Virus sur mon PC

Bonjour,



Si je viens demander c'es parce que la raison est simple mon PC est infecté de virus depuis que je n'ai plus d'antivirus donc j'aimerais de l'aide qvp et des conseils voila déja le rapprt ZHPDIAG :
Rapport de ZHPDiag v1.27.1505 par Nicolas Coolman, Update du 21/01/2011
Run by SI ALLAL at 22/01/2011 10:59:41
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v6.0.2900.5512 (Defaut)
MFIE: Mozilla Firefox v3.6.9 (fr)
GCIE: Google Chrome v4.0.249.78

---\\ System Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Processor: x86 Family 15 Model 4 Stepping 1, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1022 MB (30% free)
System Restore: Activé (Enable)
System drive H: has 67 GB (52%) free of 128 GB

---\\ Logged in mode
Computer Name: ZOUBIR
User Name: SI ALLAL
All Users Names: SUPPORT_388945a0, SI ALLAL, Mr ZOUBIR, HelpAssistant, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=%USERPROFILE%\Application Data
%LocalAppData%=%USERPROFILE%\Local Settings\Application Data
%StartMenu%=%USERPROFILE%\Menu Démarrer

---\\ DOS/Devices
C:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 67 Go of 128 Go)


---\\ Security Center & Tools Informations


---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.29/12/2010 19:46:23.) -- H:\Windows\Explorer.exe [1037824]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 19:34:30.) -- H:\Windows\System32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 11:40:32.) -- H:\Windows\System32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 12:15:54.) -- H:\Windows\System32\drivers\ntfs.sys [574976]


---\\ Processus lancés
[MD5.018857EAD9A077A56AEDFC0E5EF7A24A] - (.Apple Inc. - MobileDeviceService.) -- H:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- H:\Program Files\Bonjour\mDNSResponder.exe [345376]
[MD5.D1261099E03EEE90976EA19002995B89] - (.France Telecom - FTRTSVC NT Service.) -- H:\WINDOWS\System32\FTRTSVC.exe [40960]
[MD5.74E30A41CDCF331C74BC4D97BE40CC5B] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- H:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.F96DF45CFBDC670584293E03C2AB602A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.1.) -- H:\WINDOWS\System32\nvsvc32.exe [163908]
[MD5.D358E077A0A05D9B12DA22D137EE8464] - (.Microsoft Corp. - Microsoft SeaPort Search Enhancement Broker.) -- H:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [226656]
[MD5.ED78DFAD8EFCDFBC89500492C4D14645] - (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\PAStiSvc.exe [53248]
[MD5.F0ED1200E915817C00ECFD7FC4EE1200] - (.Pas de propriétaire - Pas de description.) -- H:\Documents and Settings\SI ALLAL.ZOUBIR\Application Data\dwm.exe [182272]
[MD5.F0ED1200E915817C00ECFD7FC4EE1200] - (.Pas de propriétaire - Pas de description.) -- H:\Documents and Settings\SI ALLAL.ZOUBIR\Application Data\Microsoft\conhost.exe [172032]
[MD5.F0ED1200E915817C00ECFD7FC4EE1200] - (.Pas de propriétaire - Pas de description.) -- H:\DOCUME~1\SIALLA~1.ZOU\LOCALS~1\Temp\csrss.exe [191488]
[MD5.39D2FA287043C9ADE5B2E740918BDDEC] - (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\userini.exe [27648]
[MD5.64AF820625184AD1C2028655376AB055] - (.Pas de propriétaire - Pas de description.) -- H:\Program Files\TOPRO\TPPOLL.EXE [24576]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\RUNDLL32.EXE [33792]
[MD5.F9710A77123CC3FD09D062F2AF33E473] - (.France Télécom R&D - Gestion de l'icône de la barre des tâches.) -- H:\PROGRA~1\Wanadoo\TaskBarIcon.exe [61440]
[MD5.8F68978102E198DEA7C11C7137453DE6] - (.BTC - KeyMaestro main program.) -- H:\Program Files\KMaestro\KMaestro.exe [286720]
[MD5.2DFCB2393528446AEB9FB861A8FC39AB] - (.Apple Inc. - iTunesHelper.) -- H:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.3996AB635B3F87D708BC9DE4FE49ADEC] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- H:\WINDOWS\SOUNDMAN.EXE [90112]
[MD5.AECBBD99F06C11302B0C53758F89ACDB] - (.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- H:\Program Files\Shareaza\Shareaza.exe [4574208]
[MD5.AFA1F8CC076AB0462512A78473D86D53] - (.BitTorrent, Inc. - DNA.) -- H:\Program Files\DNA\btdna.exe [323392]
[MD5.20A098A4D12E49342228D3AFE98EAFDF] - (.Microsoft Corporation - Windows Live Toolbar User Elevation Helper.) -- H:\Program Files\Windows Live\Toolbar\wltuser.exe [223584]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- H:\Documents and Settings\SI ALLAL.ZOUBIR\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680]
[MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- H:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000]
[MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- H:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368]
[MD5.0CA8C2E721617AA2F923A8151C96FB33] - (.Apple Inc. - iPodService Module (32-bit).) -- H:\Program Files\iPod\bin\iPodService.exe [820008]
[MD5.E90C6945764B047620E601B033515E74] - (.Secure Digital Services Limited - OfferBox.) -- H:\Program Files\OfferBox\OfferBox.exe [1966936]
[MD5.643FDE8B9E600F4DE85BBA8C653F9B25] - (.Google Inc. - Google Chrome.) -- H:\Documents and Settings\SI ALLAL.ZOUBIR\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [527344]
[MD5.B01CCC01F565A057BBCD85FE4E25C2B1] - (.Microsoft Corporation - Microsoft Application Error Reporting.) -- H:\WINDOWS\system32\dwwin.exe [180224]
[MD5.CFCE7E6564A227CCE970882C2CF207E1] - (.Nicolas Coolman - Diagnostic Tool.) -- H:\Program Files\ZHPDiag\ZHPDiag.exe [623616]


---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- H:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- H:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.3.3".) -- H:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- H:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- H:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- H:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- H:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- H:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- H:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- H:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16260.) -- H:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent(TM).) -- H:\Program Files\DNA\plugins\npbtdna.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX® Web Player.) -- H:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- H:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- H:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 3.0.40624.0.) -- h:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- H:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll


---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:58283
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - SearchPageURL Module.) (1, 0, 0, 1) -- H:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} . (.Pas de propriétaire - Pas de description.) (No version) -- H:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) (2008, 7, 28, 01) -- H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Bibliothèque d'objets et de contrôles de do.) (No version) -- %SystemRoot%\System32\shdocvw.dll
R3 - URLSearchHook: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.3.0) -- H:\Program Files\Messenger_Plus_Live_France\tbMes1.dll


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=H:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} . (.Shareaza Development Team - Shareaza Web Download Hook.) -- H:\Program Files\Shareaza\RazaWebHook32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- H:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- H:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: Messenger Plus Live France - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- H:\Program Files\Messenger_Plus_Live_France\tbMes1.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- H:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- H:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- H:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- H:\Program Files\OfferBox\OfferBoxBHO.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- H:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- H:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Messenger Plus Live France Toolbar - {59994074-c06d-4a75-9768-49e5a8c21264} . (.Conduit Ltd. - Conduit Toolbar.) -- H:\Program Files\Messenger_Plus_Live_France\tbMes1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- H:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- H:\Program Files\ConduitEngine\ConduitEngin0.dll


---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [WOOWATCH] . (.France Télécom R&D - Surveillance des modifications.) -- H:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] . (.France Télécom R&D - Gestion des mises à jour.) -- H:\PROGRA~1\Wanadoo\GestMaj.exe
O4 - HKLM\..\Run: [TPPOLL] . (.Pas de propriétaire - Pas de description.) -- H:\Program Files\TOPRO\TPPOLL.exe
O4 - HKLM\..\Run: [nwiz] . (.Pas de propriétaire - Pas de description.) -- H:\Windows\System32\nwiz.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- H:\WINDOWS\System32\NvMcTray.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- H:\WINDOWS\System32\NvCpl.dll
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [F-Secure TNB] . (.F-Secure Corporation - tnbutil.) -- H:\Program Files\AntivirusFirewall\FSGUI\TNBUtil.exe
O4 - HKLM\..\Run: [F-Secure Manager] . (.F-Secure Corporation - F-Secure Settings and Statistics.) -- H:\Program Files\AntivirusFirewall\Common\FSM32.exe
O4 - HKLM\..\Run: [BtcMaestro] . (.BTC - KeyMaestro main program.) -- H:\Program Files\KMaestro\KMaestro.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- H:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- H:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- H:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- H:\Windows\SOUNDMAN.exe
O4 - HKLM\..\Run: [userini] . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\userini.exe
O4 - HKLM\..\Run: [conhost] . (.Pas de propriétaire - Pas de description.) -- H:\Documents and Settings\SI ALLAL.ZOUBIR\Application Data\Microsoft\conhost.exe
O4 - HKCU\..\Run: [Shareaza] . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- H:\Program Files\Shareaza\Shareaza.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- H:\Program Files\DNA\btdna.exe
O4 - HKCU\..\Run: [userini] . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\userini.exe
O4 - HKLM\..\policies\Explorer\Run: [userini] . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\userini.exe
O4 - HKCU\..\policies\Explorer\Run: [userini] . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\userini.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-842925246-1383384898-682003330-1006\..\Run: [Shareaza] . (.Shareaza Development Team - Shareaza Ultimate File Sharing.) -- H:\Program Files\Shareaza\Shareaza.exe
O4 - HKUS\S-1-5-21-842925246-1383384898-682003330-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-842925246-1383384898-682003330-1006\..\Run: [BitTorrent DNA] . (.BitTorrent, Inc. - DNA.) -- H:\Program Files\DNA\btdna.exe
O4 - HKUS\S-1-5-21-842925246-1383384898-682003330-1006\..\Run: [userini] . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\system32\userini.exe


---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: H:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (.Pas de propriétaire.) -- H:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A93000000001}\SC_Reader.ico
O4 - Global Startup: H:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (.Pas de propriétaire.) -- H:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: H:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN Explorer.lnk . (.Microsoft Corporation.) -- H:\Program Files\MSN\MSNCoreFiles\msn6.exe
O4 - Global Startup: H:\Documents And Settings\All Users\Menu Démarrer\Programmes\Navigateur OfferBox.lnk . (.Secure Digital Services Limited.) -- H:\Program Files\OfferBox\OfferBoxLauncher.exe
O4 - Global Startup: H:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Pas de propriétaire.) -- H:\WINDOWS\Installer\{6E127288-02BD-4DB8-B46B-D9B2BB3C268C}\MsblIco.Exe
O4 - Global Startup: H:\Documents And Settings\SI ALLAL\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- H:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: H:\Documents And Settings\SI ALLAL\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- H:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - Global Startup: H:\Documents And Settings\SI ALLAL\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- H:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: H:\Documents And Settings\SI ALLAL\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- H:\Program Files\Outlook Express\msimn.exe


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Download with &Shareaza . (.Shareaza Development Team - Shareaza Web Download Hook.) -- H:\Program Files\Shareaza\RazaWebHook32.dll


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @H:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- H:\Program Files\Messenger\MSMSGS.exe


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- H:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- H:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- H:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- H:\Program Files\Bonjour\mdnsNSP.dll


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{10A95058-CF09-4789-A59C-923C66917057}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{10A95058-CF09-4789-A59C-923C66917057}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- H:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- H:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- H:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- H:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- H:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\Windows\System32\wlnotify.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- H:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- H:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- H:\WINDOWS\System32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- H:\WINDOWS\System32\stobject.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- H:\WINDOWS\System32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - H:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation - F-Secure Anti-Virus Scanning Service.) - H:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: (FSMA) . (.F-Secure Corporation - F-Secure Management Agent.) - H:\Program Files\AntivirusFirewall\Common\FSMA32.exe
O23 - Service: (FTRTSVC) . (.France Telecom - FTRTSVC NT Service.) - H:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.1.) - H:\WINDOWS\System32\nvsvc32.exe
O23 - Service: (STI Simulator) . (.Pas de propriétaire - Pas de description.) - H:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: (usbstore) . (.Pas de propriétaire - Pas de description.) - h:\windows\system32\usbrv32.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - H:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - H:\WINDOWS\Tasks\Scheduled scanning task.job
O39 - APT:Automatic Planified Task - H:\WINDOWS\Tasks\SesamTVMC.job


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - H:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - H:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (F-Secure HIPS) . (.F-Secure Corporation - F-Secure HIPS 32-bit Driver.) - H:\Program Files\AntivirusFirewall\HIPS\drivers\fshs.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - H:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - H:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - H:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - H:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - H:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - H:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - H:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - H:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - H:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - H:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - H:\Windows\System32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - H:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - H:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - H:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - H:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - H:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - H:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - H:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - H:\WINDOWS\system32\drivers\vga.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Analyseur MSXML 6.0 - (.Microsoft Corporation.) [HKLM] -- {CEEE4B46-D156-44B9-91A6-4DF113C79DE9}
O42 - Logiciel: AntiVirus Firewall - (.Pas de propriétaire.) [HKLM] -- F-Secure Product 440
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: ArcSoft WebCam Companion - (.ArcSoft.) [HKLM] -- {BCCC3103-466C-41FA-A162-79E0CC7E9337}
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CamMaestro 3.01 DU PC Camera - (.Teconet.) [HKLM] -- InstallShield_{61AC5D41-DFA1-47BF-A6A8-4762FA8FBBDE}
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-040C-0000-0000000FF1CE}
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine
O42 - Logiciel: Conseiller de mise à niveau Windows Vista - (.Microsoft Corporation.) [HKLM] -- {85AFD3AA-4AAF-4A6F-B3E1-C47252AB0378}
O42 - Logiciel: DNA - (.BitTorrent Inc..) [HKCU] -- BitTorrent DNA
O42 - Logiciel: DivX - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Favorit (oiqks) - (.Pas de propriétaire.) [HKLM] -- oiqks
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Gestionnaire Internet - (.Pas de propriétaire.) [HKLM] -- GestionnaireInternet.exe
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Java(TM) 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF}
O42 - Logiciel: Java(TM) 6 Update 2 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160020}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: KeyMaestro Input Device Driver V2.2.1-155AU MUL - (.Pas de propriétaire.) [HKLM] -- BtcMaestro
O42 - Logiciel: LimeWire 5.1.3 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}
O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live
O42 - Logiciel: Messenger_Plus_Live_France Toolbar - (.Pas de propriétaire.) [HKLM] -- Messenger_Plus_Live_France Toolbar
O42 - Logiciel: Microsoft .NET Framework 2.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Movies2iPhone 1.24 for Windows - (.OKprods Ltd.) [HKLM] -- Movies2iPhone
O42 - Logiciel: Mozilla Firefox (3.6.9) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.9)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Navigateur Orange - (.Pas de propriétaire.) [HKLM] -- FranceTelecomUninstall_FTBrowser
O42 - Logiciel: Nero Suite - (.Pas de propriétaire.) [HKLM] -- NeroMultiInstaller!UninstallKey
O42 - Logiciel: NetWorkingWizard_ICM - (.Samsung.) [HKLM] -- {4CFFAEC0-1F2A-4D38-8D95-3995A936ADD9}
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: OfferBox Browser - (.Secure Digital Services Limited.) [HKLM] -- OfferBox Browser
O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D}
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: SAMSUNG Mobile Modem V2 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem V2
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: SesamTV Media Center - (.Pas de propriétaire.) [HKLM] -- Navigator
O42 - Logiciel: Shareaza 2.5.2.0 - (.Shareaza Development Team.) [HKLM] -- Shareaza_is1
O42 - Logiciel: ShopperReports - (.ShopperReports.) [HKLM] -- ShoppingReport
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: USB PC Camera Driver - (.Pas de propriétaire.) [HKLM] -- {6FCB49E0-C0FF-11D7-A015-00055DF4E7AC}
O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {9D6524E6-15CF-4852-BF70-04FE973A3DE1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: Windows Messenger 5.1 - (.Microsoft Corporation.) [HKLM] -- {6E127288-02BD-4DB8-B46B-D9B2BB3C268C}
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: YouTube Downloader Suite V2.4.4 - (.Apowersoft.) [HKLM] -- {3FF2F54D-FA3A-406F-9F9E-6CDD95B9A1A9}_is1
O42 - Logiciel: aMSN 0.97.2 - (.Pas de propriétaire.) [HKLM] -- aMSN
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\(null)]
[HKCU\Software\ALWIL Software]
[HKCU\Software\Adobe]
[HKCU\Software\AntiMalware]
[HKCU\Software\AppDataLow\AskSA]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\BackWeb]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ConduitEngine]
[HKCU\Software\Conduit]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\F-Secure]
[HKCU\Software\FRANCE TELECOM]
[HKCU\Software\Google]
[HKCU\Software\HookNetwork]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Messenger_Plus_Live_France]
[HKCU\Software\Monitored]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\OfferBox]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Patchou]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PriceGong]
[HKCU\Software\SAMSUNG]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Sesam.tv]
[HKCU\Software\Shareaza]
[HKCU\Software\Softonic]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\aMSN]
[HKCU\Software\ahead]
[HKCU\Software\cybelsoft]
[HKCU\Software\settings]
[HKLM\Software\0D30E5DBBD676AB64B04128F1D5488E6]
[HKLM\Software\2B9EC021-C823-4f3d-9752-C18522DB7D98]
[HKLM\Software\ALWIL Software]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AntiMalware]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\AskBarDis]
[HKLM\Software\BitTorrent]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Contrôle Parental]
[HKLM\Software\Data Fellows]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\FDEInstaller]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Hot-TV]
[HKLM\Software\Hot-TV]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Magnet]
[HKLM\Software\Malware Defense]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Messenger Plus!]
[HKLM\Software\Messenger_Plus_Live_France]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OfferBox]
[HKLM\Software\OpenCandy NSIS SDK]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Patchou]
[HKLM\Software\Pinnacle Systems]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3R521]
[HKLM\Software\SECURITOO]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sesam.tv]
[HKLM\Software\Shareaza]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Thomson]
[HKLM\Software\Topro]
[HKLM\Software\TrendMicro]
[HKLM\Software\Trolltech]
[HKLM\Software\Uniblue]
[HKLM\Software\VideoLAN]
[HKLM\Software\WINDOWS]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Yahoo]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]


---\\ Contenu des dossiers ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/04/2010 - 09:49:10 ----D- H:\Program Files\Adobe
O43 - CFD: 12/11/2006 - 22:23:42 ----D- H:\Program Files\Ahead
O43 - CFD: 15/08/2010 - 21:21:44 ----D- H:\Program Files\Alwil Software
O43 - CFD: 02/10/2009 - 20:48:08 ----D- H:\Program Files\aMSN
O43 - CFD: 12/10/2009 - 18:18:08 ----D- H:\Program Files\AntivirusFirewall
O43 - CFD: 19/01/2011 - 20:30:58 ----D- H:\Program Files\Apowersoft
O43 - CFD: 11/11/2010 - 20:54:56 ----D- H:\Program Files\Apple Software Update
O43 - CFD: 12/11/2006 - 22:34:02 ----D- H:\Program Files\ArcSoft
O43 - CFD: 31/12/2010 - 00:18:10 ----D- H:\Program Files\Ask Search Assistant
O43 - CFD: 11/11/2010 - 20:54:32 ----D- H:\Program Files\Bonjour
O43 - CFD: 12/11/2006 - 22:33:30 ----D- H:\Program Files\CamMaestro 3.01 DU PC Camera
O43 - CFD: 21/04/2008 - 20:43:42 ----D- H:\Program Files\CAPCOM
O43 - CFD: 21/02/2009 - 15:23:58 ----D- H:\Program Files\CCleaner
O43 - CFD: 16/09/2009 - 18:33:32 ----D- H:\Program Files\Circle Developemen
O43 - CFD: 12/11/2006 - 21:01:34 ----D- H:\Program Files\ComPlus Applications
O43 - CFD: 15/05/2010 - 20:46:58 ----D- H:\Program Files\Conduit
O43 - CFD: 08/11/2010 - 22:44:34 ----D- H:\Program Files\ConduitEngine
O43 - CFD: 13/10/2007 - 08:01:26 ----D- H:\Program Files\Controle Parental
O43 - CFD: 16/09/2009 - 18:30:18 ----D- H:\Program Files\Crcle Developement
O43 - CFD: 01/11/2007 - 17:58:42 ----D- H:\Program Files\DivX
O43 - CFD: 22/01/2011 - 10:45:08 ----D- H:\Program Files\DNA
O43 - CFD: 05/08/2009 - 10:08:54 ----D- H:\Program Files\Dusco
O43 - CFD: 06/09/2009 - 19:51:40 ----D- H:\Program Files\eMule
O43 - CFD: 09/11/2010 - 19:57:20 ----D- H:\Program Files\Fichiers communs
O43 - CFD: 16/08/2010 - 00:43:14 ----D- H:\Program Files\Incomplete
O43 - CFD: 06/12/2010 - 18:42:42 --H-D- H:\Program Files\InstallShield Installation Information
O43 - CFD: 10/11/2010 - 14:44:28 ----D- H:\Program Files\Internet Explorer
O43 - CFD: 12/10/2007 - 19:31:04 ----D- H:\Program Files\Inventel
O43 - CFD: 27/11/2010 - 22:48:00 ----D- H:\Program Files\iPod
O43 - CFD: 27/11/2010 - 22:48:24 ----D- H:\Program Files\iTunes
O43 - CFD: 08/04/2010 - 10:02:10 ----D- H:\Program Files\Java
O43 - CFD: 14/01/2010 - 18:36:04 ----D- H:\Program Files\JRE
O43 - CFD: 11/06/2009 - 11:45:30 ----D- H:\Program Files\KMaestro
O43 - CFD: 20/08/2009 - 17:26:28 ----D- H:\Program Files\LimeWire
O43 - CFD: 19/11/2006 - 11:37:54 ----D- H:\Program Files\LucasArts
O43 - CFD: 17/11/2010 - 15:34:08 ----D- H:\Program Files\ma-config.com
O43 - CFD: 10/11/2010 - 14:40:10 ----D- H:\Program Files\Messenger
O43 - CFD: 31/12/2010 - 00:18:26 ----D- H:\Program Files\Messenger Plus! Live
O43 - CFD: 08/11/2010 - 22:44:34 ----D- H:\Program Files\Messenger_Plus_Live_France
O43 - CFD: 02/02/2010 - 20:59:28 ----D- H:\Program Files\Microsoft
O43 - CFD: 12/11/2006 - 21:03:34 ----D- H:\Program Files\microsoft frontpage
O43 - CFD: 15/08/2010 - 00:16:08 ----D- H:\Program Files\Microsoft Silverlight
O43 - CFD: 14/08/2010 - 22:42:50 ----D- H:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 15/08/2010 - 00:12:40 ----D- H:\Program Files\Microsoft Sync Framework
O43 - CFD: 15/08/2010 - 14:06:34 ----D- H:\Program Files\Microsoft Windows Vista Upgrade Advisor
O43 - CFD: 10/11/2010 - 14:39:48 ----D- H:\Program Files\Movie Maker
O43 - CFD: 06/01/2011 - 21:48:52 ----D- H:\Program Files\Movies2iPhone
O43 - CFD: 21/01/2011 - 21:33:04 ----D- H:\Program Files\Mozilla Firefox
O43 - CFD: 09/10/2010 - 17:45:52 ----D- H:\Program Files\MSECache
O43 - CFD: 07/05/2007 - 19:16:44 ----D- H:\Program Files\MSN
O43 - CFD: 12/11/2006 - 21:00:58 ----D- H:\Program Files\MSN Gaming Zone
O43 - CFD: 05/01/2010 - 19:13:58 ----D- H:\Program Files\Navilog1
O43 - CFD: 10/11/2010 - 14:38:12 ----D- H:\Program Files\NetMeeting
O43 - CFD: 06/01/2010 - 21:11:00 ----D- H:\Program Files\NOS
O43 - CFD: 31/12/2010 - 00:18:34 ----D- H:\Program Files\OfferBox
O43 - CFD: 14/01/2010 - 18:36:02 ----D- H:\Program Files\OpenOffice.org 3
O43 - CFD: 10/11/2010 - 14:38:10 ----D- H:\Program Files\Outlook Express
O43 - CFD: 16/08/2010 - 00:43:14 ----D- H:\Program Files\PersonalSec
O43 - CFD: 11/11/2010 - 20:55:36 ----D- H:\Program Files\QuickTime
O43 - CFD: 18/11/2006 - 21:33:28 ----D- H:\Program Files\Realtek AC97
O43 - CFD: 06/12/2010 - 18:42:42 ----D- H:\Program Files\Samsung
O43 - CFD: 21/04/2008 - 20:41:00 ----D- H:\Program Files\Saxo
O43 - CFD: 12/11/2006 - 21:01:10 ----D- H:\Program Files\Services en ligne
O43 - CFD: 28/06/2010 - 19:47:12 ----D- H:\Program Files\Shareaza
O43 - CFD: 21/04/2008 - 20:40:52 ----D- H:\Program Files\ShoppingReport
O43 - CFD: 21/01/2011 - 22:01:46 ----D- H:\Program Files\Spybot - Search & Destroy
O43 - CFD: 05/08/2009 - 10:26:50 ----D- H:\Program Files\Topro
O43 - CFD: 15/08/2010 - 16:25:42 ----D- H:\Program Files\Uniblue
O43 - CFD: 12/11/2006 - 21:07:30 --H-D- H:\Program Files\Uninstall Information
O43 - CFD: 12/11/2006 - 22:26:20 ----D- H:\Program Files\VideoLAN
O43 - CFD: 29/11/2010 - 12:25:24 ----D- H:\Program Files\Wanadoo
O43 - CFD: 15/08/2010 - 00:15:14 ----D- H:\Program Files\Windows Live
O43 - CFD: 02/02/2010 - 20:59:10 ----D- H:\Program Files\Windows Live SkyDrive
O43 - CFD: 13/10/2007 - 10:10:18 ----D- H:\Program Files\Windows Live Toolbar
O43 - CFD: 10/11/2010 - 14:40:08 ----D- H:\Program Files\Windows Media Player
O43 - CFD: 10/11/2010 - 14:38:10 ----D- H:\Program Files\Windows NT
O43 - CFD: 21/02/2009 - 14:27:02 --H-D- H:\Program Files\WindowsUpdate
O43 - CFD: 12/11/2006 - 22:27:36 ----D- H:\Program Files\WinRAR
O43 - CFD: 12/11/2006 - 21:03:34 ----D- H:\Program Files\xerox
O43 - CFD: 19/01/2010 - 17:19:18 ----D- H:\Program Files\Yahoo!
O43 - CFD: 23/10/2007 - 01:16:16 ----D- H:\Program Files\YesMessenger
O43 - CFD: 22/01/2011 - 10:59:46 ----D- H:\Program Files\ZHPDiag
O43 - CFD: 08/04/2010 - 09:49:30 ----D- H:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 12/11/2006 - 22:23:30 ----D- H:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 11/11/2010 - 20:54:40 ----D- H:\Program Files\Fichiers Communs\Apple
O43 - CFD: 12/11/2006 - 22:35:20 ----D- H:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD: 12/11/2006 - 22:33:52 ----D- H:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 12/10/2007 - 22:26:10 ----D- H:\Program Files\Fichiers Communs\Java
O43 - CFD: 02/12/2010 - 18:27:30 ----D- H:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 12/11/2006 - 21:01:48 ----D- H:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 12/11/2006 - 22:24:30 ----D- H:\Program Files\Fichiers Communs\Nero
O43 - CFD: 01/01/2003 - 05:19:08 ----D- H:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 12/11/2006 - 22:33:30 ----D- H:\Program Files\Fichiers Communs\PCCamera
O43 - CFD: 04/02/2010 - 22:46:08 ----D- H:\Program Files\Fichiers Communs\PersonalSecUninstall
O43 - CFD: 12/11/2006 - 21:01:54 ----D- H:\Program Files\Fichiers Communs\Services
O43 - CFD: 01/01/2003 - 05:19:06 ----D- H:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 10/11/2010 - 14:38:08 ----D- H:\Program Files\Fichiers Communs\System
O43 - CFD: 02/02/2010 - 20:52:18 ----D- H:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 23/11/2006 - 18:00:52 ----D- H:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD: 08/11/2008 - 15:15:38 ----D- H:\Documents and Settings\SI ALLAL\Application Data\Adobe
O43 - CFD: 08/11/2008 - 15:22:28 ----D- H:\Documents and Settings\SI ALLAL\Application Data\F-Secure
O43 - CFD: 08/11/2008 - 14:54:56 ----D- H:\Documents and Settings\SI ALLAL\Application Data\Identities
O43 - CFD: 08/11/2008 - 14:55:02 ----D- H:\Documents and Settings\SI ALLAL\Application Data\ispnews
O43 - CFD: 08/11/2008 - 15:15:38 ----D- H:\Documents and Settings\SI ALLAL\Application Data\Macromedia
O43 - CFD: 30/12/2008 - 18:11:38 -S--D- H:\Documents and Settings\SI ALLAL\Application Data\Microsoft
O43 - CFD: 08/11/2008 - 15:07:06 ----D- H:\Documents and Settings\SI ALLAL\Application Data\Mozilla
O43 - CFD: 08/11/2008 - 15:00:34 ----D- H:\Documents and Settings\SI ALLAL\Application Data\Shareaza
O43 - CFD: 08/11/2008 - 15:06:16 ----D- H:\Documents and Settings\SI ALLAL\Application Data\vlc


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A3C5EE9039DC3D834D85AF49983894D8] - 22/01/2011 - 10:44:59 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\nvapps.xml [104]
O44 - LFC:[MD5.F0ED1200E915817C00ECFD7FC4EE1200] - 22/01/2011 - 10:44:49 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\WindowsUpdate.log [515144]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/01/2011 - 10:43:17 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\0.log [0]
O44 - LFC:[MD5.F0ED1200E915817C00ECFD7FC4EE1200] - 22/01/2011 - 10:42:35 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.F0ED1200E915817C00ECFD7FC4EE1200] - 22/01/2011 - 10:42:34 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 22/01/2011 - 10:42:17 -S-A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.F0ED1200E915817C00ECFD7FC4EE1200] - 22/01/2011 - 04:08:21 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\SchedLgU.Txt [32540]
O44 - LFC:[MD5.486E0B1BC94C346E5C352C295388C803] - 21/01/2011 - 21:46:27 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\CONFIG.NT [3072]
O44 - LFC:[MD5.28940F39C19059639BF2FAAA706E206D] - 20/01/2011 - 20:05:18 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\d3d9caps.dat [1324]
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 20/01/2011 - 16:37:01 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\NeroDigital.ini [116]
O44 - LFC:[MD5.5DDD72B474A12E583326AA8A44A8CC87] - 16/01/2011 - 21:04:05 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\wpa.dbl [13002]
O44 - LFC:[MD5.75E5C752D21F1FD639EA25CB4C829B47] - 30/12/2010 - 19:11:06 --HA- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\mlfcache.dat [13384]
O44 - LFC:[MD5.39D2FA287043C9ADE5B2E740918BDDEC] - 29/12/2010 - 21:48:03 ---A- . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\userini.exe [27648]


---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll


---\\ Export de clé d'application autorisée (ECAA) (O47)
O47 - AAKE:Key Export SP - "H:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) (.not file.) -- H:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "H:\Program Files\DNA\btdna.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\Program Files\Messenger\Msmsgs.exe" [Disabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\Program Files\LimeWire\LimeWire.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\Program Files\Shareaza\Shareaza.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "H:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export SP - "H:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- H:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "H:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export DP - "H:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Pas de propriétaire - Pas de description.) (.not file.) --
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) (.not file.) -- H:\WINDOWS\Network Diagnostic\xpnetdiag.exe


---\\ Déni du service (Local Security Authority) (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- H:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- H:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- H:\WINDOWS\System32\msv1_0.dll


---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d


---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{190ebf80-0160-11e0-9237-00142addb716}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- I:\ICM_ML.exe (.not file.)
O51 - MPSK:{910c8692-8a10-11df-8efe-00142addb716}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- I:\setupSNK.exe (.not file.)


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- H:\WINDOWS\System32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- H:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- H:\WINDOWS\System32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- H:\WINDOWS\System32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- H:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="H:\WINDOWS\System32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- H:\WINDOWS\System32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- H:\WINDOWS\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="H:\WINDOWS\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- H:\WINDOWS\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- H:\WINDOWS\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- H:\WINDOWS\System32\DivX.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- H:\WINDOWS\System32\sl_anet.acm
O52 - TDSD: \drivers.desc\"H:\WINDOWS\System32\iac25_32.ax"="Indeo® audi