Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v1.27.2424 par Nicolas Coolman, Update du 22/07/2011
Run by millet at 16/01/2014 13:05:35
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 26.0 v
GCIE: Google Chrome v31.0.1650.63 (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
~ Processor: x86 Family 15 Model 1 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
~ Boot mode: ~ Normal (Normal boot)
Total RAM: 510 MB (46% free)
~ System Restore: Activ� (Enable)
System drive C: has 18 GB (47%) free of 37 GB
---\\ Logged in mode
~ Computer Name: MILLET-D19B7410
~ User Name: millet
~ All Users Names: SUPPORT_388945a0, millet, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
~ Logged in as Administrator
---\\ Environnement Variables
~ %AppData%=C:\Documents and Settings\millet\Application Data\
~ %Desktop%=C:\Documents and Settings\millet\Bureau\
~ %Favorites%=C:\Documents and Settings\millet\Favoris\
~ %LocalAppData%=C:\Documents and Settings\millet\Local Settings\Application Data\
~ %StartMenu%=C:\Documents and Settings\millet\Menu D�marrer\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 18 Go of 37 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 35 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.D0E5BB7F1F2B2A86CE809CC8EA9CB5B5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/01/2014 - 16:04:59.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 6/51
~ Mes musiques (My Musics) : 31/134
~ Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 2/7
~ Mes Documents (My Documents) : 50/486
~ Mon Bureau (My Desktop) : 1/129
~ Menu demarrer (Programs) : 8/50
---\\ Processus lanc�s
[MD5.E077FCA2A7E79FB9BF67D3E30B5CE593] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [20472]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120]
[MD5.1EEA64D8599B5B7BD8721498E4019CF0] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768]
[MD5.3DF465B3A982807135C52BF73614DEE3] - (.Ulead Systems, Inc. - MONITOR.) -- C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [45056]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392]
[MD5.7859A324140F74AF2E5486E6BD3FCD6D] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe [93376]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]
[MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696]
[MD5.9C40F419CCD930AB6CBF2F7B35316C60] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [188928]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376]
[MD5.32BD04B415865C8BCAF77310CCCB8A10] - (.Dropbox, Inc. - Dropbox.) -- C:\Documents and Settings\millet\Application Data\Dropbox\bin\Dropbox.exe [30714312]
[MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (...) -- C:\Program Files\Microsoft Office\Office\OSA.EXE [51984]
[MD5.465680BDE344CE4FF6646626AA3A9125] - (.Google Inc. - Google Crash Handler.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\GoogleCrashHandler.exe [223112]
[MD5.0E8A6A1BC5B08EA29E363EE5E06F7ECB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658944]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\millet\Local Settings\Application Data\Mozilla\Firefox\Profiles\nfsmdzgu.default-1362678003203\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
P2 - FPN: [HKLM] [@garmin.com/GpsControl] - (.GARMIN Corp. - Garmin Communicator Plug-In 4.1.0.0.) -- C:\Program Files\Garmin GPS Plugin\npGarmin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.45.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.45.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.45.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\millet\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www1.delta-search.com
G0 - GCSP: Preference [User Data\Default] https://www.google.fr
G2 - GCE: Preference [User Data\Default] [aaaajepeddfdaihpmdgnickofffkdlpb] Ask Toolbar v.20.52310, ()
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 ()
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 ()
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 ()
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 ()
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19328 (longhorn_ie8_gdr.120824-1715)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Simple Adblock - Simple Adblock Module.) -- C:\Program Files\Fichiers communs\Simple Adblock\SimpleAdblock.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] . (.Ulead Systems, Inc. - MONITOR.) -- C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [NBJ] . (.Ahead Software AG - Nero BackItUp Scheduler Application.) -- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
O4 - HKCU\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [NBJ] . (.Ahead Software AG - Nero BackItUp Scheduler Application.) -- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\D�marrage\Pense-b�te.lnk . (...) -- C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE (.not file.)
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\D�marrage\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Documents and Settings\millet\Application Data\Dropbox\bin\Dropbox.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\D�marrage\D�marrage d'Office.lnk . (...) -- C:\Program Files\Microsoft Office\Office\OSA.EXE
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Microsoft Works.lnk . (...) -- C:\WINDOWS\Installer\{A3088CD2-612B-11D3-AF43-00C04F443448}\FB931E91.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\PowerpointImageExtractor V1.2.lnk . (.---.) -- C:\Program Files\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Assistance � distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes suppl�mentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: uStart Search - (.not file.) - C:\Documents and Settings\millet\Application Data\uStart\addtoustart.dll
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
---\\ Onglet suppl�mentaire dans les options avanc�es d'Internet Explorer (O11)
O11 - Options group: [java_sun] Java (Oracle). (.Oracle Corporation - Java Deployment Library .) - C:\Program Files\Java\jre7\bin\deploy.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003UA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003Core] (.Google Inc..) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003UA] (.Google Inc..) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (MpKsl6968934d) . (.Microsoft Corporation - KSLDriver.) - C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F020A84-BF2D-48AD-AD06-0315B45A2326}\MpKsl6968934d.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de p�riph�rique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de p�riph�rique s�rie.) - C:\WINDOWS\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\System32\DRIVERS\tcpip6.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: Windows Socket 2.0 Non-IFS Service Provider Support Environment (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
---\\ Logiciels install�s (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.06) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: AviSynth 2.5 - (.Pas de propri�taire.) [HKLM] -- AviSynth
O42 - Logiciel: BlazePhoto 2.0 - (.Pas de propri�taire.) [HKLM] -- BlazePhoto 2.0_is1
O42 - Logiciel: Canon EOS 5D Pilote WIA - (.Canon.) [HKLM] -- InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}
O42 - Logiciel: Canon RAW Codec - (.Canon Inc..) [HKLM] -- Canon RAW Codec
O42 - Logiciel: Canon Utilities Digital Photo Professional - (.Canon Inc..) [HKLM] -- Digital Photo Professional
O42 - Logiciel: Canon Utilities EOS Utility - (.Canon Inc..) [HKLM] -- EOS Utility
O42 - Logiciel: Codec Package Packages - (.Pas de propri�taire.) [HKCU] -- Codec Package Packages
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: DC-Bass Source 1.3.0 - (.Pas de propri�taire.) [HKLM] -- DC-Bass Source
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: EPSON BX300F Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON BX300F Series
O42 - Logiciel: EPSON Scan - (.Pas de propri�taire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus Office BX300F_TX300F Manuel - (.Pas de propri�taire.) [HKLM] -- EPSON Stylus Office BX300F_TX300F Guide d'utilisation
O42 - Logiciel: FormatFactory 3.1.1 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Garmin Communicator Plugin - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {032A13FF-D26D-4844-9597-7EF698627985}
O42 - Logiciel: Garmin POI Loader - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}
O42 - Logiciel: Garmin USB Drivers - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Jasc Paint Shop Pro 8 - (.Nom de votre soci�t�.) [HKLM] -- {81A34902-9D0B-4920-A25C-4CDC5D14B328}
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216029F0}
O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (.Pas de propri�taire.) [HKLM] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}
O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Microsoft Works 2000 - (.Microsoft Corporation.) [HKLM] -- {A3088CD2-612B-11D3-AF43-00C04F443448}
O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack
O42 - Logiciel: Mozilla Firefox 26.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 26.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nero Suite - (.Pas de propri�taire.) [HKLM] -- NeroMultiInstaller!UninstallKey
O42 - Logiciel: OLYMPUS ib - (.OLYMPUS IMAGING CORP..) [HKLM] -- InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: OLYMPUS ib - (.OLYMPUS IMAGING CORP..) [HKLM] -- {89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: OVT Scanner X86 - (.OVT.) [HKLM] -- {6B566EFE-DC1D-471F-93DD-84832663F140}
O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (.Pas de propri�taire.) [HKLM] -- OpenSource Flash Video Splitter
O42 - Logiciel: Outil de t�l�chargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161
O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) - (.OLYMPUS IMAGING CORP..) [HKLM] -- E77704EF5E71F4F18CADFBFA68595AFE036D5D97
O42 - Logiciel: PhotoFiltre 7 - (.Pas de propri�taire.) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: PowerDVD - (.Pas de propri�taire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: PowerpointImageExtractor - (.Pas de propri�taire.) [HKLM] -- PowerpointImageExtractor_is1
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2604111
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2657424
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Simple Adblock - (.Simple Adblock.) [HKLM] -- {A9A75A7F-4785-430D-8013-77BC1FD13A4C}
O42 - Logiciel: Super Blank 3.01 - (.Pas de propri�taire.) [HKLM] -- Super Blank_is1
O42 - Logiciel: SuperCopier2 - (.Pas de propri�taire.) [HKLM] -- SuperCopier2
O42 - Logiciel: Ulead Photo Explorer 8.0 SE Basic - (.Ulead Systems, Inc..) [HKLM] -- {D271DAE0-8D68-4C97-8356-A126D48A1D8C}
O42 - Logiciel: Uninstall 1.0.0.1 - (.Pas de propri�taire.) [HKLM] -- Uninstall_is1
O42 - Logiciel: Uninstall OVT Scanner - (.Pas de propri�taire.) [HKLM] -- OVT Scanner
O42 - Logiciel: Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211
O42 - Logiciel: Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600211
O42 - Logiciel: Update for Codec Package - (.Pas de propri�taire.) [HKCU] -- DSite
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) - (.Garmin.) [HKLM] -- 98157A226B40B173301B0F53C8E98C47805D5152
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propri�taire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: WordBiz 1.8.5 - (.Pas de propri�taire.) [HKLM] -- WordBiz_0
O42 - Logiciel: eMule - (.Pas de propri�taire.) [HKLM] -- eMule
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: scrabbleproB 1.1.3 - (.scrabblepro.) [HKLM] -- scrabbleproB_is1
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Aurigma]
[HKCU\Software\Avery Dennison]
[HKCU\Software\BD05111967PY]
[HKCU\Software\BlazeVideo]
[HKCU\Software\Broderbund Software]
[HKCU\Software\CDDB]
[HKCU\Software\Canon]
[HKCU\Software\Canon_Inc_IC]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\DSP-worx]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Dnote Software]
[HKCU\Software\DriverTuner]
[HKCU\Software\DriverTuner_Init]
[HKCU\Software\EPSON]
[HKCU\Software\F-Secure]
[HKCU\Software\Finalhit]
[HKCU\Software\FreeCDRIP]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Garmin]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IE]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Jasc]
[HKCU\Software\JavaSoft]
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MEDIAKG]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaTek]
[HKCU\Software\Micro Application]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\OLYMPUS]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Sysinternals]
[HKCU\Software\Techlogg.com ToneShop]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\Trolltech]
[HKCU\Software\ULead]
[HKCU\Software\Ulead Systems]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Zyrax Software]
[HKCU\Software\eMule]
[HKLM\Software\ABBYY]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Dropbox]
[HKLM\Software\EPSON]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\GNU]
[HKLM\Software\Garmin]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\ISC]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Jasc]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Netscape]
[HKLM\Software\Novell]
[HKLM\Software\ODBC]
[HKLM\Software\OLYMPUS]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Secure]
[HKLM\Software\Serif]
[HKLM\Software\Simple Adblock]
[HKLM\Software\SimpleAdblock]
[HKLM\Software\SmartPCFixer]
[HKLM\Software\Swearware]
[HKLM\Software\Ulead Systems]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 30/12/2013 - 16:24:38 - [124487825] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 15/06/2013 - 08:22:46 - [133904040] ----D- C:\Program Files\Adobe
O43 - CFD: 20/04/2011 - 15:28:08 - [96121856] ----D- C:\Program Files\Ahead
O43 - CFD: 08/08/2013 - 11:50:24 - [2655233] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 21/04/2011 - 21:29:58 - [47734370] ----D- C:\Program Files\BlazeVideo
O43 - CFD: 10/02/2013 - 12:59:24 - [1667] ----D- C:\Program Files\Broderbund
O43 - CFD: 04/11/2013 - 15:09:54 - [191394252] ----D- C:\Program Files\Canon
O43 - CFD: 22/07/2011 - 07:12:28 - [3901432] ----D- C:\Program Files\CCleaner
O43 - CFD: 22/10/2011 - 12:37:04 - [128881705] ----D- C:\Program Files\ClubDeJeux
O43 - CFD: 21/04/2011 - 08:20:58 - [18193636] ----D- C:\Program Files\CyberLink
O43 - CFD: 12/12/2013 - 13:16:50 - [4143048] ----D- C:\Program Files\DIFX
O43 - CFD: 21/08/2013 - 07:44:12 - [2446379] ----D- C:\Program Files\DivX
O43 - CFD: 24/12/2013 - 12:54:54 - [70783944] ----D- C:\Program Files\Dropbox
O43 - CFD: 08/08/2013 - 17:22:56 - [713409] ----D- C:\Program Files\DSP-worx
O43 - CFD: 21/07/2011 - 13:04:50 - [1477891941] ----D- C:\Program Files\eMule
O43 - CFD: 19/12/2013 - 12:05:04 - [14110364] ----D- C:\Program Files\epson
O43 - CFD: 26/07/2011 - 19:44:18 - [93975345] ----D- C:\Program Files\Epson Software
O43 - CFD: 20/10/2013 - 10:03:44 - [300054322] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 12/07/2012 - 17:28:12 - [611] ----D- C:\Program Files\Free mp3 Wma Converter
O43 - CFD: 08/08/2013 - 18:48:14 - [140692382] ----D- C:\Program Files\FreeTime
O43 - CFD: 12/12/2013 - 13:31:14 - [17343820] ----D- C:\Program Files\Garmin
O43 - CFD: 10/12/2013 - 13:02:00 - [15366488] ----D- C:\Program Files\Garmin GPS Plugin
O43 - CFD: 08/08/2013 - 15:32:36 - [51727424] ----D- C:\Program Files\Google
O43 - CFD: 06/09/2013 - 12:38:48 - [37883297] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 08/10/2012 - 17:44:48 - [4683368] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 22/04/2011 - 06:31:38 - [197234701] ----D- C:\Program Files\Jasc Software Inc
O43 - CFD: 20/10/2013 - 10:03:12 - [208202003] ----D- C:\Program Files\Java
O43 - CFD: 25/07/2013 - 08:14:42 - [14645881] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 17/03/2012 - 10:26:44 - [221184] ----D- C:\Program Files\MarkAnyContentSAFER
O43 - CFD: 08/08/2013 - 17:47:32 - [38362] ----D- C:\Program Files\MediaCoder
O43 - CFD: 19/07/2011 - 07:41:44 - [2179165] ----D- C:\Program Files\Messenger
O43 - CFD: 20/07/2011 - 08:41:50 - [284389358] ----D- C:\Program Files\Micro Application
O43 - CFD: 21/04/2011 - 09:17:04 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 10/01/2013 - 12:43:48 - [429514] ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD: 20/04/2011 - 12:09:28 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 26/07/2011 - 16:58:38 - [43148437] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 08/10/2012 - 17:48:58 - [22187956] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 26/07/2013 - 09:34:14 - [42834870] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 21/04/2011 - 09:18:14 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/11/2012 - 06:39:16 - [23935] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 20/04/2011 - 13:56:32 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 22/12/2013 - 15:21:22 - [53770690] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 24/12/2013 - 08:04:08 - [226891] ----D- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 17/07/2011 - 14:53:22 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 20/04/2011 - 12:02:40 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 20/04/2011 - 12:03:24 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 21/04/2011 - 12:44:36 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 13/12/2012 - 06:13:34 - [1651782] ----D- C:\Program Files\NaturaBuyPhotos
O43 - CFD: 04/08/2013 - 13:56:56 - [0] ----D- C:\Program Files\Nero
O43 - CFD: 20/04/2011 - 12:06:06 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 21/07/2011 - 16:38:06 - [128779408] ----D- C:\Program Files\Olympus
O43 - CFD: 20/04/2011 - 12:03:36 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 28/12/2012 - 11:23:36 - [702266] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 08/08/2013 - 17:22:52 - [452418] ----D- C:\Program Files\OpenSource Flash Video Splitter
O43 - CFD: 06/12/2013 - 11:34:24 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 21/04/2011 - 21:29:04 - [0] ----D- C:\Program Files\OVT
O43 - CFD: 22/07/2013 - 13:59:36 - [8324967] ----D- C:\Program Files\PhotoFiltre 7
O43 - CFD: 13/03/2012 - 08:15:10 - [1758369] ----D- C:\Program Files\PowerpointImageExtractor_V1_2
O43 - CFD: 22/05/2012 - 15:40:44 - [12647722] ----D- C:\Program Files\PSCS2
O43 - CFD: 17/07/2011 - 14:52:58 - [36409089] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 10/11/2012 - 10:06:38 - [3400801] ----D- C:\Program Files\scrabbleproB1.1
O43 - CFD: 01/12/2012 - 13:23:52 - [0] ----D- C:\Program Files\Services en ligne
O43 - CFD: 08/08/2013 - 07:27:18 - [595117] ----D- C:\Program Files\SuperBlank
O43 - CFD: 20/04/2011 - 14:56:10 - [1226139] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 10/02/2013 - 12:58:02 - [11426242] ----D- C:\Program Files\Techlogg.com ToneShop
O43 - CFD: 21/04/2011 - 21:01:10 - [38375388] ----D- C:\Program Files\Ulead Systems
O43 - CFD: 20/04/2011 - 12:19:14 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 05/01/2012 - 14:14:14 - [100395881] ----D- C:\Program Files\VideoLAN
O43 - CFD: 30/11/2011 - 08:15:26 - [38781766] ----D- C:\Program Files\Windows Live
O43 - CFD: 21/04/2011 - 09:16:42 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 05/06/2011 - 08:31:50 - [9958665] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 20/04/2011 - 12:03:10 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 20/04/2011 - 12:06:50 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 07/08/2013 - 13:22:44 - [64355818] ----D- C:\Program Files\WinRAR
O43 - CFD: 31/10/2012 - 11:18:42 - [46474061] ----D- C:\Program Files\WordBiz
O43 - CFD: 20/04/2011 - 12:09:28 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/01/2014 - 13:05:46 - [56368926] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 15/06/2013 - 08:22:56 - [29604289] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 03/08/2011 - 07:37:04 - [31517343] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 20/04/2011 - 15:27:42 - [26497471] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 29/06/2013 - 10:43:28 - [1618744] ----D- C:\Program Files\Fichiers Communs\Canon
O43 - CFD: 07/08/2013 - 09:00:44 - [4354243] ----D- C:\Program Files\Fichiers Communs\Canon_Inc_IC
O43 - CFD: 21/08/2013 - 07:44:30 - [8830] ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD: 21/07/2011 - 12:41:50 - [10417839] ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD: 26/07/2011 - 07:18:04 - [9691107] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 20/10/2013 - 10:03:44 - [1248523] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 24/11/2012 - 08:04:48 - [80213499] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 20/04/2011 - 12:06:00 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 04/08/2013 - 13:57:40 - [2274787] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 20/04/2011 - 13:49:22 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 20/04/2011 - 12:06:04 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 03/08/2013 - 05:47:58 - [872728] ----D- C:\Program Files\Fichiers Communs\Simple Adblock
O43 - CFD: 20/04/2011 - 13:49:18 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 31/05/2011 - 13:58:30 - [86016] ----D- C:\Program Files\Fichiers Communs\SWF Studio
O43 - CFD: 20/04/2011 - 12:05:12 - [6880468] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 21/04/2011 - 21:01:06 - [5896663] ----D- C:\Program Files\Fichiers Communs\Ulead Systems
O43 - CFD: 21/04/2011 - 08:33:40 - [39966671] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 24/07/2013 - 08:00:46 - [44825600] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 27/02/2012 - 13:31:48 - [5985848] ----D- C:\Documents and Settings\millet\Application Data\.minecraft
O43 - CFD: 26/07/2013 - 08:01:04 - [27019488] ----D- C:\Documents and Settings\millet\Application Data\Adobe
O43 - CFD: 08/08/2013 - 06:27:20 - [0] ----D- C:\Documents and Settings\millet\Application Data\Ahead
O43 - CFD: 26/07/2013 - 14:26:26 - [772762] ----D- C:\Documents and Settings\millet\Application Data\Anvsoft
O43 - CFD: 08/08/2013 - 17:47:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Broad Intelligence
O43 - CFD: 07/08/2013 - 09:00:28 - [42898] ----D- C:\Documents and Settings\millet\Application Data\Canon
O43 - CFD: 07/08/2013 - 09:05:06 - [53545] ----D- C:\Documents and Settings\millet\Application Data\Canon_Inc_IC
O43 - CFD: 08/08/2013 - 17:23:42 - [278528] ----D- C:\Documents and Settings\millet\Application Data\CDXReader
O43 - CFD: 08/08/2013 - 17:24:06 - [1114624] ----D- C:\Documents and Settings\millet\Application Data\Codec Package Packages
O43 - CFD: 03/11/2011 - 10:04:18 - [3072] ----D- C:\Documents and Settings\millet\Application Data\CyberLink
O43 - CFD: 13/06/2013 - 12:28:06 - [22] ----D- C:\Documents and Settings\millet\Application Data\C__Documents and Settings_millet_Mes documents_Downloads_crack_SuperHideIP.exe
O43 - CFD: 25/04/2011 - 10:33:14 - [235520] ----D- C:\Documents and Settings\millet\Application Data\DivX
O43 - CFD: 16/01/2014 - 08:24:36 - [72180523] ----D- C:\Documents and Settings\millet\Application Data\Dropbox
O43 - CFD: 21/07/2011 - 05:45:50 - [909] ----D- C:\Documents and Settings\millet\Application Data\EPSON
O43 - CFD: 03/05/2011 - 07:30:52 - [0] ----D- C:\Documents and Settings\millet\Application Data\f-secure
O43 - CFD: 02/09/2011 - 11:00:24 - [0] ----D- C:\Documents and Settings\millet\Application Data\FastStone
O43 - CFD: 22/07/2011 - 07:57:28 - [88] ----D- C:\Documents and Settings\millet\Application Data\FreeAudioPack
O43 - CFD: 22/07/2011 - 08:03:50 - [435] ----D- C:\Documents and Settings\millet\Application Data\FreeCDRipper
O43 - CFD: 24/07/2013 - 10:43:40 - [0] ----D- C:\Documents and Settings\millet\Application Data\FreeSoftwareUpdater
O43 - CFD: 12/12/2013 - 13:31:18 - [1824] ----D- C:\Documents and Settings\millet\Application Data\Garmin
O43 - CFD: 26/11/2011 - 16:26:16 - [63] ----D- C:\Documents and Settings\millet\Application Data\Help
O43 - CFD: 10/06/2013 - 12:29:52 - [45] ----D- C:\Documents and Settings\millet\Application Data\Identities
O43 - CFD: 26/07/2011 - 19:39:46 - [0] ----D- C:\Documents and Settings\millet\Application Data\InstallShield
O43 - CFD: 22/04/2011 - 06:31:38 - [3635510] ----D- C:\Documents and Settings\millet\Application Data\Jasc Software Inc
O43 - CFD: 08/08/2013 - 17:23:46 - [10474465] ----D- C:\Documents and Settings\millet\Application Data\LavFilters
O43 - CFD: 20/04/2011 - 16:38:46 - [56979] ----D- C:\Documents and Settings\millet\Application Data\Macromedia
O43 - CFD: 15/07/2012 - 07:50:10 - [453992] ----D- C:\Documents and Settings\millet\Application Data\Malwarebytes
O43 - CFD: 24/07/2013 - 08:53:32 - [16853200] -S--D- C:\Documents and Settings\millet\Application Data\Microsoft
O43 - CFD: 26/07/2011 - 20:04:34 - [17238119] ----D- C:\Documents and Settings\millet\Application Data\Mozilla
O43 - CFD: 23/07/2013 - 15:38:24 - [0] ----D- C:\Documents and Settings\millet\Application Data\mresreg
O43 - CFD: 04/08/2013 - 10:44:04 - [12983] ----D- C:\Documents and Settings\millet\Application Data\Nero
O43 - CFD: 20/04/2011 - 17:16:02 - [1630790] ----D- C:\Documents and Settings\millet\Application Data\OpenOffice.org
O43 - CFD: 26/07/2013 - 16:51:34 - [2322305] ----D- C:\Documents and Settings\millet\Application Data\OpenOffice.org2
O43 - CFD: 12/02/2013 - 13:36:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Opera
O43 - CFD: 06/02/2013 - 11:23:54 - [3186] ----D- C:\Documents and Settings\millet\Application Data\PhotoFiltre 7
O43 - CFD: 10/01/2013 - 09:45:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Samsung
O43 - CFD: 10/12/2013 - 12:04:44 - [1535486] ----D- C:\Documents and Settings\millet\Application Data\Simple Adblock
O43 - CFD: 20/04/2011 - 17:06:08 - [27310975] ----D- C:\Documents and Settings\millet\Application Data\Sun
O43 - CFD: 08/12/2011 - 18:27:56 - [0] ----D- C:\Documents and Settings\millet\Application Data\System
O43 - CFD: 28/07/2011 - 08:42:26 - [8704] ----D- C:\Documents and Settings\millet\Application Data\Template
O43 - CFD: 21/04/2011 - 21:08:00 - [6266118] ----D- C:\Documents and Settings\millet\Application Data\Ulead Systems
O43 - CFD: 27/12/2013 - 07:05:20 - [329453] ----D- C:\Documents and Settings\millet\Application Data\vlc
O43 - CFD: 04/05/2011 - 18:01:06 - [0] ----D- C:\Documents and Settings\millet\Application Data\WinRAR
O43 - CFD: 03/08/2013 - 17:12:14 - [5251042] ----D- C:\Documents and Settings\millet\Application Data\XnView
O43 - CFD: 26/07/2013 - 13:42:54 - [14539283] ----D- C:\Documents and Settings\millet\Application Data\XnViewMP
O43 - CFD: 29/06/2013 - 11:06:16 - [0] ----D- C:\Documents and Settings\millet\Application Data\ZoomBrowser EX
O43 - CFD: 23/11/2013 - 09:34:10 - [35851271] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Adobe
O43 - CFD: 02/05/2011 - 18:07:34 - [1950597] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Ahead
O43 - CFD: 06/08/2013 - 12:43:26 - [8019] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\CANON_INC
O43 - CFD: 14/08/2013 - 07:24:00 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Deployment
O43 - CFD: 18/12/2013 - 08:01:52 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\DriverTuner
O43 - CFD: 12/12/2013 - 13:31:26 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Garmin
O43 - CFD: 08/08/2013 - 15:32:10 - [588574156] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Google
O43 - CFD: 25/05/2011 - 06:01:54 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Help
O43 - CFD: 21/04/2011 - 11:34:30 - [33767726] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Identities
O43 - CFD: 06/12/2013 - 06:46:50 - [141612366] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Microsoft
O43 - CFD: 26/07/2011 - 20:04:30 - [5044435] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Mozilla
O43 - CFD: 04/08/2013 - 20:23:18 - [124976568] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Nero
O43 - CFD: 04/08/2013 - 11:29:46 - [8326] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Nero_AG
O43 - CFD: 21/07/2011 - 16:42:48 - [27725885] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\OLYMPUS
O43 - CFD: 12/02/2013 - 13:36:32 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Opera
O43 - CFD: 01/05/2012 - 16:31:30 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\PCHealth
O43 - CFD: 10/07/2013 - 10:00:36 - [250482] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\PoiEdit
O43 - CFD: 01/03/2013 - 09:48:18 - [531185] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Sun
O43 - CFD: 10/01/2013 - 15:00:36 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Temp
O43 - CFD: 10/08/2013 - 18:36:18 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\WMTools Downloaded Files
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.43CBCA543239DB1453F574E8F534D8F3] - 16/01/2014 - 12:55:08 ---A- . (...) -- C:\AdwCleaner[R37].txt [1978]
O44 - LFC:[MD5.109AAD5F2A04587ABEEB397085182610] - 16/01/2014 - 08:23:29 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [13646]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/01/2014 - 08:22:08 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.22EF73CA3904EB2CC2D909FCE63542A3] - 07/01/2014 - 09:50:43 ---A- . (...) -- C:\AdwCleaner[R36].txt [1917]
O44 - LFC:[MD5.EDCEAF74C3345517A2F792ED64558A92] - 21/12/2013 - 10:14:57 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116]
O44 - LFC:[MD5.DB2D14B183726F5894667A3AA2EBA277] - 19/12/2013 - 10:57:45 ---A- . (.SEIKO EPSON CORP. - EPSON WIA Module.) -- C:\WINDOWS\System32\escwiad.dll [71680]
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Lphant Applications\Lphant\Lphant.exe" [Enabled] .(...) -- C:\Program Files\Lphant Applications\Lphant\Lphant.exe (.not file.)
O47 - AAKE:Key Export DP - "C:\Program Files\Lphant Applications\Lphant\Lphant.exe" [Enabled] .(...) -- C:\Program Files\Lphant Applications\Lphant\Lphant.exe (.not file.)
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\77656854.sys . (...) -- C:\WINDOWS\System32\Drivers\77656854.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de d�marrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\WINDOWS\System32\Drivers\procexp90.Sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de syst�me de fichiers pour la restauration du syst�me.) -- C:\WINDOWS\System32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\77656854.sys . (...) -- C:\WINDOWS\System32\Drivers\77656854.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de d�marrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\WINDOWS\System32\Drivers\procexp90.Sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de syst�me de fichiers pour la restauration du syst�me.) -- C:\WINDOWS\System32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak� Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo� Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo� audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo� video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propri�taire - Lagarith.) -- C:\WINDOWS\System32\lagarith.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo� audio software" . (.Intel Corporation - Indeo� audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo� video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pas de propri�taire - Lagarith.) -- C:\WINDOWS\System32\lagarith.dll
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.0F2D66D5F08EBE2F77BB904288DCF6F0] - 16/01/2014 - 21:20:04 ---A- . (.Intel Corporation - Intel(r) Integrated Controller Hub Audio Driver.) -- C:\WINDOWS\system32\drivers\ac97intc.sys [96256]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 16/01/2014 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 16/01/2014 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.1961F8B618E3C20DF54C146B294EFD2A] - 16/01/2014 - 18:12:50 ---A- . (.Intel Corporation - Pilote NDIS 5.) -- C:\WINDOWS\system32\drivers\e100b325.sys [117760]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 16/01/2014 - 13:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 16/01/2014 - 13:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22856]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 16/01/2014 - 10:34:32 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [1897408]
O58 - SDL:[MD5.F4CB9C1991314B1352DDBD8A968E4471] - 16/01/2014 - 14:58:26 ---A- . (.OLYMPUS IMAGING CORP. - OlyCamComm.sys.) -- C:\WINDOWS\system32\drivers\OlyCamComm.sys [21648]
O58 - SDL:[MD5.1FC8A7E5C3AED31F00940C6AB2FD9B49] - 16/01/2014 - 21:44:00 ---A- . (.Omnivision Technologies, Inc. - Stream Class Mini Driver.) -- C:\WINDOWS\system32\drivers\ov550i.sys [580992]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 16/01/2014 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 16/01/2014 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 16/01/2014 - 16:05:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 16/01/2014 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 16/01/2014 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 16/01/2014 - 17:15:26 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 12/12/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - Adobe Flash Player Update Service(AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe� Flash� Player Update Service 11.9 r9.) - LEGACY_AD
O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\millet\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - ??/??/???? - C:\Program Files\MediaCoder\sysInfo.sys (.not file.) - CrystalSysInfo (CrystalSysInfo) .(...) - LEGACY_CRYSTALSYSINFO
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de d�marrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 13/12/2008 - C:\WINDOWS\system32\FsUsbExDisk.sys - No object (No service) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - 11/08/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 11/08/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdatem)(gupdatem) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATEM
O64 - Services: CurCS - 08/10/2013 - C:\Program Files\Java\jre7\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 04/04/2013 - C:\WINDOWS\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - MBAMScheduler(MBAMScheduler) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSCHEDULER
O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSERVICE
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O67 - Shell Spawning: <.cmd>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\WINDOWS\regedit.exe
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {483830EE-A4CD-4b71-B0A3-3D82E62A6909} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {A540D69B-1CD5-44FA-9B2A-DFEA5EBD97F1} - (uStart) - http://www.ustart.orgNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A11
O69 - SBI: SearchScopes [HKCU] {BEF2DA9C-A926-46B1-8784-12C73518EE56} - (Google) - http://www.google.com
---\\ Internet Feature Controls (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_DISABLE_NAVIGATION_SOUNDS] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_DISABLE_TELNET_PROTOCOL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_ACTIVEXINSTALL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_FILEDOWNLOAD] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_RES_TO_LMZ] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_STATUS_BAR_THROTTLING] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_DISABLE_NAVIGATION_SOUNDS] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_DISABLE_TELNET_PROTOCOL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_ACTIVEXINSTALL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_FILEDOWNLOAD] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_RES_TO_LMZ] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_STATUS_BAR_THROTTLING] -- svchost.exe
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.53406E9988306CBD4537677C5336ABA4] [SPRF][12/08/2013] (.Microsoft Corporation - Microsoft .NET Framework 4 Setup.) -- C:\Documents and Settings\millet\Application Data\dotNetFx40_Full_setup.exe [889416]
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 16/01/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 16/01/2014 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 16/01/2014 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/01/2014 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 16/01/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 16/01/2014 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 16/01/2014 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 16/01/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by millet at 16/01/2014 13:07:01
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x82389AB8]
3 CLASSPNP[0xF8576FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000060[0x823862A0]
5 ACPI[0xF84EC620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-4[0x823AAD98]
kernel: MBR read successfully
user & kernel MBR OK
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by millet at 16/01/2014 13:07:03
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
End of the scan (1020 lines in 01mn 28s)(0)
Run by millet at 16/01/2014 13:05:35
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 26.0 v
GCIE: Google Chrome v31.0.1650.63 (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
~ Processor: x86 Family 15 Model 1 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
~ Boot mode: ~ Normal (Normal boot)
Total RAM: 510 MB (46% free)
~ System Restore: Activ� (Enable)
System drive C: has 18 GB (47%) free of 37 GB
---\\ Logged in mode
~ Computer Name: MILLET-D19B7410
~ User Name: millet
~ All Users Names: SUPPORT_388945a0, millet, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
~ Logged in as Administrator
---\\ Environnement Variables
~ %AppData%=C:\Documents and Settings\millet\Application Data\
~ %Desktop%=C:\Documents and Settings\millet\Bureau\
~ %Favorites%=C:\Documents and Settings\millet\Favoris\
~ %LocalAppData%=C:\Documents and Settings\millet\Local Settings\Application Data\
~ %StartMenu%=C:\Documents and Settings\millet\Menu D�marrer\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 18 Go of 37 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 35 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.D0E5BB7F1F2B2A86CE809CC8EA9CB5B5] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/01/2014 - 16:04:59.) -- C:\WINDOWS\system32\wininet.dll [916992]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/01/2014 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 6/51
~ Mes musiques (My Musics) : 31/134
~ Mes Videos (My Videos) : 2/2 (Modified)
~ Mes Favoris (My Favorites) : 2/7
~ Mes Documents (My Documents) : 50/486
~ Mon Bureau (My Desktop) : 1/129
~ Menu demarrer (Programs) : 8/50
---\\ Processus lanc�s
[MD5.E077FCA2A7E79FB9BF67D3E30B5CE593] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [20472]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120]
[MD5.1EEA64D8599B5B7BD8721498E4019CF0] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768]
[MD5.3DF465B3A982807135C52BF73614DEE3] - (.Ulead Systems, Inc. - MONITOR.) -- C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [45056]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392]
[MD5.7859A324140F74AF2E5486E6BD3FCD6D] - (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe [93376]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232]
[MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696]
[MD5.9C40F419CCD930AB6CBF2F7B35316C60] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.EXE [188928]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376]
[MD5.32BD04B415865C8BCAF77310CCCB8A10] - (.Dropbox, Inc. - Dropbox.) -- C:\Documents and Settings\millet\Application Data\Dropbox\bin\Dropbox.exe [30714312]
[MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (...) -- C:\Program Files\Microsoft Office\Office\OSA.EXE [51984]
[MD5.465680BDE344CE4FF6646626AA3A9125] - (.Google Inc. - Google Crash Handler.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\GoogleCrashHandler.exe [223112]
[MD5.0E8A6A1BC5B08EA29E363EE5E06F7ECB] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658944]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\millet\Local Settings\Application Data\Mozilla\Firefox\Profiles\nfsmdzgu.default-1362678003203\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
P2 - FPN: [HKLM] [@garmin.com/GpsControl] - (.GARMIN Corp. - Garmin Communicator Plug-In 4.1.0.0.) -- C:\Program Files\Garmin GPS Plugin\npGarmin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.45.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.45.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.45.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\millet\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www1.delta-search.com
G0 - GCSP: Preference [User Data\Default] https://www.google.fr
G2 - GCE: Preference [User Data\Default] [aaaajepeddfdaihpmdgnickofffkdlpb] Ask Toolbar v.20.52310, ()
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 ()
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 ()
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 ()
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 ()
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19328 (longhorn_ie8_gdr.120824-1715)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Simple Adblock - Simple Adblock Module.) -- C:\Program Files\Fichiers communs\Simple Adblock\SimpleAdblock.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] . (.Ulead Systems, Inc. - MONITOR.) -- C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [MDS_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [NBJ] . (.Ahead Software AG - Nero BackItUp Scheduler Application.) -- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
O4 - HKCU\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [Olympus ib] . (.OLYMPUS IMAGING CORP. - OLYMPUS ib Resident Program.) -- C:\Program Files\Olympus\ib\olycamdetect.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [NBJ] . (.Ahead Software AG - Nero BackItUp Scheduler Application.) -- C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
O4 - HKUS\S-1-5-21-1390067357-1993962763-842925246-1003\..\Run: [EPSON BX300F Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJE.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\D�marrage\Pense-b�te.lnk . (...) -- C:\Program Files\Broderbund\PrintMaster\PMREMIND.EXE (.not file.)
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\D�marrage\Dropbox.lnk . (.Dropbox, Inc..) -- C:\Documents and Settings\millet\Application Data\Dropbox\bin\Dropbox.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\D�marrage\D�marrage d'Office.lnk . (...) -- C:\Program Files\Microsoft Office\Office\OSA.EXE
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Microsoft Works.lnk . (...) -- C:\WINDOWS\Installer\{A3088CD2-612B-11D3-AF43-00C04F443448}\FB931E91.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\PowerpointImageExtractor V1.2.lnk . (.---.) -- C:\Program Files\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu D�marrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Assistance � distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\millet\Menu D�marrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes suppl�mentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: uStart Search - (.not file.) - C:\Documents and Settings\millet\Application Data\uStart\addtoustart.dll
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
---\\ Onglet suppl�mentaire dans les options avanc�es d'Internet Explorer (O11)
O11 - Options group: [java_sun] Java (Oracle). (.Oracle Corporation - Java Deployment Library .) - C:\Program Files\Java\jre7\bin\deploy.dll
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{9DFD7529-F820-4559-882B-C1B72BA9377B}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003Core.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003UA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003Core] (.Google Inc..) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-1390067357-1993962763-842925246-1003UA] (.Google Inc..) -- C:\Documents and Settings\millet\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (MpKsl6968934d) . (.Microsoft Corporation - KSLDriver.) - C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F020A84-BF2D-48AD-AD06-0315B45A2326}\MpKsl6968934d.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de p�riph�rique processeur.) - C:\WINDOWS\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de p�riph�rique s�rie.) - C:\WINDOWS\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\System32\DRIVERS\tcpip6.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: Windows Socket 2.0 Non-IFS Service Provider Support Environment (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
---\\ Logiciels install�s (O42)
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.06) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: AviSynth 2.5 - (.Pas de propri�taire.) [HKLM] -- AviSynth
O42 - Logiciel: BlazePhoto 2.0 - (.Pas de propri�taire.) [HKLM] -- BlazePhoto 2.0_is1
O42 - Logiciel: Canon EOS 5D Pilote WIA - (.Canon.) [HKLM] -- InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}
O42 - Logiciel: Canon RAW Codec - (.Canon Inc..) [HKLM] -- Canon RAW Codec
O42 - Logiciel: Canon Utilities Digital Photo Professional - (.Canon Inc..) [HKLM] -- Digital Photo Professional
O42 - Logiciel: Canon Utilities EOS Utility - (.Canon Inc..) [HKLM] -- EOS Utility
O42 - Logiciel: Codec Package Packages - (.Pas de propri�taire.) [HKCU] -- Codec Package Packages
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup
O42 - Logiciel: DC-Bass Source 1.3.0 - (.Pas de propri�taire.) [HKLM] -- DC-Bass Source
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: EPSON BX300F Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON BX300F Series
O42 - Logiciel: EPSON Scan - (.Pas de propri�taire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus Office BX300F_TX300F Manuel - (.Pas de propri�taire.) [HKLM] -- EPSON Stylus Office BX300F_TX300F Guide d'utilisation
O42 - Logiciel: FormatFactory 3.1.1 - (.Free Time.) [HKLM] -- FormatFactory
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Garmin Communicator Plugin - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {032A13FF-D26D-4844-9597-7EF698627985}
O42 - Logiciel: Garmin POI Loader - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}
O42 - Logiciel: Garmin USB Drivers - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Jasc Paint Shop Pro 8 - (.Nom de votre soci�t�.) [HKLM] -- {81A34902-9D0B-4920-A25C-4CDC5D14B328}
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF}
O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216029F0}
O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (.Pas de propri�taire.) [HKLM] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}
O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Microsoft Works 2000 - (.Microsoft Corporation.) [HKLM] -- {A3088CD2-612B-11D3-AF43-00C04F443448}
O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack
O42 - Logiciel: Mozilla Firefox 26.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 26.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Nero Suite - (.Pas de propri�taire.) [HKLM] -- NeroMultiInstaller!UninstallKey
O42 - Logiciel: OLYMPUS ib - (.OLYMPUS IMAGING CORP..) [HKLM] -- InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: OLYMPUS ib - (.OLYMPUS IMAGING CORP..) [HKLM] -- {89A43E80-AC6C-4DA8-9800-F4B30ED577C0}
O42 - Logiciel: OVT Scanner X86 - (.OVT.) [HKLM] -- {6B566EFE-DC1D-471F-93DD-84832663F140}
O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (.Pas de propri�taire.) [HKLM] -- OpenSource Flash Video Splitter
O42 - Logiciel: Outil de t�l�chargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161
O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) - (.OLYMPUS IMAGING CORP..) [HKLM] -- E77704EF5E71F4F18CADFBFA68595AFE036D5D97
O42 - Logiciel: PhotoFiltre 7 - (.Pas de propri�taire.) [HKCU] -- PhotoFiltre 7
O42 - Logiciel: PowerDVD - (.Pas de propri�taire.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: PowerpointImageExtractor - (.Pas de propri�taire.) [HKLM] -- PowerpointImageExtractor_is1
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2604111
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2657424
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Simple Adblock - (.Simple Adblock.) [HKLM] -- {A9A75A7F-4785-430D-8013-77BC1FD13A4C}
O42 - Logiciel: Super Blank 3.01 - (.Pas de propri�taire.) [HKLM] -- Super Blank_is1
O42 - Logiciel: SuperCopier2 - (.Pas de propri�taire.) [HKLM] -- SuperCopier2
O42 - Logiciel: Ulead Photo Explorer 8.0 SE Basic - (.Ulead Systems, Inc..) [HKLM] -- {D271DAE0-8D68-4C97-8356-A126D48A1D8C}
O42 - Logiciel: Uninstall 1.0.0.1 - (.Pas de propri�taire.) [HKLM] -- Uninstall_is1
O42 - Logiciel: Uninstall OVT Scanner - (.Pas de propri�taire.) [HKLM] -- OVT Scanner
O42 - Logiciel: Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211
O42 - Logiciel: Update 4.0.3 for Microsoft .NET Framework 4 Extended (KB2600211) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600211
O42 - Logiciel: Update for Codec Package - (.Pas de propri�taire.) [HKCU] -- DSite
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) - (.Garmin.) [HKLM] -- 98157A226B40B173301B0F53C8E98C47805D5152
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propri�taire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: WordBiz 1.8.5 - (.Pas de propri�taire.) [HKLM] -- WordBiz_0
O42 - Logiciel: eMule - (.Pas de propri�taire.) [HKLM] -- eMule
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: scrabbleproB 1.1.3 - (.scrabblepro.) [HKLM] -- scrabbleproB_is1
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Aurigma]
[HKCU\Software\Avery Dennison]
[HKCU\Software\BD05111967PY]
[HKCU\Software\BlazeVideo]
[HKCU\Software\Broderbund Software]
[HKCU\Software\CDDB]
[HKCU\Software\Canon]
[HKCU\Software\Canon_Inc_IC]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cyberlink]
[HKCU\Software\DSP-worx]
[HKCU\Software\DVDVideoSoft]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Dnote Software]
[HKCU\Software\DriverTuner]
[HKCU\Software\DriverTuner_Init]
[HKCU\Software\EPSON]
[HKCU\Software\F-Secure]
[HKCU\Software\Finalhit]
[HKCU\Software\FreeCDRIP]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Garmin]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IE]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Jasc]
[HKCU\Software\JavaSoft]
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MEDIAKG]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaTek]
[HKCU\Software\Micro Application]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\OLYMPUS]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Sysinternals]
[HKCU\Software\Techlogg.com ToneShop]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\Trolltech]
[HKCU\Software\ULead]
[HKCU\Software\Ulead Systems]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Zyrax Software]
[HKCU\Software\eMule]
[HKLM\Software\ABBYY]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Ahead]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DVDVideoSoft]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Dropbox]
[HKLM\Software\EPSON]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\GNU]
[HKLM\Software\Garmin]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\ISC]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\Jasc]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MarkAny]
[HKLM\Software\McAfee.com]
[HKLM\Software\Micro Application]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Netscape]
[HKLM\Software\Novell]
[HKLM\Software\ODBC]
[HKLM\Software\OLYMPUS]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Secure]
[HKLM\Software\Serif]
[HKLM\Software\Simple Adblock]
[HKLM\Software\SimpleAdblock]
[HKLM\Software\SmartPCFixer]
[HKLM\Software\Swearware]
[HKLM\Software\Ulead Systems]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\mozilla.org]
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 30/12/2013 - 16:24:38 - [124487825] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 15/06/2013 - 08:22:46 - [133904040] ----D- C:\Program Files\Adobe
O43 - CFD: 20/04/2011 - 15:28:08 - [96121856] ----D- C:\Program Files\Ahead
O43 - CFD: 08/08/2013 - 11:50:24 - [2655233] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 21/04/2011 - 21:29:58 - [47734370] ----D- C:\Program Files\BlazeVideo
O43 - CFD: 10/02/2013 - 12:59:24 - [1667] ----D- C:\Program Files\Broderbund
O43 - CFD: 04/11/2013 - 15:09:54 - [191394252] ----D- C:\Program Files\Canon
O43 - CFD: 22/07/2011 - 07:12:28 - [3901432] ----D- C:\Program Files\CCleaner
O43 - CFD: 22/10/2011 - 12:37:04 - [128881705] ----D- C:\Program Files\ClubDeJeux
O43 - CFD: 21/04/2011 - 08:20:58 - [18193636] ----D- C:\Program Files\CyberLink
O43 - CFD: 12/12/2013 - 13:16:50 - [4143048] ----D- C:\Program Files\DIFX
O43 - CFD: 21/08/2013 - 07:44:12 - [2446379] ----D- C:\Program Files\DivX
O43 - CFD: 24/12/2013 - 12:54:54 - [70783944] ----D- C:\Program Files\Dropbox
O43 - CFD: 08/08/2013 - 17:22:56 - [713409] ----D- C:\Program Files\DSP-worx
O43 - CFD: 21/07/2011 - 13:04:50 - [1477891941] ----D- C:\Program Files\eMule
O43 - CFD: 19/12/2013 - 12:05:04 - [14110364] ----D- C:\Program Files\epson
O43 - CFD: 26/07/2011 - 19:44:18 - [93975345] ----D- C:\Program Files\Epson Software
O43 - CFD: 20/10/2013 - 10:03:44 - [300054322] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 12/07/2012 - 17:28:12 - [611] ----D- C:\Program Files\Free mp3 Wma Converter
O43 - CFD: 08/08/2013 - 18:48:14 - [140692382] ----D- C:\Program Files\FreeTime
O43 - CFD: 12/12/2013 - 13:31:14 - [17343820] ----D- C:\Program Files\Garmin
O43 - CFD: 10/12/2013 - 13:02:00 - [15366488] ----D- C:\Program Files\Garmin GPS Plugin
O43 - CFD: 08/08/2013 - 15:32:36 - [51727424] ----D- C:\Program Files\Google
O43 - CFD: 06/09/2013 - 12:38:48 - [37883297] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 08/10/2012 - 17:44:48 - [4683368] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 22/04/2011 - 06:31:38 - [197234701] ----D- C:\Program Files\Jasc Software Inc
O43 - CFD: 20/10/2013 - 10:03:12 - [208202003] ----D- C:\Program Files\Java
O43 - CFD: 25/07/2013 - 08:14:42 - [14645881] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 17/03/2012 - 10:26:44 - [221184] ----D- C:\Program Files\MarkAnyContentSAFER
O43 - CFD: 08/08/2013 - 17:47:32 - [38362] ----D- C:\Program Files\MediaCoder
O43 - CFD: 19/07/2011 - 07:41:44 - [2179165] ----D- C:\Program Files\Messenger
O43 - CFD: 20/07/2011 - 08:41:50 - [284389358] ----D- C:\Program Files\Micro Application
O43 - CFD: 21/04/2011 - 09:17:04 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 10/01/2013 - 12:43:48 - [429514] ----D- C:\Program Files\Microsoft ActiveSync
O43 - CFD: 20/04/2011 - 12:09:28 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 26/07/2011 - 16:58:38 - [43148437] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 08/10/2012 - 17:48:58 - [22187956] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 26/07/2013 - 09:34:14 - [42834870] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 21/04/2011 - 09:18:14 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/11/2012 - 06:39:16 - [23935] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 20/04/2011 - 13:56:32 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 22/12/2013 - 15:21:22 - [53770690] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 24/12/2013 - 08:04:08 - [226891] ----D- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 17/07/2011 - 14:53:22 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 20/04/2011 - 12:02:40 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 20/04/2011 - 12:03:24 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 21/04/2011 - 12:44:36 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 13/12/2012 - 06:13:34 - [1651782] ----D- C:\Program Files\NaturaBuyPhotos
O43 - CFD: 04/08/2013 - 13:56:56 - [0] ----D- C:\Program Files\Nero
O43 - CFD: 20/04/2011 - 12:06:06 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 21/07/2011 - 16:38:06 - [128779408] ----D- C:\Program Files\Olympus
O43 - CFD: 20/04/2011 - 12:03:36 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 28/12/2012 - 11:23:36 - [702266] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 08/08/2013 - 17:22:52 - [452418] ----D- C:\Program Files\OpenSource Flash Video Splitter
O43 - CFD: 06/12/2013 - 11:34:24 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 21/04/2011 - 21:29:04 - [0] ----D- C:\Program Files\OVT
O43 - CFD: 22/07/2013 - 13:59:36 - [8324967] ----D- C:\Program Files\PhotoFiltre 7
O43 - CFD: 13/03/2012 - 08:15:10 - [1758369] ----D- C:\Program Files\PowerpointImageExtractor_V1_2
O43 - CFD: 22/05/2012 - 15:40:44 - [12647722] ----D- C:\Program Files\PSCS2
O43 - CFD: 17/07/2011 - 14:52:58 - [36409089] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 10/11/2012 - 10:06:38 - [3400801] ----D- C:\Program Files\scrabbleproB1.1
O43 - CFD: 01/12/2012 - 13:23:52 - [0] ----D- C:\Program Files\Services en ligne
O43 - CFD: 08/08/2013 - 07:27:18 - [595117] ----D- C:\Program Files\SuperBlank
O43 - CFD: 20/04/2011 - 14:56:10 - [1226139] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 10/02/2013 - 12:58:02 - [11426242] ----D- C:\Program Files\Techlogg.com ToneShop
O43 - CFD: 21/04/2011 - 21:01:10 - [38375388] ----D- C:\Program Files\Ulead Systems
O43 - CFD: 20/04/2011 - 12:19:14 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 05/01/2012 - 14:14:14 - [100395881] ----D- C:\Program Files\VideoLAN
O43 - CFD: 30/11/2011 - 08:15:26 - [38781766] ----D- C:\Program Files\Windows Live
O43 - CFD: 21/04/2011 - 09:16:42 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 05/06/2011 - 08:31:50 - [9958665] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 20/04/2011 - 12:03:10 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 20/04/2011 - 12:06:50 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 07/08/2013 - 13:22:44 - [64355818] ----D- C:\Program Files\WinRAR
O43 - CFD: 31/10/2012 - 11:18:42 - [46474061] ----D- C:\Program Files\WordBiz
O43 - CFD: 20/04/2011 - 12:09:28 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/01/2014 - 13:05:46 - [56368926] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 15/06/2013 - 08:22:56 - [29604289] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 03/08/2011 - 07:37:04 - [31517343] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 20/04/2011 - 15:27:42 - [26497471] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 29/06/2013 - 10:43:28 - [1618744] ----D- C:\Program Files\Fichiers Communs\Canon
O43 - CFD: 07/08/2013 - 09:00:44 - [4354243] ----D- C:\Program Files\Fichiers Communs\Canon_Inc_IC
O43 - CFD: 21/08/2013 - 07:44:30 - [8830] ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD: 21/07/2011 - 12:41:50 - [10417839] ----D- C:\Program Files\Fichiers Communs\DVDVideoSoft
O43 - CFD: 26/07/2011 - 07:18:04 - [9691107] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 20/10/2013 - 10:03:44 - [1248523] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 24/11/2012 - 08:04:48 - [80213499] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 20/04/2011 - 12:06:00 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 04/08/2013 - 13:57:40 - [2274787] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 20/04/2011 - 13:49:22 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 20/04/2011 - 12:06:04 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 03/08/2013 - 05:47:58 - [872728] ----D- C:\Program Files\Fichiers Communs\Simple Adblock
O43 - CFD: 20/04/2011 - 13:49:18 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 31/05/2011 - 13:58:30 - [86016] ----D- C:\Program Files\Fichiers Communs\SWF Studio
O43 - CFD: 20/04/2011 - 12:05:12 - [6880468] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 21/04/2011 - 21:01:06 - [5896663] ----D- C:\Program Files\Fichiers Communs\Ulead Systems
O43 - CFD: 21/04/2011 - 08:33:40 - [39966671] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 24/07/2013 - 08:00:46 - [44825600] ----D- C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 27/02/2012 - 13:31:48 - [5985848] ----D- C:\Documents and Settings\millet\Application Data\.minecraft
O43 - CFD: 26/07/2013 - 08:01:04 - [27019488] ----D- C:\Documents and Settings\millet\Application Data\Adobe
O43 - CFD: 08/08/2013 - 06:27:20 - [0] ----D- C:\Documents and Settings\millet\Application Data\Ahead
O43 - CFD: 26/07/2013 - 14:26:26 - [772762] ----D- C:\Documents and Settings\millet\Application Data\Anvsoft
O43 - CFD: 08/08/2013 - 17:47:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Broad Intelligence
O43 - CFD: 07/08/2013 - 09:00:28 - [42898] ----D- C:\Documents and Settings\millet\Application Data\Canon
O43 - CFD: 07/08/2013 - 09:05:06 - [53545] ----D- C:\Documents and Settings\millet\Application Data\Canon_Inc_IC
O43 - CFD: 08/08/2013 - 17:23:42 - [278528] ----D- C:\Documents and Settings\millet\Application Data\CDXReader
O43 - CFD: 08/08/2013 - 17:24:06 - [1114624] ----D- C:\Documents and Settings\millet\Application Data\Codec Package Packages
O43 - CFD: 03/11/2011 - 10:04:18 - [3072] ----D- C:\Documents and Settings\millet\Application Data\CyberLink
O43 - CFD: 13/06/2013 - 12:28:06 - [22] ----D- C:\Documents and Settings\millet\Application Data\C__Documents and Settings_millet_Mes documents_Downloads_crack_SuperHideIP.exe
O43 - CFD: 25/04/2011 - 10:33:14 - [235520] ----D- C:\Documents and Settings\millet\Application Data\DivX
O43 - CFD: 16/01/2014 - 08:24:36 - [72180523] ----D- C:\Documents and Settings\millet\Application Data\Dropbox
O43 - CFD: 21/07/2011 - 05:45:50 - [909] ----D- C:\Documents and Settings\millet\Application Data\EPSON
O43 - CFD: 03/05/2011 - 07:30:52 - [0] ----D- C:\Documents and Settings\millet\Application Data\f-secure
O43 - CFD: 02/09/2011 - 11:00:24 - [0] ----D- C:\Documents and Settings\millet\Application Data\FastStone
O43 - CFD: 22/07/2011 - 07:57:28 - [88] ----D- C:\Documents and Settings\millet\Application Data\FreeAudioPack
O43 - CFD: 22/07/2011 - 08:03:50 - [435] ----D- C:\Documents and Settings\millet\Application Data\FreeCDRipper
O43 - CFD: 24/07/2013 - 10:43:40 - [0] ----D- C:\Documents and Settings\millet\Application Data\FreeSoftwareUpdater
O43 - CFD: 12/12/2013 - 13:31:18 - [1824] ----D- C:\Documents and Settings\millet\Application Data\Garmin
O43 - CFD: 26/11/2011 - 16:26:16 - [63] ----D- C:\Documents and Settings\millet\Application Data\Help
O43 - CFD: 10/06/2013 - 12:29:52 - [45] ----D- C:\Documents and Settings\millet\Application Data\Identities
O43 - CFD: 26/07/2011 - 19:39:46 - [0] ----D- C:\Documents and Settings\millet\Application Data\InstallShield
O43 - CFD: 22/04/2011 - 06:31:38 - [3635510] ----D- C:\Documents and Settings\millet\Application Data\Jasc Software Inc
O43 - CFD: 08/08/2013 - 17:23:46 - [10474465] ----D- C:\Documents and Settings\millet\Application Data\LavFilters
O43 - CFD: 20/04/2011 - 16:38:46 - [56979] ----D- C:\Documents and Settings\millet\Application Data\Macromedia
O43 - CFD: 15/07/2012 - 07:50:10 - [453992] ----D- C:\Documents and Settings\millet\Application Data\Malwarebytes
O43 - CFD: 24/07/2013 - 08:53:32 - [16853200] -S--D- C:\Documents and Settings\millet\Application Data\Microsoft
O43 - CFD: 26/07/2011 - 20:04:34 - [17238119] ----D- C:\Documents and Settings\millet\Application Data\Mozilla
O43 - CFD: 23/07/2013 - 15:38:24 - [0] ----D- C:\Documents and Settings\millet\Application Data\mresreg
O43 - CFD: 04/08/2013 - 10:44:04 - [12983] ----D- C:\Documents and Settings\millet\Application Data\Nero
O43 - CFD: 20/04/2011 - 17:16:02 - [1630790] ----D- C:\Documents and Settings\millet\Application Data\OpenOffice.org
O43 - CFD: 26/07/2013 - 16:51:34 - [2322305] ----D- C:\Documents and Settings\millet\Application Data\OpenOffice.org2
O43 - CFD: 12/02/2013 - 13:36:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Opera
O43 - CFD: 06/02/2013 - 11:23:54 - [3186] ----D- C:\Documents and Settings\millet\Application Data\PhotoFiltre 7
O43 - CFD: 10/01/2013 - 09:45:32 - [0] ----D- C:\Documents and Settings\millet\Application Data\Samsung
O43 - CFD: 10/12/2013 - 12:04:44 - [1535486] ----D- C:\Documents and Settings\millet\Application Data\Simple Adblock
O43 - CFD: 20/04/2011 - 17:06:08 - [27310975] ----D- C:\Documents and Settings\millet\Application Data\Sun
O43 - CFD: 08/12/2011 - 18:27:56 - [0] ----D- C:\Documents and Settings\millet\Application Data\System
O43 - CFD: 28/07/2011 - 08:42:26 - [8704] ----D- C:\Documents and Settings\millet\Application Data\Template
O43 - CFD: 21/04/2011 - 21:08:00 - [6266118] ----D- C:\Documents and Settings\millet\Application Data\Ulead Systems
O43 - CFD: 27/12/2013 - 07:05:20 - [329453] ----D- C:\Documents and Settings\millet\Application Data\vlc
O43 - CFD: 04/05/2011 - 18:01:06 - [0] ----D- C:\Documents and Settings\millet\Application Data\WinRAR
O43 - CFD: 03/08/2013 - 17:12:14 - [5251042] ----D- C:\Documents and Settings\millet\Application Data\XnView
O43 - CFD: 26/07/2013 - 13:42:54 - [14539283] ----D- C:\Documents and Settings\millet\Application Data\XnViewMP
O43 - CFD: 29/06/2013 - 11:06:16 - [0] ----D- C:\Documents and Settings\millet\Application Data\ZoomBrowser EX
O43 - CFD: 23/11/2013 - 09:34:10 - [35851271] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Adobe
O43 - CFD: 02/05/2011 - 18:07:34 - [1950597] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Ahead
O43 - CFD: 06/08/2013 - 12:43:26 - [8019] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\CANON_INC
O43 - CFD: 14/08/2013 - 07:24:00 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Deployment
O43 - CFD: 18/12/2013 - 08:01:52 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\DriverTuner
O43 - CFD: 12/12/2013 - 13:31:26 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Garmin
O43 - CFD: 08/08/2013 - 15:32:10 - [588574156] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Google
O43 - CFD: 25/05/2011 - 06:01:54 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Help
O43 - CFD: 21/04/2011 - 11:34:30 - [33767726] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Identities
O43 - CFD: 06/12/2013 - 06:46:50 - [141612366] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Microsoft
O43 - CFD: 26/07/2011 - 20:04:30 - [5044435] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Mozilla
O43 - CFD: 04/08/2013 - 20:23:18 - [124976568] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Nero
O43 - CFD: 04/08/2013 - 11:29:46 - [8326] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Nero_AG
O43 - CFD: 21/07/2011 - 16:42:48 - [27725885] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\OLYMPUS
O43 - CFD: 12/02/2013 - 13:36:32 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Opera
O43 - CFD: 01/05/2012 - 16:31:30 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\PCHealth
O43 - CFD: 10/07/2013 - 10:00:36 - [250482] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\PoiEdit
O43 - CFD: 01/03/2013 - 09:48:18 - [531185] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Sun
O43 - CFD: 10/01/2013 - 15:00:36 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\Temp
O43 - CFD: 10/08/2013 - 18:36:18 - [0] ----D- C:\Documents and Settings\millet\Local Settings\Application Data\WMTools Downloaded Files
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.43CBCA543239DB1453F574E8F534D8F3] - 16/01/2014 - 12:55:08 ---A- . (...) -- C:\AdwCleaner[R37].txt [1978]
O44 - LFC:[MD5.109AAD5F2A04587ABEEB397085182610] - 16/01/2014 - 08:23:29 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [13646]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/01/2014 - 08:22:08 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.22EF73CA3904EB2CC2D909FCE63542A3] - 07/01/2014 - 09:50:43 ---A- . (...) -- C:\AdwCleaner[R36].txt [1917]
O44 - LFC:[MD5.EDCEAF74C3345517A2F792ED64558A92] - 21/12/2013 - 10:14:57 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116]
O44 - LFC:[MD5.DB2D14B183726F5894667A3AA2EBA277] - 19/12/2013 - 10:57:45 ---A- . (.SEIKO EPSON CORP. - EPSON WIA Module.) -- C:\WINDOWS\System32\escwiad.dll [71680]
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Lphant Applications\Lphant\Lphant.exe" [Enabled] .(...) -- C:\Program Files\Lphant Applications\Lphant\Lphant.exe (.not file.)
O47 - AAKE:Key Export DP - "C:\Program Files\Lphant Applications\Lphant\Lphant.exe" [Enabled] .(...) -- C:\Program Files\Lphant Applications\Lphant\Lphant.exe (.not file.)
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\77656854.sys . (...) -- C:\WINDOWS\System32\Drivers\77656854.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de d�marrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\WINDOWS\System32\Drivers\procexp90.Sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de syst�me de fichiers pour la restauration du syst�me.) -- C:\WINDOWS\System32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\77656854.sys . (...) -- C:\WINDOWS\System32\Drivers\77656854.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de d�marrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\WINDOWS\System32\Drivers\procexp90.Sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\System32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de syst�me de fichiers pour la restauration du syst�me.) -- C:\WINDOWS\System32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak� Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo� Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo� audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo� video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propri�taire - Lagarith.) -- C:\WINDOWS\System32\lagarith.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo� audio software" . (.Intel Corporation - Indeo� audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo� video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pas de propri�taire - Lagarith.) -- C:\WINDOWS\System32\lagarith.dll
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\System32\l3codeca.acm
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.0F2D66D5F08EBE2F77BB904288DCF6F0] - 16/01/2014 - 21:20:04 ---A- . (.Intel Corporation - Intel(r) Integrated Controller Hub Audio Driver.) -- C:\WINDOWS\system32\drivers\ac97intc.sys [96256]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 16/01/2014 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 16/01/2014 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.1961F8B618E3C20DF54C146B294EFD2A] - 16/01/2014 - 18:12:50 ---A- . (.Intel Corporation - Pilote NDIS 5.) -- C:\WINDOWS\system32\drivers\e100b325.sys [117760]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 16/01/2014 - 13:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 16/01/2014 - 13:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22856]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.2B298519EDBFCF451D43E0F1E8F1006D] - 16/01/2014 - 10:34:32 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [1897408]
O58 - SDL:[MD5.F4CB9C1991314B1352DDBD8A968E4471] - 16/01/2014 - 14:58:26 ---A- . (.OLYMPUS IMAGING CORP. - OlyCamComm.sys.) -- C:\WINDOWS\system32\drivers\OlyCamComm.sys [21648]
O58 - SDL:[MD5.1FC8A7E5C3AED31F00940C6AB2FD9B49] - 16/01/2014 - 21:44:00 ---A- . (.Omnivision Technologies, Inc. - Stream Class Mini Driver.) -- C:\WINDOWS\system32\drivers\ov550i.sys [580992]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 16/01/2014 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 16/01/2014 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 16/01/2014 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 16/01/2014 - 16:05:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 16/01/2014 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 16/01/2014 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.790A4CA68F44BE35967B3DF61F3E4675] - 16/01/2014 - 17:15:26 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36608]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 16/01/2014 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 12/12/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - Adobe Flash Player Update Service(AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe� Flash� Player Update Service 11.9 r9.) - LEGACY_AD
O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\millet\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - ??/??/???? - C:\Program Files\MediaCoder\sysInfo.sys (.not file.) - CrystalSysInfo (CrystalSysInfo) .(...) - LEGACY_CRYSTALSYSINFO
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de d�marrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 13/12/2008 - C:\WINDOWS\system32\FsUsbExDisk.sys - No object (No service) .(...) - LEGACY_FSUSBEXDISK
O64 - Services: CurCS - 11/08/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 11/08/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdatem)(gupdatem) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATEM
O64 - Services: CurCS - 08/10/2013 - C:\Program Files\Java\jre7\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 04/04/2013 - C:\WINDOWS\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - MBAMScheduler(MBAMScheduler) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSCHEDULER
O64 - Services: CurCS - 04/04/2013 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSERVICE
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {483830EE-A4CD-4b71-B0A3-3D82E62A6909} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {A540D69B-1CD5-44FA-9B2A-DFEA5EBD97F1} - (uStart) - http://www.ustart.orgNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A11
O69 - SBI: SearchScopes [HKCU] {BEF2DA9C-A926-46B1-8784-12C73518EE56} - (Google) - http://www.google.com
---\\ Internet Feature Controls (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_DISABLE_NAVIGATION_SOUNDS] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_DISABLE_TELNET_PROTOCOL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_ACTIVEXINSTALL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_FILEDOWNLOAD] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_RESTRICT_RES_TO_LMZ] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_STATUS_BAR_THROTTLING] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_DISABLE_NAVIGATION_SOUNDS] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_DISABLE_TELNET_PROTOCOL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_ACTIVEXINSTALL] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_FILEDOWNLOAD] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_RESTRICT_RES_TO_LMZ] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_STATUS_BAR_THROTTLING] -- svchost.exe
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.53406E9988306CBD4537677C5336ABA4] [SPRF][12/08/2013] (.Microsoft Corporation - Microsoft .NET Framework 4 Setup.) -- C:\Documents and Settings\millet\Application Data\dotNetFx40_Full_setup.exe [889416]
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 16/01/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 16/01/2014 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 16/01/2014 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/01/2014 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 16/01/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 16/01/2014 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 16/01/2014 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 16/01/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by millet at 16/01/2014 13:07:01
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x82389AB8]
3 CLASSPNP[0xF8576FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000060[0x823862A0]
5 ACPI[0xF84EC620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-4[0x823AAD98]
kernel: MBR read successfully
user & kernel MBR OK
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by millet at 16/01/2014 13:07:03
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
End of the scan (1020 lines in 01mn 28s)(0)