS\System32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propriétaire - Lagarith.) -- C:\WINDOWS\System32\lagarith.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pas de propriétaire - Lagarith.) -- C:\WINDOWS\System32\lagarith.dll O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.0F2D66D5F08EBE2F77BB904288DCF6F0] - 16/01/2014 - 21:20:04 ---A- . (.Intel Corporation - Intel(r) Integrated Controller Hub Audio Driver.) -- C:\WINDOWS\system32\drivers\ac97intc.sys [96256] O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 16/01/2014 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528] O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 16/01/2014 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776] O58 - SDL:[MD5.1961F8B618E3C20DF54C146B294EFD2A] - 16/01/2014 - 18:12:50 ---A- . (.Intel Corporation - Pilote NDIS 5.) -- C:\WINDOWS\system32\drivers\e100b325.sys [117760] O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 16/01/2014 - 13:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384] O58 - SDL:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 16/01/2014 - 13:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22856] O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032] O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 16/01/2014 - 10:34:32 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [1897408] O58 - SDL:[MD5.F4CB9C1991314B1352DDBD8A968E4471] - 16/01/2014 - 14:58:26 ---A- . (.OLYMPUS IMAGING CORP. - OlyCamComm.sys.) -- C:\WINDOWS\system32\drivers\OlyCamComm.sys [21648] O58 - SDL:[MD5.1FC8A7E5C3AED31F00940C6AB2FD9B49] - 16/01/2014 - 21:44:00 ---A- . (.Omnivision Technologies, Inc. - Stream Class Mini Driver.) -- C:\WINDOWS\system32\drivers\ov550i.sys [580992] O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 16/01/2014 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792] O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032] O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 16/01/2014 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 16/01/2014 - 16:05:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632] O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 16/01/2014 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376] O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 16/01/2014 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 16/01/2014 - 17:15:26 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608] O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 12/12/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - Adobe Flash Player Update Service(AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.9 r9.) - LEGACY_AD O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\millet\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME O64 - Services: CurCS - ??/??/???? - C:\Program Files\MediaCoder\sysInfo.sys (.not file.) - CrystalSysInfo (CrystalSysInfo) .(...) - LEGACY_CRYSTALSYSINFO O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 13/12/2008 - C:\WINDOWS\system32\FsUsbExDisk.sys - No object (No service) .(...) - LEGACY_FSUSBEXDISK O64 - Services: CurCS - 11/08/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE O64 - Services: CurCS - 11/08/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdatem)(gupdatem) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATEM O64 - Services: CurCS - 08/10/2013 - C:\Program Files\Java\jre7\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 04/04/2013 - C:\WINDOWS\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - MBAMScheduler(MBAMScheduler) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSCHEDULER O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSERVICE ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe (.not file.) O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe (.not file.) ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {483830EE-A4CD-4b71-B0A3-3D82E62A6909} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {A540D69B-1CD5-44FA-9B2A-DFEA5EBD97F1} - (uStart) - http://www.ustart.orgNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A11 O69 - SBI: SearchScopes [HKCU] {BEF2DA9C-A926-46B1-8784-12C73518EE56} - (Google) - http://www.google.com ---\\ Internet Feature Controls (O81) O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_DISABLE_NAVIGATION_SOUNDS] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_DISABLE_TELNET_PROTOCOL] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_ACTIVEXINSTALL] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_FILEDOWNLOAD] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_RES_TO_LMZ] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_STATUS_BAR_THROTTLING] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_DISABLE_NAVIGATION_SOUNDS] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_DISABLE_TELNET_PROTOCOL] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_ACTIVEXINSTALL] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_FILEDOWNLOAD] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_RES_TO_LMZ] -- svchost.exe O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_STATUS_BAR_THROTTLING] -- svchost.exe ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.53406E9988306CBD4537677C5336ABA4] [SPRF][12/08/2013] (.Microsoft Corporation - Microsoft .NET Framework 4 Setup.) -- C:\Documents and Settings\millet\Application Data\dotNetFx40_Full_setup.exe [889416] ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 16/01/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 16/01/2014 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe SS - | Auto 16/01/2014 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 16/01/2014 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 16/01/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe SR - | Auto 16/01/2014 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SS - | Auto 16/01/2014 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 16/01/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by millet at 16/01/2014 13:07:01 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS 1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x82389AB8] 3 CLASSPNP[0xF8576FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000060[0x823862A0] 5 ACPI[0xF84EC620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-4[0x823AAD98] kernel: MBR read successfully user & kernel MBR OK ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by millet at 16/01/2014 13:07:03 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin End of the scan (1020 lines in 01mn 28s)(0)