Mon ordinateur devient lourd... [Résolu/Fermé]

Bonjour
Avant tout il faut voir l'espace libre que tu as encore sur ton DDur.

Depuis combien de temps n'as tu pas formaté ton pc ?
On dit qu'un pc est lourd, et cela peut arriver!
Au fur et a mesure de supprimer, désinstaller, effacer, envoyer a la corbeille etc
le disque devient de plus en plus chargé de tout ces fichiers, dossiers, programmes, etc et a un certains moment va ralentir, le DDur se remplissant petit a petit.
Il est bon après un certains temps de formater son DDur pour supprimer tout cela.
Tu peut essayer de défragmenter pour voir si tu as un changement.

bonsoir je n'ai pas compris à quoi sert de défragmenter. et aussi si vous pouvez me donner les démarche a faire. merci

Bonjour
Si tu est sous XP vois ceci.

http://www.commentcamarche.net/faq/58-defragmenter-son-disque-dur

Bonjour,

Plutôt que de faire une analyse, nous allons effectuer un diagnostic de ton PC:
▶ Télécharge ZHPDiag

▶ Laisse toi guider lors de l''installation,coche "Ajouter une icône sur le bureau" et "Exécuter ZHPDiag"

▶ Clique sur l''icône représentant une loupe (« Lancer le diagnostic »)

▶ Une fois le scan aux 100%, ferme ZHPDiag. Héberge le rapport ZHPDiag.txt présent sur ton bureau :

Voici comment procéder

▶ Rends toi sur pjjoint.malekal.com
▶ Clique sur le bouton Parcourir
▶ Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
▶ Clique sur le bouton Envoyer
▶ Un message de confirmation s''affiche (L''upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : http://pjjoint.malekal.com/files.php?id=df5ea299241015) Copie le lien dans ta prochaine réponse.

A bientôt.

bonsoir
je n'ai pas su travailler avec pjjoint.malekal.com
voila le rapport, et merci pour votre aide


Rapport de ZHPDiag v1.28.1361 par Nicolas Coolman, Update du 01/10/2011
Run by Administrateur at 03/10/2011 21:11:37
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)

---\\ Windows Product Information
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ System Information
~ Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1014 MB (12% free)
System Restore: Désactivé (Disabled)
System drive C: has 9 GB (44%) free of 20 GB

---\\ Logged in mode
~ Computer Name: EDITION_ULTRA
~ User Name: Administrateur
~ All Users Names: IWAM_EDITION_ULTRA, IUSR_EDITION_ULTRA, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Administrateur\Application Data\
~ %Desktop% : C:\Documents and Settings\Administrateur\Bureau\
~ %Favorites% : C:\Documents and Settings\Administrateur\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Administrateur\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Administrateur\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 9 Go of 20 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 18 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
H:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.03/10/2011 - 20:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.03/10/2011 - 20:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.6CE32F7778061CCC5814D5E0F282D369] - (.Microsoft Corporation - Internet Extensions for Win32.) (.03/10/2011 - 05:34:58.) -- C:\WINDOWS\system32\wininet.dll [914944]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.03/10/2011 - 20:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.355556D9E580915118CD7EF736653A89] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/10/2011 - 14:22:48.) -- C:\WINDOWS\system32\drivers\AFD.sys [138496] *1868
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/10/2011 - 12:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512] *1788
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.03/10/2011 - 13:14:22.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744] *1804
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.03/10/2011 - 12:40:48.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [62976] *1780
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.03/10/2011 - 19:57:40.) -- C:\WINDOWS\system32\drivers\Fips.sys [44672] *1852
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.03/10/2011 - 10:36:06.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [144384] *1940
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.03/10/2011 - 20:00:54.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [54144] *1852
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.03/10/2011 - 12:41:00.) -- C:\WINDOWS\system32\drivers\Imapi.sys [42112] *1780
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.03/10/2011 - 12:57:16.) -- C:\WINDOWS\system32\drivers\IpNat.sys [152832] *1820
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.03/10/2011 - 13:19:44.) -- C:\WINDOWS\system32\drivers\IPSec.sys [75264] *5892536,1756
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/10/2011 - 14:29:31.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [456320] *1844
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.03/10/2011 - 13:21:02.) -- C:\WINDOWS\system32\drivers\netBT.sys [162816] *1788
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.03/10/2011 - 13:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976] *1788
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.03/10/2011 - 20:47:24.) -- C:\WINDOWS\system32\drivers\Parport.sys [80384] *1852
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.03/10/2011 - 13:19:44.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328] *1876
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/10/2011 - 12:32:52.) -- C:\WINDOWS\system32\drivers\rdpdr.sys [196224] *1828
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.03/10/2011 - 19:57:36.) -- C:\WINDOWS\system32\drivers\redbook.sys [58752] *1892
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 3/12
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 2/6
~ Mes Documents (My Documents) : 13/184
~ Mon Bureau (My Desktop) : 11/253
~ Menu demarrer (Programs) : 5/48
~ Scan Hidden Files in 00mn 02s



---\\ Processus lancés
[MD5.F5179458B21780A88056C142F395406F] - (.ESET - Eset Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [472320] [PID.180]
[MD5.3FE5A84FAC62753A20F539BE3E7BFC56] - (.Microsoft Corporation - Services Internet (IIS).) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872] [PID.220]
[MD5.890369AED0DDE1A98F09F7DC239CA2BD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [152984] [PID.248]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.168]
[MD5.1142BEEDF0610250FB0E4A3213156197] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16855552] [PID.1212]
[MD5.B427B61409493138D39A48EFC5767283] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [143360] [PID.1276]
[MD5.25B9D53B861552EC83B80A565AC07A47] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [172032] [PID.1328]
[MD5.E24AAF17E339759C296AC67EA56ED97B] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [143360] [PID.1372]
[MD5.6E15CAC2275E0B0A22E7EE9BAC30D7BA] - (...) -- C:\WINDOWS\VistaDrive\VistaDrive.exe [280779] [PID.1476]
[MD5.5F5BD0F4DFF2D82EF5767EB29D0E4572] - (.ESET - Eset GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [1443072] [PID.1692]
[MD5.5C8167883287D5B22BA5E0AC28E4B04E] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [249856] [PID.1832]
[MD5.9F3287A1CAF6E365ED2B39BB8D44B0EA] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [52168] [PID.1364]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [PID.1680]
[MD5.91F67878D3750EED7BB848C102A61A13] - (.Bandoo Media, inc - Data Manager.) -- C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE [1547152] [PID.2060]
[MD5.6A2FC790CD507336E05B7FAE29D79432] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [1057280] [PID.2068]
[MD5.BF98AF55736FB805FC208B89A09E0C4F] - (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe [10240] [PID.2108]
[MD5.61CFEDAF9C527A1463F34F71240F9BB5] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [15026056] [PID.2136]
[MD5.127D33CF06468C3D9986DED9C5FAD598] - (...) -- C:\Program Files\Tenda\W302P\UI.exe [2121728] [PID.2264]
[MD5.D03EE270D6D1A47C06845F04A80A413D] - (.Yahoo! Inc. - Yahoo! Messenger Tray.) -- C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe [79160] [PID.2592]
[MD5.2CE8F1C52F490875592166316C512B6F] - (.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe [80256] [PID.1000]
[MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.3008]
[MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.2836]
[MD5.B8B44ECF6F70DF46759D013D61DB3114] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe [64000] [PID.3016]
[MD5.20B58B5874A519037BC3DC5764E81963] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2128384] [PID.2512]
~ Scan Processes Running in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\prefs.js
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\user.js
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\prefs.js
C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\user.js
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\searchplugins\118-811com.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\searchplugins\dailymotion.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\searchplugins\google-translate-en-fr.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\searchplugins\MediaDICO-fr.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\searchplugins\the-pirate-bay.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\zkalyan5.default\searchplugins\youtube.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\fcmdSrchvsl.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Administrateur - mteietq8.default] http://www.searchqu.com
M0 - MFSP: prefs.js [Administrateur - zkalyan5.default] www.google.fr
M2 - MFEP: prefs.js [Administrateur - mteietq8.default\foxmarks@kei.com] [] Xmarks v (.Todd Agulnick.)
M2 - MFEP: prefs.js [Administrateur - mteietq8.default\fr-moderne@dictionaries.addons.mozilla.org] [] Dictionnaire français «Moderne» v4.2.5 (.Olivier R..)
M2 - MFEP: prefs.js [Administrateur - mteietq8.default\nl-NL@dictionaries.addons.mozilla.org] [] Woordenboek Nederlands v3.0.1 (.Wim Benes.)
M2 - MFEP: prefs.js [Administrateur - mteietq8.default\{4be68a18-deba-49e0-9e09-ee7796f3b62a}] [] Billeo v2.1.1.7 (.Billeo, Inc..)
M2 - MFEP: prefs.js [Administrateur - mteietq8.default\{6AC85730-7D0F-4de0-B3FA-21142DD85326}] [] ColorZilla v2.5.5 (.Alex Sirota.)
M2 - MFEP: prefs.js [Administrateur - mteietq8.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.5 (.Michel Gutierrez.)
M2 - MFEP: prefs.js [Administrateur - mteietq8.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.9.11 (.Aaron Boodman; http://youngpup.net/.)
M2 - MFEP: prefs.js [Administrateur - zkalyan5.default\{07b2a769-ed19-4483-87ce-c643914c81bb}] [] Vista-aero v2.0.0.62 (.FlyWorld and Merci chao .)
M2 - MFEP: prefs.js [Administrateur - zkalyan5.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.1.20091029021655 (.Yahoo!.)
M2 - MFEP: prefs.js [Administrateur - zkalyan5.default\{77b819fa-95ad-4f2c-ac7c-486b356188a9}] [] IE Tab v1.5.20090207 (.Hong Jen Yee (PCMan).)
M2 - MFEP: prefs.js [Administrateur - zkalyan5.default\{A4732521-77D9-447E-A557-B279AC923F06}] [] Image Toolbar v0.6.5 (.Ben Basson.)
M2 - MFEP: prefs.js [Administrateur - zkalyan5.default\{aba3f5c2-35d5-4960-bdfc-de9c162e39ce}] [] OpenBook v0.6.5 (.chuonthis.)
M2 - MFEP: prefs.js [Administrateur - zkalyan5.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus v1.0.1 (.Wladimir Palant.)
M2 - MFEP: prefs.js [Administrateur - zkalyan5.default\{EF522540-89F5-46b9-B6FE-1829E2B572C6}] [] GooglePreview v3.17 (.Edward Ackroyd.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files\Yahoo!\Shared\npYState.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.11.2852] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.46] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.1662] - (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.46] - (.RealNetworks, Inc. - 6.0.12.46.) -- C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
~ Scan Firefox Browser in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://start.facemoods.com
R1 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) (2008, 7, 28, 01) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: Loader Class - {9D717F81-9148-4f12-8568-69135F087DB0} . (.Bandoo Media, inc - Url Helper.) -- C:\PROGRA~1\WI9130~1\Datamngr\BROWSE~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} . (.IniCom Networks, Inc. - Pas de description.) -- C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\PROGRA~1\WI9130~1\Datamngr\ToolBar\searchqudtx.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VistaDrive] . (...) -- C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [egui] . (.ESET - Eset GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] bthprops.cpl
O4 - HKLM\..\Run: [Facemoi] c:\Facemoi\facemoi.exe (.not file.)
O4 - HKLM\..\Run: [DATAMNGR] . (.Bandoo Media, inc - Data Manager.) -- C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe
O4 - HKCU\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_Plugin.exe
O4 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe
O4 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe
O4 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] Clé orpheline
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] Clé orpheline
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] Clé orpheline
O4 - HKUS\S-1-5-21-1292428093-1757981266-1644491937-500\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_Plugin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\FlashFXP.lnk . (.IniCom Networks, Inc..) -- C:\Program Files\FlashFXP\FlashFXP.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PuTTY.lnk . (.Simon Tatham.) -- C:\Program Files\PuTTY\PuTTY.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Live Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Mail\wlmail.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\QuickPar.lnk . (.Peter B Clements.) -- C:\Program Files\QuickPar\QuickPar.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: Console Java (Sun) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FB732832-19B8-4303-9A32-15606D144633}: NameServer = 41.221.20.4 8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{FB732832-19B8-4303-9A32-15606D144633}: NameServer = 41.221.20.4 8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{FB732832-19B8-4303-9A32-15606D144633}: NameServer = 41.221.20.4 8.8.4.4
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Bandoo Media, inc - Data Manager.) - C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\wpdshserviceobj.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Eset Service (ekrn) . (.ESET - Eset Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.exe (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (easdrv) . (.ESET - Eset AntiStealth driver.) - C:\WINDOWS\system32\DRIVERS\easdrv.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
O41 - Driver: (epfwtdir) . (...) - C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{A0353900-21A2-42CF-B973-883500A027F7}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{A0353900-21A2-42CF-B973-883500A027F7}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{A0353900-21A2-42CF-B973-883500A027F7}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{A0353900-21A2-42CF-B973-883500A027F7}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{A0353900-21A2-42CF-B973-883500A027F7}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{A0353900-21A2-42CF-B973-883500A027F7}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{5A2F65A4-808F-4A1E-973E-92E17824982D}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}
O42 - Logiciel: 7-Zip 4.57 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A90000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems Inc..) [HKLM] -- {54E4B63C-D252-454C-BE4F-468F102B331C}
O42 - Logiciel: Allok 3GP PSP MP4 iPod Video Converter 5.2.0202 - (.Allok Soft .Inc.) [HKLM] -- Allok 3GP PSP MP4 iPod Video Converter_is1
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: AviSplit Classic Version 1.43 - (.Bobyte software.) [HKLM] -- AviSplit Classic (Freeware)_is1
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Combined Community Codec Pack 2008-09-21 16:18 - (.CCCP Project.) [HKLM] -- Combined Community Codec Pack_is1
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-040C-0000-0000000FF1CE}
O42 - Logiciel: DAMN NFO Viewer Setup - (.DAMN.) [HKLM] -- {D5DE2E28-2BA1-4CF8-A4C5-D3D2AE0A9E38}
O42 - Logiciel: DriverAgent by eSupport.com - (.Pas de propriétaire.) [HKLM] -- DriverAgent.exe
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Easy Photo Print - (.Pas de propriétaire.) [HKLM] -- {BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}
O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {E86BC406-944E-41F6-ADE6-2C136734C96B}
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
O42 - Logiciel: ESC79_D78 Guide d'utilisation - (.Pas de propriétaire.) [HKLM] -- ESC79_D78 Guide d'utilisation
O42 - Logiciel: ESET NOD32 Antivirus - (.ESET spol s r. o..) [HKLM] -- {944F0F77-F26F-4D17-A440-6DA4CBE05B71}
O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.) [HKLM] -- EVEREST Home Edition_is1
O42 - Logiciel: Easy Audio Cutter V2.0 - (.Koyote Soft.) [HKLM] -- Easy Audio Cutter_is1
O42 - Logiciel: FlashFXP v3 - (.IniCom Networks, Inc..) [HKLM] -- {96E3AED5-3D0B-4BB0-84C2-1EDADB204487}
O42 - Logiciel: Foxit Reader - (.Pas de propriétaire.) [HKLM] -- Foxit Reader
O42 - Logiciel: Free Video Converter V 3.0 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Java(TM) 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: K-Lite Codec Pack 4.7.5 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA
O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
O42 - Logiciel: NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up - (.Pas de propriétaire.) [HKLM] -- Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1
O42 - Logiciel: Nero 8 Lite 8.3.6.0 - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++
O42 - Logiciel: PIF DESIGNER - (.Pas de propriétaire.) [HKLM] -- {B90450DF-E781-46FD-B1F1-0C86DA40E443}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PuTTY - (.Pas de propriétaire.) [HKLM] -- PuTTY
O42 - Logiciel: QT Lite 2.7.0 - (.Pas de propriétaire.) [HKLM] -- qt7lite_is1
O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] -- QuickPar
O42 - Logiciel: Real Alternative 1.8.4 Lite - (.Pas de propriétaire.) [HKLM] -- RealAlt_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SABnzbOpen v1.0 - (.Pas de propriétaire.) [HKLM] -- SABnzbOpen_is1
O42 - Logiciel: SABnzbd (remove only) - (.Pas de propriétaire.) [HKLM] -- SABnzbd
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951596) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1AFF2298-CC00-4A3B-866A-C62B8373794E}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{797AE457-BA17-4BBC-B501-25FB3A0103C7}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB951546) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
O42 - Logiciel: Security Update for Microsoft Office OneNote 2007 (KB950130) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB951338) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{558B709B-821B-4FC5-90FC-9A8890641E77}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB950114) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB950113) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD72BABE-C733-4FCF-9674-43144

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB950113) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD72BABE-C733-4FCF-9674-4314466191B9}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB951808) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5F7F6FFF-395D-480E-8450-64F385D82C5F}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
O42 - Logiciel: Skype(TM) 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2
O42 - Logiciel: Tweak UI - (.Pas de propriétaire.) [HKLM] -- Tweak UI 2.10
O42 - Logiciel: USB PC Camera (ZS211) - (.Pas de propriétaire.) [HKLM] -- {44D02D8B-FFB3-4245-8D26-68D10B4C4023}
O42 - Logiciel: UltraISO Premium V9.31 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1
O42 - Logiciel: Unlocker 1.8.7 - (.Cedrick Collomb.) [HKLM] -- Unlocker
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB952142) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4AD3A076-427C-491F-A5B7-7D1DE788A756}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb956080) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{96CC215F-3F22-4E1E-A101-F0041934A456}
O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Video Cutter 1.0 - (.prvsoft.com.) [HKLM] -- Video Cutter_is1
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive
O42 - Logiciel: Vista Drive Indicator! - (.KelCorp.) [HKLM] -- VDrive
O42 - Logiciel: W302P - (.Tenda.) [HKLM] -- {61816290-C9C4-47C9-BA2B-239821989D6B}
O42 - Logiciel: WinMover 3.2.0.6 - (.Andreas Eliasson (EliasAE).) [HKLM] -- WinMover_is1
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {C514C594-23AA-4F13-A070-DB8BDB27594F}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {059C042E-796A-4ACC-A81A-ECC2010BB78C}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Outil de téléchargement - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Windows Live Safety Scanner - (.Pas de propriétaire.) [HKLM] -- Windows Live Safety Scanner
O42 - Logiciel: Windows Searchqu Toolbar - (.Bandoo Media Inc.) [HKLM] -- Searchqu 0 MediaBar
O42 - Logiciel: XnView 1.94 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1
O42 - Logiciel: XnView Shell Extension 2.4.0 - (.Gougelet Pierre-e.) [HKLM] -- XnView Shell Extension_is1
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger
O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: ZebHelpProcess 2.51 - (.Nicolas Coolman.) [HKLM] -- Zeb Help Process_is1
O42 - Logiciel: mobiConnect - (.Huawei Technologies Co.,Ltd.) [HKLM] -- mobiConnect
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AC3Filter]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Billeo]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bobyte]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreAAC]
[HKCU\Software\CoreVorbis]
[HKCU\Software\Cyberlink]
[HKCU\Software\Cygnus Solutions]
[HKCU\Software\DAMN]
[HKCU\Software\DataMngr]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\DicoVerb]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\ESET]
[HKCU\Software\EasyBits]
[HKCU\Software\EasyBoot Systems]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\EliasAE]
[HKCU\Software\FlashFXP]
[HKCU\Software\Foxit Software]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\IE]
[HKCU\Software\IM Providers]
[HKCU\Software\ImgBurn]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavalys]
[HKCU\Software\MOVDLTool]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaChance]
[HKCU\Software\MediaInfo]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Phoenix Technologies]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QuickPar]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SABnzbd]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\SuperSoftwarePackage]
[HKCU\Software\Sysinternals]
[HKCU\Software\TendaRAAP_311u(Viction)]
[HKCU\Software\Trolltech]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WPI]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Winamp]
[HKCU\Software\XnView]
[HKCU\Software\Yahoo]
[HKCU\Software\searchqutoolbar]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\AviSynth]
[HKLM\Software\Borland]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Combined-Community-Codec-Pack]
[HKLM\Software\Cyberlink]
[HKLM\Software\Cygnus Solutions]
[HKLM\Software\DAMN]
[HKLM\Software\DataMngr]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Doug]
[HKLM\Software\EPSON]
[HKLM\Software\ESET]
[HKLM\Software\EasyBoot Systems]
[HKLM\Software\Elaborate Bytes]
[HKLM\Software\Facemoi]
[HKLM\Software\FlashFXP]
[HKLM\Software\Foxit Software]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Huawei technologies]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\KLCodecPack]
[HKLM\Software\MDC]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Nullsoft]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\QTLite]
[HKLM\Software\RealAlternative]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\SABnzb]
[HKLM\Software\Schlumberger]
[HKLM\Software\SearchquMediabarTb]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\Tenda]
[HKLM\Software\VIMICRO]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Yahoo]
[HKLM\Software\ZSMC]
[HKLM\Software\asoftwareplus]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/03/2011 - 11:19:36 - [2845370] ----D- C:\Program Files\7-Zip
O43 - CFD: 23/03/2011 - 12:35:58 - [76694587] ----D- C:\Program Files\Adobe
O43 - CFD: 19/05/2011 - 21:58:10 - [2441] ----D- C:\Program Files\adslTV
O43 - CFD: 22/03/2011 - 11:35:54 - [16514428] ----D- C:\Program Files\Allok 3GP PSP MP4 iPod Video Converter
O43 - CFD: 22/07/2011 - 14:02:30 - [144857] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 22/07/2011 - 09:16:42 - [1826795] ----D- C:\Program Files\bobyte
O43 - CFD: 22/03/2011 - 11:20:08 - [2408386] ----D- C:\Program Files\CCleaner
O43 - CFD: 23/03/2011 - 12:36:16 - [18517569] ----D- C:\Program Files\Combined Community Codec Pack
O43 - CFD: 22/03/2011 - 11:16:22 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 28/03/2011 - 23:36:58 - [168] ----D- C:\Program Files\CPUID
O43 - CFD: 23/03/2011 - 12:34:32 - [445255] ----D- C:\Program Files\DAMN NFO Viewer
O43 - CFD: 22/07/2011 - 09:37:34 - [2523798] ----D- C:\Program Files\Easy Audio Mp3 Wma Ogg Cutter
O43 - CFD: 23/03/2011 - 12:37:22 - [1960559] ----D- C:\Program Files\Elaborate Bytes
O43 - CFD: 23/03/2011 - 19:01:18 - [127009269] ----D- C:\Program Files\EPSON
O43 - CFD: 22/07/2011 - 14:00:16 - [243] ----D- C:\Program Files\eRightSoft
O43 - CFD: 22/03/2011 - 11:30:56 - [49110252] ----D- C:\Program Files\ESET
O43 - CFD: 23/03/2011 - 14:27:36 - [376074363] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 23/03/2011 - 13:37:38 - [7212686] ----D- C:\Program Files\FlashFXP
O43 - CFD: 22/03/2011 - 11:20:12 - [7114178] ----D- C:\Program Files\Foxit Software
O43 - CFD: 22/07/2011 - 09:29:02 - [11268093] ----D- C:\Program Files\Free Video Converter
O43 - CFD: 22/03/2011 - 11:44:44 - [20789603] ----D- C:\Program Files\GRETECH
O43 - CFD: 23/03/2011 - 12:33:56 - [2158461] ----D- C:\Program Files\ImgBurn
O43 - CFD: 01/10/2011 - 14:23:28 - [15739535] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 22/03/2011 - 11:29:54 - [4765288] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 23/03/2011 - 12:14:02 - [163576358] ----D- C:\Program Files\Java
O43 - CFD: 22/03/2011 - 11:23:04 - [38108983] ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 29/03/2011 - 17:40:12 - [6813530] ----D- C:\Program Files\Lavalys
O43 - CFD: 26/09/2011 - 13:43:38 - [7025250] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 21/05/2011 - 09:21:58 - [2051322] ----D- C:\Program Files\Messenger
O43 - CFD: 22/03/2011 - 16:06:50 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 22/03/2011 - 11:23:30 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 23/03/2011 - 14:27:42 - [290215784] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 23/03/2011 - 14:27:38 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 23/03/2011 - 14:28:02 - [3178824] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 23/03/2011 - 14:27:14 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 19/05/2011 - 22:08:40 - [121] ----D- C:\Program Files\Mlehrer
O43 - CFD: 03/07/2011 - 12:04:34 - [30044846] ----D- C:\Program Files\mobiConnect
O43 - CFD: 21/05/2011 - 08:53:48 - [9595377] ----D- C:\Program Files\Movie Maker
O43 - CFD: 30/09/2011 - 23:41:06 - [41602066] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 23/05/2011 - 07:28:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 23/03/2011 - 11:05:54 - [58474421] ----D- C:\Program Files\MSECache
O43 - CFD: 22/03/2011 - 11:14:36 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 22/03/2011 - 11:15:04 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 23/03/2011 - 13:36:52 - [58453304] ----D- C:\Program Files\Nero
O43 - CFD: 22/03/2011 - 11:17:54 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 23/03/2011 - 13:36:56 - [4783489] ----D- C:\Program Files\Notepad++
O43 - CFD: 22/03/2011 - 11:16:02 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 21/05/2011 - 08:54:38 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 18/06/2011 - 10:09:26 - [3714279] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 23/03/2011 - 14:14:50 - [454656] ----D- C:\Program Files\PuTTY
O43 - CFD: 15/04/2011 - 10:56:24 - [40753010] ----D- C:\Program Files\QT Lite
O43 - CFD: 15/04/2011 - 10:56:24 - [947252] ----D- C:\Program Files\QuickPar
O43 - CFD: 15/04/2011 - 10:56:24 - [16992114] ----D- C:\Program Files\Real Alternative
O43 - CFD: 23/05/2011 - 07:28:22 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 23/03/2011 - 12:34:40 - [14277983] ----D- C:\Program Files\SABnzbd
O43 - CFD: 23/03/2011 - 12:34:50 - [898796] ----D- C:\Program Files\SABnzbOpen
O43 - CFD: 22/03/2011 - 11:18:10 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 22/03/2011 - 14:55:46 - [26914724] R---D- C:\Program Files\Skype
O43 - CFD: 22/03/2011 - 11:34:56 - [1209395] ----D- C:\Program Files\SuperCopier2
O43 - CFD: 01/10/2011 - 14:23:28 - [18583970] ----D- C:\Program Files\Tenda
O43 - CFD: 27/03/2011 - 10:24:14 - [0] ----D- C:\Program Files\ToolbarInstaller
O43 - CFD: 22/03/2011 - 11:35:22 - [5764786] ----D- C:\Program Files\UltraISO
O43 - CFD: 22/03/2011 - 11:37:02 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 23/03/2011 - 12:37:22 - [198753] ----D- C:\Program Files\Unlocker
O43 - CFD: 22/03/2011 - 11:35:30 - [270128] ----D- C:\Program Files\uTorrent
O43 - CFD: 22/07/2011 - 11:33:28 - [10843243] ----D- C:\Program Files\Video Cutter
O43 - CFD: 22/03/2011 - 11:46:02 - [61995016] ----D- C:\Program Files\VideoLAN
O43 - CFD: 22/03/2011 - 16:12:54 - [2741678] ----D- C:\Program Files\Vimicro
O43 - CFD: 22/03/2011 - 11:19:52 - [33292795] ----D- C:\Program Files\Winamp
O43 - CFD: 23/03/2011 - 12:15:00 - [70015766] ----D- C:\Program Files\Windows Live
O43 - CFD: 23/03/2011 - 12:37:32 - [4486909] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 22/03/2011 - 11:15:56 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 22/03/2011 - 11:15:22 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 22/03/2011 - 11:19:22 - [7648968] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 22/03/2011 - 11:14:58 - [3948287] ----D- C:\Program Files\Windows NT
O43 - CFD: 22/07/2011 - 09:29:44 - [8656441] ----D- C:\Program Files\Windows Searchqu Toolbar
O43 - CFD: 22/03/2011 - 11:18:14 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 23/03/2011 - 13:21:34 - [448771] ----D- C:\Program Files\WinMover
O43 - CFD: 23/03/2011 - 13:27:16 - [3436449] ----D- C:\Program Files\WinRAR
O43 - CFD: 22/03/2011 - 11:23:30 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 24/09/2011 - 12:57:48 - [49811634] ----D- C:\Program Files\XnView
O43 - CFD: 22/03/2011 - 18:20:44 - [37044762] ----D- C:\Program Files\Yahoo!
O43 - CFD: 01/10/2011 - 13:10:54 - [117996137] ----D- C:\Program Files\ZebHelpProcess
O43 - CFD: 03/10/2011 - 21:11:46 - [6528009] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 23/03/2011 - 12:35:58 - [1842954] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 23/03/2011 - 14:27:36 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 22/03/2011 - 11:35:22 - [262144] ----D- C:\Program Files\Fichiers Communs\EZB Systems
O43 - CFD: 23/03/2011 - 19:02:46 - [8842638] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 23/03/2011 - 12:13:30 - [31093537] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 23/03/2011 - 14:31:50 - [224981763] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 22/03/2011 - 11:17:50 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 22/03/2011 - 11:28:34 - [30346146] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 22/03/2011 - 11:08:28 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 15/04/2011 - 10:57:52 - [13738] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 22/03/2011 - 14:55:34 - [2254216] ----D- C:\Program Files\Fichiers Communs\Skype
O43 - CFD: 22/03/2011 - 11:08:26 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 22/03/2011 - 16:29:52 - [41275557] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 22/03/2011 - 15:47:24 - [30997305] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 24/03/2011 - 19:04:18 - [876810] ----D- C:\Documents and Settings\Administrateur\Application Data\Adobe
O43 - CFD: 19/07/2011 - 23:24:54 - [199] ----D- C:\Documents and Settings\Administrateur\Application Data\dvdcss
O43 - CFD: 23/03/2011 - 12:18:20 - [1303] ----D- C:\Documents and Settings\Administrateur\Application Data\EliasAE
O43 - CFD: 28/03/2011 - 13:37:20 - [529] ----D- C:\Documents and Settings\Administrateur\Application Data\EPSON
O43 - CFD: 22/07/2011 - 16:10:56 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\facemoods.com
O43 - CFD: 22/03/2011 - 11:20:12 - [34100] ----D- C:\Documents and Settings\Administrateur\Application Data\Foxit
O43 - CFD: 22/07/2011 - 09:37:34 - [24] ----D- C:\Documents and Settings\Administrateur\Application Data\FreeAudioPack
O43 - CFD: 24/09/2011 - 23:25:02 - [2387] ----D- C:\Documents and Settings\Administrateur\Application Data\FreeVideoConverter
O43 - CFD: 22/03/2011 - 14:54:12 - [127861] ----D- C:\Documents and Settings\Administrateur\Application Data\GRETECH
O43 - CFD: 22/03/2011 - 11:38:36 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Identities
O43 - CFD: 01/10/2011 - 14:23:14 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\InstallShield
O43 - CFD: 22/03/2011 - 15:07:30 - [15127] ----D- C:\Documents and Settings\Administrateur\Application Data\Macromedia
O43 - CFD: 17/06/2011 - 09:56:12 - [11138] ----D- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
O43 - CFD: 23/03/2011 - 12:36:22 - [3354] ----D- C:\Documents and Settings\Administrateur\Application Data\Media Player Classic
O43 - CFD: 28/09/2011 - 20:29:30 - [4934993] -S--D- C:\Documents and Settings\Administrateur\Application Data\Microsoft
O43 - CFD: 22/03/2011 - 11:35:36 - [140023823] ----D- C:\Documents and Settings\Administrateur\Application Data\Mozilla
O43 - CFD: 22/03/2011 - 16:01:00 - [76356] ----D- C:\Documents and Settings\Administrateur\Application Data\Nero
O43 - CFD: 28/03/2011 - 23:38:02 - [99457] ----D- C:\Documents and Settings\Administrateur\Application Data\Notepad++
O43 - CFD: 18/06/2011 - 10:17:08 - [1219] ----D- C:\Documents and Settings\Administrateur\Application Data\PhotoFiltre
O43 - CFD: 29/04/2011 - 22:15:00 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Real
O43 - CFD: 22/07/2011 - 16:10:58 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\searchquband
O43 - CFD: 22/07/2011 - 16:11:06 - [116685] ----D- C:\Documents and Settings\Administrateur\Application Data\searchqutoolbar
O43 - CFD: 03/10/2011 - 20:31:06 - [10676841] ----D- C:\Documents and Settings\Administrateur\Application Data\Skype
O43 - CFD: 03/10/2011 - 16:31:42 - [69768] ----D- C:\Documents and Settings\Administrateur\Application Data\skypePM
O43 - CFD: 22/03/2011 - 11:20:30 - [14505938] ----D- C:\Documents and Settings\Administrateur\Application Data\Sun
O43 - CFD: 16/06/2011 - 13:53:06 - [551738] ----D- C:\Documents and Settings\Administrateur\Application Data\uTorrent
O43 - CFD: 22/03/2011 - 11:47:40 - [463617] ----D- C:\Documents and Settings\Administrateur\Application Data\vlc
O43 - CFD: 15/04/2011 - 10:35:28 - [170153] ----D- C:\Documents and Settings\Administrateur\Application Data\Winamp
O43 - CFD: 22/03/2011 - 11:35:36 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\WinRAR
O43 - CFD: 22/03/2011 - 18:33:16 - [550874] ----D- C:\Documents and Settings\Administrateur\Application Data\Yahoo!
O43 - CFD: 24/03/2011 - 19:12:18 - [10072] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
O43 - CFD: 23/03/2011 - 21:12:04 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple Computer
O43 - CFD: 15/07/2011 - 13:30:20 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Axialis
O43 - CFD: 28/05/2011 - 19:04:06 - [12] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\ESET
O43 - CFD: 30/03/2011 - 10:28:56 - [620576] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\eSupport.com
O43 - CFD: 26/06/2011 - 13:04:58 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google
O43 - CFD: 14/04/2011 - 09:36:32 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Help
O43 - CFD: 12/07/2011 - 18:23:12 - [423935567] -S--D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft
O43 - CFD: 23/03/2011 - 14:23:56 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft Help
O43 - CFD: 22/03/2011 - 11:35:36 - [160584096] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Mozilla
O43 - CFD: 07/07/2011 - 15:57:32 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\PackageAware
O43 - CFD: 23/03/2011 - 12:37:00 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Real
O43 - CFD: 23/03/2011 - 12:34:42 - [1767] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\SABnzbd
O43 - CFD: 15/07/2011 - 00:31:08 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\WMTools Downloaded Files
O43 - CFD: 22/03/2011 - 18:33:16 - [101798] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Yahoo
~ Scan Program Folder in 00mn 25s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8FB717E286BB21A4F382AFFE942BDED7] - 03/10/2011 - 16:31:37 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1985603]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/10/2011 - 16:30:46 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.C6ADFAB5078BF0C9784FC5DD058DB559] - 03/10/2011 - 16:30:45 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.9D7DF39CC8B32A8FDE110124D9015EC4] - 03/10/2011 - 16:30:43 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.2EDCDF7E0BE400E6ACB623741EA56C25] - 03/10/2011 - 16:30:38 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 03/10/2011 - 16:30:37 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.79E024F768BF324E451FD262048BD5AC] - 02/10/2011 - 22:37:04 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32496]
O44 - LFC:[MD5.DEFF1FAD6547D858F01DC83B6BE47734] - 02/10/2011 - 19:39:23 ---A- . (...) -- C:\WINDOWS\setupapi.log [35157]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 01/10/2011 - 14:44:45 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.DB655A760B5CEE45F1E48DF8E7019F85] - 01/10/2011 - 14:44:45 ---A- . (...) -- C:\WINDOWS\win.ini [964]
O44 - LFC:[MD5.775E188DD15C9AC9E735A556FB95578E] - 01/10/2011 - 14:44:45 -SH-- . (...) -- C:\boot.ini [212]
O44 - LFC:[MD5.530BF8063A3D6B69A50CF902DD067676] - 01/10/2011 - 14:24:54 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1186368]
O44 - LFC:[MD5.D79890C9960EF72C3DC4F324FF9808BC] - 01/10/2011 - 14:24:54 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [75564]
O44 - LFC:[MD5.E6B8D457C8349450C959B85A4EB1C250] - 01/10/2011 - 14:24:54 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [90914]
O44 - LFC:[MD5.A99AF928ECAF4A802386F515643AC742] - 01/10/2011 - 14:24:54 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [465360]
O44 - LFC:[MD5.763FA6D32C8A59F7D85BD3C2144D29C4] - 01/10/2011 - 14:24:54 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [538740]
O44 - LFC:[MD5.15E655BAA989444F56787EF558823643] - 01/10/2011 - 14:23:38 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21419]
O44 - LFC:[MD5.9B6194B1EA829FC2F657AB2D830B6FD0] - 01/10/2011 - 14:23:36 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2860.sys [679680]
O44 - LFC:[MD5.5A51F499F4830903D327B53D15229B4A] - 01/10/2011 - 14:23:36 ---A- . (.Ralink Technology, Inc. - Ralink CoInstaller Dynamic Link Library.) -- C:\WINDOWS\system32\RaCoInst.dll [217088]
O44 - LFC:[MD5.FA37D0FC2EB85A8F4377A828415237C8] - 01/10/2011 - 13:12:01 ---A- . (...) -- C:\PDOXUSRS.NET [13030]
O44 - LFC:[MD5.C3F5D176F71B81636E5116BAA72B4CA5] - 29/07/2008 - 11:46:48 ---A- . (...) -- C:\WINDOWS\system32\RaCoInst.dat [14640]
O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 20/01/1999 - 05:01:00 ---A- . (...) -- C:\WINDOWS\system32\DBCLIENT.DLL [210032]
O44 - LFC:[MD5.4BC02BD73338C3A26265F5C64DBEC770] - 12/11/1999 - 05:11:00 ---A- . (...) -- C:\WINDOWS\system32\BDEADMIN.CPL [183808]
~ Scan Files in 00mn 49s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Enabled] .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O47 - AAKE:Key Export SP - "C:\Program Files\adslTV\adsltv.exe" [Enabled] .(...) -- C:\Program Files\adslTV\adsltv.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\adslTV\VLC\vlc.exe" [Enabled] .(...) -- C:\Program Files\adslTV\VLC\vlc.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" [Enabled] .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ Scan CSB in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{1504c864-a564-11e0-92dc-6c626da875c1}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
O51 - MPSK:{2ac56138-96b7-11e0-92b5-6c626da875c1}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
O51 - MPSK:{2ac5613b-96b7-11e0-92b5-6c626da875c1}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.I420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\WINDOWS\system32\i420vfw.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\divx.dll
O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\WINDOWS\system32\xvidvfw.dll
O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\system32\yv12vfw.dll
O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\system32\ac3acm.acm
O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\system32\lameACM.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.5" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.1" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\system32\ac3acm.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\system32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll"="ffdshow Video Codec" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMHelp"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.15E655BAA989444F56787EF558823643] - 03/10/2011 - 14:23:38 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21419]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 03/10/2011 - 15:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 03/10/2011 - 15:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.651554E483712B708EDE864D0CA1AA73] - 03/10/2011 - 10:28:55 ---A- . (.Phoenix Technologies - DriverAgent Direct I/O for 32-bit Windows.) -- C:\WINDOWS\system32\drivers\DrvAgent32.sys [23456]
O58 - SDL:[MD5.23A6E5A600D3743BE536161E9C6F2043] - 03/10/2011 - 12:01:30 ---A- . (.ESET - Amon monitor.) -- C:\WINDOWS\system32\drivers\eamon.sys [39944]
O58 - SDL:[MD5.0ED4FA004A79E44DF4DBDC85F44FC1FD] - 03/10/2011 - 12:02:22 ---A- . (.ESET - Eset AntiStealth driver.) -- C:\WINDOWS\system32\drivers\easdrv.sys [29704]
O58 - SDL:[MD5.28CB0B64134AD62C2ACF77DB8501A619] - 03/10/2011 - 13:11:58 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys [24392]
O58 - SDL:[MD5.CCFB3BB29C08FCAB134F237743BB0311] - 03/10/2011 - 12:11:16 ---A- . (...) -- C:\WINDOWS\system32\drivers\epfwtdir.sys [33800]
O58 - SDL:[MD5.4183BE439981BBC77EF2C1D66629F124] - 03/10/2011 - 19:58:24 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\system32\drivers\ewdcsc.sys [24448]
O58 - SDL:[MD5.9BE5CAEABC6B2EB98B3A4839A55D47A0] - 03/10/2011 - 19:58:24 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\drivers\ewusbfake.sys [102656]
O58 - SDL:[MD5.8ADF5EF39E896A65BEDED878494EE2B6] - 03/10/2011 - 19:58:24 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys [102400]
O58 - SDL:[MD5.13D0F39D356E70F0A5E80D7771382245] - 03/10/2011 - 19:58:26 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\WINDOWS\system32\drivers\ewusbnet.sys [112640]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 03/10/2011 - 10:36:06 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.66A685B05066683621920BC14A45CFE8] - 03/10/2011 - 14:04:30 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\igxpmp32.sys [6048768]
O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 03/10/2011 - 17:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]
O58 - SDL:[MD5.62C212678CA063DA233ED4B0B6FC9162] - 03/10/2011 - 19:58:26 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\WINDOWS\system32\drivers\mod7700.sys [621056]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 03/10/2011 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 03/10/2011 - 15:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 03/10/2011 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 03/10/2011 - 15:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.9B6194B1EA829FC2F657AB2D830B6FD0] - 03/10/2011 - 11:52:46 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\system32\drivers\rt2860.sys [679680]
O58 - SDL:[MD5.839141088AD7EE90F5B441B2D1AFD22C] - 03/10/2011 - 14:18:46 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [117888]
O58 - SDL:[MD5.613A2B00DA1D4A80DE1EC8CFB52C0D89] - 03/10/2011 - 14:18:02 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4625408]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 03/10/2011 - 10:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.8613E8FE6C190F377240A3989FAD5D5E] - 03/10/2011 - 02:37:54 ---A- . (.Silicon Image, Inc - SATA Controller miniport driver.) -- C:\WINDOWS\system32\drivers\Si3531.sys [210224]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 03/10/2011 - 15:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.CEFAA7D630B653BE5F831DA1F49780C5] - 03/10/2011 - 01:12:47 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\WINDOWS\system32\drivers\VClone.sys [28672]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 03/10/2011 - 15:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.ACBA895B45E65232AD54AD7D71EC542F] - 03/10/2011 - 04:29:10 R--A- . (.ZSMC Corporation - Video streaming and Capture Device Driver.) -- C:\WINDOWS\system32\drivers\ZS211.sys [391836]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/10/2011 - 10:50:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 03/10/2011 - 15:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/10/2011 - 10:49:52 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/10/2011 - 10:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/10/2011 - 10:49:40 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/10/2011 - 10:49:44 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/10/2011 - 10:49:42 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Scan Drivers in 00mn 01s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 01/10/2011 - C:\WINDOWS\system32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.5.3.0(AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 28/08/2001 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 30/03/2011 - C:\WINDOWS\system32\Drivers\DrvAgent32.sys - DrvAgent32(DrvAgent32) .(.Phoenix Technologies - DriverAgent Direct I/O for 32-bit Windows.) - LEGACY_DRVAGENT32
O64 - Services: CurCS - 20/02/2008 - C:\WINDOWS\system32\DRIVERS\eamon.sys - EAMON(eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON
O64 - Services: CurCS - 20/02/2008 - C:\WINDOWS\system32\DRIVERS\easdrv.sys - easdrv(easdrv) .(.ESET - Eset AntiStealth driver.) - LEGACY_EASDRV
O64 - Services: CurCS - 20/02/2008 - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe - Eset Service(ekrn) .(.ESET - Eset Service.) - LEGACY_EKRN
O64 - Services: CurCS - 21/07/2008 - C:\WINDOWS\system32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver(ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO
O64 - Services: CurCS - 20/02/2008 - C:\WINDOWS\system32\DRIVERS\epfwtdir.sys - epfwtdir (epfwtdir) .(...) - LEGACY_EPFWTDIR
O64 - Services: CurCS - 24/05/2008 - C:\Program Files\UltraISO\drivers\ISODrive.sys - ISO DVD/CD-ROM Device Driver(ISODrive) .(.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - LEGACY_ISODRIVE
O64 - Services: CurCS - 22/03/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - ??/??/???? - C:\WINDOWS\system32\drivers\mbamswissarmy.sys (.not file.) - MBAMSwissArmy (MBAMSwissArmy) .(...) - LEGACY_MBAMSWISSARMY
O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc21.tmp (.not file.) - mchInjDrv (mchInjDrv) .(...) - LEGACY_MCHINJDRV
O64 - Services: CurCS - ??/??/???? - F:\CDriver.sys (.not file.) - MSICDSetup (MSICDSetup) .(...) - LEGACY_MSICDSETUP
~ Scan Services in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0D7562AE-8EF6-416d-A838-AB665251703A} [DefaultScope] - (Facemoods Search) - http://start.facemoods.com
O69 - SBI: SearchScopes [HKCU] {4FC1B895-E129-4345-B101-CF4EF5EF80C8} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} - (Search Results) - http://dts.search-results.com
~ Scan Keys in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [172032]
~ Scan Files in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : 8658 - (01/10/2011)
Clés trouvées (Keys found) : 24
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Hijacker.Agent
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Hijacker.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Toolbar.Facemood
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Toolbar.Facemood
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}] =>Toolbar.Facemood
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}] =>Toolbar.Facemood
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}] =>Toolbar.Facemood
[HKLM\Software\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}] =>Toolbar.Facemood
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\DataMngr_Toolbar] =>Toolbar.Agent
[HKLM\Software\SearchquMediabarTb] =>Adware.Bandoo
[HKCU\Software\searchqutoolbar] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 0 MediaBar] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
C:\Program Files\Windows Searchqu Toolbar =>Adware.Bandoo
C:\Documents and Settings\Administrateur\Application Data\searchquband =>Adware.Bandoo
~ Scan Additionnel in 00mn 12s



---\\ Recherche détournement de DNS routeur (O89)
DNS request timed out.
timeout was 2 seconds.
Serveur : google-public-dns-b.google.com
Address: 8.8.4.4
Nom : www.l.google.com
Addresses: 74.125.39.147, 74.125.39.103, 74.125.39.106, 74.125.39.104
74.125.39.99, 74.125.39.105
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 05s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 03/10/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Demand 03/10/2011 19200 | (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
SR - | Auto 03/10/2011 472320 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
SR - | Auto 03/10/2011 152984 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SS - | Disabled 0 | C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc21.tmp (mchInjDrv) . (...) - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc21.tmp
~ Scan Services in 00mn 05s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Administrateur at 03/10/2011 21:13:35

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x8635CAB8]
3 CLASSPNP[0xF764CFD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000068[0x863C9F18]
5 ACPI[0xF75C2620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-4[0x863CC940]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 07s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Administrateur at 03/10/2011 21:13:37

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 09s



End of the scan (1265 lines in 02mn 00s)(0)

salut

tu vois quand je te disais l'an dernier qu'avec un NOD32 cracké tu irais pas loin ?

ben t'en as la preuve.......

bonjour
alors que dois- je faire? merci

bonsoir
une repense SVP. merci

re

le zhpdiag t'était demandé hebergé sur cijoint.fr

bonsoir je n'ai pas su l'utiliser, c'est pour cela que je l'ai recopier. et merci de bien vouloir m'aider a résoudre le problème; et surtout pour NOD32. merci

utilise-le avec une licence légale , ca ira beaucoup mieux

re
voila le rapport http://www.cijoint.fr/cjlink.php?file=cj201110/cijtzM8VLZ.txt
merci

Bonjour

Vu le nombre de demandes de désinfections effectuées
Vu l'utilisation de licences pirates alors qu'on t'a déjà demandé d'en acheter une vraie

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll => Windows Version nLite non officielle


Vu l'utilisation du P2P

O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent => µTorrent PeerToPeer


Ce sujet est pour moi, résolu.