Un ordinateur un peu lent a mon gout...
Fermé
Kawoosh
Messages postés
14
Date d'inscription
samedi 20 août 2011
Statut
Membre
Dernière intervention
3 janvier 2013
-
Modifié par Kawoosh le 13/09/2011 à 18:28
Utilisateur anonyme - 3 nov. 2011 à 20:37
Utilisateur anonyme - 3 nov. 2011 à 20:37
A voir également:
- Un ordinateur un peu lent a mon gout...
- Ordinateur lent - Guide
- Comment réinitialiser un ordinateur - Guide
- Tubidy le gout de ca - Forum Audio
- Comment réinitialiser un ordinateur verrouillé - Guide
- Mon mac est lent comment le nettoyer - Guide
5 réponses
Utilisateur anonyme
13 sept. 2011 à 18:29
13 sept. 2011 à 18:29
Bonjour
On va faire une analyse de ton systéme.
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
ou
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, " exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
On va faire une analyse de ton systéme.
* Télécharge ZHPDiag ( de Nicolas coolman ).
ou
ZHPDiag
ou
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou le lien FTP en secours :
ftp://zebulon.fr/ZHPDiag2.exe
***********************
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, " exécuter en tant qu'Administrateur /!\
* Laisse toi guider lors de l'installation
* Il se lancera automatiquement à la fin de l'installation
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Kawoosh
Messages postés
14
Date d'inscription
samedi 20 août 2011
Statut
Membre
Dernière intervention
3 janvier 2013
14 sept. 2011 à 18:37
14 sept. 2011 à 18:37
voila ce que ca me donne
Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by Fabien at 14/09/2011 18:33:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 44 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 959 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 37 GB (49%) free of 75 GB
---\\ Logged in mode
~ Computer Name: PERIERAS
~ User Name: Fabien
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Fabien, Emilie, Antoine, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Fabien\Application Data\
~ %Desktop% : C:\Documents and Settings\Fabien\Bureau\
~ %Favorites% : C:\Documents and Settings\Fabien\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Fabien\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Fabien\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 37 Go of 75 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/09/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.14/09/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.14/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/09/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/09/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/09/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/5
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 2/20
~ Mes Documents (My Documents) : 7/262
~ Mon Bureau (My Desktop) : 1636/2954
~ Menu demarrer (Programs) : 6/21
~ Scan Hidden Files in 00mn 05s
---\\ Processus lancés
[MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768] [PID.]
[MD5.09F1A97848BFAB3F36EB216681465B85] - (.S3 Graphics, Inc. - Pas de description.) -- C:\WINDOWS\system32\VTTimer.exe [53248] [PID.220]
[MD5.A6B6031FA13BCAF77EA11B3B50440A5C] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\VTtrayp.exe [147456] [PID.228]
[MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [3722416] [PID.240]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208] [PID.252]
[MD5.D3333768300F462F6B309AB53F75BB25] - (.Analog Devices, Inc. - SMax4PNP MFC Application.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1368064] [PID.272]
[MD5.0A83AEDEFADE30B5CD28049031E149FA] - (.Analog Devices, Inc. - SoundMAX Control Center.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [794624] [PID.280]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.288]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.304]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728] [PID.]
[MD5.3978F082274F723AD5A0A8058C2417DD] - (.Analog Devices, Inc. - SoundMAX service agent component.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056] [PID.]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\Nouveau dossier\ZHPDiag\ZHPDiag.exe [669696] [PID.1084]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\prefs.js
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\user.js (.not file.)
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Fabien - jxvp2wpk.default] https://www.google.fr/?gws_rd=ssl
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.1.629.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 2.6.1f3.) -- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - Pas de description.) -- C:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\VTtrayp.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP MFC Application.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Control Center.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
~ Scan Global Startup in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 01s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) . (.Analog Devices, Inc. - SoundMAX service agent component.) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{F7195E6B-2B99-40E5-9AA1-4F228B8C818E}.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Adibou V.3.10 (C:) - (.Pas de propriétaire.) [HKLM] -- Adibou V.3.10 (C:)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AirRivals - (.Gameforge 4D GmbH.) [HKLM] -- AirRivals_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Cerebral Sherlock - (.Pas de propriétaire.) [HKLM] -- {83475FB3-D619-4129-AE4F-4228202A0367}
O42 - Logiciel: Désinstaller SAS - (.Pas de propriétaire.) [HKLM] -- NiProD_StargateAtlantisSimulation
O42 - Logiciel: FUJIFILM MyFinePix Studio 1.0 - (.Pas de propriétaire.) [HKLM] -- FinePix Genie_is1
O42 - Logiciel: HP Extended Capabilities 5.3 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 5.3 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP PSC & OfficeJet 5.3.B - (.HP.) [HKLM] -- {5B79CFD1-6845-4158-9D7D-6BE89DF2C135}
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Indeo® software - (.Pas de propriétaire.) [HKLM] -- Indeo® software
O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF
O42 - Logiciel: Les dinosaures en 3D - (.Anuman Interactive.) [HKLM] -- Les dinosaures en 3D_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr)
O42 - Logiciel: STARWARS: The Battle of Endor version 2.1 - (.Bruno R. Marcos.) [HKLM] -- STARWARS: The Battle of Endor v2.1_is1
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VIA/S3G Display Driver - (.Pas de propriétaire.) [HKLM] -- VIA/S3G UniChrome Family Win2K/XP Display
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: Xvid 1.1.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AhnLab]
[HKCU\Software\Analog Devices]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Bugsplat]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Flying-Model-Simulator]
[HKCU\Software\GNU]
[HKCU\Software\Gameforge4d]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JaboSoft]
[HKCU\Software\JavaSoft]
[HKCU\Software\Ketsujin Studios]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\N64 Emulation]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PhotoFiltre Studio X]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SecuROM]
[HKCU\Software\Shatters.net]
[HKCU\Software\ShipStone]
[HKCU\Software\Smax4]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\epsxe]
[HKLM\Software\ASUS]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\AirRivalsFR]
[HKLM\Software\Analog Devices]
[HKLM\Software\Andrea Electronics]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Fujifilm]
[HKLM\Software\Gemplus]
[HKLM\Software\GlarySoft]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Infogrames]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Ketsujin Studios]
[HKLM\Software\L&H]
[HKLM\Software\Macromedia]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Sensaura]
[HKLM\Software\Staccato]
[HKLM\Software\TrendMicro]
[HKLM\Software\Trymedia Systems]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Voice]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\mozilla.org]
[HKLM\Software\optimidata]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/07/2011 - 11:22:12 - [17311253] ----D- C:\Program Files\Adobe
O43 - CFD: 08/09/2011 - 18:47:58 - [3142953] ----D- C:\Program Files\AMD
O43 - CFD: 11/06/2011 - 10:54:52 - [17196110] ----D- C:\Program Files\Analog Devices
O43 - CFD: 15/06/2011 - 17:55:52 - [528481161] ----D- C:\Program Files\Anuman Interactive
O43 - CFD: 10/06/2011 - 14:36:56 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 09/06/2011 - 20:45:06 - [165843774] ----D- C:\Program Files\AVAST Software
O43 - CFD: 07/09/2011 - 11:31:24 - [4118120] ----D- C:\Program Files\CCleaner
O43 - CFD: 09/06/2011 - 15:28:32 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 05/09/2011 - 17:58:20 - [4507970] ----D- C:\Program Files\DOSBox-0.74
O43 - CFD: 28/08/2011 - 18:25:44 - [99211631] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 10/06/2011 - 14:39:04 - [123012736] ----D- C:\Program Files\FUJIFILM
O43 - CFD: 10/06/2011 - 12:31:32 - [3031719142] ----D- C:\Program Files\Gameforge4D
O43 - CFD: 10/06/2011 - 19:03:52 - [165709357] ----D- C:\Program Files\Google
O43 - CFD: 14/08/2011 - 11:09:02 - [267864174] ----D- C:\Program Files\HP
O43 - CFD: 08/09/2011 - 18:47:58 - [10468441] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/06/2011 - 16:28:42 - [2209078] ----D- C:\Program Files\Intel
O43 - CFD: 13/08/2011 - 18:49:36 - [5666520] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 30/06/2011 - 11:08:58 - [81169164] ----D- C:\Program Files\Java
O43 - CFD: 09/06/2011 - 20:28:56 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 13/06/2011 - 12:39:50 - [2545232885] ----D- C:\Program Files\Microsoft Encarta
O43 - CFD: 09/06/2011 - 15:31:44 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 10/09/2011 - 13:01:14 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 15/06/2011 - 12:14:12 - [248901114] ----D- C:\Program Files\Mindscape
O43 - CFD: 10/06/2011 - 16:31:50 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 12/09/2011 - 18:05:52 - [35679524] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 10/06/2011 - 18:39:12 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 09/06/2011 - 15:27:20 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 09/06/2011 - 15:27:52 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 10/06/2011 - 16:31:34 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 09/06/2011 - 20:24:40 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 09/06/2011 - 15:28:00 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 15/06/2011 - 13:16:20 - [352657656] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 10/06/2011 - 16:30:48 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 10/06/2011 - 14:38:02 - [80087795] ----D- C:\Program Files\QuickTime
O43 - CFD: 10/06/2011 - 18:39:00 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 13/09/2011 - 18:37:44 - [2156176821] ----D- C:\Program Files\RomStation
O43 - CFD: 09/06/2011 - 15:30:00 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 09/06/2011 - 17:47:10 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 08/09/2011 - 18:56:50 - [1012749] ----D- C:\Program Files\VIA
O43 - CFD: 16/06/2011 - 17:36:42 - [105968722] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/06/2011 - 20:26:18 - [3534189] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 09/06/2011 - 20:24:38 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 09/06/2011 - 15:30:04 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 10/06/2011 - 20:41:14 - [4142972] ----D- C:\Program Files\WinRAR
O43 - CFD: 09/06/2011 - 15:31:44 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/06/2011 - 18:10:02 - [0] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 22/07/2011 - 11:22:10 - [31517343] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 10/06/2011 - 14:37:08 - [33556977] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 30/08/2011 - 18:16:56 - [179547] ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD: 10/06/2011 - 14:16:50 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 10/06/2011 - 14:19:50 - [647168] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 13/06/2011 - 19:54:42 - [4597979] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 30/06/2011 - 11:09:42 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 15/06/2011 - 13:15:50 - [15882601] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 09/06/2011 - 15:29:12 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 09/06/2011 - 17:18:08 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 09/06/2011 - 15:29:16 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 09/06/2011 - 17:18:06 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 28/08/2011 - 18:25:44 - [407336] ----D- C:\Program Files\Fichiers Communs\Steam
O43 - CFD: 09/06/2011 - 20:24:36 - [6811317] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 12/09/2011 - 17:46:50 - [11320515] ----D- C:\Documents and Settings\Fabien\Application Data\.minecraft
O43 - CFD: 22/07/2011 - 11:21:48 - [989334] ----D- C:\Documents and Settings\Fabien\Application Data\Adobe
O43 - CFD: 30/06/2011 - 15:45:30 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\AVS4YOU
O43 - CFD: 12/09/2011 - 18:06:54 - [240195] ----D- C:\Documents and Settings\Fabien\Application Data\GlarySoft
O43 - CFD: 08/07/2011 - 11:47:58 - [54931] ----D- C:\Documents and Settings\Fabien\Application Data\Google
O43 - CFD: 15/08/2011 - 14:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\Help
O43 - CFD: 14/08/2011 - 18:50:38 - [11418] ----D- C:\Documents and Settings\Fabien\Application Data\HpUpdate
O43 - CFD: 11/06/2011 - 19:32:54 - [45] ----D- C:\Documents and Settings\Fabien\Application Data\Identities
O43 - CFD: 08/09/2011 - 18:47:46 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\InstallShield
O43 - CFD: 14/09/2011 - 18:19:14 - [4485129] ----D- C:\Documents and Settings\Fabien\Application Data\Macromedia
O43 - CFD: 30/06/2011 - 11:09:30 - [10979626] -S--D- C:\Documents and Settings\Fabien\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 17:45:36 - [12660212] ----D- C:\Documents and Settings\Fabien\Application Data\Mozilla
O43 - CFD: 22/07/2011 - 11:22:30 - [264] ----D- C:\Documents and Settings\Fabien\Application Data\omegamega
O43 - CFD: 15/06/2011 - 13:26:40 - [1574571] ----D- C:\Documents and Settings\Fabien\Application Data\OpenOffice.org
O43 - CFD: 11/06/2011 - 19:32:58 - [329] ----D- C:\Documents and Settings\Fabien\Application Data\PhotoFiltre Studio X
O43 - CFD: 30/06/2011 - 11:05:00 - [867429] ----D- C:\Documents and Settings\Fabien\Application Data\Sun
O43 - CFD: 18/06/2011 - 19:40:12 - [950] ----D- C:\Documents and Settings\Fabien\Application Data\Unity
O43 - CFD: 11/09/2011 - 18:10:58 - [81033] ----D- C:\Documents and Settings\Fabien\Application Data\vlc
O43 - CFD: 10/06/2011 - 20:42:02 - [12] ----D- C:\Documents and Settings\Fabien\Application Data\WinRAR
O43 - CFD: 22/07/2011 - 11:19:42 - [11539588] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Adobe
O43 - CFD: 18/06/2011 - 10:56:04 - [9539] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Apple Computer
O43 - CFD: 06/07/2011 - 18:09:32 - [7103] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 15/08/2011 - 14:56:56 - [835529] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\DOSBox
O43 - CFD: 10/06/2011 - 18:20:04 - [279270708] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Google
O43 - CFD: 15/08/2011 - 14:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Help
O43 - CFD: 15/06/2011 - 11:25:06 - [596872] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Identities
O43 - CFD: 11/09/2011 - 18:11:46 - [240] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\LastPass
O43 - CFD: 25/08/2011 - 20:09:32 - [1189818] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 17:45:24 - [38099839] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla
O43 - CFD: 30/06/2011 - 10:53:02 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\PCHealth
O43 - CFD: 15/06/2011 - 11:41:14 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Temp
O43 - CFD: 18/06/2011 - 19:06:48 - [11569067] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.3A6D5C0AC911B42C7243ACB3FE31ABA1] - 14/09/2011 - 17:33:41 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1190554]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/09/2011 - 17:32:14 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.8BDBD061734E424D136C66D00D11CF1F] - 14/09/2011 - 17:32:10 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.298C990C7D89319CB7639A1A1DC6B94F] - 14/09/2011 - 17:32:09 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 14/09/2011 - 17:31:41 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.F3B29B6434E7F8EE699C19E0C86C5F4A] - 14/09/2011 - 17:30:56 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32420]
O44 - LFC:[MD5.BEED859862DD30EC68C84C61AB7417EB] - 14/09/2011 - 17:28:34 ---A- . (...) -- C:\WINDOWS\setupact.log [120]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/09/2011 - 17:28:12 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.9681A655BE1D8AFF0D1A352504E4AF0C] - 11/09/2011 - 10:09:14 ---A- . (...) -- C:\WINDOWS\system32\CONFIG.NT [3120]
O44 - LFC:[MD5.31FFDE1BE912D7CBD3F189FEB61F86B6] - 08/09/2011 - 17:48:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43520]
O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 08/09/2011 - 17:08:41 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.701A5948B60452EF6CF06C2900C3B9EA] - 06/09/2011 - 21:45:29 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\WINDOWS\avastSS.scr [41184]
O44 - LFC:[MD5.37CCBB62A3D8FE3903CD2CBFC711895C] - 06/09/2011 - 21:45:29 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\WINDOWS\system32\aswBoot.exe [199304]
O44 - LFC:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 06/09/2011 - 21:38:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [442200]
O44 - LFC:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 06/09/2011 - 21:37:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [320856]
O44 - LFC:[MD5.36239E24470A3DD81FAE37510953CC6C] - 06/09/2011 - 21:36:38 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [34392]
O44 - LFC:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 06/09/2011 - 21:36:36 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [52568]
O44 - LFC:[MD5.FFF2DBB17A3C89F87F78D5FA72CA47FD] - 06/09/2011 - 21:36:23 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [110552]
O44 - LFC:[MD5.71E3F39AAEBC5CAE3DBB4C1995B9A6DA] - 06/09/2011 - 21:36:20 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\system32\drivers\aswmon.sys [104536]
O44 - LFC:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 06/09/2011 - 21:36:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [20568]
O44 - LFC:[MD5.95D1DE2A6613494E853A9738D5D9ACD4] - 06/09/2011 - 21:33:11 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for W.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]
O44 - LFC:[MD5.933317E029631D1DAC88073C6960C504] - 27/08/2011 - 14:20:51 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
O44 - LFC:[MD5.95FFEDB6B90603AC1AC7EBDB90C406B9] - 24/08/2011 - 21:20:44 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [13066]
~ Scan Files in 00mn 23s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Pas de propriétaire - HpqPhUnl MFC Application.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe" [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\plugin\geplugin.exe
O47 - AAKE:Key Export SP - "C:\coktel\ADI5\TTS\SpeechCube.exe" [Enabled] .(.ELAN Informatique - SPeechCube.) -- C:\coktel\ADI5\TTS\SpeechCube.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Gameforge4D\AirRivals\Launcher.atm" [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - "C:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe" [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Steam\Steam.exe" [Enabled] .(...) -- C:\Program Files\Steam\Steam.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe" [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\plugin-container.exe" [Enabled] .(.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
O47 - AAKE:Key Export SP - "C:\Program Files\cacaoweb\cacaoweb.exe" [Enabled] .(...) -- C:\Program Files\cacaoweb\cacaoweb.exe (.not file.)
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.yvu9"="iyvu9_32.dll" . (...) -- C:\WINDOWS\system32\iyvu9_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\Iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.11.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="L3CODECA.ACM" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\L3CODECA.ACM
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\WINDOWS\system32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.11" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"L3CODECA.ACM"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltun
Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by Fabien at 14/09/2011 18:33:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 44 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 959 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 37 GB (49%) free of 75 GB
---\\ Logged in mode
~ Computer Name: PERIERAS
~ User Name: Fabien
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Fabien, Emilie, Antoine, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Fabien\Application Data\
~ %Desktop% : C:\Documents and Settings\Fabien\Bureau\
~ %Favorites% : C:\Documents and Settings\Fabien\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Fabien\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Fabien\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 37 Go of 75 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/09/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.14/09/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.14/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/09/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/09/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/09/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/5
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 2/20
~ Mes Documents (My Documents) : 7/262
~ Mon Bureau (My Desktop) : 1636/2954
~ Menu demarrer (Programs) : 6/21
~ Scan Hidden Files in 00mn 05s
---\\ Processus lancés
[MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768] [PID.]
[MD5.09F1A97848BFAB3F36EB216681465B85] - (.S3 Graphics, Inc. - Pas de description.) -- C:\WINDOWS\system32\VTTimer.exe [53248] [PID.220]
[MD5.A6B6031FA13BCAF77EA11B3B50440A5C] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\VTtrayp.exe [147456] [PID.228]
[MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [3722416] [PID.240]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208] [PID.252]
[MD5.D3333768300F462F6B309AB53F75BB25] - (.Analog Devices, Inc. - SMax4PNP MFC Application.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [1368064] [PID.272]
[MD5.0A83AEDEFADE30B5CD28049031E149FA] - (.Analog Devices, Inc. - SoundMAX Control Center.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [794624] [PID.280]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.288]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.304]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728] [PID.]
[MD5.3978F082274F723AD5A0A8058C2417DD] - (.Analog Devices, Inc. - SoundMAX service agent component.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [45056] [PID.]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\Nouveau dossier\ZHPDiag\ZHPDiag.exe [669696] [PID.1084]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\prefs.js
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\user.js (.not file.)
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Fabien - jxvp2wpk.default] https://www.google.fr/?gws_rd=ssl
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.1.629.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 2.6.1f3.) -- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - Pas de description.) -- C:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\VTtrayp.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP MFC Application.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - SoundMAX Control Center.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\MSN.lnk . (.Microsoft Corporation.) -- C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
~ Scan Global Startup in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 01s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) . (.Analog Devices, Inc. - SoundMAX service agent component.) - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{F7195E6B-2B99-40E5-9AA1-4F228B8C818E}.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Adibou V.3.10 (C:) - (.Pas de propriétaire.) [HKLM] -- Adibou V.3.10 (C:)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AirRivals - (.Gameforge 4D GmbH.) [HKLM] -- AirRivals_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Cerebral Sherlock - (.Pas de propriétaire.) [HKLM] -- {83475FB3-D619-4129-AE4F-4228202A0367}
O42 - Logiciel: Désinstaller SAS - (.Pas de propriétaire.) [HKLM] -- NiProD_StargateAtlantisSimulation
O42 - Logiciel: FUJIFILM MyFinePix Studio 1.0 - (.Pas de propriétaire.) [HKLM] -- FinePix Genie_is1
O42 - Logiciel: HP Extended Capabilities 5.3 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 5.3 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP PSC & OfficeJet 5.3.B - (.HP.) [HKLM] -- {5B79CFD1-6845-4158-9D7D-6BE89DF2C135}
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Indeo® software - (.Pas de propriétaire.) [HKLM] -- Indeo® software
O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF
O42 - Logiciel: Les dinosaures en 3D - (.Anuman Interactive.) [HKLM] -- Les dinosaures en 3D_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr)
O42 - Logiciel: STARWARS: The Battle of Endor version 2.1 - (.Bruno R. Marcos.) [HKLM] -- STARWARS: The Battle of Endor v2.1_is1
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VIA/S3G Display Driver - (.Pas de propriétaire.) [HKLM] -- VIA/S3G UniChrome Family Win2K/XP Display
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: Xvid 1.1.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AhnLab]
[HKCU\Software\Analog Devices]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Bugsplat]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Flying-Model-Simulator]
[HKCU\Software\GNU]
[HKCU\Software\Gameforge4d]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JaboSoft]
[HKCU\Software\JavaSoft]
[HKCU\Software\Ketsujin Studios]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\N64 Emulation]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\PhotoFiltre Studio X]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SecuROM]
[HKCU\Software\Shatters.net]
[HKCU\Software\ShipStone]
[HKCU\Software\Smax4]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\epsxe]
[HKLM\Software\ASUS]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\AirRivalsFR]
[HKLM\Software\Analog Devices]
[HKLM\Software\Andrea Electronics]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Fujifilm]
[HKLM\Software\Gemplus]
[HKLM\Software\GlarySoft]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Infogrames]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Ketsujin Studios]
[HKLM\Software\L&H]
[HKLM\Software\Macromedia]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Sensaura]
[HKLM\Software\Staccato]
[HKLM\Software\TrendMicro]
[HKLM\Software\Trymedia Systems]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Voice]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\mozilla.org]
[HKLM\Software\optimidata]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/07/2011 - 11:22:12 - [17311253] ----D- C:\Program Files\Adobe
O43 - CFD: 08/09/2011 - 18:47:58 - [3142953] ----D- C:\Program Files\AMD
O43 - CFD: 11/06/2011 - 10:54:52 - [17196110] ----D- C:\Program Files\Analog Devices
O43 - CFD: 15/06/2011 - 17:55:52 - [528481161] ----D- C:\Program Files\Anuman Interactive
O43 - CFD: 10/06/2011 - 14:36:56 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 09/06/2011 - 20:45:06 - [165843774] ----D- C:\Program Files\AVAST Software
O43 - CFD: 07/09/2011 - 11:31:24 - [4118120] ----D- C:\Program Files\CCleaner
O43 - CFD: 09/06/2011 - 15:28:32 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 05/09/2011 - 17:58:20 - [4507970] ----D- C:\Program Files\DOSBox-0.74
O43 - CFD: 28/08/2011 - 18:25:44 - [99211631] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 10/06/2011 - 14:39:04 - [123012736] ----D- C:\Program Files\FUJIFILM
O43 - CFD: 10/06/2011 - 12:31:32 - [3031719142] ----D- C:\Program Files\Gameforge4D
O43 - CFD: 10/06/2011 - 19:03:52 - [165709357] ----D- C:\Program Files\Google
O43 - CFD: 14/08/2011 - 11:09:02 - [267864174] ----D- C:\Program Files\HP
O43 - CFD: 08/09/2011 - 18:47:58 - [10468441] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/06/2011 - 16:28:42 - [2209078] ----D- C:\Program Files\Intel
O43 - CFD: 13/08/2011 - 18:49:36 - [5666520] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 30/06/2011 - 11:08:58 - [81169164] ----D- C:\Program Files\Java
O43 - CFD: 09/06/2011 - 20:28:56 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 13/06/2011 - 12:39:50 - [2545232885] ----D- C:\Program Files\Microsoft Encarta
O43 - CFD: 09/06/2011 - 15:31:44 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 10/09/2011 - 13:01:14 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 15/06/2011 - 12:14:12 - [248901114] ----D- C:\Program Files\Mindscape
O43 - CFD: 10/06/2011 - 16:31:50 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 12/09/2011 - 18:05:52 - [35679524] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 10/06/2011 - 18:39:12 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 09/06/2011 - 15:27:20 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 09/06/2011 - 15:27:52 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 10/06/2011 - 16:31:34 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 09/06/2011 - 20:24:40 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 09/06/2011 - 15:28:00 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 15/06/2011 - 13:16:20 - [352657656] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 10/06/2011 - 16:30:48 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 10/06/2011 - 14:38:02 - [80087795] ----D- C:\Program Files\QuickTime
O43 - CFD: 10/06/2011 - 18:39:00 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 13/09/2011 - 18:37:44 - [2156176821] ----D- C:\Program Files\RomStation
O43 - CFD: 09/06/2011 - 15:30:00 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 09/06/2011 - 17:47:10 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 08/09/2011 - 18:56:50 - [1012749] ----D- C:\Program Files\VIA
O43 - CFD: 16/06/2011 - 17:36:42 - [105968722] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/06/2011 - 20:26:18 - [3534189] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 09/06/2011 - 20:24:38 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 09/06/2011 - 15:30:04 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 10/06/2011 - 20:41:14 - [4142972] ----D- C:\Program Files\WinRAR
O43 - CFD: 09/06/2011 - 15:31:44 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/06/2011 - 18:10:02 - [0] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 22/07/2011 - 11:22:10 - [31517343] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 10/06/2011 - 14:37:08 - [33556977] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 30/08/2011 - 18:16:56 - [179547] ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD: 10/06/2011 - 14:16:50 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 10/06/2011 - 14:19:50 - [647168] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 13/06/2011 - 19:54:42 - [4597979] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 30/06/2011 - 11:09:42 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 15/06/2011 - 13:15:50 - [15882601] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 09/06/2011 - 15:29:12 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 09/06/2011 - 17:18:08 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 09/06/2011 - 15:29:16 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 09/06/2011 - 17:18:06 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 28/08/2011 - 18:25:44 - [407336] ----D- C:\Program Files\Fichiers Communs\Steam
O43 - CFD: 09/06/2011 - 20:24:36 - [6811317] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 12/09/2011 - 17:46:50 - [11320515] ----D- C:\Documents and Settings\Fabien\Application Data\.minecraft
O43 - CFD: 22/07/2011 - 11:21:48 - [989334] ----D- C:\Documents and Settings\Fabien\Application Data\Adobe
O43 - CFD: 30/06/2011 - 15:45:30 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\AVS4YOU
O43 - CFD: 12/09/2011 - 18:06:54 - [240195] ----D- C:\Documents and Settings\Fabien\Application Data\GlarySoft
O43 - CFD: 08/07/2011 - 11:47:58 - [54931] ----D- C:\Documents and Settings\Fabien\Application Data\Google
O43 - CFD: 15/08/2011 - 14:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\Help
O43 - CFD: 14/08/2011 - 18:50:38 - [11418] ----D- C:\Documents and Settings\Fabien\Application Data\HpUpdate
O43 - CFD: 11/06/2011 - 19:32:54 - [45] ----D- C:\Documents and Settings\Fabien\Application Data\Identities
O43 - CFD: 08/09/2011 - 18:47:46 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\InstallShield
O43 - CFD: 14/09/2011 - 18:19:14 - [4485129] ----D- C:\Documents and Settings\Fabien\Application Data\Macromedia
O43 - CFD: 30/06/2011 - 11:09:30 - [10979626] -S--D- C:\Documents and Settings\Fabien\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 17:45:36 - [12660212] ----D- C:\Documents and Settings\Fabien\Application Data\Mozilla
O43 - CFD: 22/07/2011 - 11:22:30 - [264] ----D- C:\Documents and Settings\Fabien\Application Data\omegamega
O43 - CFD: 15/06/2011 - 13:26:40 - [1574571] ----D- C:\Documents and Settings\Fabien\Application Data\OpenOffice.org
O43 - CFD: 11/06/2011 - 19:32:58 - [329] ----D- C:\Documents and Settings\Fabien\Application Data\PhotoFiltre Studio X
O43 - CFD: 30/06/2011 - 11:05:00 - [867429] ----D- C:\Documents and Settings\Fabien\Application Data\Sun
O43 - CFD: 18/06/2011 - 19:40:12 - [950] ----D- C:\Documents and Settings\Fabien\Application Data\Unity
O43 - CFD: 11/09/2011 - 18:10:58 - [81033] ----D- C:\Documents and Settings\Fabien\Application Data\vlc
O43 - CFD: 10/06/2011 - 20:42:02 - [12] ----D- C:\Documents and Settings\Fabien\Application Data\WinRAR
O43 - CFD: 22/07/2011 - 11:19:42 - [11539588] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Adobe
O43 - CFD: 18/06/2011 - 10:56:04 - [9539] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Apple Computer
O43 - CFD: 06/07/2011 - 18:09:32 - [7103] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 15/08/2011 - 14:56:56 - [835529] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\DOSBox
O43 - CFD: 10/06/2011 - 18:20:04 - [279270708] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Google
O43 - CFD: 15/08/2011 - 14:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Help
O43 - CFD: 15/06/2011 - 11:25:06 - [596872] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Identities
O43 - CFD: 11/09/2011 - 18:11:46 - [240] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\LastPass
O43 - CFD: 25/08/2011 - 20:09:32 - [1189818] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 17:45:24 - [38099839] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla
O43 - CFD: 30/06/2011 - 10:53:02 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\PCHealth
O43 - CFD: 15/06/2011 - 11:41:14 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Temp
O43 - CFD: 18/06/2011 - 19:06:48 - [11569067] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.3A6D5C0AC911B42C7243ACB3FE31ABA1] - 14/09/2011 - 17:33:41 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1190554]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/09/2011 - 17:32:14 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.8BDBD061734E424D136C66D00D11CF1F] - 14/09/2011 - 17:32:10 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.298C990C7D89319CB7639A1A1DC6B94F] - 14/09/2011 - 17:32:09 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 14/09/2011 - 17:31:41 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.F3B29B6434E7F8EE699C19E0C86C5F4A] - 14/09/2011 - 17:30:56 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32420]
O44 - LFC:[MD5.BEED859862DD30EC68C84C61AB7417EB] - 14/09/2011 - 17:28:34 ---A- . (...) -- C:\WINDOWS\setupact.log [120]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/09/2011 - 17:28:12 ---A- . (...) -- C:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.9681A655BE1D8AFF0D1A352504E4AF0C] - 11/09/2011 - 10:09:14 ---A- . (...) -- C:\WINDOWS\system32\CONFIG.NT [3120]
O44 - LFC:[MD5.31FFDE1BE912D7CBD3F189FEB61F86B6] - 08/09/2011 - 17:48:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43520]
O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 08/09/2011 - 17:08:41 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.701A5948B60452EF6CF06C2900C3B9EA] - 06/09/2011 - 21:45:29 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\WINDOWS\avastSS.scr [41184]
O44 - LFC:[MD5.37CCBB62A3D8FE3903CD2CBFC711895C] - 06/09/2011 - 21:45:29 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\WINDOWS\system32\aswBoot.exe [199304]
O44 - LFC:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 06/09/2011 - 21:38:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [442200]
O44 - LFC:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 06/09/2011 - 21:37:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [320856]
O44 - LFC:[MD5.36239E24470A3DD81FAE37510953CC6C] - 06/09/2011 - 21:36:38 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [34392]
O44 - LFC:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 06/09/2011 - 21:36:36 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [52568]
O44 - LFC:[MD5.FFF2DBB17A3C89F87F78D5FA72CA47FD] - 06/09/2011 - 21:36:23 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [110552]
O44 - LFC:[MD5.71E3F39AAEBC5CAE3DBB4C1995B9A6DA] - 06/09/2011 - 21:36:20 ---A- . (.AVAST Software - avast! File System Filter Driver for Window.) -- C:\WINDOWS\system32\drivers\aswmon.sys [104536]
O44 - LFC:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 06/09/2011 - 21:36:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [20568]
O44 - LFC:[MD5.95D1DE2A6613494E853A9738D5D9ACD4] - 06/09/2011 - 21:33:11 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for W.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]
O44 - LFC:[MD5.933317E029631D1DAC88073C6960C504] - 27/08/2011 - 14:20:51 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
O44 - LFC:[MD5.95FFEDB6B90603AC1AC7EBDB90C406B9] - 24/08/2011 - 21:20:44 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [13066]
~ Scan Files in 00mn 23s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(.Pas de propriétaire - HpqPhUnl MFC Application.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
O47 - AAKE:Key Export SP - "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe" [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\client\googleearth.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Earth\plugin\geplugin.exe" [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\plugin\geplugin.exe
O47 - AAKE:Key Export SP - "C:\coktel\ADI5\TTS\SpeechCube.exe" [Enabled] .(.ELAN Informatique - SPeechCube.) -- C:\coktel\ADI5\TTS\SpeechCube.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Gameforge4D\AirRivals\Launcher.atm" [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - "C:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe" [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\iexplore.exe" [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Steam\Steam.exe" [Enabled] .(...) -- C:\Program Files\Steam\Steam.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe" [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\plugin-container.exe" [Enabled] .(.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
O47 - AAKE:Key Export SP - "C:\Program Files\cacaoweb\cacaoweb.exe" [Enabled] .(...) -- C:\Program Files\cacaoweb\cacaoweb.exe (.not file.)
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"vidc.yvu9"="iyvu9_32.dll" . (...) -- C:\WINDOWS\system32\iyvu9_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\Iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\Iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.11.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="L3CODECA.ACM" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\L3CODECA.ACM
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\WINDOWS\system32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.11" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"L3CODECA.ACM"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltun
Utilisateur anonyme
14 sept. 2011 à 19:19
14 sept. 2011 à 19:19
Ne postes pas le rapport directement sur le forum.
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
* Héberge le rapport ZHPDiag.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
Kawoosh
Messages postés
14
Date d'inscription
samedi 20 août 2011
Statut
Membre
Dernière intervention
3 janvier 2013
3 nov. 2011 à 18:59
3 nov. 2011 à 18:59
Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011
Run by Fabien at 03/11/2011 18:47:49
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 44 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 959 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 39 GB (52%) free of 75 GB
---\\ Logged in mode
~ Computer Name: PERIERAS
~ User Name: Fabien
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Fabien, Emilie, Antoine, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Fabien\Application Data\
~ %Desktop% : C:\Documents and Settings\Fabien\Bureau\
~ %Favorites% : C:\Documents and Settings\Fabien\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Fabien\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Fabien\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 39 Go of 75 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : Modified
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.03/11/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.03/11/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.7DF35C3D173E799F97F208CC5F3B1C93] - (.Microsoft Corporation - Internet Extensions for Win32.) (.03/11/2011 - 00:41:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.03/11/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/11/2011 - 14:49:54.) -- C:\WINDOWS\system32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/11/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.03/11/2011 - 20:14:21.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.03/11/2011 - 19:40:46.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.03/11/2011 - 02:57:38.) -- C:\WINDOWS\system32\drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.03/11/2011 - 17:36:05.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.03/11/2011 - 03:00:52.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.03/11/2011 - 19:40:58.) -- C:\WINDOWS\system32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.03/11/2011 - 19:57:15.) -- C:\WINDOWS\system32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.03/11/2011 - 20:19:42.) -- C:\WINDOWS\system32\drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/11/2011 - 14:29:31.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.03/11/2011 - 20:21:00.) -- C:\WINDOWS\system32\drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.03/11/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.03/11/2011 - 03:09:40.) -- C:\WINDOWS\system32\drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.03/11/2011 - 20:19:43.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/11/2011 - 19:32:51.) -- C:\WINDOWS\system32\drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.03/11/2011 - 02:57:34.) -- C:\WINDOWS\system32\drivers\redbook.sys [58752]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/8
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 2/4
~ Mes Documents (My Documents) : 7/280
~ Mon Bureau (My Desktop) : 1615/2894
~ Menu demarrer (Programs) : 6/21
~ Scan Hidden Files in 00mn 06s
---\\ Processus lancés
[MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768] [PID.]
[MD5.381B25DC8E958D905B33130D500BBF29] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120] [PID.]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.]
[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728] [PID.]
[MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [3722416] [PID.1628]
[MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\ZHPDiag\ZHPDiag.exe [696320] [PID.1924]
~ Scan Processes Running in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\prefs.js
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\user.js (.not file.)
M3 - MFPP: Plugins - [Fabien] -- C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Fabien - jxvp2wpk.default] https://www.google.fr/?gws_rd=ssl [Pays US - 74.125.39.103]
M2 - MFEP: prefs.js [Fabien - jxvp2wpk.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v0.9.9.99 (.Echipa R&D BitDefender.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.1.629.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Teambr<="" font="">
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 2.6.1f3.) -- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl [Pays - 74.125.39.99]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/ [Pays US - 64.4.11.160]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19131 (longhorn_ie8_gdr.110815-1715)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL sysdm.cpl
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- (.not file.)
O3 - Toolbar: (no name) - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006-57989841-1482476501-725345543-1005\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft FrontPage.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~3\Office10\EXCEL.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dlfvideo.htm
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Pays EU - 92.123.83.191]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Pays EU - 92.122.49.98]
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 01s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: !SASWinLogon . (...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\SASWINLO.dll (.not file.)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cc925461c88f46.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RMSchedule.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{F7195E6B-2B99-40E5-9AA1-4F228B8C818E}.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Adibou V.3.10 (C:) - (.Pas de propriétaire.) [HKLM] -- Adibou V.3.10 (C:)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AirRivals - (.Gameforge 4D GmbH.) [HKLM] -- AirRivals_is1
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {6A3F9D74-BB80-4451-8CA1-4B3A857F1359}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Désinstaller SAS - (.Pas de propriétaire.) [HKLM] -- NiProD_StargateAtlantisSimulation
O42 - Logiciel: FUJIFILM MyFinePix Studio 1.0 - (.Pas de propriétaire.) [HKLM] -- FinePix Genie_is1
O42 - Logiciel: Glary Utilities 2.38.0.1288 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1
O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM] -- {C4E1603B-E550-4A14-8F53-4E989849D1B4}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
O42 - Logiciel: HP Extended Capabilities 5.3 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Image Zone Express - (.Hewlett-Packard.) [HKLM] -- {FE64AE29-0883-4C70-8388-DC026019C900}
O42 - Logiciel: HP Imaging Device Functions 5.3 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP PSC & OfficeJet 5.3.B - (.HP.) [HKLM] -- {5B79CFD1-6845-4158-9D7D-6BE89DF2C135}
O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Indeo® software - (.Pas de propriétaire.) [HKLM] -- Indeo® software
O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}
O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF
O42 - Logiciel: Les dinosaures en 3D - (.Anuman Interactive.) [HKLM] -- Les dinosaures en 3D_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.) [HKLM] -- {9028040C-6000-11D3-8CFE-0050048383C9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
O42 - Logiciel: RomStation - (.RomStation.) [HKLM] -- {223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1
O42 - Logiciel: STARWARS: The Battle of Endor version 2.1 - (.Bruno R. Marcos.) [HKLM] -- STARWARS: The Battle of Endor v2.1_is1
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VIA/S3G Display Driver - (.Pas de propriétaire.) [HKLM] -- VIA/S3G UniChrome Family Win2K/XP Display
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Xvid 1.1.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AhnLab]
[HKCU\Software\Analog Devices]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\BitDefender]
[HKCU\Software\Bobyte]
[HKCU\Software\Bugsplat]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Flying-Model-Simulator]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Freeware]
[HKCU\Software\Fujifilm]
[HKCU\Software\GNU]
[HKCU\Software\Game Maker]
[HKCU\Software\Gameforge4d]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\Iris]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JaboSoft]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jetico]
[HKCU\Software\Ketsujin Studios]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\N64 Emulation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SearchCore for Browsers]
[HKCU\Software\SecuROM]
[HKCU\Software\Shatters.net]
[HKCU\Software\ShipStone]
[HKCU\Software\Smax4]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WideStream]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\dskMetrics]
[HKCU\Software\ej-technologies]
[HKCU\Software\epsxe]
[HKCU\Software\stevengould.org]
[HKLM\Software\ASUS]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\AirRivalsFR]
[HKLM\Software\Analog Devices]
[HKLM\Software\Andrea Electronics]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AviSynth]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\Fujifilm]
[HKLM\Software\Gemplus]
[HKLM\Software\GlarySoft]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Infogrames]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Ketsujin Studios]
[HKLM\Software\L&H]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Sensaura]
[HKLM\Software\Staccato]
[HKLM\Software\TrendMicro]
[HKLM\Software\Trymedia Systems]
[HKLM\Software\Uniblue]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Voice]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\mozilla.org]
[HKLM\Software\optimidata]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/07/2011 - 10:22:12 - [17311253] ----D- C:\Program Files\Adobe
O43 - CFD: 11/06/2011 - 09:54:52 - [17196109] ----D- C:\Program Files\Analog Devices
O43 - CFD: 15/06/2011 - 16:55:52 - [528481161] ----D- C:\Program Files\Anuman Interactive
O43 - CFD: 20/10/2011 - 15:45:12 - [2428606] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 09/06/2011 - 19:45:06 - [168519511] ----D- C:\Program Files\AVAST Software
O43 - CFD: 01/11/2011 - 18:27:14 - [146393] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 09/10/2011 - 10:55:00 - [4174784] ----D- C:\Program Files\CCleaner
O43 - CFD: 09/06/2011 - 14:28:32 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 01/11/2011 - 18:04:38 - [4326736] ----D- C:\Program Files\Defraggler
O43 - CFD: 01/11/2011 - 18:27:52 - [0] ----D- C:\Program Files\eRightSoft
O43 - CFD: 30/10/2011 - 12:40:40 - [336877232] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 10/06/2011 - 13:39:04 - [27451644] ----D- C:\Program Files\FUJIFILM
O43 - CFD: 10/06/2011 - 11:31:32 - [3041156802] ----D- C:\Program Files\Gameforge4D
O43 - CFD: 08/10/2011 - 12:03:48 - [23221985] ----D- C:\Program Files\Glary Utilities
O43 - CFD: 10/06/2011 - 18:03:52 - [165742637] ----D- C:\Program Files\Google
O43 - CFD: 14/08/2011 - 10:09:02 - [266840694] ----D- C:\Program Files\HP
O43 - CFD: 05/10/2011 - 17:08:00 - [6716825] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/06/2011 - 15:28:42 - [2209078] ----D- C:\Program Files\Intel
O43 - CFD: 13/10/2011 - 15:09:42 - [4544104] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/10/2011 - 15:29:28 - [81218689] ----D- C:\Program Files\Java
O43 - CFD: 09/06/2011 - 19:28:56 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 13/06/2011 - 11:39:50 - [2545232885] ----D- C:\Program Files\Microsoft Encarta
O43 - CFD: 09/06/2011 - 14:31:44 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 07/10/2011 - 14:49:26 - [221531273] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/10/2011 - 10:45:30 - [31804011] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 07/10/2011 - 14:49:46 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 15/06/2011 - 11:14:12 - [248901114] ----D- C:\Program Files\Mindscape
O43 - CFD: 10/06/2011 - 15:31:50 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 05/10/2011 - 15:02:30 - [35791393] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 10/06/2011 - 17:39:12 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 09/06/2011 - 14:27:52 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 10/06/2011 - 15:31:34 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 09/06/2011 - 19:24:40 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 28/10/2011 - 17:26:02 - [0] ----D- C:\Program Files\Online Services
O43 - CFD: 10/06/2011 - 15:30:48 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 10/06/2011 - 17:39:00 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 02/11/2011 - 17:25:48 - [1668786645] ----D- C:\Program Files\RomStation
O43 - CFD: 09/06/2011 - 14:30:00 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 09/06/2011 - 16:47:10 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 05/10/2011 - 17:29:48 - [7297391] ----D- C:\Program Files\VIA
O43 - CFD: 16/06/2011 - 16:36:42 - [105968722] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/06/2011 - 19:26:18 - [3534189] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 09/06/2011 - 19:24:38 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 09/06/2011 - 14:30:04 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 11/10/2011 - 16:55:50 - [4055815] ----D- C:\Program Files\WinRAR
O43 - CFD: 09/06/2011 - 14:31:44 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 05/10/2011 - 19:28:06 - [46138] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 22/07/2011 - 10:22:10 - [31517343] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 10/06/2011 - 13:37:08 - [62253589] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 30/08/2011 - 17:16:56 - [179547] ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD: 07/10/2011 - 14:49:46 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD: 10/06/2011 - 13:16:50 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 10/06/2011 - 13:19:50 - [647168] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 13/06/2011 - 18:54:42 - [6491743] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 20/10/2011 - 15:29:48 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 09/10/2011 - 10:13:22 - [224641103] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 09/06/2011 - 14:29:12 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 09/06/2011 - 16:18:08 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 31/10/2011 - 18:17:14 - [0] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 09/06/2011 - 16:18:06 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 19/10/2011 - 12:01:26 - [0] ----D- C:\Program Files\Fichiers Communs\SpeedBit
O43 - CFD: 31/10/2011 - 18:17:14 - [0] ----D- C:\Program Files\Fichiers Communs\Steam
O43 - CFD: 31/10/2011 - 18:17:24 - [5411328] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 16/09/2011 - 17:34:38 - [19068995] ----D- C:\Documents and Settings\Fabien\Application Data\.minecraft
O43 - CFD: 22/07/2011 - 10:21:48 - [10986204] ----D- C:\Documents and Settings\Fabien\Application Data\Adobe
O43 - CFD: 10/10/2011 - 15:19:58 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\Apple Computer
O43 - CFD: 30/06/2011 - 14:45:30 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\AVS4YOU
O43 - CFD: 02/11/2011 - 18:10:14 - [3959] ----D- C:\Documents and Settings\Fabien\Application Data\Free Download Manager
O43 - CFD: 29/10/2011 - 10:32:14 - [1396] ----D- C:\Documents and Settings\Fabien\Application Data\FreeVideoConverter
O43 - CFD: 12/09/2011 - 17:06:54 - [485505] ----D- C:\Documents and Settings\Fabien\Application Data\GlarySoft
O43 - CFD: 08/07/2011 - 10:47:58 - [55254] ----D- C:\Documents and Settings\Fabien\Application Data\Google
O43 - CFD: 15/08/2011 - 13:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\Help
O43 - CFD: 26/10/2011 - 08:32:04 - [30406] ----D- C:\Documents and Settings\Fabien\Application Data\HP
O43 - CFD: 28/10/2011 - 17:23:56 - [1869] ----D- C:\Documents and Settings\Fabien\Application Data\HpUpdate
O43 - CFD: 11/06/2011 - 18:32:54 - [45] ----D- C:\Documents and Settings\Fabien\Application Data\Identities
O43 - CFD: 02/10/2011 - 11:43:16 - [512264] ----D- C:\Documents and Settings\Fabien\Application Data\Image Zone Express
O43 - CFD: 08/09/2011 - 17:47:46 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\InstallShield
O43 - CFD: 31/10/2011 - 11:26:54 - [32295] ----D- C:\Documents and Settings\Fabien\Application Data\Jetico Personal Firewall
O43 - CFD: 31/10/2011 - 19:02:16 - [4485613] ----D- C:\Documents and Settings\Fabien\Application Data\Macromedia
O43 - CFD: 30/10/2011 - 11:44:38 - [13249821] -S--D- C:\Documents and Settings\Fabien\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 16:45:36 - [17310548] ----D- C:\Documents and Settings\Fabien\Application Data\Mozilla
O43 - CFD: 22/07/2011 - 10:22:30 - [264] ----D- C:\Documents and Settings\Fabien\Application Data\omegamega
O43 - CFD: 15/06/2011 - 12:26:40 - [1602633] ----D- C:\Documents and Settings\Fabien\Application Data\OpenOffice.org
O43 - CFD: 09/10/2011 - 10:23:20 - [248] ----D- C:\Documents and Settings\Fabien\Application Data\PhotoFiltre
O43 - CFD: 25/09/2011 - 17:35:38 - [1891] ----D- C:\Documents and Settings\Fabien\Application Data\PhotoFiltre Studio X
O43 - CFD: 01/11/2011 - 18:19:38 - [53597] ----D- C:\Documents and Settings\Fabien\Application Data\QuickScan
O43 - CFD: 30/10/2011 - 11:45:32 - [21176] ----D- C:\Documents and Settings\Fabien\Application Data\Registry Mechanic
O43 - CFD: 15/10/2011 - 09:59:46 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\searchquband
O43 - CFD: 20/10/2011 - 15:12:48 - [539] ----D- C:\Documents and Settings\Fabien\Application Data\searchqutoolbar
O43 - CFD: 25/09/2011 - 10:18:50 - [770022] ----D- C:\Documents and Settings\Fabien\Application Data\SoftGrid Client
O43 - CFD: 30/06/2011 - 10:05:00 - [889507] ----D- C:\Documents and Settings\Fabien\Application Data\Sun
O43 - CFD: 30/10/2011 - 19:08:06 - [7168] ----D- C:\Documents and Settings\Fabien\Application Data\SUPERAntiSpyware.com
O43 - CFD: 23/09/2011 - 17:50:50 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\TP
O43 - CFD: 23/10/2011 - 17:03:22 - [2356] ----D- C:\Documents and Settings\Fabien\Application Data\Uniblue
O43 - CFD: 18/06/2011 - 18:40:12 - [950] ----D- C:\Documents and Settings\Fabien\Application Data\Unity
O43 - CFD: 20/10/2011 - 15:16:04 - [95092] ----D- C:\Documents and Settings\Fabien\Application Data\vlc
O43 - CFD: 18/10/2011 - 16:52:24 - [717] ----D- C:\Documents and Settings\Fabien\Application Data\widestream
O43 - CFD: 08/10/2011 - 17:56:18 - [320041] ----D- C:\Documents and Settings\Fabien\Application Data\WinRAR
O43 - CFD: 22/07/2011 - 10:19:42 - [11539588] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Adobe
O43 - CFD: 20/10/2011 - 15:43:50 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Apple
O43 - CFD: 18/06/2011 - 09:56:04 - [9571] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Apple Computer
O43 - CFD: 13/10/2011 - 15:12:26 - [7103] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 15/08/2011 - 13:56:56 - [835529] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\DOSBox
O43 - CFD: 08/10/2011 - 17:06:26 - [991306] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\FUJIFILM
O43 - CFD: 10/06/2011 - 17:20:04 - [279305747] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Google
O43 - CFD: 15/08/2011 - 13:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Help
O43 - CFD: 15/06/2011 - 10:25:06 - [596872] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Identities
O43 - CFD: 11/09/2011 - 17:11:46 - [240] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\LastPass
O43 - CFD: 02/11/2011 - 19:17:34 - [3825168] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 16:45:24 - [42431004] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla
O43 - CFD: 08/10/2011 - 17:22:36 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\PackageAware
O43 - CFD: 30/06/2011 - 09:53:02 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\PCHealth
O43 - CFD: 23/09/2011 - 17:51:16 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\SoftGrid Client
O43 - CFD: 15/06/2011 - 10:41:14 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Temp
O43 - CFD: 18/06/2011 - 18:06:48 - [11569067] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity
O43 - CFD: 18/10/2011 - 16:55:08 - [209770] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\widestream6 Air
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 03/11/2011 - 17:19:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.13001EB0A58B4DE96126B16AB15FD8CC] - 01/11/2011 - 18:24:31 ---A- . (.Real Networks, Inc - Real Networks C/C++ Runtime Library.) -- C:\WINDOWS\system32\pncrt.dll [278528]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 29/10/2011 - 10:11:36 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.9681A655BE1D8AFF0D1A352504E4AF0C] - 09/10/2011 - 18:12:27 ---A- . (...) -- C:\WINDOWS\system32\CONFIG.NT [3120]
~ Scan Files in 00mn 08s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - %windir%\system32\sessmgr.exe [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - %windir%\Network Diagnostic\xpnetdiag.exe [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [Enabled] .(.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe [Enabled] .(.Pas de propriétaire - HpqPhUnl MFC Application.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Google\Google Earth\client\googleearth.exe [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O47 - AAKE:Key Export SP - C:\Program Files\Google\Google Earth\plugin\geplugin.exe [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\plugin\geplugin.exe
O47 - AAKE:Key Export SP - C:\coktel\ADI5\TTS\SpeechCube.exe [Enabled] .(.ELAN Informatique - SPeechCube.) -- C:\coktel\ADI5\TTS\SpeechCube.exe
O47 - AAKE:Key Export SP - C:\Program Files\Gameforge4D\AirRivals\Launcher.atm [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - C:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - C:\Program Files\Internet Explorer\iexplore.exe [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - C:\Program Files\Steam\Steam.exe [Enabled] .(...) -- C:\Program Files\Steam\Steam.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Mozilla Firefox\plugin-container.exe [Enabled] .(.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
O47 - AAKE:Key Export SP - C:\Program Files\cacaoweb\cacaoweb.exe [Enabled] .(...) -- C:\Program Files\cacaoweb\cacaoweb.exe (.not file.) [Rules 43]
O47 - AAKE:Key Export SP - C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\eMule\emule.exe [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\ma-config.com\maconfservice.exe [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O47 - AAKE:Key Export SP - F:\YSFLIGHT\fsmainsvr.exe [Enabled] .(...) -- F:\YSFLIGHT\fsmainsvr.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe [Enabled] .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe [Enabled] .(.Apple Inc..) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe
O47 - AAKE:Key Export DP - %windir%\system32\sessmgr.exe [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - %windir%\Network Diagnostic\xpnetdiag.exe [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
Run by Fabien at 03/11/2011 18:47:49
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 44 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 959 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 39 GB (52%) free of 75 GB
---\\ Logged in mode
~ Computer Name: PERIERAS
~ User Name: Fabien
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Fabien, Emilie, Antoine, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\Fabien\Application Data\
~ %Desktop% : C:\Documents and Settings\Fabien\Bureau\
~ %Favorites% : C:\Documents and Settings\Fabien\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Fabien\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Fabien\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 39 Go of 75 Go)
D:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : Modified
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.03/11/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.03/11/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.7DF35C3D173E799F97F208CC5F3B1C93] - (.Microsoft Corporation - Internet Extensions for Win32.) (.03/11/2011 - 00:41:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.03/11/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/11/2011 - 14:49:54.) -- C:\WINDOWS\system32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/11/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.03/11/2011 - 20:14:21.) -- C:\WINDOWS\system32\drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.03/11/2011 - 19:40:46.) -- C:\WINDOWS\system32\drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.03/11/2011 - 02:57:38.) -- C:\WINDOWS\system32\drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.03/11/2011 - 17:36:05.) -- C:\WINDOWS\system32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.03/11/2011 - 03:00:52.) -- C:\WINDOWS\system32\drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.03/11/2011 - 19:40:58.) -- C:\WINDOWS\system32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.03/11/2011 - 19:57:15.) -- C:\WINDOWS\system32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.03/11/2011 - 20:19:42.) -- C:\WINDOWS\system32\drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.03/11/2011 - 14:29:31.) -- C:\WINDOWS\system32\drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.03/11/2011 - 20:21:00.) -- C:\WINDOWS\system32\drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.03/11/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.03/11/2011 - 03:09:40.) -- C:\WINDOWS\system32\drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.03/11/2011 - 20:19:43.) -- C:\WINDOWS\system32\drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/11/2011 - 19:32:51.) -- C:\WINDOWS\system32\drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.03/11/2011 - 02:57:34.) -- C:\WINDOWS\system32\drivers\redbook.sys [58752]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/8
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 2/4
~ Mes Documents (My Documents) : 7/280
~ Mon Bureau (My Desktop) : 1615/2894
~ Menu demarrer (Programs) : 6/21
~ Scan Hidden Files in 00mn 06s
---\\ Processus lancés
[MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768] [PID.]
[MD5.381B25DC8E958D905B33130D500BBF29] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [322120] [PID.]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.]
[MD5.2D091A99624FB9E7EEF0A86D872EC0C3] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [73728] [PID.]
[MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe [3722416] [PID.1628]
[MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\ZHPDiag\ZHPDiag.exe [696320] [PID.1924]
~ Scan Processes Running in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\prefs.js
C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\user.js (.not file.)
M3 - MFPP: Plugins - [Fabien] -- C:\Documents and Settings\Fabien\Application Data\Mozilla\Firefox\Profiles\jxvp2wpk.default\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Fabien] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Fabien - jxvp2wpk.default] https://www.google.fr/?gws_rd=ssl [Pays US - 74.125.39.103]
M2 - MFEP: prefs.js [Fabien - jxvp2wpk.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v0.9.9.99 (.Echipa R&D BitDefender.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.1.629.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Teambr<="" font="">
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 2.6.1f3.) -- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl [Pays - 74.125.39.99]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/ [Pays US - 64.4.11.160]
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19131 (longhorn_ie8_gdr.110815-1715)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL sysdm.cpl
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- (.not file.)
O3 - Toolbar: (no name) - {710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-57989841-1482476501-725345543-1006-57989841-1482476501-725345543-1005\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\accicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft FrontPage.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\misc.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\outicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\Fabien\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- C:\PROGRA~1\MICROS~3\Office10\EXCEL.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Documents and Settings\Fabien\Bureau\FDM\Free Download Manager\dlfvideo.htm
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Pays EU - 92.123.83.191]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Pays EU - 92.122.49.98]
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{BF43EE21-12F5-4440-935D-DFD43BBCB628}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 01s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: !SASWinLogon . (...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\SASWINLO.dll (.not file.)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cc925461c88f46.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RMSchedule.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{F7195E6B-2B99-40E5-9AA1-4F228B8C818E}.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Processor Driver - (.AMD.) [HKLM] -- {C151CE54-E7EA-4804-854B-F515368B0798}
O42 - Logiciel: Adibou V.3.10 (C:) - (.Pas de propriétaire.) [HKLM] -- Adibou V.3.10 (C:)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AirRivals - (.Gameforge 4D GmbH.) [HKLM] -- AirRivals_is1
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {6A3F9D74-BB80-4451-8CA1-4B3A857F1359}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler
O42 - Logiciel: Désinstaller SAS - (.Pas de propriétaire.) [HKLM] -- NiProD_StargateAtlantisSimulation
O42 - Logiciel: FUJIFILM MyFinePix Studio 1.0 - (.Pas de propriétaire.) [HKLM] -- FinePix Genie_is1
O42 - Logiciel: Glary Utilities 2.38.0.1288 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1
O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM] -- {C4E1603B-E550-4A14-8F53-4E989849D1B4}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
O42 - Logiciel: HP Extended Capabilities 5.3 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Image Zone Express - (.Hewlett-Packard.) [HKLM] -- {FE64AE29-0883-4C70-8388-DC026019C900}
O42 - Logiciel: HP Imaging Device Functions 5.3 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP PSC & OfficeJet 5.3.B - (.HP.) [HKLM] -- {5B79CFD1-6845-4158-9D7D-6BE89DF2C135}
O42 - Logiciel: HP Product Assistant - (.Hewlett-Packard.) [HKLM] -- {36FDBE6E-6684-462B-AE98-9A39A1B200CC}
O42 - Logiciel: HP Solution Center & Imaging Support Tools 5.3 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Indeo® software - (.Pas de propriétaire.) [HKLM] -- Indeo® software
O42 - Logiciel: Java(TM) 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}
O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF
O42 - Logiciel: Les dinosaures en 3D - (.Anuman Interactive.) [HKLM] -- Les dinosaures en 3D_is1
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft Office XP Professional avec FrontPage - (.Microsoft Corporation.) [HKLM] -- {9028040C-6000-11D3-8CFE-0050048383C9}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)
O42 - Logiciel: RomStation - (.RomStation.) [HKLM] -- {223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1
O42 - Logiciel: STARWARS: The Battle of Endor version 2.1 - (.Bruno R. Marcos.) [HKLM] -- STARWARS: The Battle of Endor v2.1_is1
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: VIA/S3G Display Driver - (.Pas de propriétaire.) [HKLM] -- VIA/S3G UniChrome Family Win2K/XP Display
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Xvid 1.1.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3Filter]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AhnLab]
[HKCU\Software\Analog Devices]
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\BitDefender]
[HKCU\Software\Bobyte]
[HKCU\Software\Bugsplat]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Flying-Model-Simulator]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Freeware]
[HKCU\Software\Fujifilm]
[HKCU\Software\GNU]
[HKCU\Software\Game Maker]
[HKCU\Software\Gameforge4d]
[HKCU\Software\GlarySoft]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Intel]
[HKCU\Software\Iris]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JaboSoft]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jetico]
[HKCU\Software\Ketsujin Studios]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\N64 Emulation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SearchCore for Browsers]
[HKCU\Software\SecuROM]
[HKCU\Software\Shatters.net]
[HKCU\Software\ShipStone]
[HKCU\Software\Smax4]
[HKCU\Software\Unity]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\WideStream]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\dskMetrics]
[HKCU\Software\ej-technologies]
[HKCU\Software\epsxe]
[HKCU\Software\stevengould.org]
[HKLM\Software\ASUS]
[HKLM\Software\AVAST Software]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Adobe]
[HKLM\Software\AirRivalsFR]
[HKLM\Software\Analog Devices]
[HKLM\Software\Andrea Electronics]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\AviSynth]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\Fujifilm]
[HKLM\Software\Gemplus]
[HKLM\Software\GlarySoft]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\Infogrames]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Ketsujin Studios]
[HKLM\Software\L&H]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\S3]
[HKLM\Software\SUPERAntiSpyware.com]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Sensaura]
[HKLM\Software\Staccato]
[HKLM\Software\TrendMicro]
[HKLM\Software\Trymedia Systems]
[HKLM\Software\Uniblue]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Voice]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\mozilla.org]
[HKLM\Software\optimidata]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/07/2011 - 10:22:12 - [17311253] ----D- C:\Program Files\Adobe
O43 - CFD: 11/06/2011 - 09:54:52 - [17196109] ----D- C:\Program Files\Analog Devices
O43 - CFD: 15/06/2011 - 16:55:52 - [528481161] ----D- C:\Program Files\Anuman Interactive
O43 - CFD: 20/10/2011 - 15:45:12 - [2428606] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 09/06/2011 - 19:45:06 - [168519511] ----D- C:\Program Files\AVAST Software
O43 - CFD: 01/11/2011 - 18:27:14 - [146393] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 09/10/2011 - 10:55:00 - [4174784] ----D- C:\Program Files\CCleaner
O43 - CFD: 09/06/2011 - 14:28:32 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 01/11/2011 - 18:04:38 - [4326736] ----D- C:\Program Files\Defraggler
O43 - CFD: 01/11/2011 - 18:27:52 - [0] ----D- C:\Program Files\eRightSoft
O43 - CFD: 30/10/2011 - 12:40:40 - [336877232] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 10/06/2011 - 13:39:04 - [27451644] ----D- C:\Program Files\FUJIFILM
O43 - CFD: 10/06/2011 - 11:31:32 - [3041156802] ----D- C:\Program Files\Gameforge4D
O43 - CFD: 08/10/2011 - 12:03:48 - [23221985] ----D- C:\Program Files\Glary Utilities
O43 - CFD: 10/06/2011 - 18:03:52 - [165742637] ----D- C:\Program Files\Google
O43 - CFD: 14/08/2011 - 10:09:02 - [266840694] ----D- C:\Program Files\HP
O43 - CFD: 05/10/2011 - 17:08:00 - [6716825] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/06/2011 - 15:28:42 - [2209078] ----D- C:\Program Files\Intel
O43 - CFD: 13/10/2011 - 15:09:42 - [4544104] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 20/10/2011 - 15:29:28 - [81218689] ----D- C:\Program Files\Java
O43 - CFD: 09/06/2011 - 19:28:56 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 13/06/2011 - 11:39:50 - [2545232885] ----D- C:\Program Files\Microsoft Encarta
O43 - CFD: 09/06/2011 - 14:31:44 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 07/10/2011 - 14:49:26 - [221531273] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/10/2011 - 10:45:30 - [31804011] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 07/10/2011 - 14:49:46 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 15/06/2011 - 11:14:12 - [248901114] ----D- C:\Program Files\Mindscape
O43 - CFD: 10/06/2011 - 15:31:50 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 05/10/2011 - 15:02:30 - [35791393] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 10/06/2011 - 17:39:12 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 09/06/2011 - 14:27:52 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 10/06/2011 - 15:31:34 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 09/06/2011 - 19:24:40 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 28/10/2011 - 17:26:02 - [0] ----D- C:\Program Files\Online Services
O43 - CFD: 10/06/2011 - 15:30:48 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 10/06/2011 - 17:39:00 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 02/11/2011 - 17:25:48 - [1668786645] ----D- C:\Program Files\RomStation
O43 - CFD: 09/06/2011 - 14:30:00 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 09/06/2011 - 16:47:10 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 05/10/2011 - 17:29:48 - [7297391] ----D- C:\Program Files\VIA
O43 - CFD: 16/06/2011 - 16:36:42 - [105968722] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/06/2011 - 19:26:18 - [3534189] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 09/06/2011 - 19:24:38 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 09/06/2011 - 14:30:04 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 11/10/2011 - 16:55:50 - [4055815] ----D- C:\Program Files\WinRAR
O43 - CFD: 09/06/2011 - 14:31:44 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 05/10/2011 - 19:28:06 - [46138] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 22/07/2011 - 10:22:10 - [31517343] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 10/06/2011 - 13:37:08 - [62253589] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 30/08/2011 - 17:16:56 - [179547] ----D- C:\Program Files\Fichiers Communs\AVSMedia
O43 - CFD: 07/10/2011 - 14:49:46 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD: 10/06/2011 - 13:16:50 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 10/06/2011 - 13:19:50 - [647168] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 13/06/2011 - 18:54:42 - [6491743] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 20/10/2011 - 15:29:48 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 09/10/2011 - 10:13:22 - [224641103] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 09/06/2011 - 14:29:12 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 09/06/2011 - 16:18:08 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 31/10/2011 - 18:17:14 - [0] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 09/06/2011 - 16:18:06 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 19/10/2011 - 12:01:26 - [0] ----D- C:\Program Files\Fichiers Communs\SpeedBit
O43 - CFD: 31/10/2011 - 18:17:14 - [0] ----D- C:\Program Files\Fichiers Communs\Steam
O43 - CFD: 31/10/2011 - 18:17:24 - [5411328] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 16/09/2011 - 17:34:38 - [19068995] ----D- C:\Documents and Settings\Fabien\Application Data\.minecraft
O43 - CFD: 22/07/2011 - 10:21:48 - [10986204] ----D- C:\Documents and Settings\Fabien\Application Data\Adobe
O43 - CFD: 10/10/2011 - 15:19:58 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\Apple Computer
O43 - CFD: 30/06/2011 - 14:45:30 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\AVS4YOU
O43 - CFD: 02/11/2011 - 18:10:14 - [3959] ----D- C:\Documents and Settings\Fabien\Application Data\Free Download Manager
O43 - CFD: 29/10/2011 - 10:32:14 - [1396] ----D- C:\Documents and Settings\Fabien\Application Data\FreeVideoConverter
O43 - CFD: 12/09/2011 - 17:06:54 - [485505] ----D- C:\Documents and Settings\Fabien\Application Data\GlarySoft
O43 - CFD: 08/07/2011 - 10:47:58 - [55254] ----D- C:\Documents and Settings\Fabien\Application Data\Google
O43 - CFD: 15/08/2011 - 13:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\Help
O43 - CFD: 26/10/2011 - 08:32:04 - [30406] ----D- C:\Documents and Settings\Fabien\Application Data\HP
O43 - CFD: 28/10/2011 - 17:23:56 - [1869] ----D- C:\Documents and Settings\Fabien\Application Data\HpUpdate
O43 - CFD: 11/06/2011 - 18:32:54 - [45] ----D- C:\Documents and Settings\Fabien\Application Data\Identities
O43 - CFD: 02/10/2011 - 11:43:16 - [512264] ----D- C:\Documents and Settings\Fabien\Application Data\Image Zone Express
O43 - CFD: 08/09/2011 - 17:47:46 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\InstallShield
O43 - CFD: 31/10/2011 - 11:26:54 - [32295] ----D- C:\Documents and Settings\Fabien\Application Data\Jetico Personal Firewall
O43 - CFD: 31/10/2011 - 19:02:16 - [4485613] ----D- C:\Documents and Settings\Fabien\Application Data\Macromedia
O43 - CFD: 30/10/2011 - 11:44:38 - [13249821] -S--D- C:\Documents and Settings\Fabien\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 16:45:36 - [17310548] ----D- C:\Documents and Settings\Fabien\Application Data\Mozilla
O43 - CFD: 22/07/2011 - 10:22:30 - [264] ----D- C:\Documents and Settings\Fabien\Application Data\omegamega
O43 - CFD: 15/06/2011 - 12:26:40 - [1602633] ----D- C:\Documents and Settings\Fabien\Application Data\OpenOffice.org
O43 - CFD: 09/10/2011 - 10:23:20 - [248] ----D- C:\Documents and Settings\Fabien\Application Data\PhotoFiltre
O43 - CFD: 25/09/2011 - 17:35:38 - [1891] ----D- C:\Documents and Settings\Fabien\Application Data\PhotoFiltre Studio X
O43 - CFD: 01/11/2011 - 18:19:38 - [53597] ----D- C:\Documents and Settings\Fabien\Application Data\QuickScan
O43 - CFD: 30/10/2011 - 11:45:32 - [21176] ----D- C:\Documents and Settings\Fabien\Application Data\Registry Mechanic
O43 - CFD: 15/10/2011 - 09:59:46 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\searchquband
O43 - CFD: 20/10/2011 - 15:12:48 - [539] ----D- C:\Documents and Settings\Fabien\Application Data\searchqutoolbar
O43 - CFD: 25/09/2011 - 10:18:50 - [770022] ----D- C:\Documents and Settings\Fabien\Application Data\SoftGrid Client
O43 - CFD: 30/06/2011 - 10:05:00 - [889507] ----D- C:\Documents and Settings\Fabien\Application Data\Sun
O43 - CFD: 30/10/2011 - 19:08:06 - [7168] ----D- C:\Documents and Settings\Fabien\Application Data\SUPERAntiSpyware.com
O43 - CFD: 23/09/2011 - 17:50:50 - [0] ----D- C:\Documents and Settings\Fabien\Application Data\TP
O43 - CFD: 23/10/2011 - 17:03:22 - [2356] ----D- C:\Documents and Settings\Fabien\Application Data\Uniblue
O43 - CFD: 18/06/2011 - 18:40:12 - [950] ----D- C:\Documents and Settings\Fabien\Application Data\Unity
O43 - CFD: 20/10/2011 - 15:16:04 - [95092] ----D- C:\Documents and Settings\Fabien\Application Data\vlc
O43 - CFD: 18/10/2011 - 16:52:24 - [717] ----D- C:\Documents and Settings\Fabien\Application Data\widestream
O43 - CFD: 08/10/2011 - 17:56:18 - [320041] ----D- C:\Documents and Settings\Fabien\Application Data\WinRAR
O43 - CFD: 22/07/2011 - 10:19:42 - [11539588] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Adobe
O43 - CFD: 20/10/2011 - 15:43:50 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Apple
O43 - CFD: 18/06/2011 - 09:56:04 - [9571] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Apple Computer
O43 - CFD: 13/10/2011 - 15:12:26 - [7103] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 15/08/2011 - 13:56:56 - [835529] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\DOSBox
O43 - CFD: 08/10/2011 - 17:06:26 - [991306] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\FUJIFILM
O43 - CFD: 10/06/2011 - 17:20:04 - [279305747] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Google
O43 - CFD: 15/08/2011 - 13:36:26 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Help
O43 - CFD: 15/06/2011 - 10:25:06 - [596872] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Identities
O43 - CFD: 11/09/2011 - 17:11:46 - [240] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\LastPass
O43 - CFD: 02/11/2011 - 19:17:34 - [3825168] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Microsoft
O43 - CFD: 08/09/2011 - 16:45:24 - [42431004] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Mozilla
O43 - CFD: 08/10/2011 - 17:22:36 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\PackageAware
O43 - CFD: 30/06/2011 - 09:53:02 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\PCHealth
O43 - CFD: 23/09/2011 - 17:51:16 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\SoftGrid Client
O43 - CFD: 15/06/2011 - 10:41:14 - [0] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Temp
O43 - CFD: 18/06/2011 - 18:06:48 - [11569067] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\Unity
O43 - CFD: 18/10/2011 - 16:55:08 - [209770] ----D- C:\Documents and Settings\Fabien\Local Settings\Application Data\widestream6 Air
~ Scan Program Folder in 00mn 14s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 03/11/2011 - 17:19:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.13001EB0A58B4DE96126B16AB15FD8CC] - 01/11/2011 - 18:24:31 ---A- . (.Real Networks, Inc - Real Networks C/C++ Runtime Library.) -- C:\WINDOWS\system32\pncrt.dll [278528]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 29/10/2011 - 10:11:36 ---A- . (...) -- C:\WINDOWS\system.ini [227]
O44 - LFC:[MD5.9681A655BE1D8AFF0D1A352504E4AF0C] - 09/10/2011 - 18:12:27 ---A- . (...) -- C:\WINDOWS\system32\CONFIG.NT [3120]
~ Scan Files in 00mn 08s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - %windir%\system32\sessmgr.exe [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - %windir%\Network Diagnostic\xpnetdiag.exe [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe [Enabled] .(.Hewlett-Packard Co. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe [Enabled] .(.Hewlett-Packard Co. - HP AiO Fax Manager.) -- C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe [Enabled] .(.Hewlett-Packard Co. - HP OfficeJet SendFax Interface.) -- C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hposid01.exe [Enabled] .(.Hewlett-Packard Co. - HP All-in-One Launcher Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe [Enabled] .(.Pas de propriétaire - hpqscnvw.) -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe [Enabled] .(.Hewlett-Packard - HP CUE-Scanning Flow Component.) -- C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe [Enabled] .(.Hewlett-Packard Co. - Version Test application.) -- C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe [Enabled] .(.Hewlett-Packard - HP ScanJet Copier Utility.) -- C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe [Enabled] .(.Hewlett-Packard Co. - HP Fax Setup Wizard.) -- C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe [Enabled] .(.Pas de propriétaire - HpqPhUnl MFC Application.) -- C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe
O47 - AAKE:Key Export SP - C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe [Enabled] .(.Hewlett-Packard Co. - Embedded Web Server Link application.) -- C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
O47 - AAKE:Key Export SP - C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\USB\Google Earth\client\googleearth.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Google\Google Earth\client\googleearth.exe [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\client\googleearth.exe
O47 - AAKE:Key Export SP - C:\Program Files\Google\Google Earth\plugin\geplugin.exe [Enabled] .(.Google - Google Earth.) -- C:\Program Files\Google\Google Earth\plugin\geplugin.exe
O47 - AAKE:Key Export SP - C:\coktel\ADI5\TTS\SpeechCube.exe [Enabled] .(.ELAN Informatique - SPeechCube.) -- C:\coktel\ADI5\TTS\SpeechCube.exe
O47 - AAKE:Key Export SP - C:\Program Files\Gameforge4D\AirRivals\Launcher.atm [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - C:\Program Files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe [Enabled] Clé orpheline
O47 - AAKE:Key Export SP - C:\Program Files\Internet Explorer\iexplore.exe [Enabled] .(.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O47 - AAKE:Key Export SP - C:\Program Files\Steam\Steam.exe [Enabled] .(...) -- C:\Program Files\Steam\Steam.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier (2)\rsync.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Mozilla Firefox\plugin-container.exe [Enabled] .(.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
O47 - AAKE:Key Export SP - C:\Program Files\cacaoweb\cacaoweb.exe [Enabled] .(...) -- C:\Program Files\cacaoweb\cacaoweb.exe (.not file.) [Rules 43]
O47 - AAKE:Key Export SP - C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\eMule\emule.exe [Enabled] .(...) -- C:\Documents and Settings\Fabien\Bureau\Nouveau dossier\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\ma-config.com\maconfservice.exe [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O47 - AAKE:Key Export SP - F:\YSFLIGHT\fsmainsvr.exe [Enabled] .(...) -- F:\YSFLIGHT\fsmainsvr.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe [Enabled] .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
O47 - AAKE:Key Export SP - C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe [Enabled] .(.Apple Inc..) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe
O47 - AAKE:Key Export DP - %windir%\system32\sessmgr.exe [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - %windir%\Network Diagnostic\xpnetdiag.exe [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
~ Scan Keys in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
3 nov. 2011 à 20:37
3 nov. 2011 à 20:37
Il faut lire.
https://forums.commentcamarche.net/forum/affich-23146487-un-ordinateur-un-peu-lent-a-mon-gout#4
En postant ton rapport directement sur le forum il en manque la moitié et par conséquent il m'est difficile de faire un diag fiable.....
https://forums.commentcamarche.net/forum/affich-23146487-un-ordinateur-un-peu-lent-a-mon-gout#4
En postant ton rapport directement sur le forum il en manque la moitié et par conséquent il m'est difficile de faire un diag fiable.....
