cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.10.8 - Nicolas Coolman (10.01.2014)
~ Lancé par nono & jeff (01.02.2014 11:43:42)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC):


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader XI

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 8 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023.5 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 3 GB (16%) free of 19 GB

---\\ Mode de connexion au système
~ Computer Name: NONOJEFF
~ User Name: nono & jeff
~ All Users Names: SUPPORT_388945a0, nono & jeff, IWAM_NONOJEFF, IUSR_NONOJEFF, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\nono & jeff\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\nono & jeff\Application Data\
~ %Desktop% : C:\Documents and Settings\nono & jeff\Bureau\
~ %Favorites% : C:\Documents and Settings\nono & jeff\Favoris\
~ %LocalAppData% : C:\Documents and Settings\nono & jeff\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\nono & jeff\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 3 Go of 19 Go)
D: Hard drive, Flash drive, Thumb drive (Free 15 Go of 29 Go)
E: Hard drive, Flash drive, Thumb drive (Free 18 Go of 29 Go)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 44 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D0288319660EDCFED07C7E74C4EA38A5] - (.Microsoft Corporation - Explorateur Windows.) (.13.06.2007 - 14:22:28.) -- C:\WINDOWS\Explorer.exe [1037312]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.08.03.2009 - 03:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944]
[MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.20.08.2004 - 00:10:04.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.55E6E1C51B6D30E54335750955453702] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14.08.2008 - 10:51:43.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138368]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.04.08.2004 - 06:59:42.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.04.08.2004 - 07:14:10.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.04.08.2004 - 06:59:52.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.28.08.2001 - 15:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.19.08.2004 - 23:56:39.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.04.08.2004 - 07:00:15.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.E2168CBC7098FFE963C6F23F472A3593] - (.Microsoft Corporation - IP Network Address Translator.) (.29.09.2004 - 23:28:37.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.04.08.2004 - 07:14:28.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.FB6C89BB3CE282B08BDB1E3C179E1C39] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.24.02.2010 - 13:31:30.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [454016]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.04.08.2004 - 07:14:37.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.19A811EF5F1ED5C926A028CE107FF1AF] - (.Microsoft Corporation - NT File System Driver.) (.09.02.2007 - 12:10:35.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574464]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.19.08.2004 - 23:51:43.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.04.08.2004 - 07:14:22.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.04.08.2004 - 07:01:15.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.19.08.2004 - 23:54:50.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19.08.2004 - 23:59:12.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4
~ Mes musiques (My Musics) : 0/0
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/120
~ Mes Documents (My Documents) : 1/12
~ Mon Bureau (My Desktop) : 1/26
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.988]
[MD5.4DB0907D750E0810309F8D8FA36625A6] - (.Pas de propriétaire - ANIWConnService.) -- C:\Program Files\D-Link\DWA-525 revA\ANIWConnService.exe [40960] [PID.1528]
[MD5.E859CA020ED61899F3C74A8D0032D05C] - (.Pas de propriétaire - GuardMailRu Module.) -- C:\Program Files\Guard-ICQ\GuardICQ.exe [1564368] [PID.1552]
[MD5.3677FE8F78ED0A5A31360BDE2CF4671A] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872] [PID.1616]
[MD5.50F22575C0FB5D85A9D41EF963610C32] - (.Microsoft Corporation - TCP/IP Services Application.) -- C:\WINDOWS\System32\tcpsvcs.exe [19456] [PID.1884]
[MD5.16713686A3C7FE73DDFC553EB4D21829] - (.Microsoft Corporation - Service SNMP.) -- C:\WINDOWS\System32\snmp.exe [33280] [PID.1912]
[MD5.E9B5F354AE80325283FD5C1C05217B01] - (.Microsoft Corporation - Message Queuing Service.) -- C:\WINDOWS\system32\mqsvc.exe [4608] [PID.344]
[MD5.10E6B9022B0A5C9C41E2DA6AEAE5D404] - (.Microsoft Corporation - Windows NT MSMQ Trigger Service.) -- C:\WINDOWS\system32\mqtgsvc.exe [117248] [PID.2160]
[MD5.D078198A9674114551D0DF6BB706B475] - (.D-Link Corp. - D-Link WLAN Application.) -- C:\Program Files\D-Link\DWA-525 revA\AirNCFG.exe [1015808] [PID.2948]
[MD5.C0E0151199EC1BE8007438308616BC06] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\D-Link\DWA-525 revA\WZCSLDR2.exe [122880] [PID.2956]
[MD5.F5F0146580E7023ADB963879840777F8] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\System32\msiexec.exe [78848] [PID.2700]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.3508]
[MD5.29A4611EE6F24AF1EB4014088A1911C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8323072] [PID.3396]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (...) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll (.not file.)
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (...) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll (.not file.)
~ Firefox Browser: 7 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ciaomembri.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 14 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 92



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Google Plus Youtube - {F657D93B-E151-4f5d-BB29-44424704FAA6} . (.GooglePlusYoutube - GooglePlusYoutube Module.) -- C:\Documents and Settings\nono & jeff\Application Data\GooglePlusYoutube\3_GooglePlusYoutube.dll
~ BHO: 10 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Windows Live Toolbar - [HKLM]{21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [nono & jeff]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [nono & jeff]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 2 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [D-Link D-Link DWA-525] . (.D-Link Corp. - D-Link WLAN Application.) -- C:\Program Files\D-Link\DWA-525 revA\AirNCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\D-Link\DWA-525 revA\WZCSLDR2.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] . (.Pas de propriétaire - GuardMailRu Module.) -- C:\Program Files\Guard-ICQ\GuardICQ.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-1960408961-117609710-682003330-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\WINDOWS\system32\pnrpnsp.dll
~ Winsock: 5 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: Microsoft XML Parser for Java - (Microsoft XML Parser for Java) - (.not file.) - file:\\C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} ((no name)) - http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E0C72F4-4541-4069-87BA-C403027234EF}: NameServer = 194.117.200.10,194.117.200.15
O17 - HKLM\System\CCS\Services\Tcpip\..\{64802C99-44AF-4852-8C0A-81BE698B3079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{B110DC0A-EA2F-4550-8D64-1B6FE284A74E}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{4E0C72F4-4541-4069-87BA-C403027234EF}: NameServer = 194.117.200.10,194.117.200.15
O17 - HKLM\System\CS1\Services\Tcpip\..\{64802C99-44AF-4852-8C0A-81BE698B3079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{B110DC0A-EA2F-4550-8D64-1B6FE284A74E}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{4E0C72F4-4541-4069-87BA-C403027234EF}: NameServer = 194.117.200.10,194.117.200.15
O17 - HKLM\System\CS3\Services\Tcpip\..\{64802C99-44AF-4852-8C0A-81BE698B3079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{B110DC0A-EA2F-4550-8D64-1B6FE284A74E}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ SSODL: 6 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: D_Link_DWA-525 Service (D_Link_DWA-525) . (.Wireless Service - ANIWZCS2 Service Launcher.) - C:\Program Files\D-Link\DWA-525 revA\ANIWZCSdS.exe
O23 - Service: D_Link_DWA-525_WPS Service (D_Link_DWA-525_WPS) . (.Pas de propriétaire - ANIWConnService.) - C:\Program Files\D-Link\DWA-525 revA\ANIWConnService.exe
O23 - Service: Guard.Mail.ru (Guard.Mail.ru) . (.Pas de propriétaire - GuardMailRu Module.) - C:\Program Files\Guard-ICQ\GuardICQ.exe
~ Services: 3 Scanned in 00mn 09s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job [400]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job [236]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{0C34194D-C942-4FF9-B7D9-62677F05D957}.job [444]
[MD5.2471BCB6E1388A3484E78243A1BE5F33] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257928]
[MD5.EC9B420801D3D7F82388267D13D0F89B] [APT] [OGALogon] (...) -- C:\WINDOWS\system32\OGAexeC.exe [230768]
~ Scheduled Task: 6 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\WINDOWS\system32\iedkcs32.dll
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\WINDOWS\system32\msjava.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Adobe Shockwave Director 10.1.4 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\WINDOWS\system32\Macromed\Director\SwDir.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp10.inf =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll
O40 - ASIC: Fax - {8b15971b-5355-4c82-8c07-7e181ea07608} . (...) -- C:\WINDOWS\INF\fxsocm.inf
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_12_0_0_38.ocx
O40 - ASIC: Installed Component - S-1-5-21-1960408961-117609710-682003330-1003 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID
O40 - ASIC: Installed Component - S-1-5-21-1960408961-117609710-682003330-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 23 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\amdk7.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\system32\DRIVERS\tcpip6.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (VIAPFD) . (.VIA Technologies. Inc. - VIA PFD driver.) - C:\WINDOWS\system32\Drivers\VIAPFD.sys
~ Drivers: 63 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM] -- 7-Zip
O42 - Logiciel: 7-Zip Packages - (...) [HKCU] -- 7-Zip Packages
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader XI (11.0.06) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AsfTools 3.1 (remove only) - (...) [HKLM] -- AsfTools 3.1
O42 - Logiciel: Avance AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: C-Media 3D Audio - (...) [HKLM] -- C-Media Audio
O42 - Logiciel: CX4300_5500_DX4400 Manuel - (...) [HKLM] -- CX4300_5500_DX4400 Manuel
O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (...) [HKLM] -- {8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}
O42 - Logiciel: D-Link DWA-525 - (.D-Link.) [HKLM] -- {1DEB8A37-56C9-4E41-9102-171D8EC91DF0}
O42 - Logiciel: Dolet Light for Finale 2005 - (.Recordare LLC.) [HKLM] -- {7D1BB8B3-5965-4D57-BC5D-C71F56DB4CAD}
O42 - Logiciel: Finale 2005b - (...) [HKLM] -- Finale 2005b
O42 - Logiciel: Finale Performance Assessment - (...) [HKLM] -- Finale Performance Assessment
O42 - Logiciel: GTA2 - (...) [HKLM] -- {2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}
O42 - Logiciel: Guard.ICQ - (.Mail.ru.) [HKLM] -- Guard.Mail.ru
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB926239) - (.Microsoft Corporation.) [HKLM] -- KB926239
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: ICQ7.7 - (.ICQ.) [HKLM] -- {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 10 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150100}
O42 - Logiciel: Java(TM) 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020}
O42 - Logiciel: Java(TM) 6 Update 3 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160030}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: LibreOffice 4.0 Help Pack (French) - (.The Document Foundation.) [HKLM] -- {1BF5547E-70D8-4619-B033-18BAB17E95A7}
O42 - Logiciel: LibreOffice 4.0.3.3 - (.The Document Foundation.) [HKLM] -- {F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB925672) - (.Microsoft Corporation.) [HKLM] -- {A9CF9052-F4A0-475D-A00F-A8388C62DD63}
O42 - Logiciel: MSXML 4.0 SP2 (KB927978) - (.Microsoft Corporation.) [HKLM] -- {37477865-A3F1-4772-AD43-AAFC6BCFF99F}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {0CD47142-BA4F-46B0-AA92-2675864928B8}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Need For Speed II SE - (...) [HKLM] -- Need For Speed II SE
O42 - Logiciel: Nero - Burning Rom - (.ahead software gmbh.) [HKLM] -- {A4D7B764-4140-11D4-88EB-0050DA3579C0}
O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}
O42 - Logiciel: PowerDVD - (...) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: QuickTime - (...) [HKLM] -- QuickTime
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (...) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SafeCast Shared Components - (.Macrovision.) [HKLM] -- CdaC13Ba
O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97}
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: SigmaTel MSCN Audio Player - (...) [HKLM] -- {8E240C1C-25D0-4248-BC6C-ACC3472E35CE}
O42 - Logiciel: SpeedFan (remove only) - (...) [HKLM] -- SpeedFan
O42 - Logiciel: USB Video Camera Driver v1.10 - (.Generic.) [HKLM] -- {926B578B-505F-4820-A62D-088E1124FED4}
O42 - Logiciel: VideoLAN VLC media player 0.8.4a - (.VideoLAN Team.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows XP Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: audioGnome Active Installer - (...) [HKLM] -- ST6UNST #1
~ Logic: 64 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\7-Zip]
[HKCU\Software\ABBYY]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ANI]
[HKCU\Software\ASProtect]
[HKCU\Software\AVG]
[HKCU\Software\Adobe]
[HKCU\Software\America Online]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow]
[HKCU\Software\AsfTools]
[HKCU\Software\Auob]
[HKCU\Software\Aurigma]
[HKCU\Software\BlackSun]
[HKCU\Software\Boonty]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Club Internet]
[HKCU\Software\CodaMusic]
[HKCU\Software\Cool MP3 Converter]
[HKCU\Software\CyberLink]
[HKCU\Software\D-Link]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EMG]
[HKCU\Software\EPSON]
[HKCU\Software\Freeware]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\ICQ]
[HKCU\Software\IM Providers]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavasoft]
[HKCU\Software\MMTWN]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mirabilis]
[HKCU\Software\Motive]
[HKCU\Software\Mozilla]
[HKCU\Software\NOS]
[HKCU\Software\Netscape]
[HKCU\Software\Network Associates]
[HKCU\Software\ODBC]
[HKCU\Software\Opendisc]
[HKCU\Software\Panda Software]
[HKCU\Software\PepiMK Software]
[HKCU\Software\Pige Electronique]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Ptdt]
[HKCU\Software\RGP]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SOMUSQUE]
[HKCU\Software\Samsung PC Studio]
[HKCU\Software\Samsung]
[HKCU\Software\Shtp]
[HKCU\Software\Sophos]
[HKCU\Software\SpeedFan]
[HKCU\Software\Team17SoftwareLTD]
[HKCU\Software\The Document Foundation]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WholeSecurity]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\XemiCo]
[HKCU\Software\Yahoo]
[HKCU\Software\Zattoo Inc.]
[HKCU\Software\ahead]
[HKCU\Software\blehnounpop]
[HKCU\Software\eBay] =>Toolbar.eBay
[HKCU\Software\eMule]
[HKCU\Software\ej-technologies]
[HKCU\Software\shockwave.com]
[HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램]
[HKLM\Software\ABBYY]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ANIWConnd Service]
[HKLM\Software\ANI]
[HKLM\Software\Acoustica]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Arobas Music]
[HKLM\Software\Aureal]
[HKLM\Software\Avance Logic, Inc.]
[HKLM\Software\Avance]
[HKLM\Software\AxBx]
[HKLM\Software\Boonty]
[HKLM\Software\BroadJump]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C-Media]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CodaMusic]
[HKLM\Software\Creative Tech]
[HKLM\Software\CyberLink]
[HKLM\Software\D-Link]
[HKLM\Software\DMA Design Ltd]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FreeCDRIP]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICQ]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Lavasoft]
[HKLM\Software\LibreOffice]
[HKLM\Software\Licenses]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Mail.Ru]
[HKLM\Software\MakeMusic]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Mirabilis]
[HKLM\Software\Montparnasse Multimedia - France Télécom]
[HKLM\Software\Motive]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Rcsu]
[HKLM\Software\Recordare]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Rockstar Games]
[HKLM\Software\SYNETIC]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Soeperman Enterprises Ltd.]
[HKLM\Software\SoftShape]
[HKLM\Software\Sonic]
[HKLM\Software\Sophos]
[HKLM\Software\Team17 Software Ltd]
[HKLM\Software\The Document Foundation]
[HKLM\Software\Tptr]
[HKLM\Software\Trad-FR]
[HKLM\Software\Trolltech]
[HKLM\Software\Via4in1Driver]
[HKLM\Software\VideoCap]
[HKLM\Software\VideoLAN]
[HKLM\Software\Westwood]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Winsock2]
[HKLM\Software\Wise Solutions]
[HKLM\Software\XSGames]
[HKLM\Software\Yahoo]
[HKLM\Software\eBay] =>Toolbar.eBay
[HKLM\Software\ej-technologies]
[HKLM\Software\emme]
[HKLM\Software\emmegroups]
[HKLM\Software\optimidata]
~ Key Software: 311 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10.10.2013 - 17:36:41 - [3.440] ----D C:\Program Files\7-Zip
O43 - CFD: 17.03.2008 - 17:13:47 - [35.626] ----D C:\Program Files\Acrobat 5.0
O43 - CFD: 01.02.2014 - 11:35:28 - [120.874] ----D C:\Program Files\Adobe
O43 - CFD: 13.12.2006 - 09:38:31 - [58.230] ----D C:\Program Files\Ahead
O43 - CFD: 17.01.2009 - 17:51:14 - [0.403] ----D C:\Program Files\AsfTools 3.1
O43 - CFD: 19.10.2012 - 16:07:54 - [2.711] ----D C:\Program Files\AvRack
O43 - CFD: 06.07.2011 - 16:09:31 - [30.819] ----D C:\Program Files\C-Media 3D Audio
O43 - CFD: 11.08.2005 - 06:58:02 - [6.150] ----D C:\Program Files\CFWebAdvancedU
O43 - CFD: 17.07.2005 - 13:07:49 - [4.852] ----D C:\Program Files\Codecs A&V
O43 - CFD: 21.08.2004 - 09:12:24 - [11.793] ----D C:\Program Files\Common
O43 - CFD: 27.01.2007 - 16:05:39 - [16.138] ----D C:\Program Files\Common files
O43 - CFD: 17.07.2005 - 14:08:58 - [4.254] ----D C:\Program Files\Creative
O43 - CFD: 04.07.2011 - 19:32:08 - [15.379] ----D C:\Program Files\CyberLink
O43 - CFD: 17.09.2011 - 12:30:46 - [19.015] ----D C:\Program Files\D-Link
O43 - CFD: 13.05.2007 - 14:21:13 - [34.481] ----D C:\Program Files\Directx
O43 - CFD: 19.10.2012 - 16:54:09 - [34.359] ----D C:\Program Files\Electronic Arts
O43 - CFD: 18.11.2011 - 16:49:32 - [16.491] ----D C:\Program Files\epson
O43 - CFD: 29.01.2014 - 15:46:56 - [345.658] ----D C:\Program Files\Fichiers communs
O43 - CFD: 09.10.2005 - 14:58:59 - [0.005] ----D C:\Program Files\Foreignword
O43 - CFD: 21.10.2009 - 06:02:51 - [0.017] ----D C:\Program Files\Free Audio Pack
O43 - CFD: 01.03.2008 - 17:48:51 - [29.426] ----D C:\Program Files\Grisoft
O43 - CFD: 29.12.2011 - 17:34:45 - [1.492] ----D C:\Program Files\Guard-ICQ
O43 - CFD: 12.02.2012 - 19:28:54 - [51.373] ----D C:\Program Files\ICQ7.7
O43 - CFD: 29.12.2011 - 17:34:48 - [57.079] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 05.10.2013 - 09:55:35 - [5.699] ----D C:\Program Files\Internet Explorer
O43 - CFD: 18.10.2007 - 13:20:20 - [298.604] ----D C:\Program Files\Java
O43 - CFD: 21.05.2013 - 18:21:26 - [331.488] ----D C:\Program Files\LibreOffice 4.0
O43 - CFD: 29.01.2014 - 09:40:23 - [13.252] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 13.08.2008 - 20:21:35 - [2.129] ----D C:\Program Files\Messenger
O43 - CFD: 18.04.2012 - 17:12:13 - [1.496] ----D C:\Program Files\Microsoft
O43 - CFD: 08.07.2007 - 18:31:57 - [0.764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 20.08.2004 - 20:01:57 - [0.197] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 25.09.2011 - 19:50:49 - [308.301] ----D C:\Program Files\Microsoft Office
O43 - CFD: 18.09.2011 - 19:30:38 - [1.487] ----D C:\Program Files\Microsoft Office Outlook Connector =>.Microsoft Corporation
O43 - CFD: 17.07.2005 - 13:10:17 - [2.569] ----D C:\Program Files\Microsoft Reader
O43 - CFD: 12.01.2014 - 09:19:29 - [21.448] ----D C:\Program Files\Microsoft Security Client
O43 - CFD: 12.05.2012 - 02:01:36 - [36.641] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 19.03.2009 - 17:14:24 - [1.745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 19.03.2009 - 17:16:04 - [2.087] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 27.10.2006 - 16:42:19 - [0.301] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 19.09.2011 - 18:02:11 - [10.822] ----D C:\Program Files\Movie Maker
O43 - CFD: 06.11.2012 - 11:16:52 - [0] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 22.08.2009 - 23:26:22 - [0.025] ----D C:\Program Files\MSBuild
O43 - CFD: 29.10.2008 - 20:49:39 - [28.414] ----D C:\Program Files\MSECache
O43 - CFD: 20.08.2004 - 19:57:41 - [8.341] ----D C:\Program Files\MSN Gaming Zone
O43 - CFD: 22.08.2009 - 23:17:22 - [0.007] ----D C:\Program Files\MSXML 6.0
O43 - CFD: 08.01.2007 - 18:01:45 - [3.133] ----D C:\Program Files\NetMeeting
O43 - CFD: 17.07.2005 - 13:10:31 - [22.583] ----D C:\Program Files\NVIDIA
O43 - CFD: 07.06.2005 - 14:00:20 - [0.002] ----D C:\Program Files\OpiStat
O43 - CFD: 19.09.2011 - 17:54:39 - [4.177] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation
O43 - CFD: 01.11.2012 - 12:27:02 - [2.360] ----D C:\Program Files\PC Camera
O43 - CFD: 15.01.2013 - 18:58:54 - [2.530] ----D C:\Program Files\QuickTime
O43 - CFD: 17.07.2005 - 13:10:51 - [10.598] ----D C:\Program Files\Quicktime 6
O43 - CFD: 03.02.2005 - 10:33:16 - [69.964] ----D C:\Program Files\Real
O43 - CFD: 22.08.2009 - 23:26:11 - [34.715] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 12.03.2007 - 20:41:53 - [385.617] ----D C:\Program Files\Rockstar Games
O43 - CFD: 26.07.2008 - 15:53:00 - [4.725] ----D C:\Program Files\SigmaTel
O43 - CFD: 20.08.2004 - 20:13:04 - [0.036] ----D C:\Program Files\SiSLan
O43 - CFD: 09.10.2005 - 14:57:43 - [0.000] ----D C:\Program Files\Smart Link
O43 - CFD: 26.01.2014 - 00:00:00 - [5.762] ----D C:\Program Files\SpeedFan
O43 - CFD: 01.11.2005 - 14:03:32 - [9.233] ----D C:\Program Files\Symantec
O43 - CFD: 14.11.2005 - 17:25:39 - [0.103] ----D C:\Program Files\Talkway
O43 - CFD: 30.08.2004 - 18:26:39 - [2.906] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 18.09.2011 - 19:26:48 - [135.332] ----D C:\Program Files\Windows Live
O43 - CFD: 17.12.2009 - 17:12:55 - [6.392] ----D C:\Program Files\Windows Media Bonus Pack for Windows XP
O43 - CFD: 19.10.2011 - 17:47:42 - [0] ----D C:\Program Files\Windows Media Connect 2
O43 - CFD: 19.10.2011 - 17:59:09 - [35.931] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 05.01.2008 - 18:15:15 - [3.758] ----D C:\Program Files\Windows NT
O43 - CFD: 12.10.2013 - 12:12:24 - [0] ----D C:\Program Files\WinZip
O43 - CFD: 07.12.2012 - 16:43:42 - [0] ----D C:\Program Files\Xenocode
O43 - CFD: 20.08.2004 - 20:01:58 - [0] ----D C:\Program Files\xerox
O43 - CFD: 20.08.2004 - 21:01:36 - [0.034] ----D C:\Program Files\XviD
O43 - CFD: 10.01.2013 - 13:59:56 - [0.000] --H-D C:\Program Files\Zero G Registry
O43 - CFD: 01.02.2014 - 11:43:10 - [17.265] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 17.07.2005 - 13:05:40 - [0.488] ----D C:\Program Files\_ArcadeDownloadFolder
O43 - CFD: 01.02.2014 - 11:36:28 - [7.466] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 23.07.2009 - 14:16:33 - [30.455] ----D C:\Program Files\Fichiers communs\Adobe AIR
O43 - CFD: 18.04.2005 - 12:45:23 - [0.203] ----D C:\Program Files\Fichiers communs\Ahead
O43 - CFD: 05.03.2007 - 14:28:29 - [0] ----D C:\Program Files\Fichiers communs\BOONTY Shared
O43 - CFD: 09.10.2005 - 18:02:46 - [2.038] ----D C:\Program Files\Fichiers communs\BullGuard
O43 - CFD: 20.08.2004 - 21:46:15 - [0.082] ----D C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 02.11.2005 - 15:52:15 - [2.738] ----D C:\Program Files\Fichiers communs\G DATA
O43 - CFD: 15.12.2007 - 13:53:12 - [15.158] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 29.06.2005 - 12:06:23 - [71.255] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 27.10.2006 - 10:46:06 - [0.482] ----D C:\Program Files\Fichiers communs\Kaspersky Lab
O43 - CFD: 05.03.2007 - 14:23:10 - [0.258] ----D C:\Program Files\Fichiers communs\Macrovision Shared
O43 - CFD: 17.12.2009 - 17:07:31 - [150.752] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 13.05.2007 - 14:23:47 - [0] ----D C:\Program Files\Fichiers communs\Motive
O43 - CFD: 20.08.2004 - 19:59:10 - [0.542] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 15.10.2004 - 16:00:16 - [3.505] ----D C:\Program Files\Fichiers communs\ncunpard
O43 - CFD: 13.06.2007 - 13:25:27 - [0] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 03.02.2005 - 10:32:56 - [19.077] ----D C:\Program Files\Fichiers communs\Real
O43 - CFD: 20.08.2004 - 19:59:15 - [0.008] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 20.08.2004 - 20:50:24 - [3.612] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 19.06.2006 - 11:26:00 - [8.847] ----D C:\Program Files\Fichiers communs\Symantec Shared
O43 - CFD: 18.09.2011 - 19:30:38 - [25.354] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 28.09.2012 - 11:54:22 - [0.325] ----D C:\Program Files\Fichiers communs\Teleca Shared
O43 - CFD: 19.03.2009 - 17:00:50 - [0] ----D C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 16.12.2013 - 21:44:42 - [3.164] ----D C:\Program Files\Fichiers communs\Wise Installation Wizard
O43 - CFD: 03.02.2005 - 09:57:47 - [0.336] ----D C:\Program Files\Fichiers communs\xing shared
O43 - CFD: 01.02.2014 - 11:35:46 - [147.951] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
O43 - CFD: 22.06.2008 - 07:25:42 - [0] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg7
O43 - CFD: 07.07.2008 - 13:24:59 - [0.000] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus =>P2P.Azureus
O43 - CFD: 05.03.2007 - 14:28:38 - [0.012] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\BOONTY
O43 - CFD: 04.07.2011 - 19:32:14 - [0.116] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\CyberLink
O43 - CFD: 18.11.2011 - 16:44:46 - [0.000] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON
O43 - CFD: 25.11.2007 - 18:08:53 - [0.014] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
O43 - CFD: 07.07.2007 - 19:06:49 - [0.003] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\HP
O43 - CFD: 12.01.2014 - 10:09:57 - [0.012] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\ICQ
O43 - CFD: 11.01.2014 - 14:10:40 - [0.000] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
O43 - CFD: 05.03.2007 - 14:23:14 - [0.007] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Macrovision
O43 - CFD: 29.01.2014 - 09:40:12 - [6.726] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
O43 - CFD: 12.01.2014 - 09:19:13 - [460.097] -S--D C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
O43 - CFD: 13.05.2007 - 19:32:12 - [0.020] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Motive
O43 - CFD: 25.04.2008 - 18:19:40 - [0.000] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\MotiveSysIDs
O43 - CFD: 17.12.2006 - 20:57:40 - [0.000] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
O43 - CFD: 12.10.2009 - 05:08:32 - [0.001] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Office Genuine Advantage
O43 - CFD: 11.11.2007 - 18:16:00 - [0] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Pige
O43 - CFD: 15.01.2013 - 18:58:17 - [0.009] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\QuickTime
O43 - CFD: 16.07.2007 - 16:18:09 - [1.343] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Rulesecondvgasafe
O43 - CFD: 17.11.2007 - 14:57:21 - [89.087] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
O43 - CFD: 10.10.2013 - 18:51:52 - [0] ---AD C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
O43 - CFD: 15.12.2007 - 13:50:58 - [0.003] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
O43 - CFD: 16.01.2007 - 04:08:52 - [0.003] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
O43 - CFD: 12.12.2006 - 18:52:36 - [0.048] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Live Toolbar
O43 - CFD: 19.12.2006 - 10:46:24 - [0.001] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo!
O43 - CFD: 10.10.2013 - 17:36:18 - [1.063] ----D C:\Documents and Settings\nono & jeff\Application Data\0F1F1C2Y1H1P1C0I0T
O43 - CFD: 25.05.2008 - 13:22:23 - [0.002] ----D C:\Documents and Settings\nono & jeff\Application Data\32birdnew
O43 - CFD: 23.07.2009 - 14:16:36 - [4.739] ----D C:\Documents and Settings\nono & jeff\Application Data\Adobe
O43 - CFD: 07.07.2008 - 13:46:34 - [0.961] ----D C:\Documents and Settings\nono & jeff\Application Data\Azureus =>P2P.Azureus
O43 - CFD: 23.01.2007 - 12:40:33 - [0.013] ----D C:\Documents and Settings\nono & jeff\Application Data\DivX
O43 - CFD: 11.10.2008 - 10:46:47 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\EPSON
O43 - CFD: 01.02.2007 - 11:55:17 - [1.167] ----D C:\Documents and Settings\nono & jeff\Application Data\Google
O43 - CFD: 06.11.2012 - 11:15:37 - [0.115] ----D C:\Documents and Settings\nono & jeff\Application Data\GooglePlusYoutube
O43 - CFD: 04.02.2007 - 10:46:53 - [0.000] ----D C:\Documents and Settings\nono & jeff\Application Data\Help
O43 - CFD: 13.05.2009 - 16:36:24 - [0.025] ----D C:\Documents and Settings\nono & jeff\Application Data\HP
O43 - CFD: 29.01.2014 - 16:46:53 - [6.648] ----D C:\Documents and Settings\nono & jeff\Application Data\ICQ
O43 - CFD: 14.12.2006 - 14:21:00 - [0.675] ----D C:\Documents and Settings\nono & jeff\Application Data\ICQLite
O43 - CFD: 12.12.2006 - 18:29:59 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\Identities
O43 - CFD: 13.09.2007 - 13:13:23 - [0.489] ----D C:\Documents and Settings\nono & jeff\Application Data\Image Zone Express
O43 - CFD: 06.11.2012 - 11:17:15 - [0.000] ----D C:\Documents and Settings\nono & jeff\Application Data\IncomingFiles
O43 - CFD: 15.12.2007 - 13:47:11 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\InstallShield
O43 - CFD: 13.12.2006 - 09:05:25 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\InterTrust
O43 - CFD: 18.11.2011 - 16:40:11 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\Lavasoft
O43 - CFD: 21.05.2013 - 18:24:05 - [3.674] ----D C:\Documents and Settings\nono & jeff\Application Data\LibreOffice
O43 - CFD: 26.12.2006 - 20:14:05 - [5.485] ----D C:\Documents and Settings\nono & jeff\Application Data\Macromedia
O43 - CFD: 29.01.2014 - 09:40:38 - [14.272] ----D C:\Documents and Settings\nono & jeff\Application Data\Malwarebytes
O43 - CFD: 27.09.2012 - 16:08:12 - [17.247] -S--D C:\Documents and Settings\nono & jeff\Application Data\Microsoft
O43 - CFD: 15.05.2007 - 10:57:11 - [0.080] ----D C:\Documents and Settings\nono & jeff\Application Data\Motive
O43 - CFD: 02.08.2008 - 09:25:33 - [0.000] ----D C:\Documents and Settings\nono & jeff\Application Data\Mozilla
O43 - CFD: 16.03.2008 - 14:20:07 - [0.126] ----D C:\Documents and Settings\nono & jeff\Application Data\MSN6
O43 - CFD: 12.10.2009 - 05:08:28 - [0.000] ----D C:\Documents and Settings\nono & jeff\Application Data\Office Genuine Advantage
O43 - CFD: 13.09.2007 - 13:13:21 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\Printer Info Cache
O43 - CFD: 04.11.2008 - 07:36:28 - [4.179] ----D C:\Documents and Settings\nono & jeff\Application Data\Sony Ericsson
O43 - CFD: 10.01.2007 - 11:14:18 - [28.670] ----D C:\Documents and Settings\nono & jeff\Application Data\Sun
O43 - CFD: 14.05.2008 - 20:04:22 - [0.043] ----D C:\Documents and Settings\nono & jeff\Application Data\TaoUSign
O43 - CFD: 28.09.2012 - 11:54:42 - [0.004] ----D C:\Documents and Settings\nono & jeff\Application Data\Teleca
O43 - CFD: 06.09.2013 - 12:48:09 - [0.973] ----D C:\Documents and Settings\nono & jeff\Application Data\TunesNINJA
O43 - CFD: 12.04.2012 - 16:11:25 - [0.305] ----D C:\Documents and Settings\nono & jeff\Application Data\vlc
O43 - CFD: 12.01.2007 - 10:52:04 - [0.229] ----D C:\Documents and Settings\nono & jeff\Application Data\WholeSecurity
O43 - CFD: 27.08.2007 - 09:11:48 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\Yahoo!
O43 - CFD: 01.02.2014 - 11:43:59 - [4.133] ----D C:\Documents and Settings\nono & jeff\Application Data\ZHP =>.Nicolas Coolman
O43 - CFD: 27.07.2008 - 11:33:25 - [0] ----D C:\Documents and Settings\nono & jeff\Application Data\ΑppPatch
O43 - CFD: 31.01.2014 - 20:30:57 - [0.376] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Adobe
O43 - CFD: 01.02.2007 - 11:55:17 - [403.200] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Google
O43 - CFD: 04.02.2007 - 10:46:15 - [0] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Help
O43 - CFD: 03.05.2007 - 21:31:10 - [0.216] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Identities
O43 - CFD: 10.01.2013 - 14:02:00 - [0.001] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\JRBWEPlayer
O43 - CFD: 06.08.2013 - 13:52:42 - [878.812] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft
O43 - CFD: 19.07.2007 - 20:01:54 - [0] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Panda Software
O43 - CFD: 28.09.2012 - 11:54:27 - [0.025] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Sony Ericsson
O43 - CFD: 17.11.2007 - 15:03:27 - [0.019] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Sophos
O43 - CFD: 07.12.2012 - 16:43:42 - [2.036] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Xenocode
O43 - CFD: 17.01.2009 - 17:57:49 - [5.529] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\{7326CE9D-C0D2-433A-8A57-B7934EA13EC8}
O43 - CFD: 11.06.2007 - 15:49:31 - [3.591] ----D C:\Documents and Settings\nono & jeff\Local Settings\Application Data\{A6709136-4BF6-429C-95B8-07F5723C0668}
O43 - CFD: 26.09.2012 - 09:08:03 - [0.015] R---D C:\Documents and Settings\nono & jeff\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17.01.2009 - 17:51:14 - [0.006] ----D C:\Documents and Settings\nono & jeff\Menu Démarrer\Programmes\AsfTools
O43 - CFD: 31.01.2014 - 20:49:47 - [0.000] R---D C:\Documents and Settings\nono & jeff\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 15.01.2013 - 21:49:19 - [0.001] ----D C:\Documents and Settings\nono & jeff\Menu Démarrer\Programmes\emme
O43 - CFD: 16.07.2007 - 18:18:37 - [0.000] R---D C:\Documents and Settings\nono & jeff\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 02.09.2011 - 14:31:59 - [0.003] ----D C:\Documents and Settings\nono & jeff\Menu Démarrer\Programmes\SpeedFan
~ Program Folder: 181 Scanned in 00mn 34s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.40D578442EA53E5A02E9D22A40101367] - 01.02.2014 - 10:50:13 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32420]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 01.02.2014 - 10:52:37 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.FB096DF6A8CFA53D4CDE00CF56874346] - 01.02.2014 - 10:52:47 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.EB558F8DD3463678B56D91B893227CC7] - 01.02.2014 - 10:52:51 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01.02.2014 - 10:53:02 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.EEA1D369A94BD10FCC928AFFB7066462] - 01.02.2014 - 10:53:28 ---A- . (...) -- C:\WINDOWS\system32\ANIWZCSUSERNAME{B110DC0A-EA2F-4550-8D64-1B6FE284A74E} [12]
O44 - LFC:[MD5.F199351CC481E60CB20E84D2177F82DD] - 01.02.2014 - 10:53:34 ---A- . (...) -- C:\WINDOWS\system32\ANIWZCS{B110DC0A-EA2F-4550-8D64-1B6FE284A74E} [3284]
O44 - LFC:[MD5.B10ACB1A2543A1AF5569F1E2F6B802BC] - 01.02.2014 - 11:02:27 ---A- . (...) -- C:\WINDOWS\setupapi.log [421126]
O44 - LFC:[MD5.6BFF83A343634C38269ED614692908E7] - 01.02.2014 - 11:41:31 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1586576]
O44 - LFC:[MD5.D815DD4262E4FCC211091F7BA7A01155] - 19.01.2014 - 08:32:23 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\WINDOWS\system32\MpSigStub.exe [231584]
O44 - LFC:[MD5.E40B473E54807F35E6F597452C82B63E] - 29.01.2014 - 09:31:20 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [71048]
O44 - LFC:[MD5.C2D948DB2E7ABC746B4A77B41356BFF3] - 29.01.2014 - 09:31:21 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerApp.exe [692616]
O44 - LFC:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 29.01.2014 - 09:40:06 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\system32\Drivers\mbam.sys [22856]
O44 - LFC:[MD5.2DD0AF1CDE603E36F8597344227DD31A] - 31.01.2014 - 19:50:00 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206]
O44 - LFC:[MD5.58FF0EF3CE4C24B01986CA0FF5E6FDFE] - 31.01.2014 - 20:03:18 ---A- . (...) -- C:\WINDOWS\setupact.log [191513]
O44 - LFC:[MD5.BBA013D455C7CD9D8C42E8C7CC7418F9] - 31.01.2014 - 20:03:20 ---A- . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
~ Files: 17 Scanned in 00mn 03s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.2B3B210338CB8E5B7AB94F98D413FD82] - 01.02.2014 - 00:45:07 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-189578DA.pf
O45 - LFCP:[MD5.012867F2CCCC4BCEB35922981A257C9A] - 01.02.2014 - 06:18:43 ---A- - C:\WINDOWS\Prefetch\Layout.ini
O45 - LFCP:[MD5.5B5B3590E2542B606CB9298FA06121EB] - 01.02.2014 - 06:18:51 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
O45 - LFCP:[MD5.19075BDFCBF7430A7FAA22B3841D5D23] - 01.02.2014 - 06:18:51 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
O45 - LFCP:[MD5.8FC64583D1D658953365F705B7E3CC4B] - 01.02.2014 - 09:12:49 ---A- - C:\WINDOWS\Prefetch\SSMYPICS.SCR-01C62024.pf
O45 - LFCP:[MD5.FAE0D9F27919487DEE9F43AE8B49A05B] - 01.02.2014 - 10:30:38 ---A- - C:\WINDOWS\Prefetch\ZHPHEP.EXE-025A0224.pf
O45 - LFCP:[MD5.A1D7101BC834D257BA9B2A2314C9C403] - 01.02.2014 - 10:30:48 ---A- - C:\WINDOWS\Prefetch\ZHPFIX.EXE-0BB68D6A.pf
O45 - LFCP:[MD5.1B93305D9A9239CD10AE924FF2FCD2D3] - 01.02.2014 - 10:31:08 ---A- - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf
O45 - LFCP:[MD5.0E5DE50301850947D1594AE9F81A58A7] - 01.02.2014 - 10:33:27 ---A- - C:\WINDOWS\Prefetch\ADWCLEANER.EXE-1D58EBCF.pf
O45 - LFCP:[MD5.146F70DBA65D45313897518B169C68D7] - 01.02.2014 - 10:35:47 ---A- - C:\WINDOWS\Prefetch\ADWCLEANER[1].EXE-07F25894.pf
O45 - LFCP:[MD5.9238DE188BDE9E4989C2B19FE817BFE6] - 01.02.2014 - 10:45:02 ---A- - C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf
O45 - LFCP:[MD5.C33883A3D934325645773303CF67A903] - 01.02.2014 - 10:49:18 ---A- - C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf
O45 - LFCP:[MD5.0836F36F4EA74B9B238F42F76EFBF9A5] - 01.02.2014 - 10:50:08 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:[MD5.A787B5AC976B36CEB81A4462D20EE0C3] - 01.02.2014 - 10:53:33 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.A03BC40A5D64A840E8B2E199716FFD9C] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\AIRNCFG.EXE-11E45127.pf
O45 - LFCP:[MD5.B9AEC79BF0976501CBD22F59B25CB0EB] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf
O45 - LFCP:[MD5.FA9F87D036DB691D3606E616181F9337] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf
O45 - LFCP:[MD5.534E31995F5BFF2BE9E7914CD22B469F] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
O45 - LFCP:[MD5.58A3C57E870EDCB22CBF1C236A722B1F] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\GUARDICQ.EXE-01B836DA.pf
O45 - LFCP:[MD5.0EEBB3F8BF8E72BE724546C962073814] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\MQSVC.EXE-08588470.pf
O45 - LFCP:[MD5.008AA1C1A114165153B4BD82532299BD] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\MQTGSVC.EXE-3797CD60.pf
O45 - LFCP:[MD5.E5FB48EFFA0D2DDFCA7747CF5675C471] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\MSSECES.EXE-14257906.pf
O45 - LFCP:[MD5.AA90BF9471FFB68643498C059BDEFCD5] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\OGAEXEC.EXE-25B59E50.pf
O45 - LFCP:[MD5.D0ED216EA1F99B33DF5B4562DFB87C59] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf
O45 - LFCP:[MD5.87C31393D76CDF33B1E76AE4D56EB791] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf
O45 - LFCP:[MD5.76FE8CDB12FDDB786879A596E20D8D7A] - 01.02.2014 - 10:53:34 ---A- - C:\WINDOWS\Prefetch\WZCSLDR2.EXE-234D96A3.pf
O45 - LFCP:[MD5.31A0CABFF18A6F234A18A32F429D6FD6] - 01.02.2014 - 10:59:00 ---A- - C:\WINDOWS\Prefetch\CIDAEMON.EXE-27AE97A4.pf
O45 - LFCP:[MD5.A6FFACCC8C6C9CA1591E40B5F0EEED26] - 01.02.2014 - 11:02:32 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-32DA58B1.pf
O45 - LFCP:[MD5.9D1B9F067D077E734DE2E907FE5C5229] - 01.02.2014 - 11:03:04 ---A- - C:\WINDOWS\Prefetch\MPCMDRUN.EXE-1E628E9C.pf
O45 - LFCP:[MD5.FAE7B92EB9AF46A9220C5E26FBC80906] - 01.02.2014 - 11:03:20 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:[MD5.B78E1A3E88428AD2DE722D8989930939] - 01.02.2014 - 11:04:22 ---A- - C:\WINDOWS\Prefetch\APPLICME.EXE-004A2917.pf
O45 - LFCP:[MD5.7B9654B49378994418D6B565B01AC1BD] - 01.02.2014 - 11:06:33 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
O45 - LFCP:[MD5.D27818392F036A6A6F84A13C65B3496F] - 01.02.2014 - 11:06:51 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4ABEB48D.pf
O45 - LFCP:[MD5.77A7DCB5C66C9CFECF6F7A1E511B429E] - 01.02.2014 - 11:10:57 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-22E35C38.pf
O45 - LFCP:[MD5.2908313D29E06924ED790C926FB3747A] - 01.02.2014 - 11:10:57 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:[MD5.288FCF3E2109D4F00AE8622FA0BB63CF] - 01.02.2014 - 11:12:29 ---A- - C:\WINDOWS\Prefetch\CLEANMGR.EXE-1F86EA8E.pf
O45 - LFCP:[MD5.6344FB4786A2780ABF89E71425B195AF] - 01.02.2014 - 11:12:40 ---A- - C:\WINDOWS\Prefetch\MMC.EXE-1EF9AA05.pf
O45 - LFCP:[MD5.C10B1D6C96C4EFA67DD8CBF5E682A5C6] - 01.02.2014 - 11:14:17 ---A- - C:\WINDOWS\Prefetch\WLTUSER.EXE-05A5B196.pf
O45 - LFCP:[MD5.A4389984E313CAEF665B7441EC30F424] - 01.02.2014 - 11:15:21 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf
O45 - LFCP:[MD5.B366C6DBA4BD300B33C24A95E8E71769] - 01.02.2014 - 11:17:41 ---A- - C:\WINDOWS\Prefetch\WLLOGINPROXY.EXE-2D4B6027.pf
O45 - LFCP:[MD5.50E52C68E93D42B39663EDB54410F8DE] - 01.02.2014 - 11:19:01 ---A- - C:\WINDOWS\Prefetch\DLLHOST.EXE-42807EE4.pf
O45 - LFCP:[MD5.F2EE63A5CAD803015CC09A9915472962] - 01.02.2014 - 11:29:00 ---A- - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
O45 - LFCP:[MD5.2B2B15D4272B6C270939E017B6ABFBC6] - 01.02.2014 - 11:30:14 ---A- - C:\WINDOWS\Prefetch\MSFEEDSSYNC.EXE-25E13438.pf
O45 - LFCP:[MD5.BA9B1D76389734632DD26A4973E49443] - 01.02.2014 - 11:30:57 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
O45 - LFCP:[MD5.A7F33093184B333C8F8F9F1E4ADD62A2] - 01.02.2014 - 11:33:00 ---A- - C:\WINDOWS\Prefetch\ADBERDR11006_FR_FR[1].EXE-0E14D7D4.pf
O45 - LFCP:[MD5.0BA9E3228E013316E34153096C8A59E6] - 01.02.2014 - 11:34:10 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-254150AD.pf
O45 - LFCP:[MD5.73D8BF4CB1F81A533A4597F73E2B925D] - 01.02.2014 - 11:35:35 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:[MD5.9297D92F588DDF4DD96C708197ACEB22] - 01.02.2014 - 11:39:29 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf
O45 - LFCP:[MD5.469DF636E2542D123024A9E4D91CCFE9] - 01.02.2014 - 11:39:31 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:[MD5.3EDBA9EBB692C30803C9C4CF05529671] - 01.02.2014 - 11:42:57 ---A- - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf
O45 - LFCP:[MD5.122D48FE08E184E8943AEE1DC7F3177F] - 01.02.2014 - 11:43:02 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf
O45 - LFCP:[MD5.38A0E347FAACCE4E72229A52CCB234F9] - 01.02.2014 - 11:43:09 ---A- - C:\WINDOWS\Prefetch\ZHPHEP.EXE-07C98D09.pf
O45 - LFCP:[MD5.629FBDC8AFEE9BEB44F9A6DC7D5CE7B3] - 01.02.2014 - 11:43:19 ---A- - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-021B7932.pf
O45 - LFCP:[MD5.B8DDA0CF4DC10F4CB69C95005BF1B835] - 01.02.2014 - 11:43:47 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
O45 - LFCP:[MD5.8DAFF6208F4A35A6B1B08CE11DB03EE5] - 01.02.2014 - 11:43:47 ---A- - C:\WINDOWS\Prefetch\PV.EXE-215F4419.pf
O45 - LFCP:[MD5.94EB08BD7771598B0418E8031A3E55DE] - 01.02.2014 - 11:43:50 ---A- - C:\WINDOWS\Prefetch\SUBINACL.EXE-17974576.pf
O45 - LFCP:[MD5.9F9AB2242410FE6F3E0074E51CB89982] - 01.02.2014 - 11:44:00 ---A- - C:\WINDOWS\Prefetch\SCHTASKS.EXE-0CBF6A11.pf
O45 - LFCP:[MD5.31E96322E734DF94130A6C17DB4F945F] - 11.01.2014 - 13:46:09 ---A- - C:\WINDOWS\Prefetch\AAWSERVICE.EXE-3B93EBA3.pf
O45 - LFCP:[MD5.F916DC1A0A10B817B675822AD55A9188] - 11.01.2014 - 14:10:21 ---A- - C:\WINDOWS\Prefetch\AD-AWAREADMIN.EXE-102E374C.pf
O45 - LFCP:[MD5.F85643A4D724668731B0BF132D594BDD] - 12.01.2014 - 12:23:50 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-301B1846.pf
O45 - LFCP:[MD5.285EFD3D141390E4F19B23074B80C9BE] - 12.01.2014 - 13:26:33 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C9FEA9F.pf
O45 - LFCP:[MD5.68A3E49A4944876F0F59A53EAECED2BA] - 12.01.2014 - 13:43:09 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-17854306.pf
O45 - LFCP:[MD5.90FBD3191D3E528BB76083F517972B23] - 12.01.2014 - 16:40:31 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4C7EE953.pf
O45 - LFCP:[MD5.D9AAA11F935E6BFEA9084437FB4BE1CE] - 14.01.2014 - 17:23:22 ---A- - C:\WINDOWS\Prefetch\AM_DELTA_PATCH_1.165.1707.0.E-0578AF8A.pf
O45 - LFCP:[MD5.76049AEEDE23701A4B0F19AE96DD52DA] - 15.01.2014 - 17:23:09 ---A- - C:\WINDOWS\Prefetch\AM_DELTA_PATCH_1.165.1868.0.E-23E110B7.pf
O45 - LFCP:[MD5.E4A4B6901634852740347488265E13A7] - 15.01.2014 - 19:51:18 ---A- - C:\WINDOWS\Prefetch\ACRORD32.EXE-356875A2.pf
O45 - LFCP:[MD5.D52DCD4A2C1C67708EE15DD78897993B] - 15.01.2014 - 20:06:34 ---A- - C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:[MD5.D2DCC097948DF4F824F1CD6593CD2BD0] - 24.01.2014 - 08:04:18 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC69D2D.pf
O45 - LFCP:[MD5.A92ED5BAA476C7D50B0B2D536BF0492A] - 24.01.2014 - 08:08:53 ---A- - C:\WINDOWS\Prefetch\SPEEDFAN.EXE-1EEDB562.pf
O45 - LFCP:[MD5.F63FC0EA02213AC08112419F24166C62] - 24.01.2014 - 08:09:01 ---A- - C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEFA1.pf
O45 - LFCP:[MD5.F471FFE36BB99DE199FCA65F25934A5F] - 24.01.2014 - 08:22:50 ---A- - C:\WINDOWS\Prefetch\MPSIGSTUB.EXE-214A1847.pf
O45 - LFCP:[MD5.DE9F15C962A0C431FBF731B460A5701D] - 24.01.2014 - 08:23:05 ---A- - C:\WINDOWS\Prefetch\AM_DELTA.EXE-2F7A6F0C.pf
O45 - LFCP:[MD5.332644DC17DFD620318B0C322B8165BF] - 25.01.2014 - 08:15:23 ---A- - C:\WINDOWS\Prefetch\AM_DELTA_PATCH_1.165.2534.0.E-36DD8DB6.pf
O45 - LFCP:[MD5.4E672B231288F6FE6E3BECC8473E1927] - 26.01.2014 - 02:15:48 ---A- - C:\WINDOWS\Prefetch\AM_DELTA_PATCH_1.165.2616.0.E-3776E2DA.pf
O45 - LFCP:[MD5.B5C24AB7B47D42D6B875C19A0CFA5506] - 26.01.2014 - 08:15:10 ---A- - C:\WINDOWS\Prefetch\AM_DELTA_PATCH_1.165.2645.0.E-1AECEF40.pf
O45 - LFCP:[MD5.36060228C5E3A0286CFA5FE81B32F618] - 26.01.2014 - 10:50:51 ---A- - C:\WINDOWS\Prefetch\AGCP.EXE-238A43DB.pf
O45 - LFCP:[MD5.50A26B76565BF86BE71872DFFC52A124] - 29.01.2014 - 09:04:58 ---A- - C:\WINDOWS\Prefetch\FLASHUTIL32_11_9_900_170_ACTI-38AD9927.pf
O45 - LFCP:[MD5.3C205D9AFBFC22461DAF2E1C14C4F03B] - 29.01.2014 - 09:17:33 ---A- - C:\WINDOWS\Prefetch\AM_DELTA_PATCH_1.165.2656.0.E-1B9C9423.pf
O45 - LFCP:[MD5.D5726ABB0A578FEA9FA5885E0F906128] - 29.01.2014 - 09:29:04 ---A- - C:\WINDOWS\Prefetch\INSTALL_FLASHPLAYER12X32AXAU_-39E07436.pf
O45 - LFCP:[MD5.5A464363839BF0B0616999624D1105DB] - 29.01.2014 - 09:29:09 ---A- - C:\WINDOWS\Prefetch\INSTALL_FLASHPLAYER12X32AXAU_-094CB280.pf
O45 - LFCP:[MD5.ECB34A0D9B278874DBABB683563269C3] - 29.01.2014 - 09:29:37 ---A- - C:\WINDOWS\Prefetch\GTBCHECK.EXE-047282F5.pf
O45 - LFCP:[MD5.894A5EF1BFB6C10719ACDCCA9812328C] - 29.01.2014 - 09:29:41 ---A- - C:\WINDOWS\Prefetch\GCCHECK.EXE-2F35AF40.pf
O45 - LFCP:[MD5.42F513DC4B061CD92211EADDB7E66E1A] - 29.01.2014 - 09:30:56 ---A- - C:\WINDOWS\Prefetch\INSTALL_FLASH_PLAYER_AX.EXE-1F8BE768.pf
O45 - LFCP:[MD5.4C500B23EA0CCC17F0D4E93854DADA4D] - 29.01.2014 - 09:39:21 ---A- - C:\WINDOWS\Prefetch\MBAM-SETUP-1.75.0.1300[1].EXE-028E1ECA.pf
O45 - LFCP:[MD5.53F4A88F0CFA4BA2CCEF69C8D4C37825] - 29.01.2014 - 09:39:23 ---A- - C:\WINDOWS\Prefetch\MBAM-SETUP-1.75.0.1300[1].TMP-04EA88C7.pf
O45 - LFCP:[MD5.13A1FAAF464B44E71E5E9AD9B46D9A54] - 29.01.2014 - 15:51:49 ---A- - C:\WINDOWS\Prefetch\MBAMGUI.EXE-1286D63B.pf
O45 - LFCP:[MD5.8DD9F42C8197FAF002DFC1F13981EB78] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\CSRSS.EXE-12B63473.pf
O45 - LFCP:[MD5.0529A0DD79A7ED625A9CD96FF9CDC846] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\INETINFO.EXE-04CDB6D9.pf
O45 - LFCP:[MD5.0D8B1984D7BF4E0B93027DE58167CC19] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\LSASS.EXE-20DB6D1B.pf
O45 - LFCP:[MD5.920C4218A91FF698D4A09A53B131CE24] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\MSDTC.EXE-0E6E4AF7.pf
O45 - LFCP:[MD5.BDC0FBE607A66D038A3552898FE4011F] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\MSMPENG.EXE-053C8CA0.pf
O45 - LFCP:[MD5.1483C997248F319FE5B7145DFB711EAF] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\SEAPORT.EXE-2D9D4167.pf
O45 - LFCP:[MD5.C254BC77A4C902ED8478C025D40BEB85] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\SERVICES.EXE-2F433351.pf
O45 - LFCP:[MD5.6970A3AE049DC3015A44B63AA896F13C] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\SNMP.EXE-0E0E1166.pf
O45 - LFCP:[MD5.D6072488B8EFDF3DD20EB0A9A2A01B68] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\TCPSVCS.EXE-05847ECC.pf
O45 - LFCP:[MD5.F2313555357FAD23EFE447BCDB684306] - 29.01.2014 - 16:43:02 ---A- - C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf
O45 - LFCP:[MD5.518345CF3FAFCA7A59A56E12A1AFFC6B] - 29.01.2014 - 16:43:03 ---A- - C:\WINDOWS\Prefetch\FXSSVC.EXE-3B8F7819.pf
O45 - LFCP:[MD5.85219335CF7006A50235ECEF1ED39994] - 29.01.2014 - 16:43:37 ---A- - C:\WINDOWS\Prefetch\ICQ.EXE-136A3080.pf
O45 - LFCP:[MD5.9DC8125EA41F64688F72AB0C5E40529E] - 29.01.2014 - 16:49:17 ---A- - C:\WINDOWS\Prefetch\EXCEL.EXE-13B3F319.pf
O45 - LFCP:[MD5.7766F4855DF080A54D52FBAEFE0CC790] - 31.01.2014 - 19:51:21 ---A- - C:\WINDOWS\Prefetch\READER_SL.EXE-1A438403.pf
O45 - LFCP:[MD5.4F8E4510907EF50E5BE1C086DBC1B786] - 31.01.2014 - 19:51:22 ---A- - C:\WINDOWS\Prefetch\TUNESNINJA.EXE-06DD9305.pf
O45 - LFCP:[MD5.8EAA73F369C6C847DA6BF79E6D93E06C] - 31.01.2014 - 20:01:39 ---A- - C:\WINDOWS\Prefetch\AM_DELTA_PATCH_1.165.2870.0.E-37591918.pf
O45 - LFCP:[MD5.853BACBEB29C63173D1312FAF8AF918B] - 31.01.2014 - 20:01:48 ---A- - C:\WINDOWS\Prefetch\MPSIGSTUB.EXE-1D30D19B.pf
O45 - LFCP:[MD5.88BE6A7CC1DFF6BCDCAF7DCE71441B55] - 31.01.2014 - 20:03:19 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-13F0DE5F.pf
O45 - LFCP:[MD5.0E48B7F91CBB9CB1CE7057B115419029] - 31.01.2014 - 20:07:37 ---A- - C:\WINDOWS\Prefetch\MBAM.EXE-0BEE0439.pf
O45 - LFCP:[MD5.24B72C50768C3B2246F22AF8351615B6] - 31.01.2014 - 20:07:38 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:[MD5.8F732F6CFE2BADB1BA85E790DDB3E2A8] - 31.01.2014 - 20:30:57 ---A- - C:\WINDOWS\Prefetch\ADOBEUPDATER.EXE-3658C422.pf
O45 - LFCP:[MD5.D895E26158A991083D84F2779B495129] - 31.01.2014 - 21:10:57 ---A- - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
~ Prefetcher: 108 Scanned in 00mn 00s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\msncall.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\eMule\emule.exe" [Enabled] .(...) -- C:\Program Files\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\ICQLite\ICQLite.exe" [Enabled] .(...) -- C:\Program Files\ICQLite\ICQLite.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\AIM\aim.exe" [Enabled] .(...) -- C:\Program Files\AIM\aim.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Enabled] .(...) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (.not file.)
O47 - AAKE:Key Export SP - "D:\poelladoù\Logiciels à ne pas supprimer\eMule\emule.exe" [Enabled] .(...) -- D:\poelladoù\Logiciels à ne pas supprimer\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\livecall.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\nono & jeff\Local Settings\Temp\Répertoire temporaire 1 pour Pc Game Ita Worms 4 Mayhem Crack Nocd Funzionante By Seyfer89.zip\Worms 4 Mayhem.exe" [Enabled] .(...) -- C:\Documents and Settings\nono & jeff\Local Settings\Temp\Répertoire temporaire 1 pour Pc Game Ita Worms 4 Mayhem Crack Nocd Funzionante By Seyfer89.zip\Worms 4 Mayhem.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\nono & jeff\Local Settings\Temp\Répertoire temporaire 2 pour Pc Game Ita Worms 4 Mayhem Crack Nocd Funzionante By Seyfer89.zip\Worms 4 Mayhem.exe" [Enabled] .(...) -- C:\Documents and Settings\nono & jeff\Local Settings\Temp\Répertoire temporaire 2 pour Pc Game Ita Worms 4 Mayhem Crack Nocd Funzionante By Seyfer89.zip\Worms 4 Mayhem.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\nono & jeff\Local Settings\Temp\Répertoire temporaire 3 pour Pc Game Ita Worms 4 Mayhem Crack Nocd Funzionante By Seyfer89.zip\Worms 4 Mayhem.exe" [Enabled] .(...) -- C:\Documents and Settings\nono & jeff\Local Settings\Temp\Répertoire temporaire 3 pour Pc Game Ita Worms 4 Mayhem Crack Nocd Funzionante By Seyfer89.zip\Worms 4 Mayhem.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Vuze\Azureus.exe" [Enabled] .(...) -- C:\Program Files\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O47 - AAKE:Key Export SP - "C:\Program Files\ICQ6\ICQ.exe" [Enabled] .(...) -- C:\Program Files\ICQ6\ICQ.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dpvsetup.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\dpvsetup.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\rundll32.exe" [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mqsvc.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\mqsvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O47 - AAKE:Key Export SP - "C:\Program Files\ICQ7.7\ICQ.exe" [Enabled] .(.ICQ, LLC..) -- C:\Program Files\ICQ7.7\ICQ.exe
O47 - AAKE:Key Export SP - "D:\logiciels\Logiciels à ne pas supprimer\eMule\emule.exe" [Enabled] .(...) -- D:\logiciels\Logiciels à ne pas supprimer\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\msncall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\msncall.exe (.not file.)
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(...) -- C:\Program Files\MSN Messenger\livecall.exe (.not file.)
O47 - AAKE:Key Export DP - "C:\WINDOWS\system32\mqsvc.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\mqsvc.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O47 - AAKE:Key Export DP - "C:\Program Files\ICQ7.7\ICQ.exe" [Enabled] .(.ICQ, LLC..) -- C:\Program Files\ICQ7.7\ICQ.exe
~ Keys Export: 29 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll
~ LSA: 6 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ CSB: 21 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{4bff80f2-d566-11e0-af16-00138f047384}\AutoRun\command. (...) -- H:\AppliCME.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.dll
O52 - TDSD: \Drivers32\"aux"="ctwdm32.dll" . (.Creative Technology Ltd. - Creative WDM Driver.) -- C:\WINDOWS\system32\ctwdm32.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (.LEAD Technologies, Inc. - LEAD MCMP/MJPEG Codec.) -- C:\WINDOWS\system32\LCODCCMP.dll
O52 - TDSD: \drivers.desc\"ctwdm32.dll"="Creative inf(WDM)" . (.Creative Technology Ltd. - Creative WDM Driver.) -- C:\WINDOWS\system32\ctwdm32.dll
O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
~ TDSD: 15 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ MWPS: 5 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
~ MWPE Keys: 2 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.7B0C854289DAD27B84B4F538E797AEB8] - 17.12.2001 - 02:27:06 ---A- . (.Avance Logic, Inc. - Avance AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\Drivers\ALCXWDM.SYS [265143]
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 29.03.2000 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.6EDCBC3AD1D08E5278AFF991582500C0] - 24.07.2006 - 16:49:48 ---A- . (.USB Generic Camera - USB Camera Driver.) -- C:\WINDOWS\system32\Drivers\cam1210.sys [89856]
O58 - SDL:[MD5.08F60F40D1A2A95A1F12EDDBD9F25C1C] - 05.03.2007 - 14:22:51 ---A- . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\Drivers\CdaC15BA.SYS [12464]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 28.08.2001 - 15:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.997F912324B3BB977AF2DF376E5508CE] - 01.11.2002 - 10:11:20 ---A- . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\system32\Drivers\cmuda.sys [451599]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 28.08.2001 - 15:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\Drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.7FFA171CCE6A8BFC774862A578BA39A2] - 17.08.2001 - 19:19:28 ---A- . (.Creative Technology Ltd. - Creative SB Live! Interface Driver.) -- C:\WINDOWS\system32\Drivers\ctlfacem.sys [6912]
O58 - SDL:[MD5.71007BD2E1E26927FE3E4EB00C0BEEDF] - 17.08.2001 - 19:19:20 ---A- . (.Creative Technology Ltd. - Creative Joyport Enabler.) -- C:\WINDOWS\system32\Drivers\ctljystk.sys [3712]
O58 - SDL:[MD5.D60ED194C180B35C389E78FD41711ECA] - 22.04.2010 - 14:29:38 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\system32\Drivers\Drt2860.sys [1329632]
O58 - SDL:[MD5.01F83E1B5DCE05F5CB7D99113CA9E890] - 17.08.2001 - 19:19:26 ---A- . (.Creative Technology Ltd. - Creative SB Live! Adapter Driver.) -- C:\WINDOWS\system32\Drivers\emu10k1m.sys [283904]
O58 - SDL:[MD5.B9F03760AF557348E17A5BB5FFEB73C0] - 17.08.2001 - 19:19:58 ---A- . (.ESS Technology Inc. - ESS ES1969 PCI Audio Adapter Driver.) -- C:\WINDOWS\system32\Drivers\es1969.sys [72192]
O58 - SDL:[MD5.504E93682655A7B3AF1FB5BFF3F44322] - 20.10.2004 - 13:23:34 ---A- . (.FreeBox SA - Carte réseau virtuelle FreeBox USB.) -- C:\WINDOWS\system32\Drivers\fbxusb32.sys [21344]
O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 17.08.2001 - 20:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\Drivers\fetnd5.sys [27165]
O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 29.09.2004 - 07:11:42 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\Drivers\HPZid412.sys [51120]
O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 29.09.2004 - 07:11:46 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\Drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.ABCB05CCDBF03000354B9553820E39F8] - 21.10.2005 - 17:52:48 ---A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\Drivers\HPZius12.sys [21568]
O58 - SDL:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 04.04.2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\system32\Drivers\mbam.sys [22856]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 28.08.2001 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 04.08.2004 - 06:29:54 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\Drivers\nv4_mini.sys [1897408]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 28.08.2001 - 15:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 28.08.2001 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\Drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 28.08.2001 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\riodrv.sys [12032]
O58 - SDL:[MD5.815445F4676CC96BC9AEEC303C727E19] - 03.04.2007 - 13:57:42 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 Driver.) -- C:\WINDOWS\system32\Drivers\s116bus.sys [83336]
O58 - SDL:[MD5.0C8F4ECE9684FE64ECD09CAD1797BB20] - 03.04.2007 - 13:57:44 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s116cm.sys [12424]
O58 - SDL:[MD5.0C8F4ECE9684FE64ECD09CAD1797BB20] - 03.04.2007 - 13:57:44 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s116cmnt.sys [12424]
O58 - SDL:[MD5.F6F34ECAFCB915177983797A2BBAC547] - 03.04.2007 - 13:57:46 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 USB Ethernet Emulation (WDM class regi.) -- C:\WINDOWS\system32\Drivers\s116cr.sys [11016]
O58 - SDL:[MD5.333D1E0743E6DE1779C3C418AC601C3A] - 03.04.2007 - 13:57:48 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 USB WMC Modem Filter Driver.) -- C:\WINDOWS\system32\Drivers\s116mdfl.sys [15112]
O58 - SDL:[MD5.50D6E5B021E9EC7553AB8A3553CC1B6B] - 03.04.2007 - 13:57:48 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 USB WMC Modem WDM Driver.) -- C:\WINDOWS\system32\Drivers\s116mdm.sys [108680]
O58 - SDL:[MD5.1589AA53E43F8D193A7D4D580D3FFA95] - 03.04.2007 - 13:57:50 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 USB WMC Device Management Driver.) -- C:\WINDOWS\system32\Drivers\s116mgmt.sys [100488]
O58 - SDL:[MD5.306F85733671FE507470F0273025E768] - 03.04.2007 - 13:57:52 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 USB Ethernet Emulation (NDIS 5 Minipor.) -- C:\WINDOWS\system32\Drivers\s116nd5.sys [23176]
O58 - SDL:[MD5.EC32601F04A5A5DE89315D0F55E73D66] - 03.04.2007 - 13:57:52 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 USB WMC OBEX Interface Device Driver.) -- C:\WINDOWS\system32\Drivers\s116obex.sys [98696]
O58 - SDL:[MD5.32E3ECB4B2B5887426EAF241A8149CDE] - 03.04.2007 - 13:57:54 R--A- . (.MCCI Corporation - Sony Ericsson Device 116 USB Ethernet Emulation.) -- C:\WINDOWS\system32\Drivers\s116unic.sys [99080]
O58 - SDL:[MD5.1EB2AD3D5220A5543F4E00F2CE681DCD] - 03.04.2007 - 13:57:54 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s116wh.sys [12424]
O58 - SDL:[MD5.1EB2AD3D5220A5543F4E00F2CE681DCD] - 03.04.2007 - 13:57:54 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s116whnt.sys [12424]
O58 - SDL:[MD5.8C156E6B568AA927EB5DEADEB870BDD2] - 19.06.2007 - 09:51:16 R--A- . (.MCCI Corporation - Sony Ericsson Device 816.) -- C:\WINDOWS\system32\Drivers\s816bus.sys [81832]
O58 - SDL:[MD5.84BC77966D49536DE92662EF0CA0A43D] - 19.06.2007 - 09:51:16 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s816cm.sys [11176]
O58 - SDL:[MD5.84BC77966D49536DE92662EF0CA0A43D] - 19.06.2007 - 09:51:16 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s816cmnt.sys [11176]
O58 - SDL:[MD5.B7949BEDDF8B9AFDEBC43787ED0EB72A] - 19.06.2007 - 09:51:08 R--A- . (.MCCI Corporation - Sony Ericsson Device 916 USB Ethernet Emulation (WDM class regi.) -- C:\WINDOWS\system32\Drivers\s816cr.sys [9768]
O58 - SDL:[MD5.D4ED429953A2B8B09C702805813A26C8] - 19.06.2007 - 09:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Modem Filter Driver.) -- C:\WINDOWS\system32\Drivers\s816mdfl.sys [13864]
O58 - SDL:[MD5.94306F371A6FF8B690BEA81157111B3B] - 19.06.2007 - 09:51:20 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Modem WDM Driver.) -- C:\WINDOWS\system32\Drivers\s816mdm.sys [107304]
O58 - SDL:[MD5.FAFDD00ABAD1B6029BF7F4067764AB41] - 19.06.2007 - 09:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC Device Management Driver.) -- C:\WINDOWS\system32\Drivers\s816mgmt.sys [99112]
O58 - SDL:[MD5.FD0D1E39CB22558D79BFF59B66A5874A] - 19.06.2007 - 09:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 916 USB Ethernet Emulation (NDIS 5 Minipor.) -- C:\WINDOWS\system32\Drivers\s816nd5.sys [21928]
O58 - SDL:[MD5.8EACD5E46764463E75F171D9BF305348] - 19.06.2007 - 09:51:18 R--A- . (.MCCI Corporation - Sony Ericsson Device 816 USB WMC OBEX Interface Device Driver.) -- C:\WINDOWS\system32\Drivers\s816obex.sys [97320]
O58 - SDL:[MD5.E2090B041B935430ABC8E184B7D6CD75] - 19.06.2007 - 09:51:18 R--A- . (.MCCI - Sony Ericsson Device 816 USB Ethernet Emulation.) -- C:\WINDOWS\system32\Drivers\s816unic.sys [97704]
O58 - SDL:[MD5.1EF6E1AD4DD3EFB3785E4479DDBAD80B] - 19.06.2007 - 09:51:18 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s816wh.sys [11176]
O58 - SDL:[MD5.1EF6E1AD4DD3EFB3785E4479DDBAD80B] - 19.06.2007 - 09:51:18 R--A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\s816whnt.sys [11176]
O58 - SDL:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 18.11.2011 - 18:04:11 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\WINDOWS\system32\Drivers\SBREDrv.sys [101720]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13.11.2007 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\Drivers\secdrv.sys [20480]
O58 - SDL:[MD5.0B1A5E9CACB5CDD54A2815107BD7C772] - 17.08.2001 - 19:19:34 ---A- . (.Creative Technology Ltd. - SoundFont(R) Manager.) -- C:\WINDOWS\system32\Drivers\sfmanm.sys [36480]
O58 - SDL:[MD5.12875C90CE2F71BB5CD973968F510A58] - 10.01.2003 - 09:30:22 ---A- . (.Service & Quality Technology. - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\Drivers\SQCamD.sys [25449]
O58 - SDL:[MD5.100FF3D9E16AFB3163BD6F9AAAAB7C55] - 10.01.2003 - 10:56:34 ---A- . (.Service & Quality Technology. - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\Drivers\SQCaptur.sys [30921]
O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 22.12.2005 - 11:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\Drivers\sscdbus.sys [80272]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 22.12.2005 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\sscdcm.sys [11877]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 22.12.2005 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\sscdcmnt.sys [11877]
O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 22.12.2005 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\Drivers\sscdmdfl.sys [10864]
O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 22.12.2005 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\Drivers\sscdmdm.sys [137884]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 22.12.2005 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\sscdwh.sys [11188]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 22.12.2005 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\sscdwhnt.sys [11188]
O58 - SDL:[MD5.DF5C19F053EFF7F8BA25D73AEA899656] - 30.08.2005 - 00:47:38 ---A- . (.MCCI - SAMSUNG Mobile USB Device II 1.0 Driver.) -- C:\WINDOWS\system32\Drivers\ssm_bus.sys [58320]
O58 - SDL:[MD5.A2C7705A4745A60B875F931860DF3557] - 30.08.2005 - 00:49:28 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\ssm_cm.sys [6176]
O58 - SDL:[MD5.A2C7705A4745A60B875F931860DF3557] - 30.08.2005 - 00:49:28 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\ssm_cmnt.sys [6176]
O58 - SDL:[MD5.5347169FA449EABC4D0728AE39FAB926] - 30.08.2005 - 00:49:34 ---A- . (.MCCI - SAMSUNG Mobile USB Modem II 1.0 Filter Driver.) -- C:\WINDOWS\system32\Drivers\ssm_mdfl.sys [8336]
O58 - SDL:[MD5.7AAE23DD105EED15C4F45FC269FA42A9] - 30.08.2005 - 00:49:38 ---A- . (.MCCI - SAMSUNG Mobile USB Modem II 1.0 Driver.) -- C:\WINDOWS\system32\Drivers\ssm_mdm.sys [94000]
O58 - SDL:[MD5.5F4D52B9C1A7312598D88CBAECB3FC70] - 30.08.2005 - 00:47:34 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\ssm_wh.sys [5840]
O58 - SDL:[MD5.5F4D52B9C1A7312598D88CBAECB3FC70] - 30.08.2005 - 00:47:34 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\Drivers\ssm_whnt.sys [5840]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 19.04.2008 - 09:43:20 ---A- . (...) -- C:\WINDOWS\system32\Drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.833AC40F6E7BE17951D6D9A956829547] - 15.02.2007 - 13:14:28 ---A- . (.Generic - Recovery Mode Driver.) -- C:\WINDOWS\system32\Drivers\StMp3Rec.sys [19840]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 28.08.2001 - 15:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\Drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 28.08.2001 - 15:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.099F10C7B9D4C7A2BF48D4C6ECA1E7F1] - 03.03.2002 - 21:10:00 ---A- . (.VIA Technologies, Inc. - VIA NT AGP Filter.) -- C:\WINDOWS\system32\Drivers\viaagp1.sys [27648]
O58 - SDL:[MD5.A5D8B6C8D43786D4215C1DF6FAB0AAE0] - 18.10.2001 - 05:00:00 R--A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\system32\Drivers\viaidexp.sys [6144]
O58 - SDL:[MD5.6AAA39DD79A8341CE0EF9249F21D6B89] - 25.02.2005 - 07:26:14 R--A- . (.VIA Technologies inc,.ltd - VIA RAID DRIVER FOR WIN 2000/XP/2003IA32.) -- C:\WINDOWS\system32\Drivers\viamraid.sys [60800]
O58 - SDL:[MD5.662626BCCF060F2F4B6D5AF7AC121FF5] - 18.12.2001 - 07:45:04 ---A- . (.VIA Technologies. Inc. - VIA PFD driver.) -- C:\WINDOWS\system32\Drivers\VIAPFD.SYS [3279]
O58 - SDL:[MD5.D33B28D9ED695CCF9520D70D825F9D85] - 17.09.2011 - 12:32:35 ---A- . (.Pas de propriétaire - ANPD (NT5) Driver.) -- C:\WINDOWS\system32\ANPD.SYS [29411]
O58 - SDL:[MD5.1F2D2C0B60DF4F9D4F7378800BF693AC] - 17.09.2011 - 12:32:35 ---A- . (.Pas de propriétaire - ANPD (NT5) Driver.) -- C:\WINDOWS\system32\ANPD64.SYS [48640]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03.04.1996 - 20:33:26 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 28.08.2002 - 21:23:06 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 28.08.2001 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 04.08.2004 - 06:45:25 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 04.08.2004 - 06:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 04.08.2004 - 06:45:10 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 04.08.2004 - 06:45:15 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 04.08.2004 - 06:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:[MD5.D74375BE63DCA31E6145248E4278893E] - 22.10.2003 - 09:54:14 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 4.0 Protocol Driver.) -- C:\WINDOWS\system32\Pcandis4.sys [16848]
O58 - SDL:[MD5.FC6BAFC20114160A6291C1C45545F137] - 22.10.2003 - 09:54:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\WINDOWS\system32\Pcandis5.sys [17162]
O58 - SDL:[MD5.9F70CD5EDCC4EFC48AE21E04FB03BE9D] - 18.12.2010 - 12:03:56 ---A- . (.Almico Software - Speed Fan x32 Driver.) -- C:\WINDOWS\system32\speedfan.sys [21696]
~ Drivers: 5 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01.02.2014 - 11:44:51 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2014-01-31 (20-09-47).txt [2202]
O61 - LFC: 01.02.2014 - 11:44:51 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\Microsoft\MMC\dfrg [3924]
O61 - LFC: 01.02.2014 - 11:44:51 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\Microsoft\Credentials\S-1-5-21-1960408961-117609710-682003330-1003\Credentials [524]
O61 - LFC: 01.02.2014 - 11:44:52 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\Microsoft\Windows Live\Toolbar\Feeds\index.xml [156]
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\ZHP\Log.txt [23650] =>.Nicolas Coolman
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\ZHP\TestsZHPDiag.txt [3323] =>.Nicolas Coolman
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\ZHP\ZHPFixQuarantine.txt [1820] =>.Nicolas Coolman
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Application Data\ZHP\ZHPFix[R1].txt [5102] =>.Nicolas Coolman
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Bureau\Raccourcis Bureau non utilisés\AdwCleaner[S2].txt [1121]
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Bureau\Raccourcis Bureau non utilisés\ZHPFixReport.txt [5102] =>.Nicolas Coolman
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Bureau\Raccourcis Bureau non utilisés\mbam-log-2014-01-29 (09-48-45).txt [12576]
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Bureau\Raccourcis Bureau non utilisés\mbam-log-2014-01-31 (20-09-47).txt [2202]
O61 - LFC: 01.02.2014 - 11:44:53 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\index.dat [1097728]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@ad.zanox[3].txt [838]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@ads.clicmanager[3].txt [287]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@advertstream[2].txt [424]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@adxcore[2].txt [234]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@c.live[1].txt [65]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@c.msn[4].txt [125]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@c1.microsoft[2].txt [145]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@cjoint[2].txt [371]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@general-changelog-team[2].txt [344]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@live[1].txt [487]
O61 - LFC: 01.02.2014 - 11:44:54 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@login.live[1].txt [381]
O61 - LFC: 01.02.2014 - 11:44:55 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@microsoft[3].txt [703]
O61 - LFC: 01.02.2014 - 11:44:55 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@msn[1].txt [659]
O61 - LFC: 01.02.2014 - 11:44:55 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@reussissonsensemble[2].txt [331]
O61 - LFC: 01.02.2014 - 11:44:55 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@support.microsoft[3].txt [280]
O61 - LFC: 01.02.2014 - 11:44:55 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Cookies\nono_&_jeff@surfright[2].txt [487]
O61 - LFC: 01.02.2014 - 11:44:56 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Favoris\Virus nono\A bas nation zoom - Microsoft Community.url [422]
O61 - LFC: 01.02.2014 - 11:44:56 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\IECompatCache\index.dat [16384]
O61 - LFC: 01.02.2014 - 11:44:56 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\IETldCache\index.dat [245760]
O61 - LFC: 01.02.2014 - 11:45:00 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Feeds\FeedsStore.feedsdb-ms [5632]
O61 - LFC: 01.02.2014 - 11:45:00 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\Sites suggérés d’Internet Explorer~.feed-ms [32768]
O61 - LFC: 01.02.2014 - 11:45:00 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-1960408961-117609710-682003330-1003\Credentials [2970]
O61 - LFC: 01.02.2014 - 11:45:01 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [32768]
O61 - LFC: 01.02.2014 - 11:45:02 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\18C2TY92\www.google[1].xml [479]
O61 - LFC: 01.02.2014 - 11:45:03 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\1DGDVFLJ\www.cjoint[1].xml [13]
O61 - LFC: 01.02.2014 - 11:45:03 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\KW7ZMWPC\googleads.g.doubleclick[1].xml [13]
O61 - LFC: 01.02.2014 - 11:45:03 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [65536]
O61 - LFC: 01.02.2014 - 11:45:05 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8D20D60E-8B29-11E3-9ED4-00138F047384}.dat [44544]
O61 - LFC: 01.02.2014 - 11:45:06 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\RecoveryStore.{BB72313B-7B6F-11E3-9ECD-00138F047384}.dat [4608]
O61 - LFC: 01.02.2014 - 11:45:06 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Last Active\{607D0BA6-8B2D-11E3-9ED4-00138F047384}.dat [42496]
O61 - LFC: 01.02.2014 - 11:46:09 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Historique\History.IE5\index.dat [3686400]
O61 - LFC: 01.02.2014 - 11:46:10 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Historique\History.IE5\MSHist012014020120140202\index.dat [49152]
O61 - LFC: 01.02.2014 - 11:46:37 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Temp\scratch.bat [232]
O61 - LFC: 01.02.2014 - 11:46:39 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Temp\Windows Live Toolbar\wlto000.sqm [302]
O61 - LFC: 01.02.2014 - 11:46:39 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Temp\Windows Live Toolbar\wlto001.sqm [302]
O61 - LFC: 01.02.2014 - 11:46:39 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Local Settings\Temp\Windows Live Toolbar\wlto002.sqm [302]
O61 - LFC: 01.02.2014 - 11:46:43 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Recent\01ac.lnk [259]
O61 - LFC: 01.02.2014 - 11:46:43 -SHA- . (...) -- C:\Documents and Settings\nono & jeff\PrivacIE\index.dat [7143424]
O61 - LFC: 01.02.2014 - 11:46:44 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Recent\AdwCleaner[S2].lnk [539]
O61 - LFC: 01.02.2014 - 11:46:45 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Recent\Disque amovible (I).lnk [179]
O61 - LFC: 01.02.2014 - 11:46:47 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Recent\mbam-log-2014-01-29 (09-48-45).lnk [619]
O61 - LFC: 01.02.2014 - 11:46:47 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Recent\mbam-log-2014-01-31 (20-09-47).lnk [619]
O61 - LFC: 01.02.2014 - 11:46:48 ---A- . (...) -- C:\Documents and Settings\nono & jeff\Recent\ZHPFixReport.lnk [529] =>.Nicolas Coolman
~ 4 Fichiers temporaires (Temporary files)
~ 17 Fichiers cookies (Cookies files)
~ Files: 56 Scanned in 02mn 02s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (6to4) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_6TO4
O64 - Services: CurCS - 14.08.2008 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - 17.09.2011 - C:\WINDOWS\system32\ANPD.sys (ANPD) .(.Pas de propriétaire - ANPD (NT5) Driver.) - LEGACY_ANPD
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - 05.03.2007 - C:\WINDOWS\system32\drivers\CdaC15BA.sys (CdaC15BA) .(.Macrovision Europe Ltd - Macrovision SECURITY Driver.) - LEGACY_CDAC15BA
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
O64 - Services: CurCS - 28.08.2001 - C:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - 22.04.2010 - C:\Program Files\D-Link\DWA-525 revA\ANIWConnService.exe (D_Link_DWA-525_WPS) .(.Pas de propriétaire - ANIWConnService.) - LEGACY_D_LINK_DWA-525_WPS
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\System32\svchost.exe (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - 21.08.2006 - C:\WINDOWS\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - 28.04.2010 - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR
O64 - Services: CurCS - 03.04.1996 - C:\WINDOWS\system32\giveio.sys (giveio) .(...) - LEGACY_GIVEIO
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - 29.12.2011 - C:\Program Files\Guard-ICQ\GuardICQ.exe (Guard.Mail.ru) .(.Pas de propriétaire - GuardMailRu Module.) - LEGACY_GUARD.MAIL.RU
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - 20.10.2009 - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\inetsrv\inetinfo.exe (IISADMIN) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_IISADMIN
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\drivers\ip6fw.sys (ip6fw) .(.Microsoft Corporation - IPv6 Windows Firewall Driver.) - LEGACY_IP6FW
O64 - Services: CurCS - 28.08.2001 - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IpFilterDriver) .(.Microsoft Corporation - IP FILTER DRIVER.) - LEGACY_IPFILTERDRIVER
O64 - Services: CurCS - 29.09.2004 - C:\WINDOWS\system32\DRIVERS\ipnat.sys (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (Iprip) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_IPRIP
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\Drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Mount Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 27.09.2013 - C:\WINDOWS\system32\DRIVERS\MpFilter.sys (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER
O64 - Services: CurCS - 22.06.2009 - C:\WINDOWS\system32\drivers\mqac.sys (MQAC) .(.Microsoft Corporation - Windows NT MQ Access Control Device Driver.) - LEGACY_MQAC
O64 - Services: CurCS - 18.12.2007 - C:\WINDOWS\system32\DRIVERS\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 24.02.2010 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\System32\msdtc.exe (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\inetsrv\inetinfo.exe (MSFTPSVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_MSFTPSVC
O64 - Services: CurCS - 04.05.2005 - C:\WINDOWS\System32\msiexec.exe (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - 23.10.2013 - C:\Program Files\Microsoft Security Client\MsMpEng.exe (MsMpSvc) .(.Microsoft Corporation - Antimalware Service Executable.) - LEGACY_MSMPSVC
O64 - Services: CurCS - 22.06.2009 - C:\WINDOWS\system32\mqsvc.exe (MSMQ) .(.Microsoft Corporation - Message Queuing Service.) - LEGACY_MSMQ
O64 - Services: CurCS - 22.06.2009 - C:\WINDOWS\system32\mqtgsvc.exe (MSMQTriggers) .(.Microsoft Corporation - Windows NT MSMQ Trigger Service.) - LEGACY_MSMQTRIGGERS
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\Drivers\Mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\Drivers\NDIS.sys (NDIS) .(.Microsoft Corporation - NDIS 5.1 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 28.08.2001 - C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\DRIVERS\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\lsass.exe (NtLmSsp) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NTLMSSP
O64 - Services: CurCS - 28.08.2001 - C:\WINDOWS\system32\Drivers\PartMgr.sys (PartMgr) .(.Microsoft Corporation - Partition Manager.) - LEGACY_PARTMGR
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - 28.08.2001 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
O64 - Services: CurCS - 05.05.2006 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 28.08.2001 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY
O64 - Services: CurCS - 08.05.2008 - C:\WINDOWS\system32\drivers\RMCast.sys (RMCAST) .(.Microsoft Corporation - Reliable Multicast Transport.) - LEGACY_RMCAST
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\lsass.exe (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE
O64 - Services: CurCS - 19.05.2009 - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (SeaPort) .(.Microsoft Corporation - Microsoft SeaPort Search Enhancement Broker.) - LEGACY_SEAPORT
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - 28.08.2001 - C:\WINDOWS\system32\tcpsvcs.exe (SimpTcp) .(.Microsoft Corporation - TCP/IP Services Application.) - LEGACY_SIMPTCP
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\inetsrv\inetinfo.exe (SMTPSVC) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_SMTPSVC
O64 - Services: CurCS - 21.11.2006 - C:\WINDOWS\system32\snmp.exe (SNMP) .(.Microsoft Corporation - Service SNMP.) - LEGACY_SNMP
O64 - Services: CurCS - 18.12.2010 - C:\WINDOWS\system32\speedfan.sys (speedfan) .(.Almico Software - Speed Fan x32 Driver.) - LEGACY_SPEEDFAN
O64 - Services: CurCS - 11.06.2005 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - 31.12.2009 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (SSDPSRV) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SSDPSRV
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV
O64 - Services: CurCS - 20.06.2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - 11.02.2010 - C:\WINDOWS\system32\DRIVERS\tcpip6.sys (Tcpip6) .(.Microsoft Corporation - IPv6 driver.) - LEGACY_TCPIP6
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 18.12.2001 - C:\WINDOWS\system32\Drivers\VIAPFD.sys (VIAPFD) .(.VIA Technologies. Inc. - VIA PFD driver.) - LEGACY_VIAPFD
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\inetsrv\inetinfo.exe (w3svc) .(.Microsoft Corporation - Services Internet (IIS).) - LEGACY_W3SVC
O64 - Services: CurCS - 04.08.2004 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV
O64 - Services: CurCS - 28.09.2006 - C:\WINDOWS\system32\DRIVERS\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (WudfSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUDFSVC
O64 - Services: CurCS - 20.08.2004 - C:\WINDOWS\system32\svchost.exe (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC
~ Legacy: 175 Scanned in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] Live Search - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {DB9365CB-F0AD-4D2C-A146-D011C9600E91} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {E78D201D-E85D-48e8-B25B-29F92237B2B5} - (Google Search) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: 6to4 (6to4) . (.Microsoft Corporation - Service that offers IPv6 connectivity over an IPv4 network..) -- C:\WINDOWS\system32\6to4svc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [112128]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\System32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: Iprip (Iprip) . (.Microsoft Corporation - Microsoft RIP pour le protocole Internet.) -- C:\WINDOWS\system32\iprip.dll [36864]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [197632]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll [247808] =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [181248]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [193024]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\System32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll [249344]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\System32\w32time.dll [177664]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [359936]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685056]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Service Terminal Server.) -- C:\WINDOWS\system32\termsrv.dll [297984]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\System32\qmgr.dll [382464]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38912]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129536]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [81408]

~ Services: 41 Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.AF5C84446657B48C9B9B870C46438261] [SPRF][12.01.2014] (...) -- C:\Documents and Settings\nono & jeff\Bureau\adwcleaner.exe [1233962]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25.07.2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25.07.2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.29CFE9ED23C55E55838A789EB1182A9B] [SPRF][04.10.2008] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1887080]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25.07.2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [172032]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09.01.2007] (.Microsoft® Corporation - Outil MSN Téléchargement de photos.) -- C:\WINDOWS\Downloaded Program Files\PURfr-fr.dll [110592]
~ Files: 6 Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\WINDOWS\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "000021592210C0400000000000F01FEC" . (.Microsoft Office Outlook Connector.) -- C:\WINDOWS\Installer\{95120000-0122-040C-0000-0000000FF1CE}\olc_setup.exe =>.Microsoft Corporation
O90 - PUC: "0CB8AE65157339B4CBD96615CC635EAA" . (.MSXML 6 Service Pack 2 (KB973686).) -- C:\WINDOWS\Installer\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}\ARPIco
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\WINDOWS\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "41DC8ECD5FBF46449B4A1EE87453647C" . (.Assistant de connexion Windows Live.) -- C:\WINDOWS\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}\prodicon.ico
O90 - PUC: "467B7D4A04144D1188BE0005AD53970C" . (.Nero - Burning Rom.) -- C:\WINDOWS\Installer\{A4D7B764-4140-11D4-88EB-0050DA3579C0}\ARPPRODUCTICON.exe
O90 - PUC: "68267DD57EB949849A099E509EA18C81" . (.Windows Live Mail.) -- C:\WINDOWS\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe =>.Microsoft Corporation
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.06) - Français.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "6E4256D9FC512584FB0740EF79A3D31E" . (.Windows Live Toolbar.) -- C:\WINDOWS\Installer\{9D6524E6-15CF-4852-BF70-04FE973A3DE1}\ToolbarIcon
O90 - PUC: "7CEBB04F4A2C00A4B942A750A5C22526" . (.Microsoft Office Live Add-in 1.5.) -- C:\WINDOWS\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon
O90 - PUC: "7FDF9FF9A48F99F44BBB60B6F6593FD3" . (.Windows Live Contrôle parental.) -- C:\WINDOWS\Installer\{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}\fssicon.ico
O90 - PUC: "907018673D7AD86419761A87C0E167C6" . (.Windows Live FolderShare.) -- C:\WINDOWS\Installer\{76810709-A7D3-468D-9167-A1780C1E766C}\FolderShare48x48.ico
O90 - PUC: "96740EE14C1960A4297BCFFA6EABDB9D" . (.Galerie de photos Windows Live.) -- C:\WINDOWS\Installer\{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}\WLXPhotoGalleryIcon.exe =>.Microsoft Corporation
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\WINDOWS\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A12B436470CC693498C0B2188666F1AE" . (.Windows Live Writer.) -- C:\WINDOWS\Installer\{4634B21A-CC07-4396-890C-2B8168661FEA}\ApplicationIcon.ico
O90 - PUC: "C040110900063D11C8EF10054038389C" . (.Microsoft Office Professional Edition 2003.) -- C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe,6
O90 - PUC: "D381B5441F4F8C549BBD1F3155AC56B7" . (.Windows Live Messenger.) -- C:\WINDOWS\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B}\MsblIco.Exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "DC0DE77FE5E27CF4280EBBD764E137F9" . (.LibreOffice 4.0.3.3.) -- C:\WINDOWS\Installer\{F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}\soffice.ico
O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\WINDOWS\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico
O90 - PUC: "E7455FB18D0791640B3381AB1BE7597A" . (.LibreOffice 4.0 Help Pack (French).) -- C:\WINDOWS\Installer\{1BF5547E-70D8-4619-B033-18BAB17E95A7}\soffice.ico
~ Update Products: 61 Scanned in 00mn 00s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: Dossiers Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F}
~ MNS: 1 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.1D1084DE495AA0E2193459CC6601E665] [WIS][13.12.2006] (.ahead software gmbh - Nero - Burning Rom.) -- C:\Windows\Installer\ea9af.msi [14303744]
[MD5.58B9891F9E331DB16BEEF210F8E8AFDF] [WIS][16.12.2013] (.Recordare LLC - MusicXML Finale Plug-In Installer.) -- C:\Windows\Installer\ff8bdf.msi [403456]
~ WIS: 62 Scanned in 00mn 09s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 29.01.2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 05.03.2007 54784 | (C-DillaCdaC11BA) . (.Macrovision.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe
SS - | Demand 20.08.2004 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 22.04.2010 126976 | (D_Link_DWA-525) . (.Wireless Service.) - C:\Program Files\D-Link\DWA-525 revA\ANIWZCSdS.exe
SS - | Demand 14.11.2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Disabled 10.07.1658 0 | (PanelSvc) . (...) - C:\Program Files\Votre Opinion\PanelApp\PanelSvc.exe
SS - | Disabled 09.08.2007 73728 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe

SR - | Auto 22.04.2010 40960 | (D_Link_DWA-525_WPS) . (...) - C:\Program Files\D-Link\DWA-525 revA\ANIWConnService.exe
SR - | Auto 29.12.2011 1564368 | (Guard.Mail.ru) . (...) - C:\Program Files\Guard-ICQ\GuardICQ.exe
SR - | Auto 23.10.2013 22208 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 19.05.2009 240512 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

~ Services: Scanned in 00mn 10s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by nono & jeff at 01.02.2014 11:48:28

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaidexp.sys PCIIDEX.SYS
C:\WINDOWS\system32\drivers\viaidexp.sys VIA Technologies, Inc. VIA PCI IDE MINI Driver
1 nt!IofCallDriver[0x804E37D5] >> \Device\Harddisk0\DR0[0x867E9720]
3 CLASSPNP[0xF787F05B] >> nt!IofCallDriver[0x804E37D5] >> \Device\00000061[0x867CCF18]
5 ACPI[0xF77E4620] >> nt!IofCallDriver[0x804E37D5] >> \Device\Ide\IdeDeviceP0T0L0-3[0x86734940]
kernel: MBR read successfully
user & kernel MBR OK

~ MBR: 14 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by nono & jeff at 01.02.2014 11:48:30

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13019 - (10.01.2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 2

C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus =>P2P.Azureus^
C:\Documents and Settings\nono & jeff\Application Data\Azureus =>P2P.Azureus^
[HKCU\Software\eBay] =>Toolbar.eBay^
[HKLM\Software\eBay] =>Toolbar.eBay^
~ Additionnel Scan: 198558 Items scanned in 00mn 45s



---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 00mn 45s



End of the scan (1573 lines in 05mn 41s)(0)

Publicité


Signaler le contenu de ce document

Publicité