SVP analyse log ZHPDiag
Fermé
poupie62
Messages postés
1
Date d'inscription
dimanche 28 novembre 2010
Statut
Membre
Dernière intervention
28 novembre 2010
-
28 nov. 2010 à 11:18
Utilisateur anonyme - 28 nov. 2010 à 11:30
Utilisateur anonyme - 28 nov. 2010 à 11:30
Bonjour,
Mon PC est devenu extrèmement lent, avec l'UC qui se bloque à 100% dès qu'une commande est lancée, les pages internet qui mettent parfois plus de 2 mn à s'ouvrir.
Je poste ci-dessous le log ZHPDiag qui vient d'être fait.
Merci d'avance pour votre aide !
Très cordialement.
Rapport de ZHPDiag v1.27.136 par Nicolas Coolman, Update du 27/11/2010
Run by Jean-Marie at 28/11/2010 11:05:15
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 8 Stepping 1, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (40% free)
System drive C: has 61 GB (80%) free of 77 GB
---\\ Logged in mode
Computer Name: GESTE-HETZYO2KO
User Name: Jean-Marie
All Users Names: SUPPORT_388945a0, Jean-Marie_2, Jean-Marie, HelpAssistant, Geste, Administrateur,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 61 Go of 77 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
---\\ Processus lancés
[MD5.BBA22521D24625C7A7B8D57FB20A812E] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [405504]
[MD5.855E795383BED05C481575BD0C1C0D37] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\Common\FSM32.EXE [122929]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\RunDll32.exe [33792]
[MD5.FB0C8699B87F7140BB6201BE7B4B6778] - (.Pas de propriétaire - CameraMonitor Application.) -- C:\WINDOWS\vsnpstd3.exe [827392]
[MD5.162C88CDBC2690FDE60B47A9BE577E71] - (.Spector Photo Group - ExtraFilm Manager.) -- C:\Program Files\ExtraFilm Designer FR\ExtraFilmManager.exe [159744]
[MD5.3623C1532B098DFAF63A269533E90C08] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [484904]
[MD5.ECE648CDC3A09421E996DFFDA76F5C53] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [153136]
[MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Microsoft Office\Office\OSA.EXE [51984]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files\Micro Application\LauncherMA.exe [485376]
[MD5.235234D08249EF712813481A8E456181] - (.F-Secure Automatic Update - F-Secure Automatic Update.) -- C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [32807]
[MD5.B09DF4AE62909CED13EB2DCDB612FAFE] - (.Diskeeper Corporation - DKSERVICE.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [765952]
[MD5.1EE42860D3922B2A634191A4B9BFDD9E] - (.F-Secure Corp. - fsgk32st.) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [45056]
[MD5.C6E593B4884721673280B96FF8519722] - (.F-Secure Corp. - fsbwsys.) -- C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe [270428]
[MD5.552558067857E5EDEE8D52E369B962BF] - (.F-Secure Corp. - Gatekeeper Handler II.) -- C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE [289792]
[MD5.A796880CED6D0849E0D8DFC35821D931] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files\F-Secure\Common\FSMA32.EXE [61490]
[MD5.4819DE1A6281E7228A19105A680C5AEE] - (.F-Secure Corp. - fssm32.) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe [247296]
[MD5.7DC7D1F5E4F27B13FA3954B848860D36] - (.F-Secure Corporation - F-Secure Message Broker.) -- C:\Program Files\F-Secure\Common\FSMB32.EXE [180274]
[MD5.9AE07549A0D691A103FAF8946554BDB7] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.683A07B982832426128B684B7366710F] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [79400]
[MD5.872F3321742B9F679255BB9A031C4121] - (.F-Secure Corporation - F-Secure Configuration Handler.) -- C:\Program Files\F-Secure\Common\FCH32.EXE [65585]
[MD5.F5937DD8CDFA5160D84B22C504B32806] - (.F-Secure Corporation - F-Secure Alert and Management Extension Han.) -- C:\Program Files\F-Secure\Common\FAMEH32.EXE [270387]
[MD5.9228561F71BF2B53411E886915D302E2] - (.F-Secure Corporation - F-Secure Quarantine Handler.) -- C:\Program Files\F-Secure\Anti-Virus\fsqh.exe [32826]
[MD5.E32C981D8CB776B68CEEAC49DC7D8273] - (.F-Secure Corporation - F-Secure System Control.) -- C:\Program Files\F-Secure\Anti-Virus\fsrw.exe [159804]
[MD5.235234D08249EF712813481A8E456181] - (.F-Secure Automatic Update - F-Secure Automatic Update.) -- C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe [32807]
[MD5.060DAF68493AD7ADF104413E5A62AFA8] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [271920]
[MD5.8418AF831240CEFC33EADF9B2C4E9D60] - (.F-Secure Corporation - F-Secure Network Request Broker.) -- C:\Program Files\F-Secure\Common\FNRB32.EXE [110642]
[MD5.B920AAF7ABEA489AC415DD38AD7B76CD] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe [1209904]
[MD5.5CC16616F6EF3378957221BA2507469D] - (.F-Secure Corporation - F-Secure Anti-Virus Internet Shield daemon.) -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [208959]
[MD5.ECC4688AAF154C8ACA6C90B700CDEF46] - (.F-Secure Corporation - F-Secure Installation Launcher.) -- C:\Program Files\F-Secure\Common\FIH32.EXE [57393]
[MD5.F9121960D19C2ED28588222000F98AED] - (.F-Secure Corporation - FSAV Handler.) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe [176128]
[MD5.B45E0348FC9B89F701D5166A09F51B5A] - (.F-Secure Corporation - F-Secure GUI component.) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe [233537]
[MD5.3F771431D82127A7FC8FAE794E933338] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [621056]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
M0 - MFSP: prefs.js [Jean-Marie - ceigk2bu.default] http://www.jeuxvideo-flash.com/
---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.libertysurf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18968 (longhorn_ie8_gdr.100824-1830)) -- C:\WINDOWS\system32\ieframe.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Clé orpheline
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {81705D67-3F73-4983-859B-97D0922E5ABE} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NeroCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - tnbutil.) -- C:\Program Files\F-Secure\TNB\TNBUtil.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl
O4 - HKLM\..\Run: [snpstd3] . (.Pas de propriétaire - CameraMonitor Application.) -- C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DiskeeperSystray] . (.Diskeeper Corporation - DKICON.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
O4 - HKLM\..\Run: [ExtraFilmManager] . (.Spector Photo Group - ExtraFilm Manager.) -- C:\Program Files\ExtraFilm Designer FR\ExtraFilmManager.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk . (.Pas de propriétaire.) -- C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\F-Secure Automatic Update.lnk . (.F-Secure Automatic Update.) -- C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Recherche accélérée.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Démarrage\Lanceur.lnk . (.Micro Application.) -- C:\Program Files\Micro Application\LauncherMA.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.0.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\IncrediMail.lnk . (.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (.Pas de propriétaire.) -- C:\Program Files\Microsoft Office\Office\EXCEL.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (.Pas de propriétaire.) -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN Explorer.lnk . (.Pas de propriétaire.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Block this popup . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\F-Secure\Anti-Spyware\ieshieldh.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra 'Tools' menuitem: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} . (.not file.) - C:\Program Files\AIM95\aimres.dll
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.not file.) - C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Service client pour le fournisseur NetWare et DLL d'authentification.) -- C:\WINDOWS\system32\nwprovau.dll
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.libertysurf.fr
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} (Image Uploader Control) - http://www.famicity.com/aurigma/ImageUploader6.cab
O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.fr/ExtraFilmUploader6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{95DB2980-09B2-46CD-BE24-B26652985079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{95DB2980-09B2-46CD-BE24-B26652985079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{95DB2980-09B2-46CD-BE24-B26652985079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\Windows\System32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Pas de propriétaire - Pas de description.) -- WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {d9f6ce57-0718-4bd1-916f-5fb1f86911c2} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: (BackWeb Plug-in - 7681197) . (.F-Secure Automatic Update - F-Secure Automatic Update.) - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.exe
O23 - Service: (CachemanService) - Clé orpheline
O23 - Service: (Diskeeper) . (.Diskeeper Corporation - DKSERVICE.EXE.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corp. - fsgk32st.) - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: (fsbwsys) . (.F-Secure Corp. - fsbwsys.) - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files\F-Secure\Common\FSMA32.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: (TermService) - Clé orpheline
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - "C:\Program Files\Microsoft Office\Office12\WINWORD.exe (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scheduled scanning task.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{73F4EF44-1A02-4C10-909D-F89E549BDA81}.job
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.7F84B27CDC44EF8502AF255239B1EBE7] [APT] [Scheduled scanning task] (.Pas de propriétaire.) -- C:\PROGRA~1\F-Secure\ANTI-V~1\fsav.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\amdk7.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Amelia Earhart - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119035737}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: C-Media WDM Audio Driver - (.Pas de propriétaire.) [HKLM] -- C-Media Audio Driver
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon i250 - (.Pas de propriétaire.) [HKLM] -- CANONBJ_Deinstall_CNMCP50.DLL
O42 - Logiciel: Diner Dash 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111212843}
O42 - Logiciel: Diner Dash Flo on the Go - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}
O42 - Logiciel: Diskeeper Professional Edition - (.Diskeeper Corporation.) [HKLM] -- {DE4847A9-E86B-4BBB-B991-58C5ACA4FA04}
O42 - Logiciel: DivX Player - (.Pas de propriétaire.) [HKLM] -- DivX Player
O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.) [HKLM] -- EVEREST Home Edition_is1
O42 - Logiciel: ExtraFilm Designer FR - (.Pas de propriétaire.) [HKLM] -- ExtraFilmDesignerFR
O42 - Logiciel: F-Secure Anti-Virus Client Security - Analyse du courrier électronique - (.Pas de propriétaire.) [HKLM] -- F-Secure E-mail Scanning
O42 - Logiciel: F-Secure Anti-Virus Client Security - Analyse du trafic Web - (.Pas de propriétaire.) [HKLM] -- F-Secure Protocol Scanner
O42 - Logiciel: F-Secure Anti-Virus Client Security - Protection Internet - (.Pas de propriétaire.) [HKLM] -- F-Secure Internet Shield
O42 - Logiciel: F-Secure Anti-Virus Client Security - Protection antivirus et antispyware - (.Pas de propriétaire.) [HKLM] -- F-Secure Anti-Virus
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail
O42 - Logiciel: Java(TM) 6 Update 22 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216014FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: La légende de Papeeth - (.Pas de propriétaire.) [HKLM] -- {05707A15-308D-457F-81E6-4ECB925EF380}
O42 - Logiciel: LauncherMA - (.Micro Application.) [HKLM] -- {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MicroStaff WINASPI - (.Pas de propriétaire.) [HKLM] -- MWASPI
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Excel 97 - (.Pas de propriétaire.) [HKLM] -- Excel
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping
O42 - Logiciel: Microsoft Tool Web Package : EXCTRLST.EXE - (.Microsoft Corporation.) [HKLM] -- {B0650E3D-FDCA-4908-B74B-0CC1731BDB93}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wudf01005
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Word 97 - (.Pas de propriétaire.) [HKLM] -- Word8.0
O42 - Logiciel: Nero - Burning Rom - (.ahead software gmbh.) [HKLM] -- {A4D7B764-4140-11D4-88EB-0050DA3579C0}
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {1DED92A7-05FA-4736-8AEA-1BE2363F1036}
O42 - Logiciel: Nimo Codecs Pack v5.0 (Remove Only) - (.Pas de propriétaire.) [HKLM] -- NimoCorp
O42 - Logiciel: Orange Plug-in messagerie vocale 888 - (.Pas de propriétaire.) [HKLM] -- {16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}
O42 - Logiciel: PhotoMail Maker - (.IncrediMail Ltd..) [HKLM] -- PhotoMail
O42 - Logiciel: PhotoMail Maker - (.Nom de votre société.) [HKLM] -- {75AE8014-1184-4BC0-B279-C879540719EE}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Excel 2007 (KB936509) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{A00724F5-82C4-4924-B707-0E5A84B52471}
O42 - Logiciel: Security Update for Office 2007 (KB934062) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{305D509B-F194-4638-9F0F-D9E4C05F9D33}
O42 - Logiciel: Security Update for Office 2007 (KB936514) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C7A78F7F-EF32-4477-BAD7-3439EA7571BF}
O42 - Logiciel: Security Update for Publisher 2007 (KB936646) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
O42 - Logiciel: Security Update for the 2007 Microsoft Office System (KB936960) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
O42 - Logiciel: Update for Office 2007 (KB932080) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{EDC9CA29-6BC1-471C-828C-7A36109005D7}
O42 - Logiciel: Update for Office 2007 (KB934391) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{B3091818-7C56-4C45-BE7D-CA23027A5EA5}
O42 - Logiciel: Update for Office 2007 (KB934393) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
O42 - Logiciel: Update for Outlook 2007 (KB937608) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{CBB2454D-193F-4523-8A31-FEB343B7C30E}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb944965) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{EA8C80AA-31D6-43F0-8CD8-CA85479A34F1}
O42 - Logiciel: Update for Word 2007 (KB934173) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C6A89125-5473-45E3-B413-ED8186437475}
O42 - Logiciel: Version d'évaluation de Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- PROR
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Alterlab]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Artogon]
[HKCU\Software\Astar Games]
[HKCU\Software\Aurigma]
[HKCU\Software\Babylon]
[HKCU\Software\BackWeb]
[HKCU\Software\Big Fish Games, Inc.]
[HKCU\Software\Big Fish Games, Inc]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BigBlueBubble]
[HKCU\Software\Boolat Games]
[HKCU\Software\CDDB]
[HKCU\Software\CachemanXP]
[HKCU\Software\CatsEyeGames]
[HKCU\Software\City Interactive]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dekovir]
[HKCU\Software\Detective Stories: Hollywood]
[HKCU\Software\Digital River]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EEEZEE Products Ltd.]
[HKCU\Software\EPSON]
[HKCU\Software\Electronic Arts]
[HKCU\Software\ExtraFilm FotoFacil]
[HKCU\Software\ExtraFilmDesignerFR]
[HKCU\Software\F-Secure]
[HKCU\Software\Fugazo]
[HKCU\Software\GNU]
[HKCU\Software\GOG]
[HKCU\Software\Gabest]
[HKCU\Software\Game Mill]
[HKCU\Software\GameHouse]
[HKCU\Software\GameMill Entertaiment]
[HKCU\Software\GameXzone]
[HKCU\Software\Garmin]
[HKCU\Software\GoBit]
[HKCU\Software\Good games]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\INCAInternet]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\Intenium]
[HKCU\Software\IronCode]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\JetDogs Studios]
[HKCU\Software\JollyBear]
[HKCU\Software\Lavalys]
[HKCU\Software\LeaderTech]
[HKCU\Software\LightScribe]
[HKCU\Software\Ligos]
[HKCU\Software\Linksolutions]
[HKCU\Software\LostWorlds]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MagiciansHandbook2ReleaseV1.2]
[HKCU\Software\MagiciansHandbookCursedValley]
[HKCU\Software\Margrave 2]
[HKCU\Software\Mediachance]
[HKCU\Software\Meridian93]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NarwhalGames]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\Oberon]
[HKCU\Software\OceanMedia]
[HKCU\Software\Outertech]
[HKCU\Software\Ovogame]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Royal Philips]
[HKCU\Software\Rumbic Studio]
[HKCU\Software\SAMSUNG]
[HKCU\Software\Sandlot Games]
[HKCU\Software\SecuROM]
[HKCU\Software\Sensaura]
[HKCU\Software\Shiny Tales]
[HKCU\Software\Silverback Productions]
[HKCU\Software\SpecialBit Games]
[HKCU\Software\Test3D]
[HKCU\Software\Textalk]
[HKCU\Software\Trolltech]
[HKCU\Software\ValuSoft]
[HKCU\Software\Valve]
[HKCU\Software\VirginMega]
[HKCU\Software\Wanadoo]
[HKCU\Software\WinRAR]
[HKCU\Software\XLab]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\Zlong games]
[HKCU\Software\Zylom]
[HKCU\Software\keyhole.com]
[HKLM\Software\781]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Audible]
[HKLM\Software\Aureal]
[HKLM\Software\BVRP]
[HKLM\Software\BackWeb]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C-Media]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CachemanXP]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Data Fellows]
[HKLM\Software\DelphineSoft]
[HKLM\Software\Diskeeper Corporation]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\Electronic Arts]
[HKLM\Software\EliaShim]
[HKLM\Software\F-Secure]
[HKLM\Software\GNU]
[HKLM\Software\Garmin]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KALISTO Entertainment]
[HKLM\Software\Katana]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\LocalSoftware]
[HKLM\Software\MDC]
[HKLM\Software\Macromedia]
[HKLM\Software\MetaStream]
[HKLM\Software\Micro Application]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Nokia]
[HKLM\Software\Novell]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Opendisc]
[HKLM\Software\Orange]
[HKLM\Software\Outertech]
[HKLM\Software\PCSuite]
[HKLM\Software\Patchou]
[HKLM\Software\PlayFirst]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Reflexive Entertainment]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SONIX]
[HKLM\Software\Samsung]
[HKLM\Software\Sandlot Games]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sensaura]
[HKLM\Software\Silicon Graphics]
[HKLM\Software\Silver]
[HKLM\Software\Skunkstudios]
[HKLM\Software\SoftShape]
[HKLM\Software\Springfield]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\Trymedia Systems]
[HKLM\Software\Unisys Corporation]
[HKLM\Software\VIA Technologies, INC.]
[HKLM\Software\Via4in1Driver]
[HKLM\Software\WINDOWS]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Yahoo]
[HKLM\Software\c0b]
[HKLM\Software\iWin]
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD: 23/12/2008 - 20:19:32 ----D- C:\Program Files\Adobe
O43 - CFD: 29/07/2004 - 13:35:34 ----D- C:\Program Files\Ahead
O43 - CFD: 02/12/2009 - 08:34:12 ----D- C:\Program Files\CCleaner
O43 - CFD: 22/09/2009 - 19:07:26 ----D- C:\Program Files\Common files
O43 - CFD: 04/03/2010 - 20:29:22 ----D- C:\Program Files\DIFX
O43 - CFD: 18/08/2004 - 10:22:32 ----D- C:\Program Files\directx
O43 - CFD: 22/09/2008 - 08:13:56 ----D- C:\Program Files\Diskeeper Corporation
O43 - CFD: 28/10/2010 - 18:32:54 ----D- C:\Program Files\DivX
O43 - CFD: 03/10/2010 - 09:29:38 ----D- C:\Program Files\ExtraFilm Designer FR
O43 - CFD: 21/01/2008 - 22:00:26 ----D- C:\Program Files\F-Secure
O43 - CFD: 25/10/2010 - 18:11:46 ----D- C:\Program Files\Fichiers communs
O43 - CFD: 31/10/2007 - 15:44:14 ----D- C:\Program Files\GameSpy Arcade
O43 - CFD: 25/10/2010 - 18:01:22 ----D- C:\Program Files\Google
O43 - CFD: 14/11/2010 - 18:39:58 ----D- C:\Program Files\Incredijeux
O43 - CFD: 09/11/2010 - 20:06:32 ----D- C:\Program Files\IncrediMail
O43 - CFD: 25/10/2010 - 18:16:42 --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/10/2010 - 22:06:14 ----D- C:\Program Files\Internet Explorer
O43 - CFD: 31/10/2010 - 15:30:32 ----D- C:\Program Files\Java
O43 - CFD: 28/11/2010 - 10:41:36 ----D- C:\Program Files\Lavalys
O43 - CFD: 25/10/2010 - 17:51:34 ----D- C:\Program Files\Micro Application
O43 - CFD: 07/12/2007 - 21:49:32 ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 29/07/2004 - 13:37:16 ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 10/03/2008 - 16:22:26 ----D- C:\Program Files\Microsoft Office
O43 - CFD: 24/02/2008 - 20:31:36 ----D- C:\Program Files\Microsoft Works
O43 - CFD: 10/08/2010 - 21:25:16 ----D- C:\Program Files\Movie Maker
O43 - CFD: 28/10/2010 - 18:33:50 ----D- C:\Program Files\MSECACHE
O43 - CFD: 29/07/2004 - 11:44:40 ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 28/12/2007 - 00:22:42 ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 27/12/2007 - 11:28:58 ----D- C:\Program Files\Nero
O43 - CFD: 05/09/2008 - 18:57:40 ----D- C:\Program Files\NetMeeting
O43 - CFD: 26/11/2008 - 19:50:24 ----D- C:\Program Files\NimoCodec Pack
O43 - CFD: 14/11/2010 - 18:39:58 ----D- C:\Program Files\Oberon Media
O43 - CFD: 07/05/2009 - 18:31:40 ----D- C:\Program Files\OpenOffice.org 2.4
O43 - CFD: 31/10/2010 - 14:34:10 ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 01/12/2008 - 19:31:48 ----D- C:\Program Files\Orange
O43 - CFD: 12/05/2010 - 22:21:44 ----D- C:\Program Files\Outlook Express
O43 - CFD: 25/10/2010 - 18:14:46 ----D- C:\Program Files\PC Inspector File Recovery
O43 - CFD: 27/07/2010 - 18:31:42 ----D- C:\Program Files\PhotoMail Maker
O43 - CFD: 02/04/2007 - 18:29:24 ----D- C:\Program Files\Real
O43 - CFD: 20/07/2009 - 20:48:48 ----D- C:\Program Files\Resource Kit
O43 - CFD: 29/07/2004 - 11:46:36 ----D- C:\Program Files\Services en ligne
O43 - CFD: 28/11/2010 - 10:50:24 ----D- C:\Program Files\Trend Micro
O43 - CFD: 25/05/2009 - 09:05:54 --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 29/07/2004 - 13:31:16 ----D- C:\Program Files\VIA Technologies, INC
O43 - CFD: 26/11/2008 - 19:50:26 ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 26/11/2008 - 19:50:26 ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/09/2008 - 18:57:34 ----D- C:\Program Files\Windows NT
O43 - CFD: 27/09/2004 - 11:57:32 --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 23/09/2007 - 11:55:04 ----D- C:\Program Files\WinRAR
O43 - CFD: 29/07/2004 - 11:48:10 ----D- C:\Program Files\xerox
O43 - CFD: 28/10/2010 - 18:34:24 ----D- C:\Program Files\Yahoo!
O43 - CFD: 28/11/2010 - 11:05:38 ----D- C:\Program Files\ZHPDiag
O43 - CFD: 22/09/2009 - 19:07:26 ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 07/09/2004 - 08:57:14 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 26/11/2008 - 19:47:08 ----D- C:\ProgramData\Electronic Arts
O43 - CFD: 22/09/2009 - 19:07:26 ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 07/09/2004 - 08:57:14 ----D- C:\Program Files\Common Files\Microsoft Shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 09:57:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1661042]
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 09:52:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/11/2010 - 09:51:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 09:51:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.76374767D8DC64C012060F4D03F33303] - 28/11/2010 - 09:51:45 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FFASTLOG.TXT [22546]
O44 - LFC:[MD5.C479040068A083295A63949BB973CA29] - 28/11/2010 - 09:51:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2262]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 28/11/2010 - 09:51:38 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 00:00:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32442]
O44 - LFC:[MD5.E1ED400DAEA986FA3BB3179BD3675D3E] - 27/11/2010 - 23:12:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [1212]
O44 - LFC:[MD5.B9D8C0D5075352DEA4006D1AB0CA51F7] - 22/11/2010 - 21:45:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ArtGalry.cag [33792]
O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 17/11/2010 - 18:57:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.DA48A8825DFF47E934B93B691A48C538] - 31/10/2010 - 17:58:38 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Thumbs.db [7680]
O44 - LFC:[MD5.14531B4D479E8E2F83933C193C5AD32A] - 31/10/2010 - 15:30:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\JavaRa.log [604]
O44 - LFC:[MD5.54438A2DF62B0074F2202B5A85485550] - 31/10/2010 - 14:54:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\EPPRTDRV.CAB [288201]
O44 - LFC:[MD5.283BF4227D017F9B7474BEE09D53F8CD] - 31/10/2010 - 14:54:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\EPSMTL32.TXT [31]
O44 - LFC:[MD5.6A12051B7A24F58CE544B775849B00CD] - 31/10/2010 - 14:54:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\EPSETUP.CAB [443573]
O44 - LFC:[MD5.6786F7FFB2EF285FAB2DC906772E4859] - 31/10/2010 - 14:54:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\eps_icon.avi [8284]
O44 - LFC:[MD5.0F5F17A14F3B0CBACCD437C81BD3253F] - 31/10/2010 - 08:15:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [330928]
O44 - LFC:[MD5.4B6666296BAFA075C3CCA553DB9269AC] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [738488]
O44 - LFC:[MD5.7DE48664B68CB83C0A8D229CAA57172D] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [39992]
O44 - LFC:[MD5.B2650F0FE478D2F357C107EED53C4DC5] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [48616]
O44 - LFC:[MD5.785C0F232B6948E02585EF0D8FF70DA7] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [311604]
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImApp.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\IncMail.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImpCnt.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Jean-Marie\Local Settings\Temporary Internet Files\Content.IE5\C0IXKTE5\incredimail_install[1].exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Geste\Local Settings\Temporary Internet Files\Content.IE5\CRWVYX2J\incredimail_install[1].exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Jean-Marie\Local Settings\Temporary Internet Files\Content.IE5\WP23C5MN\incredimail_install[1].exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YServer.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Freeplayer\vlc\vlc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\HomePlayer\HomePlayer.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Valve\czero.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Electronic Arts\EADM\Core.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export DP - "C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{15d51b9b-27b9-11df-9b01-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\Launcher.exe (.not file.)
O51 - MPSK:{4124aaba-5871-11df-9b4c-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\http:\\www.garmin.com\agent (.not file.)
O51 - MPSK:{a7994e8e-8245-11dc-95c5-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\Autorun.exe (.not file.)
O51 - MPSK:{e6f7d0c5-d3f1-11dd-98a2-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\LaunchU3.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll"
Mon PC est devenu extrèmement lent, avec l'UC qui se bloque à 100% dès qu'une commande est lancée, les pages internet qui mettent parfois plus de 2 mn à s'ouvrir.
Je poste ci-dessous le log ZHPDiag qui vient d'être fait.
Merci d'avance pour votre aide !
Très cordialement.
Rapport de ZHPDiag v1.27.136 par Nicolas Coolman, Update du 27/11/2010
Run by Jean-Marie at 28/11/2010 11:05:15
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 8 Stepping 1, AuthenticAMD
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (40% free)
System drive C: has 61 GB (80%) free of 77 GB
---\\ Logged in mode
Computer Name: GESTE-HETZYO2KO
User Name: Jean-Marie
All Users Names: SUPPORT_388945a0, Jean-Marie_2, Jean-Marie, HelpAssistant, Geste, Administrateur,
Unselected Option: O1,O45,O61,O62,O65,O82
Logged in as Administrator
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 61 Go of 77 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 03:34:03.) -- C:\Windows\Explorer.exe [1037824]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 03:34:28.) -- C:\Windows\System32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 19:40:30.) -- C:\Windows\System32\drivers\atapi.sys [96512]
---\\ Processus lancés
[MD5.BBA22521D24625C7A7B8D57FB20A812E] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [405504]
[MD5.855E795383BED05C481575BD0C1C0D37] - (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\Common\FSM32.EXE [122929]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\RunDll32.exe [33792]
[MD5.FB0C8699B87F7140BB6201BE7B4B6778] - (.Pas de propriétaire - CameraMonitor Application.) -- C:\WINDOWS\vsnpstd3.exe [827392]
[MD5.162C88CDBC2690FDE60B47A9BE577E71] - (.Spector Photo Group - ExtraFilm Manager.) -- C:\Program Files\ExtraFilm Designer FR\ExtraFilmManager.exe [159744]
[MD5.3623C1532B098DFAF63A269533E90C08] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [484904]
[MD5.ECE648CDC3A09421E996DFFDA76F5C53] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [153136]
[MD5.D06276D4CAD46CDCEABEFDEB1A0D3C0D] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Microsoft Office\Office\OSA.EXE [51984]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files\Micro Application\LauncherMA.exe [485376]
[MD5.235234D08249EF712813481A8E456181] - (.F-Secure Automatic Update - F-Secure Automatic Update.) -- C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [32807]
[MD5.B09DF4AE62909CED13EB2DCDB612FAFE] - (.Diskeeper Corporation - DKSERVICE.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [765952]
[MD5.1EE42860D3922B2A634191A4B9BFDD9E] - (.F-Secure Corp. - fsgk32st.) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [45056]
[MD5.C6E593B4884721673280B96FF8519722] - (.F-Secure Corp. - fsbwsys.) -- C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe [270428]
[MD5.552558067857E5EDEE8D52E369B962BF] - (.F-Secure Corp. - Gatekeeper Handler II.) -- C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE [289792]
[MD5.A796880CED6D0849E0D8DFC35821D931] - (.F-Secure Corporation - F-Secure Management Agent.) -- C:\Program Files\F-Secure\Common\FSMA32.EXE [61490]
[MD5.4819DE1A6281E7228A19105A680C5AEE] - (.F-Secure Corp. - fssm32.) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe [247296]
[MD5.7DC7D1F5E4F27B13FA3954B848860D36] - (.F-Secure Corporation - F-Secure Message Broker.) -- C:\Program Files\F-Secure\Common\FSMB32.EXE [180274]
[MD5.9AE07549A0D691A103FAF8946554BDB7] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.683A07B982832426128B684B7366710F] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [79400]
[MD5.872F3321742B9F679255BB9A031C4121] - (.F-Secure Corporation - F-Secure Configuration Handler.) -- C:\Program Files\F-Secure\Common\FCH32.EXE [65585]
[MD5.F5937DD8CDFA5160D84B22C504B32806] - (.F-Secure Corporation - F-Secure Alert and Management Extension Han.) -- C:\Program Files\F-Secure\Common\FAMEH32.EXE [270387]
[MD5.9228561F71BF2B53411E886915D302E2] - (.F-Secure Corporation - F-Secure Quarantine Handler.) -- C:\Program Files\F-Secure\Anti-Virus\fsqh.exe [32826]
[MD5.E32C981D8CB776B68CEEAC49DC7D8273] - (.F-Secure Corporation - F-Secure System Control.) -- C:\Program Files\F-Secure\Anti-Virus\fsrw.exe [159804]
[MD5.235234D08249EF712813481A8E456181] - (.F-Secure Automatic Update - F-Secure Automatic Update.) -- C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe [32807]
[MD5.060DAF68493AD7ADF104413E5A62AFA8] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [271920]
[MD5.8418AF831240CEFC33EADF9B2C4E9D60] - (.F-Secure Corporation - F-Secure Network Request Broker.) -- C:\Program Files\F-Secure\Common\FNRB32.EXE [110642]
[MD5.B920AAF7ABEA489AC415DD38AD7B76CD] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe [1209904]
[MD5.5CC16616F6EF3378957221BA2507469D] - (.F-Secure Corporation - F-Secure Anti-Virus Internet Shield daemon.) -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [208959]
[MD5.ECC4688AAF154C8ACA6C90B700CDEF46] - (.F-Secure Corporation - F-Secure Installation Launcher.) -- C:\Program Files\F-Secure\Common\FIH32.EXE [57393]
[MD5.F9121960D19C2ED28588222000F98AED] - (.F-Secure Corporation - FSAV Handler.) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe [176128]
[MD5.B45E0348FC9B89F701D5166A09F51B5A] - (.F-Secure Corporation - F-Secure GUI component.) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe [233537]
[MD5.3F771431D82127A7FC8FAE794E933338] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [621056]
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
P2 - FPN: [HKCU] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
M0 - MFSP: prefs.js [Jean-Marie - ceigk2bu.default] http://www.jeuxvideo-flash.com/
---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.libertysurf.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18968 (longhorn_ie8_gdr.100824-1830)) -- C:\WINDOWS\system32\ieframe.dll
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Clé orpheline
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {81705D67-3F73-4983-859B-97D0922E5ABE} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O3 - Toolbar: (no name) - {66886C4D-B307-4ECA-A228-52CA9B9851A4} . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NeroCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- C:\Program Files\F-Secure\Common\FSM32.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - tnbutil.) -- C:\Program Files\F-Secure\TNB\TNBUtil.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl
O4 - HKLM\..\Run: [snpstd3] . (.Pas de propriétaire - CameraMonitor Application.) -- C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DiskeeperSystray] . (.Diskeeper Corporation - DKICON.EXE.) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
O4 - HKLM\..\Run: [ExtraFilmManager] . (.Spector Photo Group - ExtraFilm Manager.) -- C:\Program Files\ExtraFilm Designer FR\ExtraFilmManager.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-1547161642-329068152-1801674531-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage d'Office.lnk . (.Pas de propriétaire.) -- C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\F-Secure Automatic Update.lnk . (.F-Secure Automatic Update.) -- C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Recherche accélérée.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Démarrage\Lanceur.lnk . (.Micro Application.) -- C:\Program Files\Micro Application\LauncherMA.exe
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Reader 5.0.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\IncrediMail.lnk . (.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (.Pas de propriétaire.) -- C:\Program Files\Microsoft Office\Office\EXCEL.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (.Pas de propriétaire.) -- C:\Program Files\Microsoft Office\Office\WINWORD.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN Explorer.lnk . (.Pas de propriétaire.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\Jean-Marie\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Block this popup . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\F-Secure\Anti-Spyware\ieshieldh.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra 'Tools' menuitem: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} . (.not file.) - C:\Program Files\AIM95\aimres.dll
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.not file.) - C:\Program Files\Messenger\msmsgs.exe
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Service client pour le fournisseur NetWare et DLL d'authentification.) -- C:\WINDOWS\system32\nwprovau.dll
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.libertysurf.fr
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} (Image Uploader Control) - http://www.famicity.com/aurigma/ImageUploader6.cab
O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.fr/ExtraFilmUploader6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{95DB2980-09B2-46CD-BE24-B26652985079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{95DB2980-09B2-46CD-BE24-B26652985079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{95DB2980-09B2-46CD-BE24-B26652985079}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\Windows\System32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Pas de propriétaire - Pas de description.) -- WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\System32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {d9f6ce57-0718-4bd1-916f-5fb1f86911c2} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: (BackWeb Plug-in - 7681197) . (.F-Secure Automatic Update - F-Secure Automatic Update.) - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.exe
O23 - Service: (CachemanService) - Clé orpheline
O23 - Service: (Diskeeper) . (.Diskeeper Corporation - DKSERVICE.EXE.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corp. - fsgk32st.) - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: (fsbwsys) . (.F-Secure Corp. - fsbwsys.) - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - C:\Program Files\F-Secure\Common\FSMA32.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: (TermService) - Clé orpheline
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - "C:\Program Files\Microsoft Office\Office12\WINWORD.exe (.not file.)
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scheduled scanning task.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{73F4EF44-1A02-4C10-909D-F89E549BDA81}.job
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.7F84B27CDC44EF8502AF255239B1EBE7] [APT] [Scheduled scanning task] (.Pas de propriétaire.) -- C:\PROGRA~1\F-Secure\ANTI-V~1\fsav.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\amdk7.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\WINDOWS\system32\drivers\ws2ifsl.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 5.0
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Amelia Earhart - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119035737}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: C-Media WDM Audio Driver - (.Pas de propriétaire.) [HKLM] -- C-Media Audio Driver
O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon i250 - (.Pas de propriétaire.) [HKLM] -- CANONBJ_Deinstall_CNMCP50.DLL
O42 - Logiciel: Diner Dash 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111212843}
O42 - Logiciel: Diner Dash Flo on the Go - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}
O42 - Logiciel: Diskeeper Professional Edition - (.Diskeeper Corporation.) [HKLM] -- {DE4847A9-E86B-4BBB-B991-58C5ACA4FA04}
O42 - Logiciel: DivX Player - (.Pas de propriétaire.) [HKLM] -- DivX Player
O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.) [HKLM] -- EVEREST Home Edition_is1
O42 - Logiciel: ExtraFilm Designer FR - (.Pas de propriétaire.) [HKLM] -- ExtraFilmDesignerFR
O42 - Logiciel: F-Secure Anti-Virus Client Security - Analyse du courrier électronique - (.Pas de propriétaire.) [HKLM] -- F-Secure E-mail Scanning
O42 - Logiciel: F-Secure Anti-Virus Client Security - Analyse du trafic Web - (.Pas de propriétaire.) [HKLM] -- F-Secure Protocol Scanner
O42 - Logiciel: F-Secure Anti-Virus Client Security - Protection Internet - (.Pas de propriétaire.) [HKLM] -- F-Secure Internet Shield
O42 - Logiciel: F-Secure Anti-Virus Client Security - Protection antivirus et antispyware - (.Pas de propriétaire.) [HKLM] -- F-Secure Anti-Virus
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail
O42 - Logiciel: Java(TM) 6 Update 22 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216014FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: La légende de Papeeth - (.Pas de propriétaire.) [HKLM] -- {05707A15-308D-457F-81E6-4ECB925EF380}
O42 - Logiciel: LauncherMA - (.Micro Application.) [HKLM] -- {C06EFB22-B5DB-46C5-9215-BCB5C19C0858}
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MicroStaff WINASPI - (.Pas de propriétaire.) [HKLM] -- MWASPI
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Excel 97 - (.Pas de propriétaire.) [HKLM] -- Excel
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping
O42 - Logiciel: Microsoft Tool Web Package : EXCTRLST.EXE - (.Microsoft Corporation.) [HKLM] -- {B0650E3D-FDCA-4908-B74B-0CC1731BDB93}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wudf01005
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Word 97 - (.Pas de propriétaire.) [HKLM] -- Word8.0
O42 - Logiciel: Nero - Burning Rom - (.ahead software gmbh.) [HKLM] -- {A4D7B764-4140-11D4-88EB-0050DA3579C0}
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {1DED92A7-05FA-4736-8AEA-1BE2363F1036}
O42 - Logiciel: Nimo Codecs Pack v5.0 (Remove Only) - (.Pas de propriétaire.) [HKLM] -- NimoCorp
O42 - Logiciel: Orange Plug-in messagerie vocale 888 - (.Pas de propriétaire.) [HKLM] -- {16E79B1D-D1C2-4CA6-8B23-F4D890E0DCB9}
O42 - Logiciel: PhotoMail Maker - (.IncrediMail Ltd..) [HKLM] -- PhotoMail
O42 - Logiciel: PhotoMail Maker - (.Nom de votre société.) [HKLM] -- {75AE8014-1184-4BC0-B279-C879540719EE}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Excel 2007 (KB936509) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{A00724F5-82C4-4924-B707-0E5A84B52471}
O42 - Logiciel: Security Update for Office 2007 (KB934062) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{305D509B-F194-4638-9F0F-D9E4C05F9D33}
O42 - Logiciel: Security Update for Office 2007 (KB936514) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C7A78F7F-EF32-4477-BAD7-3439EA7571BF}
O42 - Logiciel: Security Update for Publisher 2007 (KB936646) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{A32E4BAF-6477-45FA-B8AB-E743FA8D63FF}
O42 - Logiciel: Security Update for the 2007 Microsoft Office System (KB936960) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
O42 - Logiciel: Update for Office 2007 (KB932080) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{EDC9CA29-6BC1-471C-828C-7A36109005D7}
O42 - Logiciel: Update for Office 2007 (KB934391) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{B3091818-7C56-4C45-BE7D-CA23027A5EA5}
O42 - Logiciel: Update for Office 2007 (KB934393) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}
O42 - Logiciel: Update for Outlook 2007 (KB937608) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{CBB2454D-193F-4523-8A31-FEB343B7C30E}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb944965) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{EA8C80AA-31D6-43F0-8CD8-CA85479A34F1}
O42 - Logiciel: Update for Word 2007 (KB934173) - (.Microsoft.) [HKLM] -- {91120000-0014-0000-0000-0000000FF1CE}_PROR_{C6A89125-5473-45E3-B413-ED8186437475}
O42 - Logiciel: Version d'évaluation de Microsoft Office Professional 2007 - (.Microsoft Corporation.) [HKLM] -- PROR
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service Pack
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Alterlab]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Artogon]
[HKCU\Software\Astar Games]
[HKCU\Software\Aurigma]
[HKCU\Software\Babylon]
[HKCU\Software\BackWeb]
[HKCU\Software\Big Fish Games, Inc.]
[HKCU\Software\Big Fish Games, Inc]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BigBlueBubble]
[HKCU\Software\Boolat Games]
[HKCU\Software\CDDB]
[HKCU\Software\CachemanXP]
[HKCU\Software\CatsEyeGames]
[HKCU\Software\City Interactive]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dekovir]
[HKCU\Software\Detective Stories: Hollywood]
[HKCU\Software\Digital River]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EEEZEE Products Ltd.]
[HKCU\Software\EPSON]
[HKCU\Software\Electronic Arts]
[HKCU\Software\ExtraFilm FotoFacil]
[HKCU\Software\ExtraFilmDesignerFR]
[HKCU\Software\F-Secure]
[HKCU\Software\Fugazo]
[HKCU\Software\GNU]
[HKCU\Software\GOG]
[HKCU\Software\Gabest]
[HKCU\Software\Game Mill]
[HKCU\Software\GameHouse]
[HKCU\Software\GameMill Entertaiment]
[HKCU\Software\GameXzone]
[HKCU\Software\Garmin]
[HKCU\Software\GoBit]
[HKCU\Software\Good games]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\INCAInternet]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\Intenium]
[HKCU\Software\IronCode]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\JetDogs Studios]
[HKCU\Software\JollyBear]
[HKCU\Software\Lavalys]
[HKCU\Software\LeaderTech]
[HKCU\Software\LightScribe]
[HKCU\Software\Ligos]
[HKCU\Software\Linksolutions]
[HKCU\Software\LostWorlds]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\MagiciansHandbook2ReleaseV1.2]
[HKCU\Software\MagiciansHandbookCursedValley]
[HKCU\Software\Margrave 2]
[HKCU\Software\Mediachance]
[HKCU\Software\Meridian93]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NarwhalGames]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\Oberon]
[HKCU\Software\OceanMedia]
[HKCU\Software\Outertech]
[HKCU\Software\Ovogame]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Royal Philips]
[HKCU\Software\Rumbic Studio]
[HKCU\Software\SAMSUNG]
[HKCU\Software\Sandlot Games]
[HKCU\Software\SecuROM]
[HKCU\Software\Sensaura]
[HKCU\Software\Shiny Tales]
[HKCU\Software\Silverback Productions]
[HKCU\Software\SpecialBit Games]
[HKCU\Software\Test3D]
[HKCU\Software\Textalk]
[HKCU\Software\Trolltech]
[HKCU\Software\ValuSoft]
[HKCU\Software\Valve]
[HKCU\Software\VirginMega]
[HKCU\Software\Wanadoo]
[HKCU\Software\WinRAR]
[HKCU\Software\XLab]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\Zlong games]
[HKCU\Software\Zylom]
[HKCU\Software\keyhole.com]
[HKLM\Software\781]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple]
[HKLM\Software\Audible]
[HKLM\Software\Aureal]
[HKLM\Software\BVRP]
[HKLM\Software\BackWeb]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C-Media]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CachemanXP]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Data Fellows]
[HKLM\Software\DelphineSoft]
[HKLM\Software\Diskeeper Corporation]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EPSON]
[HKLM\Software\Electronic Arts]
[HKLM\Software\EliaShim]
[HKLM\Software\F-Secure]
[HKLM\Software\GNU]
[HKLM\Software\Garmin]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KALISTO Entertainment]
[HKLM\Software\Katana]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\LocalSoftware]
[HKLM\Software\MDC]
[HKLM\Software\Macromedia]
[HKLM\Software\MetaStream]
[HKLM\Software\Micro Application]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Nokia]
[HKLM\Software\Novell]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Opendisc]
[HKLM\Software\Orange]
[HKLM\Software\Outertech]
[HKLM\Software\PCSuite]
[HKLM\Software\Patchou]
[HKLM\Software\PlayFirst]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Reflexive Entertainment]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SONIX]
[HKLM\Software\Samsung]
[HKLM\Software\Sandlot Games]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sensaura]
[HKLM\Software\Silicon Graphics]
[HKLM\Software\Silver]
[HKLM\Software\Skunkstudios]
[HKLM\Software\SoftShape]
[HKLM\Software\Springfield]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\Trymedia Systems]
[HKLM\Software\Unisys Corporation]
[HKLM\Software\VIA Technologies, INC.]
[HKLM\Software\Via4in1Driver]
[HKLM\Software\WINDOWS]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Yahoo]
[HKLM\Software\c0b]
[HKLM\Software\iWin]
---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)
O43 - CFD: 23/12/2008 - 20:19:32 ----D- C:\Program Files\Adobe
O43 - CFD: 29/07/2004 - 13:35:34 ----D- C:\Program Files\Ahead
O43 - CFD: 02/12/2009 - 08:34:12 ----D- C:\Program Files\CCleaner
O43 - CFD: 22/09/2009 - 19:07:26 ----D- C:\Program Files\Common files
O43 - CFD: 04/03/2010 - 20:29:22 ----D- C:\Program Files\DIFX
O43 - CFD: 18/08/2004 - 10:22:32 ----D- C:\Program Files\directx
O43 - CFD: 22/09/2008 - 08:13:56 ----D- C:\Program Files\Diskeeper Corporation
O43 - CFD: 28/10/2010 - 18:32:54 ----D- C:\Program Files\DivX
O43 - CFD: 03/10/2010 - 09:29:38 ----D- C:\Program Files\ExtraFilm Designer FR
O43 - CFD: 21/01/2008 - 22:00:26 ----D- C:\Program Files\F-Secure
O43 - CFD: 25/10/2010 - 18:11:46 ----D- C:\Program Files\Fichiers communs
O43 - CFD: 31/10/2007 - 15:44:14 ----D- C:\Program Files\GameSpy Arcade
O43 - CFD: 25/10/2010 - 18:01:22 ----D- C:\Program Files\Google
O43 - CFD: 14/11/2010 - 18:39:58 ----D- C:\Program Files\Incredijeux
O43 - CFD: 09/11/2010 - 20:06:32 ----D- C:\Program Files\IncrediMail
O43 - CFD: 25/10/2010 - 18:16:42 --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/10/2010 - 22:06:14 ----D- C:\Program Files\Internet Explorer
O43 - CFD: 31/10/2010 - 15:30:32 ----D- C:\Program Files\Java
O43 - CFD: 28/11/2010 - 10:41:36 ----D- C:\Program Files\Lavalys
O43 - CFD: 25/10/2010 - 17:51:34 ----D- C:\Program Files\Micro Application
O43 - CFD: 07/12/2007 - 21:49:32 ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 29/07/2004 - 13:37:16 ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 10/03/2008 - 16:22:26 ----D- C:\Program Files\Microsoft Office
O43 - CFD: 24/02/2008 - 20:31:36 ----D- C:\Program Files\Microsoft Works
O43 - CFD: 10/08/2010 - 21:25:16 ----D- C:\Program Files\Movie Maker
O43 - CFD: 28/10/2010 - 18:33:50 ----D- C:\Program Files\MSECACHE
O43 - CFD: 29/07/2004 - 11:44:40 ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 28/12/2007 - 00:22:42 ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 27/12/2007 - 11:28:58 ----D- C:\Program Files\Nero
O43 - CFD: 05/09/2008 - 18:57:40 ----D- C:\Program Files\NetMeeting
O43 - CFD: 26/11/2008 - 19:50:24 ----D- C:\Program Files\NimoCodec Pack
O43 - CFD: 14/11/2010 - 18:39:58 ----D- C:\Program Files\Oberon Media
O43 - CFD: 07/05/2009 - 18:31:40 ----D- C:\Program Files\OpenOffice.org 2.4
O43 - CFD: 31/10/2010 - 14:34:10 ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 01/12/2008 - 19:31:48 ----D- C:\Program Files\Orange
O43 - CFD: 12/05/2010 - 22:21:44 ----D- C:\Program Files\Outlook Express
O43 - CFD: 25/10/2010 - 18:14:46 ----D- C:\Program Files\PC Inspector File Recovery
O43 - CFD: 27/07/2010 - 18:31:42 ----D- C:\Program Files\PhotoMail Maker
O43 - CFD: 02/04/2007 - 18:29:24 ----D- C:\Program Files\Real
O43 - CFD: 20/07/2009 - 20:48:48 ----D- C:\Program Files\Resource Kit
O43 - CFD: 29/07/2004 - 11:46:36 ----D- C:\Program Files\Services en ligne
O43 - CFD: 28/11/2010 - 10:50:24 ----D- C:\Program Files\Trend Micro
O43 - CFD: 25/05/2009 - 09:05:54 --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 29/07/2004 - 13:31:16 ----D- C:\Program Files\VIA Technologies, INC
O43 - CFD: 26/11/2008 - 19:50:26 ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 26/11/2008 - 19:50:26 ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/09/2008 - 18:57:34 ----D- C:\Program Files\Windows NT
O43 - CFD: 27/09/2004 - 11:57:32 --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 23/09/2007 - 11:55:04 ----D- C:\Program Files\WinRAR
O43 - CFD: 29/07/2004 - 11:48:10 ----D- C:\Program Files\xerox
O43 - CFD: 28/10/2010 - 18:34:24 ----D- C:\Program Files\Yahoo!
O43 - CFD: 28/11/2010 - 11:05:38 ----D- C:\Program Files\ZHPDiag
O43 - CFD: 22/09/2009 - 19:07:26 ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 07/09/2004 - 08:57:14 ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 26/11/2008 - 19:47:08 ----D- C:\ProgramData\Electronic Arts
O43 - CFD: 22/09/2009 - 19:07:26 ----D- C:\Program Files\Common Files\INCA Shared
O43 - CFD: 07/09/2004 - 08:57:14 ----D- C:\Program Files\Common Files\Microsoft Shared
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 09:57:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1661042]
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 09:52:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/11/2010 - 09:51:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 09:51:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.76374767D8DC64C012060F4D03F33303] - 28/11/2010 - 09:51:45 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\FFASTLOG.TXT [22546]
O44 - LFC:[MD5.C479040068A083295A63949BB973CA29] - 28/11/2010 - 09:51:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2262]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 28/11/2010 - 09:51:38 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.8CEE1200F915817C00FCFD7F60EF1200] - 28/11/2010 - 00:00:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32442]
O44 - LFC:[MD5.E1ED400DAEA986FA3BB3179BD3675D3E] - 27/11/2010 - 23:12:37 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [1212]
O44 - LFC:[MD5.B9D8C0D5075352DEA4006D1AB0CA51F7] - 22/11/2010 - 21:45:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ArtGalry.cag [33792]
O44 - LFC:[MD5.DCC78B14C94A442C60981A7095B4A730] - 17/11/2010 - 18:57:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.DA48A8825DFF47E934B93B691A48C538] - 31/10/2010 - 17:58:38 -SHA- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\Thumbs.db [7680]
O44 - LFC:[MD5.14531B4D479E8E2F83933C193C5AD32A] - 31/10/2010 - 15:30:32 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\JavaRa.log [604]
O44 - LFC:[MD5.54438A2DF62B0074F2202B5A85485550] - 31/10/2010 - 14:54:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\EPPRTDRV.CAB [288201]
O44 - LFC:[MD5.283BF4227D017F9B7474BEE09D53F8CD] - 31/10/2010 - 14:54:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\EPSMTL32.TXT [31]
O44 - LFC:[MD5.6A12051B7A24F58CE544B775849B00CD] - 31/10/2010 - 14:54:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\EPSETUP.CAB [443573]
O44 - LFC:[MD5.6786F7FFB2EF285FAB2DC906772E4859] - 31/10/2010 - 14:54:55 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\eps_icon.avi [8284]
O44 - LFC:[MD5.0F5F17A14F3B0CBACCD437C81BD3253F] - 31/10/2010 - 08:15:59 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [330928]
O44 - LFC:[MD5.4B6666296BAFA075C3CCA553DB9269AC] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [738488]
O44 - LFC:[MD5.7DE48664B68CB83C0A8D229CAA57172D] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [39992]
O44 - LFC:[MD5.B2650F0FE478D2F357C107EED53C4DC5] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [48616]
O44 - LFC:[MD5.785C0F232B6948E02585EF0D8FF70DA7] - 31/10/2010 - 08:15:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [311604]
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImApp.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\IncMail.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImpCnt.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Jean-Marie\Local Settings\Temporary Internet Files\Content.IE5\C0IXKTE5\incredimail_install[1].exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Geste\Local Settings\Temporary Internet Files\Content.IE5\CRWVYX2J\incredimail_install[1].exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.icd" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Jean-Marie\Local Settings\Temporary Internet Files\Content.IE5\WP23C5MN\incredimail_install[1].exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Yahoo!\Messenger\YServer.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Freeplayer\vlc\vlc.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\HomePlayer\HomePlayer.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Valve\czero.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Electronic Arts\EADM\Core.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Ahead\Nero Web\SetupX.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export DP - "C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\MSN Messenger\livecall.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) -- C:\Program Files\MSN Messenger\livecall.exe
---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{15d51b9b-27b9-11df-9b01-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- F:\Launcher.exe (.not file.)
O51 - MPSK:{4124aaba-5871-11df-9b4c-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\http:\\www.garmin.com\agent (.not file.)
O51 - MPSK:{a7994e8e-8245-11dc-95c5-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\Autorun.exe (.not file.)
O51 - MPSK:{e6f7d0c5-d3f1-11dd-98a2-005070e52d0b}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- E:\LaunchU3.exe (.not file.)
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll"
A voir également:
- SVP analyse log ZHPDiag
- Zhpdiag - Télécharger - Informations & Diagnostic
- Analyse disque dur - Télécharger - Informations & Diagnostic
- Analyse performance pc - Guide
- Analyse batterie pc - Guide
- Analyse composant pc - Guide
1 réponse
Utilisateur anonyme
28 nov. 2010 à 11:30
28 nov. 2010 à 11:30
Bonjour
Ton rapport n'est pas complet.
Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Ton rapport n'est pas complet.
Héberge le rapport ZHPDiag.txt sur le site cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
