Ramnit virus
Fermé
RANAM
Messages postés
1
Date d'inscription
dimanche 3 mars 2013
Statut
Membre
Dernière intervention
4 mars 2013
-
4 mars 2013 à 08:09
Utilisateur anonyme - 4 mars 2013 à 14:12
Utilisateur anonyme - 4 mars 2013 à 14:12
Bonjour,
voici mon rapport!
Rapport de ZHPDiag v1.3.6.10 par Nicolas Coolman, Update du 3/3/2013
Run by Administrator at 3/3/2013 10:49:22 PM
State : Version à jour.
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v7.0.5730.13
MFIE: Mozilla Firefox 19.0 v19.0 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3319.0 MB (75% free)
System Restore: Activé (Enable)
System drive D: has 23 GB (57%) free of 40 GB
---\\ Logged in mode
~ Computer Name: M-PC
~ User Name: Administrator
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Guest, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : D:\
~ %AppData% : D:\Documents and Settings\Administrator\Application Data\
~ %Desktop% : D:\Documents and Settings\Administrator\Desktop\
~ %Favorites% : D:\Documents and Settings\Administrator\Favorites\
~ %LocalAppData% : D:\Documents and Settings\Administrator\Local Settings\Application Data\
~ %StartMenu% : D:\Documents and Settings\Administrator\Start Menu\
~ %Windir% : D:\WINDOWS\
~ %System% : D:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 29 Go of 195 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 40 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 38 Go of 38 Go)
F:\ Hard drive, Flash drive, Thumb drive (Free 18 Go of 195 Go)
G:\ Hard drive, Flash drive, Thumb drive (Free 213 Go of 488 Go)
H:\ Hard drive, Flash drive, Thumb drive (Free 253 Go of 518 Go)
I:\ Hard drive, Flash drive, Thumb drive (Free 8 Go of 78 Go)
J:\ Hard drive, Flash drive, Thumb drive (Free 38 Go of 77 Go)
K:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn AMs
---\\ Recherche particulière de fichiers génériques
[MD5.C0E1E7D2BEA0106E5C11D605FB0DB155] - (.Microsoft Corporation - Windows Explorer.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\Explorer.exe [1061376]
[MD5.F6589BE784647CFDBC22EA51CCB1A57A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.4/22/2008 - 4:16:29 PM.) -- D:\WINDOWS\system32\wininet.dll [826368]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Winlogon.exe [507904]
[MD5.D6EE6014241D034E63C49A50CB2B442A] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.7/12/2008 - 11:09:42 AM.) -- D:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Fips.sys [44544]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\i8042prt.sys [52480]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) (.7/12/2008 - 11:19:54 AM.) -- D:\WINDOWS\system32\Drivers\Parport.sys [80128]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.4/14/2008 - 4:02:52 AM.) -- D:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.4/13/2008 - 8:10:28 PM.) -- D:\WINDOWS\system32\Drivers\redbook.sys [57600]
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\volsnap.sys [52352]
~ Scan Generic Processes in 00mn AMs
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/5
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 2/296
~ Mon Bureau (My Desktop) : 0/106
~ Menu demarrer (Programs) : 1/40
~ Scan Hidden Files in 00mn AMs
---\\ Processus lancés
[MD5.24076AD94D10023861AFC0CF3AC9ED1E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.0.) -- D:\WINDOWS\system32\nvsvc32.exe [200704] [PID.932]
[MD5.81BEBBFFE45855B7FAF204C517FBEEF1] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [75040] [PID.1580]
[MD5.2F3F4516007C53FFAFC2CD83952DD749] - (.TuneUp Software - TuneUp Utilities Service.) -- D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1479488] [PID.1704]
[MD5.9C35926663D292CA8D656437C8F1699B] - (.Microsoft Corporation - Application Layer Gateway Service.) -- D:\WINDOWS\System32\alg.exe [72192] [PID.1596]
[MD5.B560AA8D543A7A49A537DBEEB099F539] - (.TuneUp Software - TuneUp Utilities.) -- D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe [1210688] [PID.2020]
[MD5.9C208B60AC59DFD79A0A94C4E7AEF76E] - (...) -- ystem32\RUNDLL32.exe [0] [PID.1260]
[MD5.EA2EA1517636850C6A6A2C46D086EFD7] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\RTHDCPL.exe [17731028] [PID.1516]
[MD5.4C246F1B20E44FAD2DE2D98F28995C4F] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe [1080320] [PID.2544]
[MD5.7D0068E2EEF712A867E59865ED9C4CFF] - (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe [3565432] [PID.1384]
[MD5.7F94B176894562512A375F0A98A118E9] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- D:\Program Files\Ralink\Common\RaUI.exe [1691648] [PID.3668]
[MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- D:\Program Files\Internet Download Manager\IEMonitor.exe [268248] [PID.4000]
[MD5.42654F3CBBB12730F996967CED5117F7] - (.Google Inc. - Google Update Setup.) -- D:\Program Files\Google\GoogleUpdateSetup_latest.exe [731288] [PID.2804]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- D:\Documents and Settings\Administrator\Local Settings\Temp\GUM85.tmp\GoogleUpdate.exe [136176] [PID.1452]
[MD5.836F74239BD9ACEA6BADDD26DE280B4F] - (.Microsoft Corporation - Windows® installer.) -- D:\WINDOWS\system32\msiexec.exe [123392] [PID.4032]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- D:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.1452]
[MD5.C5EB146676B04AA9865F41BE2C2B8BD9] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [5747200] [PID.1712]
~ Scan Processes Running in 01mn AMs
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bgcvr527.default\prefs.js
D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bgcvr527.default\user.js
M3 - MFPP: Plugins - [Administrator] -- D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bgcvr527.default\searchplugins\myplaycity.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Administrator - bgcvr527.default] http://start.myplaycity.com/
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- D:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- D:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn AMs
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn AMs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn AMs
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=d:\windows\system32\userinit.exe,,d:\program files\microsoft\watermark.exe
F2 - REG:system.ini: Shell=D:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn AMs
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn AMs
~ Nombre de lignes (Lines number): 19
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- D:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- D:\Program Files\Microsoft Office\Office14\URLREDIR.dll
~ Scan BHO in 00mn AMs
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- D:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- D:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- D:\WINDOWS\ALCMTR.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1275210071-1770027372-1801674531-500\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1275210071-1770027372-1801674531-500\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1275210071-1770027372-1801674531-500\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
~ Scan Application in 00mn AMs
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: Adobe Reader 9.lnk . (.Adobe Systems Incorporated.) -- D:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
O4 - GS\Desktop: ALLConverter PRO.lnk . (.ALLCinema Ltd..) -- D:\Program Files\ALLConverter PRO\ALLConverterPro.exe
O4 - GS\Desktop: Applian FLV Player.lnk . (...) -- D:\Program Files\FLV Player\FLVPlayer.exe
O4 - GS\Desktop: Ashampoo Burning Studio 2010.lnk . (...) -- D:\Program Files\Ashampoo\Ashampoo Burning Studio 2010\burningstudio2010.exe
O4 - GS\Desktop: Canon MF Toolbox 4.9.lnk . (.CANON INC..) -- D:\Program Files\Canon\MF Toolbox Ver4.9\MFTBOX.exe
O4 - GS\Desktop: CCleaner.lnk . (.Piriform Ltd.) -- D:\Program Files\CCleaner\CCleaner.exe
O4 - GS\Desktop: Go to WWW.THE-PAGE.COM.lnk . (.Piriform Ltd.) -- D:\Documents and Settings\All Users\Application Data\page\page.URL
O4 - GS\Desktop: MBRCheck.lnk . (...) -- D:\Program Files\ZHPDiag\mbrcheck.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation.) -- D:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: TuneUp Maintenance en 1 clic.lnk . (.TuneUp Software.) -- D:\Program Files\TuneUp Utilities 2012\OneClick.exe
O4 - GS\Desktop: TuneUp Utilities 2012.lnk . (.TuneUp Software.) -- D:\Program Files\TuneUp Utilities 2012\Integrator.exe
O4 - GS\Desktop: VLC media player.lnk . (...) -- D:\Program Files\VideoLAN\VLC\vlc.exe
O4 - GS\Desktop: ZHPDiag.lnk . (.Nicolas Coolman.) -- D:\Program Files\ZHPDiag\ZHPhep.exe
O4 - GS\Desktop: ZHPFix.lnk . (.Nicolas Coolman.) -- D:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe
O4 - GS\Desktop: Billiard Art.lnk . (...) -- D:\Program Files\MyPlayCity.com\Billiard Art\Billiard Art.exe
O4 - GS\Desktop: EasyRecovery Professional.lnk . (.Ontrack Data Recovery Inc..) -- D:\Program Files\Ontrack\EasyRecovery Professional\EasyRecovery.exe
O4 - GS\Desktop: MyPlayCity Games.lnk . (...) -- D:\Program Files\MyPlayCity.com\Billiard Art\MyPlayCity.url
O4 - GS\Desktop: Play Online Games.lnk . (...) -- D:\Program Files\MyPlayCity.com\Billiard Art\PlayOnlineGames.url
~ Scan Global Startup in 00mn AMs
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- D:\Program Files\MICROS~3\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- D:\Program Files\MICROS~3\Office14\ONBTTN~1.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- D:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn AMs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- D:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- D:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- D:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn AMs
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ Scan IE Paramètres WEB in 00mn AMs
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpDomain = Belkin
O17 - HKLM\System\CS1\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpDomain = Belkin
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Scan Domain in 00mn AMs
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- D:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn AMs
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- D:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- D:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- D:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- D:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- D:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn AMs
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- D:\WINDOWS\system32\webcheck.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- D:\WINDOWS\system32\wpdshserviceobj.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- D:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn AMs
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Browseui preloader - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- D:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn AMs
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.0.) - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
~ Scan Services in 01mn AMs
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: My Current Home Page - file:About:Home
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - D:\WINDOWS\web\wallpaper\Bliss.bmp
O24 - Desktop General: WallPaper - .(...) - D:\WINDOWS\web\wallpaper\Bliss.bmp
~ Scan Desktop Component in 00mn AMs
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn AMs
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.9942DC4CC265CDA00486504444EF521D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe
~ Scan Scheduled Task in 00mn AMs
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- D:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utility.) -- D:\WINDOWS\inf\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- D:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- D:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- D:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Outlook Express Setup Library.) -- D:\Program Files\Outlook Express\setup50.exe
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- D:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- D:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- D:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- D:\WINDOWS\INF\wmp.inf
O40 - ASIC: Address Book 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Outlook Express Setup Library.) -- D:\Program Files\Outlook Express\setup50.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r88.) -- D:\WINDOWS\system32\Macromed\Flash\Flash6.ocx
O40 - ASIC: Installed Component - S-1-5-21-1275210071-1770027372-1801674531-500 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID
O40 - ASIC: Installed Component - S-1-5-21-1275210071-1770027372-1801674531-500 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Scan Active Setup in 00mn AMs
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - D:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - D:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - i8042 Port Driver.) - D:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (IDMTDI) . (.Tonec Inc. - Internet Download Manager TDI Driver.) - D:\WINDOWS\system32\DRIVERS\idmtdi.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - D:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - D:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - D:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - D:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - D:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - D:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - D:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - D:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - D:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - D:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - D:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - D:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - D:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - D:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - D:\WINDOWS\system32\DRIVERS\wmiacpi.sys
O41 - Driver: Windows Socket 2.0 Non-IFS Service Provider Support Environment (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - D:\WINDOWS\system32\drivers\ws2ifsl.sys
~ Scan Drivers in 00mn AMs
---\\ Logiciels installés (O42)
O42 - Logiciel: ALLConverter PRO 1.1 - (.ALLCinema, Inc..) [HKLM] -- {9370105C-71BB-4FF9-A85B-36D79B95457A}_is1
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A90000000001}
O42 - Logiciel: Applian FLV Player - (.Applian Technologies Inc..) [HKLM] -- Applian FLV Player2.0.24
O42 - Logiciel: Ashampoo Burning Studio 2010 - (.ashampoo GmbH & Co. KG.) [HKLM] -- Ashampoo Burning Studio 2010_is1
O42 - Logiciel: Billiard Art - (.MyPlayCity, Inc..) [HKLM] -- Billiard Art_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon MF Toolbox 4.9.1.1.mf11 - (.Canon Inc..) [HKLM] -- {6767DFEE-8909-453A-B553-C7693912B2EB}
O42 - Logiciel: Canon MF4400 Series - (.Canon Inc..) [HKLM] -- {4129CA8E-7E75-4eee-BAE5-AA7707AA7708}
O42 - Logiciel: EasyRecovery Professional - (.Ontrack Data Recovery, Inc..) [HKLM] -- InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Windows XP (KB942288-v3) - (.Microsoft Corporation.) [HKLM] -- KB942288-v3
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: Mozilla Firefox 19.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 19.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O42 - Logiciel: Pro Evolution Soccer 2013 - (.KONAMI.) [HKLM] -- {C2523AE6-F335-4D0B-BC15-1C07E4ACE629}
O42 - Logiciel: Ralink RT2870 Wireless LAN Card - (.Ralink.) [HKLM] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for Windows Internet Explorer 7 (KB950759) - (.Microsoft Corporation.) [HKLM] -- KB950759-IE7
O42 - Logiciel: Security Update for Windows XP (KB923789) - (.Microsoft Corporation.) [HKLM] -- KB923789
O42 - Logiciel: Security Update for Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569
O42 - Logiciel: Security Update for Windows XP (KB950760) - (.Microsoft Corporation.) [HKLM] -- KB950760
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2
O42 - Logiciel: TuneUp Utilities 2012 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2012
O42 - Logiciel: Update for Windows XP (KB898461) - (.Microsoft Corporation.) [HKLM] -- KB898461
O42 - Logiciel: VideoLAN VLC media player 0.8.6d - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALLConverter PRO]
[HKCU\Software\Adobe]
[HKCU\Software\Ashampoo]
[HKCU\Software\Binary Noise]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Media Research Group]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Ontrack]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Ashampoo]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\KONAMI]
[HKLM\Software\MDC]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Ontrack]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RALINK]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Swearware]
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn AMs
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2/20/2013 - 10:37:27 AM - [230.873] ----D D:\Program Files\Adobe
O43 - CFD: 2/20/2013 - 7:26:31 AM - [117.667] ----D D:\Program Files\AGEIA Technologies
O43 - CFD: 2/22/2013 - 11:53:06 PM - [17.130] ----D D:\Program Files\ALLConverter PRO
O43 - CFD: 2/20/2013 - 10:38:09 AM - [74.580] ----D D:\Program Files\Ashampoo
O43 - CFD: 2/27/2013 - 3:27:01 AM - [15.481] ----D D:\Program Files\Canon
O43 - CFD: 3/3/2013 - 10:44:17 PM - [5.085] ----D D:\Program Files\CCleaner
O43 - CFD: 2/26/2013 - 10:31:33 AM - [258.981] ----D D:\Program Files\Common Files
O43 - CFD: 2/20/2013 - 7:09:21 AM - [0] ----D D:\Program Files\ComPlus Applications
O43 - CFD: 2/20/2013 - 7:46:00 AM - [1.977] ----D D:\Program Files\FLV Player
O43 - CFD: 3/3/2013 - 10:41:07 PM - [4.530] ----D D:\Program Files\Google
O43 - CFD: 2/28/2013 - 11:00:06 PM - [6.908] --H-D D:\Program Files\InstallShield Installation Information
O43 - CFD: 2/20/2013 - 11:06:03 AM - [12.718] ----D D:\Program Files\Internet Download Manager
O43 - CFD: 2/20/2013 - 7:10:42 AM - [3.145] ----D D:\Program Files\Internet Explorer
O43 - CFD: 2/20/2013 - 7:35:52 AM - [2014.035] ----D D:\Program Files\KONAMI
O43 - CFD: 2/20/2013 - 7:08:57 AM - [2.265] ----D D:\Program Files\Messenger
O43 - CFD: 2/22/2013 - 7:44:31 AM - [0.174] ----D D:\Program Files\Microsoft
O43 - CFD: 2/26/2013 - 10:29:06 AM - [38.002] ----D D:\Program Files\Microsoft Analysis Services
O43 - CFD: 2/20/2013 - 7:13:09 AM - [0] ----D D:\Program Files\microsoft frontpage
O43 - CFD: 2/26/2013 - 10:31:22 AM - [953.935] ----D D:\Program Files\Microsoft Office
O43 - CFD: 2/26/2013 - 10:31:22 AM - [0.757] ----D D:\Program Files\Microsoft Sync Framework
O43 - CFD: 2/20/2013 - 7:10:33 AM - [9.836] ----D D:\Program Files\Movie Maker
O43 - CFD: 3/1/2013 - 10:01:11 AM - [45.055] ----D D:\Program Files\Mozilla Firefox
O43 - CFD: 3/2/2013 - 12:34:33 AM - [0.212] ----D D:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2/26/2013 - 10:31:54 AM - [0.001] ----D D:\Program Files\MSBuild
O43 - CFD: 2/20/2013 - 7:08:11 AM - [21.171] ----D D:\Program Files\MSN
O43 - CFD: 2/20/2013 - 7:08:51 AM - [8.495] ----D D:\Program Files\MSN Gaming Zone
O43 - CFD: 3/3/2013 - 9:54:45 AM - [30.987] ----D D:\Program Files\MyPlayCity.com
O43 - CFD: 2/20/2013 - 7:10:49 AM - [3.539] ----D D:\Program Files\NetMeeting
O43 - CFD: 2/20/2013 - 7:26:18 AM - [0.957] ----D D:\Program Files\NVIDIA Corporation
O43 - CFD: 2/20/2013 - 7:09:08 AM - [0.003] ----D D:\Program Files\Online Services
O43 - CFD: 2/28/2013 - 10:59:54 PM - [81.412] ----D D:\Program Files\Ontrack
O43 - CFD: 2/20/2013 - 7:10:45 AM - [4.255] ----D D:\Program Files\Outlook Express
O43 - CFD: 2/20/2013 - 10:14:35 AM - [34.456] ----D D:\Program Files\Ralink
O43 - CFD: 2/20/2013 - 7:41:49 AM - [63.062] ----D D:\Program Files\Realtek
O43 - CFD: 2/20/2013 - 7:46:35 AM - [1.229] ----D D:\Program Files\SuperCopier2
O43 - CFD: 3/1/2013 - 12:21:42 AM - [82.786] ----D D:\Program Files\TuneUp Utilities 2012
O43 - CFD: 2/20/2013 - 7:23:46 AM - [0] --H-D D:\Program Files\Uninstall Information
O43 - CFD: 2/20/2013 - 7:45:12 AM - [36.809] ----D D:\Program Files\VideoLAN
O43 - CFD: 2/20/2013 - 7:09:01 AM - [4.177] ----D D:\Program Files\Windows Media Connect 2
O43 - CFD: 2/20/2013 - 7:12:20 AM - [10.262] ----D D:\Program Files\Windows Media Player
O43 - CFD: 2/20/2013 - 7:08:40 AM - [3.841] ----D D:\Program Files\Windows NT
O43 - CFD: 2/20/2013 - 7:11:27 AM - [0] --H-D D:\Program Files\WindowsUpdate
O43 - CFD: 2/20/2013 - 7:46:15 AM - [5.276] ----D D:\Program Files\WinRAR
O43 - CFD: 2/20/2013 - 7:13:09 AM - [0] ----D D:\Program Files\xerox
O43 - CFD: 3/3/2013 - 10:49:24 PM - [15.357] ----D D:\Program Files\ZHPDiag
O43 - CFD: 2/20/2013 - 10:37:34 AM - [4.387] ----D D:\Program Files\Common Files\Adobe
O43 - CFD: 2/26/2013 - 10:31:33 AM - [0.095] ----D D:\Program Files\Common Files\DESIGNER
O43 - CFD: 3/3/2013 - 8:49:15 AM - [5.427] ----D D:\Program Files\Common Files\InstallShield
O43 - CFD: 3/3/2013 - 10:28:51 PM - [204.828] ----D D:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 2/20/2013 - 7:10:43 AM - [0.271] ----D D:\Program Files\Common Files\MSSoap
O43 - CFD: 2/19/2013 - 10:57:04 PM - [0] ----D D:\Program Files\Common Files\ODBC
O43 - CFD: 2/20/2013 - 7:10:48 AM - [0.008] ----D D:\Program Files\Common Files\Services
O43 - CFD: 2/19/2013 - 10:57:01 PM - [3.612] ----D D:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2/26/2013 - 10:29:42 AM - [7.803] ----D D:\Program Files\Common Files\System
O43 - CFD: 2/20/2013 - 7:26:26 AM - [32.551] ----D D:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 3/3/2013 - 10:34:44 PM - [148.746] R-H-D D:\Documents and Settings\All Users\Application Data
O43 - CFD: 3/3/2013 - 10:48:56 PM - [0.017] ----D D:\Documents and Settings\All Users\Desktop
O43 - CFD: 2/20/2013 - 7:09:47 AM - [1.606] R---D D:\Documents and Settings\All Users\Documents
O43 - CFD: 2/24/2013 - 11:57:38 PM - [0.139] -SH-D D:\Documents and Settings\All Users\DRM
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0] ----D D:\Documents and Settings\All Users\Favorites
O43 - CFD: 2/26/2013 - 10:31:22 AM - [2.375] ----D D:\Documents and Settings\All Users\Microsoft
O43 - CFD: 2/20/2013 - 7:14:31 AM - [0.207] R---D D:\Documents and Settings\All Users\Start Menu
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0] --H-D D:\Documents and Settings\All Users\Templates
O43 - CFD: 2/21/2013 - 12:39:52 AM - [0.306] ----D D:\Documents and Settings\Administrator\Application Data\Adobe
O43 - CFD: 2/27/2013 - 3:08:40 AM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Canon
O43 - CFD: 3/2/2013 - 9:55:59 AM - [0.020] ----D D:\Documents and Settings\Administrator\Application Data\DMCache
O43 - CFD: 2/28/2013 - 11:46:05 PM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Help
O43 - CFD: 2/20/2013 - 7:23:48 AM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Identities
O43 - CFD: 3/3/2013 - 9:05:58 AM - [25.504] ----D D:\Documents and Settings\Administrator\Application Data\IDM
O43 - CFD: 2/20/2013 - 10:14:22 AM - [0] ----D D:\Documents and Settings\Administrator\Application Data\InstallShield
O43 - CFD: 2/20/2013 - 10:52:48 AM - [0.048] ----D D:\Documents and Settings\Administrator\Application Data\Macromedia
O43 - CFD: 3/3/2013 - 10:34:49 PM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Malwarebytes
O43 - CFD: 2/27/2013 - 12:28:08 PM - [5.442] -S--D D:\Documents and Settings\Administrator\Application Data\Microsoft
O43 - CFD: 2/20/2013 - 9:25:11 AM - [16.732] ----D D:\Documents and Settings\Administrator\Application Data\Mozilla
O43 - CFD: 3/1/2013 - 12:21:32 AM - [0.042] ----D D:\Documents and Settings\Administrator\Application Data\TuneUp Software
O43 - CFD: 2/20/2013 - 7:45:29 AM - [0.338] ----D D:\Documents and Settings\Administrator\Application Data\vlc
O43 - CFD: 2/20/2013 - 9:27:28 AM - [0.000] ----D D:\Documents and Settings\Administrator\Application Data\WinRAR
O43 - CFD: 2/21/2013 - 12:40:24 AM - [0.356] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
O43 - CFD: 2/22/2013 - 11:53:07 PM - [0.026] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\ALLConverter
O43 - CFD: 3/3/2013 - 10:41:07 PM - [0] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Google
O43 - CFD: 2/28/2013 - 11:46:05 PM - [0] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Help
O43 - CFD: 2/27/2013 - 3:56:07 AM - [2.892] -S--D D:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
O43 - CFD: 2/26/2013 - 10:28:40 AM - [0] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
O43 - CFD: 2/20/2013 - 9:24:55 AM - [36.214] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
O43 - CFD: 2/20/2013 - 7:12:27 AM - [0.014] R---D D:\WINDOWS\system32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0.000] R---D D:\WINDOWS\system32\Config\systemprofile\Start Menu\Programs\Startup
O43 - CFD: 2/20/2013 - 7:23:59 AM - [0.016] R---D D:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
O43 - CFD: 3/3/2013 - 12:41:58 PM - [0.000] R---D D:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
O43 - CFD: 2/28/2013 - 10:59:57 PM - [0.005] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\EasyRecovery Professional
O43 - CFD: 2/20/2013 - 10:53:47 AM - [0.004] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0.000] R---D D:\Documents and Settings\Administrator\Start Menu\Programs\Startup
O43 - CFD: 2/20/2013 - 7:46:35 AM - [0.006] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\SuperCopier2
O43 - CFD: 2/20/2013 - 7:46:16 AM - [0.002] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
~ Scan Program Folder in 03mn AMs
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0B8DADFFC3D9AD3E36885E4EB889961D] - 1/22/2010 - 7:36:10 PM ---A- . (...) -- D:\WINDOWS\system32\CNCMFP38.INI [375]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/19/2013 - 10:55:55 PM ---A- . (...) -- D:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.060110976C713D49CEFEE9A7291CE9D7] - 2/19/2013 - 10:56:37 PM ---A- . (.Digi International - DGSETUP DLL.) -- D:\WINDOWS\system32\dgsetup.dll [85020]
O44 - LFC:[MD5.1E8F9818D695F8759B125EE146BEB935] - 2/19/2013 - 10:56:37 PM ---A- . (.Digi International, Inc. - Digi RealPort® Driver Upgrade.) -- D:\WINDOWS\system32\dgrpsetu.dll [176157]
O44 - LFC:[MD5.5726CB81771655731D011ABD878CB65D] - 2/19/2013 - 10:56:37 PM ---A- . (.Equinox Systems Inc. - Equinox Multiport Serial Coinstaller.) -- D:\WINDOWS\system32\EqnClass.Dll [103424]
O44 - LFC:[MD5.1C3C9B5B42A50D2D86CAF2EC05D34B3C] - 2/19/2013 - 10:56:37 PM ---A- . (.Perle Systems Ltd. - Specialix MPS NT Upgrade CoInstaller.) -- D:\WINDOWS\system32\spxcoins.dll [24661]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/19/2013 - 11:00:05 PM ---A- . (...) -- D:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 2/19/2013 - 11:02:43 PM ---A- . (...) -- D:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.483A09C788FC61764AD47F9640319E3A] - 2/19/2013 - 11:02:47 PM ---A- . (...) -- D:\WINDOWS\regopt.log [2088]
O44 - LFC:[MD5.BC343A236F85F122AE7A7E5B95D4641B] - 2/19/2013 - 11:03:03 PM ---A- . (...) -- D:\WINDOWS\system32\pid.PNF [4444]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/19/2013 - 11:04:46 PM ---A- . (...) -- D:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.EE5AD71A1F576D4D58D8D014560EB856] - 2/20/2013 - 10:14:33 AM ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- D:\WINDOWS\system32\Drivers\rt2870.sys [709248]
O44 - LFC:[MD5.1CACB5B36EBF33502046742C4F6D66C7] - 2/20/2013 - 10:14:33 AM ---A- . (.Ralink Technology, Inc. - Ralink CoInstaller Dynamic Link Library.) -- D:\WINDOWS\system32\RaCoInst.dll [221184]
O44 - LFC:[MD5.023867B6606FBABCDD52E089C4A507DA] - 2/20/2013 - 10:14:35 AM ---A- . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- D:\WINDOWS\system32\Drivers\AegisP.sys [21361]
O44 - LFC:[MD5.01BFB5DFA33D1CE4C33D048C6EFC1A3B] - 2/20/2013 - 10:14:35 AM ---A- . (.Pas de propriétaire - AegisInstall MFC Application.) -- D:\WINDOWS\system32\AegisI5Installer.exe [405504]
O44 - LFC:[MD5.8029855C327BFFE7300A782ABCCE1544] - 2/20/2013 - 10:14:48 AM ---A- . (.Ralink Technology, Corp. - Ralink RAPI Protocol DLL.) -- D:\WINDOWS\system32\RAPI.dll [315510]
O44 - LFC:[MD5.A8112CE91F7D805FDAF3BFC7165C3F56] - 2/20/2013 - 10:14:48 AM ---A- . (.The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library.) -- D:\WINDOWS\system32\libeay32.dll [1093632]
O44 - LFC:[MD5.9EA23B8FF133916CD0FD5F8E3F9EA872] - 2/20/2013 - 10:14:48 AM ---A- . (.The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library.) -- D:\WINDOWS\system32\ssleay32.dll [200704]
O44 - LFC:[MD5.D4AD1316E07B86AE34C33C02DC12F35D] - 2/20/2013 - 7:05:24 AM ---A- . (...) -- D:\WINDOWS\cmsetacl.log [200]
O44 - LFC:[MD5.277BDF16A94BE0D063988D692541650B] - 2/20/2013 - 7:08:10 AM ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- D:\WINDOWS\system32\hypertrm.dll [347136]
O44 - LFC:[MD5.F759A6E14403BC3D7A55CCAD1B8F7B4A] - 2/20/2013 - 7:08:40 AM ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- D:\WINDOWS\system32\hticons.dll [44544]
O44 - LFC:[MD5.631F027116ECCCA763F97322A6D919CC] - 2/20/2013 - 7:09:13 AM ---A- . (...) -- D:\WINDOWS\DtcInstall.log [130]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 2/20/2013 - 7:09:19 AM ---A- . (...) -- D:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 2/20/2013 - 7:09:19 AM ---A- . (...) -- D:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.1BC12C540E59E56A958984B4845BBEF9] - 2/20/2013 - 7:09:29 AM ---A- . (...) -- D:\WINDOWS\system32\emptyregdb.dat [21640]
O44 - LFC:[MD5.DADB3267CF9AA47E7EF8BBF043FBC4B8] - 2/20/2013 - 7:09:46 AM ---A- . (...) -- D:\WINDOWS\sessmgr.setup.log [1022]
O44 - LFC:[MD5.0C56AFBBDFA19694CA03F159A5724EA6] - 2/20/2013 - 7:10:04 AM ---A- . (.Intel Corporation - ISR Debug 32-bit Engine.) -- D:\WINDOWS\system32\isrdbg32.dll [32768]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\cdplayer.exe.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2/20/2013 - 7:11:33 AM R-HA- . (...) -- D:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2/20/2013 - 7:11:33 AM R-HA- . (...) -- D:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.4E4D168738692D3F3D2BA4BFA3A40AC0] - 2/20/2013 - 7:12:08 AM ---A- . (...) -- D:\WINDOWS\ODBCINST.INI [4161]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2/20/2013 - 7:12:16 AM ---A- . (...) -- D:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 2/20/2013 - 7:12:17 AM ---A- . (...) -- D:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 2/20/2013 - 7:12:17 AM ---A- . (...) -- D:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/20/2013 - 7:12:21 AM ---A- . (...) -- D:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 2/20/2013 - 7:12:21 AM ---A- . (...) -- D:\WINDOWS\system32\CONFIG.NT [2577]
O44 - LFC:[MD5.E6E7AD4541A6E3D3C69FA2C4753B085D] - 2/20/2013 - 7:12:31 AM ---A- . (...) -- D:\WINDOWS\KB950760.log [7160]
O44 - LFC:[MD5.691BD2824D0ACB4630B0CD31A7991FC1] - 2/20/2013 - 7:12:39 AM ---A- . (...) -- D:\WINDOWS\KB898461.log [8554]
O44 - LFC:[MD5.D0C75FBA349638A4B87D3743BD34D6CF] - 2/20/2013 - 7:12:57 AM ---A- . (...) -- D:\WINDOWS\KB950759-IE7.log [17246]
O44 - LFC:[MD5.380F01D82961CB2C2F570E8921A666C2] - 2/20/2013 - 7:13:02 AM ---A- . (...) -- D:\WINDOWS\KB941569.log [8496]
O44 - LFC:[MD5.C4A9EC1648BC1FE63A00645DFF1D69D9] - 2/20/2013 - 7:14:31 AM ---A- . (...) -- D:\WINDOWS\system32\$winnt$.inf [261]
O44 - LFC:[MD5.B03D1B62D6A82A4D8A196001A8A068E3] - 2/20/2013 - 7:14:34 AM ---A- . (...) -- D:\WINDOWS\imsins.BAK [4382]
O44 - LFC:[MD5.2D3E36CEA965FE95226A5BEB70F36ECA] - 2/20/2013 - 7:14:34 AM ---A- . (...) -- D:\WINDOWS\setuplog.txt [799204]
O44 - LFC:[MD5.FC09793982B286AF9AB8A5E6B9D76046] - 2/20/2013 - 7:15:31 AM ---A- . (...) -- D:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.7AEFB1F4DD5F27574E56375059EDA0B8] - 2/20/2013 - 7:23:54 AM ---A- . (...) -- D:\WINDOWS\OEWABLog.txt [833]
O44 - LFC:[MD5.1AAA5C3A139A48BF28DC3EE0A3B278B4] - 2/20/2013 - 7:36:06 AM ---A- . (...) -- D:\WINDOWS\DirectX.log [64712]
O44 - LFC:[MD5.8BE82B45F91630CA01E62098B303D6C7] - 2/20/2013 - 7:41:46 AM ---A- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) -- D:\WINDOWS\RtlExUpd.dll [901597]
O44 - LFC:[MD5.AF8C5DB1AEF03F72721AA70D446C9DC0] - 2/20/2013 - 7:41:49 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- D:\WINDOWS\ALCMTR.EXE [459127]
O44 - LFC:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 2/20/2013 - 7:41:50 AM ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- D:\WINDOWS\system32\Drivers\Ambfilt.sys [1684736]
O44 - LFC:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 2/20/2013 - 7:41:50 AM ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- D:\WINDOWS\system32\Drivers\Monfilt.sys [1389056]
O44 - LFC:[MD5.EB8BA7A5B00EDA934C87FDF4C56B12A9] - 2/20/2013 - 7:41:50 AM ---A- . (.RealTek Semicoductor Corp. - RealTek AlcWzrd Application.) -- D:\WINDOWS\ALCWZRD.EXE [3210155]
O44 - LFC:[MD5.D51E4B761E60F25A78AB772E5A3394E3] - 2/20/2013 - 7:41:50 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Audio Microphone Calibration.) -- D:\WINDOWS\MicCal.exe [2568105]
O44 - LFC:[MD5.EA2EA1517636850C6A6A2C46D086EFD7] - 2/20/2013 - 7:41:50 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\RTHDCPL.EXE [17731028]
O44 - LFC:[MD5.69D35A701D4636CD5FBCFA1FF1DEC5B3] - 2/20/2013 - 7:41:50 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\system32\ALSNDMGR.CPL [278528]
O44 - LFC:[MD5.0B9868B24366D37CF827EEF4B95BC030] - 2/20/2013 - 7:41:51 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Coinstaller.) -- D:\WINDOWS\system32\RtkCoInstXP.dll [406381]
O44 - LFC:[MD5.19D3781892A3794672CD1962F3D8D3B8] - 2/20/2013 - 7:41:51 AM ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- D:\WINDOWS\system32\Drivers\RtkHDAud.sys [4942336]
O44 - LFC:[MD5.868CEFE2304FE894F1367CCFDC716435] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Driver Update and remove for Windows x64 or.) -- D:\WINDOWS\RtlUpd.exe [1601995]
O44 - LFC:[MD5.7668E4C096516EE85367C9B373568CF0] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Audio Control Panel.) -- D:\WINDOWS\RTLCPL.EXE [10115997]
O44 - LFC:[MD5.67BFF4E0D4335DF09A298AE4A52D74E5] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\system32\RTSndMgr.CPL [266240]
O44 - LFC:[MD5.A4FB27FC01988362DEEB6BDC2273AC93] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- D:\WINDOWS\SOUNDMAN.EXE [479671]
O44 - LFC:[MD5.58857FA351DAEAA7FED34E1C906794D9] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- D:\WINDOWS\SkyTel.exe [2228661]
O44 - LFC:[MD5.6D0634CEBBFF7F428DD816706F5AA1FB] - 2/20/2013 - 7:44:14 AM ---A- . (...) -- D:\WINDOWS\system32\BuzzingBee.wav [146650]
O44 - LFC:[MD5.E2FA75ADE398C9A44815B11CC141105C] - 2/20/2013 - 7:44:14 AM ---A- . (...) -- D:\WINDOWS\system32\LoopyMusic.wav [940794]
O44 - LFC:[MD5.488090449877FB7F9C2AFF9EBF6689DA] - 2/20/2013 - 9:23:38 AM ---A- . (.Ralink Technology, Corp. - Ralink RAPI Protocol Driver.) -- D:\WINDOWS\system32\Drivers\RAPIProtocol.sys [16512]
O44 - LFC:[MD5.64F1DE20A7DF74CB35D0FA9E9C318A6F] - 2/21/2013 - 10:08:41 PM ---A- . (...) -- D:\WINDOWS\Explorermgr.exe [182784]
O44 - LFC:[MD5.95AF1A1D15C17229B3ED6CA942AF584B] - 2/22/2013 - 10:22:04 PM ---A- . (...) -- D:\WINDOWS\setupact.log [183327]
O44 - LFC:[MD5.FF2530C8C1261910C06F3F97737D3435] - 2/24/2013 - 11:57:38 PM ---A- . (...) -- D:\WINDOWS\wmsetup.log [5275]
O44 - LFC:[MD5.F23AA3AFB7B5F2E7D159E833A452C05A] - 2/26/2013 - 10:29:43 AM ---A- . (...) -- D:\WINDOWS\win.ini [582]
O44 - LFC:[MD5.5A53496FE58D1F96F6D2882C1EB5D5A8] - 2/26/2013 - 12:29:09 PM ---A- . (...) -- D:\WINDOWS\system32\FNTCACHE.DAT [264616]
O44 - LFC:[MD5.800D8416E67FF0E16DFB4BE05876EB20] - 2/27/2013 - 3:06:13 AM ---A- . (.CANON INC. - WIA Scanner Driver dll for ScanGear MF.) -- D:\WINDOWS\system32\CNCC4400.DLL [303104]
O44 - LFC:[MD5.71C00BB86FCB8B2B8D0176CB759F3C2D] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - ACTif command generation.) -- D:\WINDOWS\system32\CNCLSC38b.DLL [94208]
O44 - LFC:[MD5.1CF137A95A0BADE1CB70A20177EDA4D6] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - Exposed API to the MFP Scanner Interface.) -- D:\WINDOWS\system32\CNCLSD38b.DLL [135168]
O44 - LFC:[MD5.C75C48FE4576158F0E8EE76D6D1D96BC] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - Exposed API to the MFP TransPort.) -- D:\WINDOWS\system32\CNCLST38b.DLL [102400]
O44 - LFC:[MD5.D5C1101C675EEABF760B3259FE710F00] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - Exposed API to the MP Interface.) -- D:\WINDOWS\system32\CNCLSI38b.DLL [102400]
O44 - LFC:[MD5.C245B89092732EA3A0A4498CC9C85E9B] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - CNCL4400.) -- D:\WINDOWS\system32\CNCL4400.DLL [122880]
O44 - LFC:[MD5.9B75D7D8515DAF7B1BAB7914BE6EBF35] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - MFP System services Module.) -- D:\WINDOWS\system32\CNCLSU38b.DLL [188416]
O44 - LFC:[MD5.4444E46CAF5BA8F6FE15DF0578DB2FF4] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - MP Scanner CoInstaller..) -- D:\WINDOWS\system32\CNCLSO38b.dll [53248]
O44 - LFC:[MD5.814947BEF92912A8860E5ABBD640FA74] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - WIA Scanner Driver Image Enhancement dll.) -- D:\WINDOWS\system32\CNCI4400.DLL [86016]
O44 - LFC:[MD5.58C89D64DDA27F7ADD9D1913BADA5BC9] - 2/27/2013 - 3:06:21 AM ---A- . (.CANON INC. - Canon CP Language Monitor 3b.) -- D:\WINDOWS\system32\CNAS0MOK.DLL [679936]
O44 - LFC:[MD5.02550F31973CB8143D1B2FA92A44207E] - 2/27/2013 - 8:42:06 AM ---A- . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- D:\WINDOWS\system32\FlashPlayerInstaller.exe [16473456]
O44 - LFC:[MD5.D516524130D5755101A7FC9D5464ABA6] - 2/27/2013 - 8:42:08 AM ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- D:\WINDOWS\system32\FlashPlayerApp.exe [691568]
O44 - LFC:[MD5.AD5E4B3C498DDDE612465E3FA5468EC8] - 2/27/2013 - 8:42:08 AM ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- D:\WINDOWS\system32\FlashPlayerCPLApp.cpl [71024]
O44 - LFC:[MD5.829E65B8128B5F7CA000447C29067FFE] - 3/1/2013 - 12:21:43 AM ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- D:\WINDOWS\system32\TURegOpt.exe [31552]
O44 - LFC:[MD5.343C1849A655DE6389E4CE85A694C240] - 3/3/2013 - 10:28:24 PM ---A- . (...) -- D:\WINDOWS\WindowsUpdate.log [115507]
O44 - LFC:[MD5.7B66D64CB634733963CAA4682B5BAFE1] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\FaxSetup.log [17720]
O44 - LFC:[MD5.56957572358B34336D13704375B7D589] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\KB942288-v3.log [8466]
O44 - LFC:[MD5.BB11F51F9E0D4F441CBC3D1E052998EB] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\MedCtrOC.log [1912]
O44 - LFC:[MD5.F4BE15C4B54EAE20EFDDD39ABEA43FBF] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\comsetup.log [17787]
O44 - LFC:[MD5.D3EEBEEB3FC674F474049CD1C4C1E472] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\iis6.log [54491]
O44 - LFC:[MD5.EF25CE166A5AAAA53635524216543AA5] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\imsins.log [1355]
O44 - LFC:[MD5.DA62A7E53B1E18EB646ECA7AAFD50213] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\msgsocm.log [1180]
O44 - LFC:[MD5.C3C284912186066D0C65B7A3A042C9AA] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\msmqinst.log [11816]
O44 - LFC:[MD5.3A779A7F7C1716EDA88678034F5588B5] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\netfxocm.log [3873]
O44 - LFC:[MD5.2FE75BC9AD50864895A33576C0C6F128] - 3/3/2013 - 10:29:15
voici mon rapport!
Rapport de ZHPDiag v1.3.6.10 par Nicolas Coolman, Update du 3/3/2013
Run by Administrator at 3/3/2013 10:49:22 PM
State : Version à jour.
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v7.0.5730.13
MFIE: Mozilla Firefox 19.0 v19.0 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ System Information
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3319.0 MB (75% free)
System Restore: Activé (Enable)
System drive D: has 23 GB (57%) free of 40 GB
---\\ Logged in mode
~ Computer Name: M-PC
~ User Name: Administrator
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Guest, Administrator,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : D:\
~ %AppData% : D:\Documents and Settings\Administrator\Application Data\
~ %Desktop% : D:\Documents and Settings\Administrator\Desktop\
~ %Favorites% : D:\Documents and Settings\Administrator\Favorites\
~ %LocalAppData% : D:\Documents and Settings\Administrator\Local Settings\Application Data\
~ %StartMenu% : D:\Documents and Settings\Administrator\Start Menu\
~ %Windir% : D:\WINDOWS\
~ %System% : D:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 29 Go of 195 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 40 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 38 Go of 38 Go)
F:\ Hard drive, Flash drive, Thumb drive (Free 18 Go of 195 Go)
G:\ Hard drive, Flash drive, Thumb drive (Free 213 Go of 488 Go)
H:\ Hard drive, Flash drive, Thumb drive (Free 253 Go of 518 Go)
I:\ Hard drive, Flash drive, Thumb drive (Free 8 Go of 78 Go)
J:\ Hard drive, Flash drive, Thumb drive (Free 38 Go of 77 Go)
K:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn AMs
---\\ Recherche particulière de fichiers génériques
[MD5.C0E1E7D2BEA0106E5C11D605FB0DB155] - (.Microsoft Corporation - Windows Explorer.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\Explorer.exe [1061376]
[MD5.F6589BE784647CFDBC22EA51CCB1A57A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.4/22/2008 - 4:16:29 PM.) -- D:\WINDOWS\system32\wininet.dll [826368]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Winlogon.exe [507904]
[MD5.D6EE6014241D034E63C49A50CB2B442A] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.7/12/2008 - 11:09:42 AM.) -- D:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Fips.sys [44544]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\i8042prt.sys [52480]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\MRxSmb.sys [456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) (.7/12/2008 - 11:19:54 AM.) -- D:\WINDOWS\system32\Drivers\Parport.sys [80128]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.4/14/2008 - 4:02:52 AM.) -- D:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.4/13/2008 - 8:10:28 PM.) -- D:\WINDOWS\system32\Drivers\redbook.sys [57600]
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.4/14/2008 - 12:00:00 AM.) -- D:\WINDOWS\system32\Drivers\volsnap.sys [52352]
~ Scan Generic Processes in 00mn AMs
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/5
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 2/296
~ Mon Bureau (My Desktop) : 0/106
~ Menu demarrer (Programs) : 1/40
~ Scan Hidden Files in 00mn AMs
---\\ Processus lancés
[MD5.24076AD94D10023861AFC0CF3AC9ED1E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.0.) -- D:\WINDOWS\system32\nvsvc32.exe [200704] [PID.932]
[MD5.81BEBBFFE45855B7FAF204C517FBEEF1] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [75040] [PID.1580]
[MD5.2F3F4516007C53FFAFC2CD83952DD749] - (.TuneUp Software - TuneUp Utilities Service.) -- D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1479488] [PID.1704]
[MD5.9C35926663D292CA8D656437C8F1699B] - (.Microsoft Corporation - Application Layer Gateway Service.) -- D:\WINDOWS\System32\alg.exe [72192] [PID.1596]
[MD5.B560AA8D543A7A49A537DBEEB099F539] - (.TuneUp Software - TuneUp Utilities.) -- D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe [1210688] [PID.2020]
[MD5.9C208B60AC59DFD79A0A94C4E7AEF76E] - (...) -- ystem32\RUNDLL32.exe [0] [PID.1260]
[MD5.EA2EA1517636850C6A6A2C46D086EFD7] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\RTHDCPL.exe [17731028] [PID.1516]
[MD5.4C246F1B20E44FAD2DE2D98F28995C4F] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe [1080320] [PID.2544]
[MD5.7D0068E2EEF712A867E59865ED9C4CFF] - (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe [3565432] [PID.1384]
[MD5.7F94B176894562512A375F0A98A118E9] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- D:\Program Files\Ralink\Common\RaUI.exe [1691648] [PID.3668]
[MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- D:\Program Files\Internet Download Manager\IEMonitor.exe [268248] [PID.4000]
[MD5.42654F3CBBB12730F996967CED5117F7] - (.Google Inc. - Google Update Setup.) -- D:\Program Files\Google\GoogleUpdateSetup_latest.exe [731288] [PID.2804]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- D:\Documents and Settings\Administrator\Local Settings\Temp\GUM85.tmp\GoogleUpdate.exe [136176] [PID.1452]
[MD5.836F74239BD9ACEA6BADDD26DE280B4F] - (.Microsoft Corporation - Windows® installer.) -- D:\WINDOWS\system32\msiexec.exe [123392] [PID.4032]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- D:\Program Files\Google\Update\GoogleUpdate.exe [136176] [PID.1452]
[MD5.C5EB146676B04AA9865F41BE2C2B8BD9] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [5747200] [PID.1712]
~ Scan Processes Running in 01mn AMs
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bgcvr527.default\prefs.js
D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bgcvr527.default\user.js
M3 - MFPP: Plugins - [Administrator] -- D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bgcvr527.default\searchplugins\myplaycity.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Administrator] -- D:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Administrator - bgcvr527.default] http://start.myplaycity.com/
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- D:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- D:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- D:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn AMs
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn AMs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn AMs
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=d:\windows\system32\userinit.exe,,d:\program files\microsoft\watermark.exe
F2 - REG:system.ini: Shell=D:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn AMs
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn AMs
~ Nombre de lignes (Lines number): 19
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- D:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- D:\Program Files\Microsoft Office\Office14\URLREDIR.dll
~ Scan BHO in 00mn AMs
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- D:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- D:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- D:\WINDOWS\ALCMTR.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1275210071-1770027372-1801674531-500\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1275210071-1770027372-1801674531-500\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- D:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1275210071-1770027372-1801674531-500\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
~ Scan Application in 00mn AMs
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: Adobe Reader 9.lnk . (.Adobe Systems Incorporated.) -- D:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
O4 - GS\Desktop: ALLConverter PRO.lnk . (.ALLCinema Ltd..) -- D:\Program Files\ALLConverter PRO\ALLConverterPro.exe
O4 - GS\Desktop: Applian FLV Player.lnk . (...) -- D:\Program Files\FLV Player\FLVPlayer.exe
O4 - GS\Desktop: Ashampoo Burning Studio 2010.lnk . (...) -- D:\Program Files\Ashampoo\Ashampoo Burning Studio 2010\burningstudio2010.exe
O4 - GS\Desktop: Canon MF Toolbox 4.9.lnk . (.CANON INC..) -- D:\Program Files\Canon\MF Toolbox Ver4.9\MFTBOX.exe
O4 - GS\Desktop: CCleaner.lnk . (.Piriform Ltd.) -- D:\Program Files\CCleaner\CCleaner.exe
O4 - GS\Desktop: Go to WWW.THE-PAGE.COM.lnk . (.Piriform Ltd.) -- D:\Documents and Settings\All Users\Application Data\page\page.URL
O4 - GS\Desktop: MBRCheck.lnk . (...) -- D:\Program Files\ZHPDiag\mbrcheck.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation.) -- D:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: TuneUp Maintenance en 1 clic.lnk . (.TuneUp Software.) -- D:\Program Files\TuneUp Utilities 2012\OneClick.exe
O4 - GS\Desktop: TuneUp Utilities 2012.lnk . (.TuneUp Software.) -- D:\Program Files\TuneUp Utilities 2012\Integrator.exe
O4 - GS\Desktop: VLC media player.lnk . (...) -- D:\Program Files\VideoLAN\VLC\vlc.exe
O4 - GS\Desktop: ZHPDiag.lnk . (.Nicolas Coolman.) -- D:\Program Files\ZHPDiag\ZHPhep.exe
O4 - GS\Desktop: ZHPFix.lnk . (.Nicolas Coolman.) -- D:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe
O4 - GS\Desktop: Billiard Art.lnk . (...) -- D:\Program Files\MyPlayCity.com\Billiard Art\Billiard Art.exe
O4 - GS\Desktop: EasyRecovery Professional.lnk . (.Ontrack Data Recovery Inc..) -- D:\Program Files\Ontrack\EasyRecovery Professional\EasyRecovery.exe
O4 - GS\Desktop: MyPlayCity Games.lnk . (...) -- D:\Program Files\MyPlayCity.com\Billiard Art\MyPlayCity.url
O4 - GS\Desktop: Play Online Games.lnk . (...) -- D:\Program Files\MyPlayCity.com\Billiard Art\PlayOnlineGames.url
~ Scan Global Startup in 00mn AMs
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- D:\Program Files\MICROS~3\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- D:\Program Files\MICROS~3\Office14\ONBTTN~1.dll
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- D:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn AMs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- D:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- D:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- D:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn AMs
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ Scan IE Paramètres WEB in 00mn AMs
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpDomain = Belkin
O17 - HKLM\System\CS1\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{40071A56-E581-462C-A965-AD41ECCDF9CE}: DhcpDomain = Belkin
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Scan Domain in 00mn AMs
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- D:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- D:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn AMs
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- D:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- D:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.) -- D:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- D:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service Notification DLL.) -- D:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive Winlogon notification.) -- D:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn AMs
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- D:\WINDOWS\system32\webcheck.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- D:\WINDOWS\system32\wpdshserviceobj.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Systray shell service object.) -- D:\WINDOWS\system32\stobject.dll
~ Scan SSODL in 00mn AMs
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Browseui preloader - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI Library.) -- D:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn AMs
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 191.0.) - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) . (.Ralink Technology, Corp. - RalinkRegistryWriter.) - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
~ Scan Services in 01mn AMs
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: My Current Home Page - file:About:Home
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - D:\WINDOWS\web\wallpaper\Bliss.bmp
O24 - Desktop General: WallPaper - .(...) - D:\WINDOWS\web\wallpaper\Bliss.bmp
~ Scan Desktop Component in 00mn AMs
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn AMs
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.9942DC4CC265CDA00486504444EF521D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- D:\Program Files\Google\Update\GoogleUpdate.exe
~ Scan Scheduled Task in 00mn AMs
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- D:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Microsoft Windows Media Player Setup Utility.) -- D:\WINDOWS\inf\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- D:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- D:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- D:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- D:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Outlook Express Setup Library.) -- D:\Program Files\Outlook Express\setup50.exe
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- D:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- D:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- D:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- D:\WINDOWS\INF\wmp.inf
O40 - ASIC: Address Book 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Outlook Express Setup Library.) -- D:\Program Files\Outlook Express\setup50.exe
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r88.) -- D:\WINDOWS\system32\Macromed\Flash\Flash6.ocx
O40 - ASIC: Installed Component - S-1-5-21-1275210071-1770027372-1801674531-500 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID
O40 - ASIC: Installed Component - S-1-5-21-1275210071-1770027372-1801674531-500 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Scan Active Setup in 00mn AMs
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - D:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - D:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - i8042 Port Driver.) - D:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (IDMTDI) . (.Tonec Inc. - Internet Download Manager TDI Driver.) - D:\WINDOWS\system32\DRIVERS\idmtdi.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - D:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Processor Device Driver.) - D:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - D:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Keyboard Class Driver.) - D:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Mouse Class Driver.) - D:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - D:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - D:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - D:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - D:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - D:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - D:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - D:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - D:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - D:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - D:\WINDOWS\system32\DRIVERS\wmiacpi.sys
O41 - Driver: Windows Socket 2.0 Non-IFS Service Provider Support Environment (WS2IFSL) . (.Microsoft Corporation - Winsock2 IFS Layer.) - D:\WINDOWS\system32\drivers\ws2ifsl.sys
~ Scan Drivers in 00mn AMs
---\\ Logiciels installés (O42)
O42 - Logiciel: ALLConverter PRO 1.1 - (.ALLCinema, Inc..) [HKLM] -- {9370105C-71BB-4FF9-A85B-36D79B95457A}_is1
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A90000000001}
O42 - Logiciel: Applian FLV Player - (.Applian Technologies Inc..) [HKLM] -- Applian FLV Player2.0.24
O42 - Logiciel: Ashampoo Burning Studio 2010 - (.ashampoo GmbH & Co. KG.) [HKLM] -- Ashampoo Burning Studio 2010_is1
O42 - Logiciel: Billiard Art - (.MyPlayCity, Inc..) [HKLM] -- Billiard Art_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon MF Toolbox 4.9.1.1.mf11 - (.Canon Inc..) [HKLM] -- {6767DFEE-8909-453A-B553-C7693912B2EB}
O42 - Logiciel: Canon MF4400 Series - (.Canon Inc..) [HKLM] -- {4129CA8E-7E75-4eee-BAE5-AA7707AA7708}
O42 - Logiciel: EasyRecovery Professional - (.Ontrack Data Recovery, Inc..) [HKLM] -- InstallShield_{268723B7-A994-4286-9F85-B974D5CAFC7B}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Windows XP (KB942288-v3) - (.Microsoft Corporation.) [HKLM] -- KB942288-v3
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: Mozilla Firefox 19.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 19.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
O42 - Logiciel: Pro Evolution Soccer 2013 - (.KONAMI.) [HKLM] -- {C2523AE6-F335-4D0B-BC15-1C07E4ACE629}
O42 - Logiciel: Ralink RT2870 Wireless LAN Card - (.Ralink.) [HKLM] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for Windows Internet Explorer 7 (KB950759) - (.Microsoft Corporation.) [HKLM] -- KB950759-IE7
O42 - Logiciel: Security Update for Windows XP (KB923789) - (.Microsoft Corporation.) [HKLM] -- KB923789
O42 - Logiciel: Security Update for Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569
O42 - Logiciel: Security Update for Windows XP (KB950760) - (.Microsoft Corporation.) [HKLM] -- KB950760
O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2
O42 - Logiciel: TuneUp Utilities 2012 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2012
O42 - Logiciel: Update for Windows XP (KB898461) - (.Microsoft Corporation.) [HKLM] -- KB898461
O42 - Logiciel: VideoLAN VLC media player 0.8.6d - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALLConverter PRO]
[HKCU\Software\Adobe]
[HKCU\Software\Ashampoo]
[HKCU\Software\Binary Noise]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\Google]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Media Research Group]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Ontrack]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SFX TEAM]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Ashampoo]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\KONAMI]
[HKLM\Software\MDC]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Ontrack]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RALINK]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Swearware]
[HKLM\Software\TuneUp]
[HKLM\Software\VideoLAN]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn AMs
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2/20/2013 - 10:37:27 AM - [230.873] ----D D:\Program Files\Adobe
O43 - CFD: 2/20/2013 - 7:26:31 AM - [117.667] ----D D:\Program Files\AGEIA Technologies
O43 - CFD: 2/22/2013 - 11:53:06 PM - [17.130] ----D D:\Program Files\ALLConverter PRO
O43 - CFD: 2/20/2013 - 10:38:09 AM - [74.580] ----D D:\Program Files\Ashampoo
O43 - CFD: 2/27/2013 - 3:27:01 AM - [15.481] ----D D:\Program Files\Canon
O43 - CFD: 3/3/2013 - 10:44:17 PM - [5.085] ----D D:\Program Files\CCleaner
O43 - CFD: 2/26/2013 - 10:31:33 AM - [258.981] ----D D:\Program Files\Common Files
O43 - CFD: 2/20/2013 - 7:09:21 AM - [0] ----D D:\Program Files\ComPlus Applications
O43 - CFD: 2/20/2013 - 7:46:00 AM - [1.977] ----D D:\Program Files\FLV Player
O43 - CFD: 3/3/2013 - 10:41:07 PM - [4.530] ----D D:\Program Files\Google
O43 - CFD: 2/28/2013 - 11:00:06 PM - [6.908] --H-D D:\Program Files\InstallShield Installation Information
O43 - CFD: 2/20/2013 - 11:06:03 AM - [12.718] ----D D:\Program Files\Internet Download Manager
O43 - CFD: 2/20/2013 - 7:10:42 AM - [3.145] ----D D:\Program Files\Internet Explorer
O43 - CFD: 2/20/2013 - 7:35:52 AM - [2014.035] ----D D:\Program Files\KONAMI
O43 - CFD: 2/20/2013 - 7:08:57 AM - [2.265] ----D D:\Program Files\Messenger
O43 - CFD: 2/22/2013 - 7:44:31 AM - [0.174] ----D D:\Program Files\Microsoft
O43 - CFD: 2/26/2013 - 10:29:06 AM - [38.002] ----D D:\Program Files\Microsoft Analysis Services
O43 - CFD: 2/20/2013 - 7:13:09 AM - [0] ----D D:\Program Files\microsoft frontpage
O43 - CFD: 2/26/2013 - 10:31:22 AM - [953.935] ----D D:\Program Files\Microsoft Office
O43 - CFD: 2/26/2013 - 10:31:22 AM - [0.757] ----D D:\Program Files\Microsoft Sync Framework
O43 - CFD: 2/20/2013 - 7:10:33 AM - [9.836] ----D D:\Program Files\Movie Maker
O43 - CFD: 3/1/2013 - 10:01:11 AM - [45.055] ----D D:\Program Files\Mozilla Firefox
O43 - CFD: 3/2/2013 - 12:34:33 AM - [0.212] ----D D:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2/26/2013 - 10:31:54 AM - [0.001] ----D D:\Program Files\MSBuild
O43 - CFD: 2/20/2013 - 7:08:11 AM - [21.171] ----D D:\Program Files\MSN
O43 - CFD: 2/20/2013 - 7:08:51 AM - [8.495] ----D D:\Program Files\MSN Gaming Zone
O43 - CFD: 3/3/2013 - 9:54:45 AM - [30.987] ----D D:\Program Files\MyPlayCity.com
O43 - CFD: 2/20/2013 - 7:10:49 AM - [3.539] ----D D:\Program Files\NetMeeting
O43 - CFD: 2/20/2013 - 7:26:18 AM - [0.957] ----D D:\Program Files\NVIDIA Corporation
O43 - CFD: 2/20/2013 - 7:09:08 AM - [0.003] ----D D:\Program Files\Online Services
O43 - CFD: 2/28/2013 - 10:59:54 PM - [81.412] ----D D:\Program Files\Ontrack
O43 - CFD: 2/20/2013 - 7:10:45 AM - [4.255] ----D D:\Program Files\Outlook Express
O43 - CFD: 2/20/2013 - 10:14:35 AM - [34.456] ----D D:\Program Files\Ralink
O43 - CFD: 2/20/2013 - 7:41:49 AM - [63.062] ----D D:\Program Files\Realtek
O43 - CFD: 2/20/2013 - 7:46:35 AM - [1.229] ----D D:\Program Files\SuperCopier2
O43 - CFD: 3/1/2013 - 12:21:42 AM - [82.786] ----D D:\Program Files\TuneUp Utilities 2012
O43 - CFD: 2/20/2013 - 7:23:46 AM - [0] --H-D D:\Program Files\Uninstall Information
O43 - CFD: 2/20/2013 - 7:45:12 AM - [36.809] ----D D:\Program Files\VideoLAN
O43 - CFD: 2/20/2013 - 7:09:01 AM - [4.177] ----D D:\Program Files\Windows Media Connect 2
O43 - CFD: 2/20/2013 - 7:12:20 AM - [10.262] ----D D:\Program Files\Windows Media Player
O43 - CFD: 2/20/2013 - 7:08:40 AM - [3.841] ----D D:\Program Files\Windows NT
O43 - CFD: 2/20/2013 - 7:11:27 AM - [0] --H-D D:\Program Files\WindowsUpdate
O43 - CFD: 2/20/2013 - 7:46:15 AM - [5.276] ----D D:\Program Files\WinRAR
O43 - CFD: 2/20/2013 - 7:13:09 AM - [0] ----D D:\Program Files\xerox
O43 - CFD: 3/3/2013 - 10:49:24 PM - [15.357] ----D D:\Program Files\ZHPDiag
O43 - CFD: 2/20/2013 - 10:37:34 AM - [4.387] ----D D:\Program Files\Common Files\Adobe
O43 - CFD: 2/26/2013 - 10:31:33 AM - [0.095] ----D D:\Program Files\Common Files\DESIGNER
O43 - CFD: 3/3/2013 - 8:49:15 AM - [5.427] ----D D:\Program Files\Common Files\InstallShield
O43 - CFD: 3/3/2013 - 10:28:51 PM - [204.828] ----D D:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 2/20/2013 - 7:10:43 AM - [0.271] ----D D:\Program Files\Common Files\MSSoap
O43 - CFD: 2/19/2013 - 10:57:04 PM - [0] ----D D:\Program Files\Common Files\ODBC
O43 - CFD: 2/20/2013 - 7:10:48 AM - [0.008] ----D D:\Program Files\Common Files\Services
O43 - CFD: 2/19/2013 - 10:57:01 PM - [3.612] ----D D:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2/26/2013 - 10:29:42 AM - [7.803] ----D D:\Program Files\Common Files\System
O43 - CFD: 2/20/2013 - 7:26:26 AM - [32.551] ----D D:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 3/3/2013 - 10:34:44 PM - [148.746] R-H-D D:\Documents and Settings\All Users\Application Data
O43 - CFD: 3/3/2013 - 10:48:56 PM - [0.017] ----D D:\Documents and Settings\All Users\Desktop
O43 - CFD: 2/20/2013 - 7:09:47 AM - [1.606] R---D D:\Documents and Settings\All Users\Documents
O43 - CFD: 2/24/2013 - 11:57:38 PM - [0.139] -SH-D D:\Documents and Settings\All Users\DRM
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0] ----D D:\Documents and Settings\All Users\Favorites
O43 - CFD: 2/26/2013 - 10:31:22 AM - [2.375] ----D D:\Documents and Settings\All Users\Microsoft
O43 - CFD: 2/20/2013 - 7:14:31 AM - [0.207] R---D D:\Documents and Settings\All Users\Start Menu
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0] --H-D D:\Documents and Settings\All Users\Templates
O43 - CFD: 2/21/2013 - 12:39:52 AM - [0.306] ----D D:\Documents and Settings\Administrator\Application Data\Adobe
O43 - CFD: 2/27/2013 - 3:08:40 AM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Canon
O43 - CFD: 3/2/2013 - 9:55:59 AM - [0.020] ----D D:\Documents and Settings\Administrator\Application Data\DMCache
O43 - CFD: 2/28/2013 - 11:46:05 PM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Help
O43 - CFD: 2/20/2013 - 7:23:48 AM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Identities
O43 - CFD: 3/3/2013 - 9:05:58 AM - [25.504] ----D D:\Documents and Settings\Administrator\Application Data\IDM
O43 - CFD: 2/20/2013 - 10:14:22 AM - [0] ----D D:\Documents and Settings\Administrator\Application Data\InstallShield
O43 - CFD: 2/20/2013 - 10:52:48 AM - [0.048] ----D D:\Documents and Settings\Administrator\Application Data\Macromedia
O43 - CFD: 3/3/2013 - 10:34:49 PM - [0] ----D D:\Documents and Settings\Administrator\Application Data\Malwarebytes
O43 - CFD: 2/27/2013 - 12:28:08 PM - [5.442] -S--D D:\Documents and Settings\Administrator\Application Data\Microsoft
O43 - CFD: 2/20/2013 - 9:25:11 AM - [16.732] ----D D:\Documents and Settings\Administrator\Application Data\Mozilla
O43 - CFD: 3/1/2013 - 12:21:32 AM - [0.042] ----D D:\Documents and Settings\Administrator\Application Data\TuneUp Software
O43 - CFD: 2/20/2013 - 7:45:29 AM - [0.338] ----D D:\Documents and Settings\Administrator\Application Data\vlc
O43 - CFD: 2/20/2013 - 9:27:28 AM - [0.000] ----D D:\Documents and Settings\Administrator\Application Data\WinRAR
O43 - CFD: 2/21/2013 - 12:40:24 AM - [0.356] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
O43 - CFD: 2/22/2013 - 11:53:07 PM - [0.026] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\ALLConverter
O43 - CFD: 3/3/2013 - 10:41:07 PM - [0] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Google
O43 - CFD: 2/28/2013 - 11:46:05 PM - [0] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Help
O43 - CFD: 2/27/2013 - 3:56:07 AM - [2.892] -S--D D:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
O43 - CFD: 2/26/2013 - 10:28:40 AM - [0] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
O43 - CFD: 2/20/2013 - 9:24:55 AM - [36.214] ----D D:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
O43 - CFD: 2/20/2013 - 7:12:27 AM - [0.014] R---D D:\WINDOWS\system32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0.000] R---D D:\WINDOWS\system32\Config\systemprofile\Start Menu\Programs\Startup
O43 - CFD: 2/20/2013 - 7:23:59 AM - [0.016] R---D D:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
O43 - CFD: 3/3/2013 - 12:41:58 PM - [0.000] R---D D:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
O43 - CFD: 2/28/2013 - 10:59:57 PM - [0.005] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\EasyRecovery Professional
O43 - CFD: 2/20/2013 - 10:53:47 AM - [0.004] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2/19/2013 - 10:56:26 PM - [0.000] R---D D:\Documents and Settings\Administrator\Start Menu\Programs\Startup
O43 - CFD: 2/20/2013 - 7:46:35 AM - [0.006] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\SuperCopier2
O43 - CFD: 2/20/2013 - 7:46:16 AM - [0.002] ----D D:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
~ Scan Program Folder in 03mn AMs
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0B8DADFFC3D9AD3E36885E4EB889961D] - 1/22/2010 - 7:36:10 PM ---A- . (...) -- D:\WINDOWS\system32\CNCMFP38.INI [375]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/19/2013 - 10:55:55 PM ---A- . (...) -- D:\WINDOWS\setuperr.log [0]
O44 - LFC:[MD5.060110976C713D49CEFEE9A7291CE9D7] - 2/19/2013 - 10:56:37 PM ---A- . (.Digi International - DGSETUP DLL.) -- D:\WINDOWS\system32\dgsetup.dll [85020]
O44 - LFC:[MD5.1E8F9818D695F8759B125EE146BEB935] - 2/19/2013 - 10:56:37 PM ---A- . (.Digi International, Inc. - Digi RealPort® Driver Upgrade.) -- D:\WINDOWS\system32\dgrpsetu.dll [176157]
O44 - LFC:[MD5.5726CB81771655731D011ABD878CB65D] - 2/19/2013 - 10:56:37 PM ---A- . (.Equinox Systems Inc. - Equinox Multiport Serial Coinstaller.) -- D:\WINDOWS\system32\EqnClass.Dll [103424]
O44 - LFC:[MD5.1C3C9B5B42A50D2D86CAF2EC05D34B3C] - 2/19/2013 - 10:56:37 PM ---A- . (.Perle Systems Ltd. - Specialix MPS NT Upgrade CoInstaller.) -- D:\WINDOWS\system32\spxcoins.dll [24661]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/19/2013 - 11:00:05 PM ---A- . (...) -- D:\WINDOWS\Sti_Trace.log [0]
O44 - LFC:[MD5.A0E02492452D4E237465D99D005D91FD] - 2/19/2013 - 11:02:43 PM ---A- . (...) -- D:\WINDOWS\system.ini [231]
O44 - LFC:[MD5.483A09C788FC61764AD47F9640319E3A] - 2/19/2013 - 11:02:47 PM ---A- . (...) -- D:\WINDOWS\regopt.log [2088]
O44 - LFC:[MD5.BC343A236F85F122AE7A7E5B95D4641B] - 2/19/2013 - 11:03:03 PM ---A- . (...) -- D:\WINDOWS\system32\pid.PNF [4444]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/19/2013 - 11:04:46 PM ---A- . (...) -- D:\WINDOWS\system32\h323log.txt [0]
O44 - LFC:[MD5.EE5AD71A1F576D4D58D8D014560EB856] - 2/20/2013 - 10:14:33 AM ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- D:\WINDOWS\system32\Drivers\rt2870.sys [709248]
O44 - LFC:[MD5.1CACB5B36EBF33502046742C4F6D66C7] - 2/20/2013 - 10:14:33 AM ---A- . (.Ralink Technology, Inc. - Ralink CoInstaller Dynamic Link Library.) -- D:\WINDOWS\system32\RaCoInst.dll [221184]
O44 - LFC:[MD5.023867B6606FBABCDD52E089C4A507DA] - 2/20/2013 - 10:14:35 AM ---A- . (.Cisco Systems, Inc. - IEEE 802.1X Protocol Driver.) -- D:\WINDOWS\system32\Drivers\AegisP.sys [21361]
O44 - LFC:[MD5.01BFB5DFA33D1CE4C33D048C6EFC1A3B] - 2/20/2013 - 10:14:35 AM ---A- . (.Pas de propriétaire - AegisInstall MFC Application.) -- D:\WINDOWS\system32\AegisI5Installer.exe [405504]
O44 - LFC:[MD5.8029855C327BFFE7300A782ABCCE1544] - 2/20/2013 - 10:14:48 AM ---A- . (.Ralink Technology, Corp. - Ralink RAPI Protocol DLL.) -- D:\WINDOWS\system32\RAPI.dll [315510]
O44 - LFC:[MD5.A8112CE91F7D805FDAF3BFC7165C3F56] - 2/20/2013 - 10:14:48 AM ---A- . (.The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library.) -- D:\WINDOWS\system32\libeay32.dll [1093632]
O44 - LFC:[MD5.9EA23B8FF133916CD0FD5F8E3F9EA872] - 2/20/2013 - 10:14:48 AM ---A- . (.The OpenSSL Project, https://www.openssl.org/ - OpenSSL Shared Library.) -- D:\WINDOWS\system32\ssleay32.dll [200704]
O44 - LFC:[MD5.D4AD1316E07B86AE34C33C02DC12F35D] - 2/20/2013 - 7:05:24 AM ---A- . (...) -- D:\WINDOWS\cmsetacl.log [200]
O44 - LFC:[MD5.277BDF16A94BE0D063988D692541650B] - 2/20/2013 - 7:08:10 AM ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- D:\WINDOWS\system32\hypertrm.dll [347136]
O44 - LFC:[MD5.F759A6E14403BC3D7A55CCAD1B8F7B4A] - 2/20/2013 - 7:08:40 AM ---A- . (.Hilgraeve, Inc. - HyperTerminal Applet Library.) -- D:\WINDOWS\system32\hticons.dll [44544]
O44 - LFC:[MD5.631F027116ECCCA763F97322A6D919CC] - 2/20/2013 - 7:09:13 AM ---A- . (...) -- D:\WINDOWS\DtcInstall.log [130]
O44 - LFC:[MD5.487403459F0B2F1A3ADEEF02496BD80E] - 2/20/2013 - 7:09:19 AM ---A- . (...) -- D:\WINDOWS\vb.ini [36]
O44 - LFC:[MD5.6C2F0BA210C2B53EF07653ABAC6C2490] - 2/20/2013 - 7:09:19 AM ---A- . (...) -- D:\WINDOWS\vbaddin.ini [37]
O44 - LFC:[MD5.1BC12C540E59E56A958984B4845BBEF9] - 2/20/2013 - 7:09:29 AM ---A- . (...) -- D:\WINDOWS\system32\emptyregdb.dat [21640]
O44 - LFC:[MD5.DADB3267CF9AA47E7EF8BBF043FBC4B8] - 2/20/2013 - 7:09:46 AM ---A- . (...) -- D:\WINDOWS\sessmgr.setup.log [1022]
O44 - LFC:[MD5.0C56AFBBDFA19694CA03F159A5724EA6] - 2/20/2013 - 7:10:04 AM ---A- . (.Intel Corporation - ISR Debug 32-bit Engine.) -- D:\WINDOWS\system32\isrdbg32.dll [32768]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\WindowsShell.Manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\cdplayer.exe.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\ncpa.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\nwc.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\sapi.cpl.manifest [749]
O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 2/20/2013 - 7:11:31 AM R-HA- . (...) -- D:\WINDOWS\system32\wuaucpl.cpl.manifest [749]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2/20/2013 - 7:11:33 AM R-HA- . (...) -- D:\WINDOWS\system32\WindowsLogon.manifest [488]
O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 2/20/2013 - 7:11:33 AM R-HA- . (...) -- D:\WINDOWS\system32\logonui.exe.manifest [488]
O44 - LFC:[MD5.4E4D168738692D3F3D2BA4BFA3A40AC0] - 2/20/2013 - 7:12:08 AM ---A- . (...) -- D:\WINDOWS\ODBCINST.INI [4161]
O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 2/20/2013 - 7:12:16 AM ---A- . (...) -- D:\WINDOWS\WMSysPr9.prx [316640]
O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 2/20/2013 - 7:12:17 AM ---A- . (...) -- D:\WINDOWS\system32\amcompat.tlb [16832]
O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 2/20/2013 - 7:12:17 AM ---A- . (...) -- D:\WINDOWS\system32\nscompat.tlb [23392]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/20/2013 - 7:12:21 AM ---A- . (...) -- D:\WINDOWS\control.ini [0]
O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 2/20/2013 - 7:12:21 AM ---A- . (...) -- D:\WINDOWS\system32\CONFIG.NT [2577]
O44 - LFC:[MD5.E6E7AD4541A6E3D3C69FA2C4753B085D] - 2/20/2013 - 7:12:31 AM ---A- . (...) -- D:\WINDOWS\KB950760.log [7160]
O44 - LFC:[MD5.691BD2824D0ACB4630B0CD31A7991FC1] - 2/20/2013 - 7:12:39 AM ---A- . (...) -- D:\WINDOWS\KB898461.log [8554]
O44 - LFC:[MD5.D0C75FBA349638A4B87D3743BD34D6CF] - 2/20/2013 - 7:12:57 AM ---A- . (...) -- D:\WINDOWS\KB950759-IE7.log [17246]
O44 - LFC:[MD5.380F01D82961CB2C2F570E8921A666C2] - 2/20/2013 - 7:13:02 AM ---A- . (...) -- D:\WINDOWS\KB941569.log [8496]
O44 - LFC:[MD5.C4A9EC1648BC1FE63A00645DFF1D69D9] - 2/20/2013 - 7:14:31 AM ---A- . (...) -- D:\WINDOWS\system32\$winnt$.inf [261]
O44 - LFC:[MD5.B03D1B62D6A82A4D8A196001A8A068E3] - 2/20/2013 - 7:14:34 AM ---A- . (...) -- D:\WINDOWS\imsins.BAK [4382]
O44 - LFC:[MD5.2D3E36CEA965FE95226A5BEB70F36ECA] - 2/20/2013 - 7:14:34 AM ---A- . (...) -- D:\WINDOWS\setuplog.txt [799204]
O44 - LFC:[MD5.FC09793982B286AF9AB8A5E6B9D76046] - 2/20/2013 - 7:15:31 AM ---A- . (...) -- D:\WINDOWS\REGLOCS.OLD [8192]
O44 - LFC:[MD5.7AEFB1F4DD5F27574E56375059EDA0B8] - 2/20/2013 - 7:23:54 AM ---A- . (...) -- D:\WINDOWS\OEWABLog.txt [833]
O44 - LFC:[MD5.1AAA5C3A139A48BF28DC3EE0A3B278B4] - 2/20/2013 - 7:36:06 AM ---A- . (...) -- D:\WINDOWS\DirectX.log [64712]
O44 - LFC:[MD5.8BE82B45F91630CA01E62098B303D6C7] - 2/20/2013 - 7:41:46 AM ---A- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) -- D:\WINDOWS\RtlExUpd.dll [901597]
O44 - LFC:[MD5.AF8C5DB1AEF03F72721AA70D446C9DC0] - 2/20/2013 - 7:41:49 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- D:\WINDOWS\ALCMTR.EXE [459127]
O44 - LFC:[MD5.F6AF59D6EEE5E1C304F7F73706AD11D8] - 2/20/2013 - 7:41:50 AM ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- D:\WINDOWS\system32\Drivers\Ambfilt.sys [1684736]
O44 - LFC:[MD5.9FA7207D1B1ADEAD88AE8EED9CDBBAA5] - 2/20/2013 - 7:41:50 AM ---A- . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- D:\WINDOWS\system32\Drivers\Monfilt.sys [1389056]
O44 - LFC:[MD5.EB8BA7A5B00EDA934C87FDF4C56B12A9] - 2/20/2013 - 7:41:50 AM ---A- . (.RealTek Semicoductor Corp. - RealTek AlcWzrd Application.) -- D:\WINDOWS\ALCWZRD.EXE [3210155]
O44 - LFC:[MD5.D51E4B761E60F25A78AB772E5A3394E3] - 2/20/2013 - 7:41:50 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Audio Microphone Calibration.) -- D:\WINDOWS\MicCal.exe [2568105]
O44 - LFC:[MD5.EA2EA1517636850C6A6A2C46D086EFD7] - 2/20/2013 - 7:41:50 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\RTHDCPL.EXE [17731028]
O44 - LFC:[MD5.69D35A701D4636CD5FBCFA1FF1DEC5B3] - 2/20/2013 - 7:41:50 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\system32\ALSNDMGR.CPL [278528]
O44 - LFC:[MD5.0B9868B24366D37CF827EEF4B95BC030] - 2/20/2013 - 7:41:51 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Coinstaller.) -- D:\WINDOWS\system32\RtkCoInstXP.dll [406381]
O44 - LFC:[MD5.19D3781892A3794672CD1962F3D8D3B8] - 2/20/2013 - 7:41:51 AM ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- D:\WINDOWS\system32\Drivers\RtkHDAud.sys [4942336]
O44 - LFC:[MD5.868CEFE2304FE894F1367CCFDC716435] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Driver Update and remove for Windows x64 or.) -- D:\WINDOWS\RtlUpd.exe [1601995]
O44 - LFC:[MD5.7668E4C096516EE85367C9B373568CF0] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Audio Control Panel.) -- D:\WINDOWS\RTLCPL.EXE [10115997]
O44 - LFC:[MD5.67BFF4E0D4335DF09A298AE4A52D74E5] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- D:\WINDOWS\system32\RTSndMgr.CPL [266240]
O44 - LFC:[MD5.A4FB27FC01988362DEEB6BDC2273AC93] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- D:\WINDOWS\SOUNDMAN.EXE [479671]
O44 - LFC:[MD5.58857FA351DAEAA7FED34E1C906794D9] - 2/20/2013 - 7:41:52 AM ---A- . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- D:\WINDOWS\SkyTel.exe [2228661]
O44 - LFC:[MD5.6D0634CEBBFF7F428DD816706F5AA1FB] - 2/20/2013 - 7:44:14 AM ---A- . (...) -- D:\WINDOWS\system32\BuzzingBee.wav [146650]
O44 - LFC:[MD5.E2FA75ADE398C9A44815B11CC141105C] - 2/20/2013 - 7:44:14 AM ---A- . (...) -- D:\WINDOWS\system32\LoopyMusic.wav [940794]
O44 - LFC:[MD5.488090449877FB7F9C2AFF9EBF6689DA] - 2/20/2013 - 9:23:38 AM ---A- . (.Ralink Technology, Corp. - Ralink RAPI Protocol Driver.) -- D:\WINDOWS\system32\Drivers\RAPIProtocol.sys [16512]
O44 - LFC:[MD5.64F1DE20A7DF74CB35D0FA9E9C318A6F] - 2/21/2013 - 10:08:41 PM ---A- . (...) -- D:\WINDOWS\Explorermgr.exe [182784]
O44 - LFC:[MD5.95AF1A1D15C17229B3ED6CA942AF584B] - 2/22/2013 - 10:22:04 PM ---A- . (...) -- D:\WINDOWS\setupact.log [183327]
O44 - LFC:[MD5.FF2530C8C1261910C06F3F97737D3435] - 2/24/2013 - 11:57:38 PM ---A- . (...) -- D:\WINDOWS\wmsetup.log [5275]
O44 - LFC:[MD5.F23AA3AFB7B5F2E7D159E833A452C05A] - 2/26/2013 - 10:29:43 AM ---A- . (...) -- D:\WINDOWS\win.ini [582]
O44 - LFC:[MD5.5A53496FE58D1F96F6D2882C1EB5D5A8] - 2/26/2013 - 12:29:09 PM ---A- . (...) -- D:\WINDOWS\system32\FNTCACHE.DAT [264616]
O44 - LFC:[MD5.800D8416E67FF0E16DFB4BE05876EB20] - 2/27/2013 - 3:06:13 AM ---A- . (.CANON INC. - WIA Scanner Driver dll for ScanGear MF.) -- D:\WINDOWS\system32\CNCC4400.DLL [303104]
O44 - LFC:[MD5.71C00BB86FCB8B2B8D0176CB759F3C2D] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - ACTif command generation.) -- D:\WINDOWS\system32\CNCLSC38b.DLL [94208]
O44 - LFC:[MD5.1CF137A95A0BADE1CB70A20177EDA4D6] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - Exposed API to the MFP Scanner Interface.) -- D:\WINDOWS\system32\CNCLSD38b.DLL [135168]
O44 - LFC:[MD5.C75C48FE4576158F0E8EE76D6D1D96BC] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - Exposed API to the MFP TransPort.) -- D:\WINDOWS\system32\CNCLST38b.DLL [102400]
O44 - LFC:[MD5.D5C1101C675EEABF760B3259FE710F00] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - Exposed API to the MP Interface.) -- D:\WINDOWS\system32\CNCLSI38b.DLL [102400]
O44 - LFC:[MD5.C245B89092732EA3A0A4498CC9C85E9B] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - CNCL4400.) -- D:\WINDOWS\system32\CNCL4400.DLL [122880]
O44 - LFC:[MD5.9B75D7D8515DAF7B1BAB7914BE6EBF35] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - MFP System services Module.) -- D:\WINDOWS\system32\CNCLSU38b.DLL [188416]
O44 - LFC:[MD5.4444E46CAF5BA8F6FE15DF0578DB2FF4] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - MP Scanner CoInstaller..) -- D:\WINDOWS\system32\CNCLSO38b.dll [53248]
O44 - LFC:[MD5.814947BEF92912A8860E5ABBD640FA74] - 2/27/2013 - 3:06:14 AM ---A- . (.CANON INC. - WIA Scanner Driver Image Enhancement dll.) -- D:\WINDOWS\system32\CNCI4400.DLL [86016]
O44 - LFC:[MD5.58C89D64DDA27F7ADD9D1913BADA5BC9] - 2/27/2013 - 3:06:21 AM ---A- . (.CANON INC. - Canon CP Language Monitor 3b.) -- D:\WINDOWS\system32\CNAS0MOK.DLL [679936]
O44 - LFC:[MD5.02550F31973CB8143D1B2FA92A44207E] - 2/27/2013 - 8:42:06 AM ---A- . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- D:\WINDOWS\system32\FlashPlayerInstaller.exe [16473456]
O44 - LFC:[MD5.D516524130D5755101A7FC9D5464ABA6] - 2/27/2013 - 8:42:08 AM ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- D:\WINDOWS\system32\FlashPlayerApp.exe [691568]
O44 - LFC:[MD5.AD5E4B3C498DDDE612465E3FA5468EC8] - 2/27/2013 - 8:42:08 AM ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- D:\WINDOWS\system32\FlashPlayerCPLApp.cpl [71024]
O44 - LFC:[MD5.829E65B8128B5F7CA000447C29067FFE] - 3/1/2013 - 12:21:43 AM ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- D:\WINDOWS\system32\TURegOpt.exe [31552]
O44 - LFC:[MD5.343C1849A655DE6389E4CE85A694C240] - 3/3/2013 - 10:28:24 PM ---A- . (...) -- D:\WINDOWS\WindowsUpdate.log [115507]
O44 - LFC:[MD5.7B66D64CB634733963CAA4682B5BAFE1] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\FaxSetup.log [17720]
O44 - LFC:[MD5.56957572358B34336D13704375B7D589] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\KB942288-v3.log [8466]
O44 - LFC:[MD5.BB11F51F9E0D4F441CBC3D1E052998EB] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\MedCtrOC.log [1912]
O44 - LFC:[MD5.F4BE15C4B54EAE20EFDDD39ABEA43FBF] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\comsetup.log [17787]
O44 - LFC:[MD5.D3EEBEEB3FC674F474049CD1C4C1E472] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\iis6.log [54491]
O44 - LFC:[MD5.EF25CE166A5AAAA53635524216543AA5] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\imsins.log [1355]
O44 - LFC:[MD5.DA62A7E53B1E18EB646ECA7AAFD50213] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\msgsocm.log [1180]
O44 - LFC:[MD5.C3C284912186066D0C65B7A3A042C9AA] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\msmqinst.log [11816]
O44 - LFC:[MD5.3A779A7F7C1716EDA88678034F5588B5] - 3/3/2013 - 10:29:15 PM ---A- . (...) -- D:\WINDOWS\netfxocm.log [3873]
O44 - LFC:[MD5.2FE75BC9AD50864895A33576C0C6F128] - 3/3/2013 - 10:29:15
A voir également:
- Ramnit virus
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Faux message virus ordinateur - Accueil - Arnaque
- Faux message virus iphone - Forum iPhone
- Softonic virus ✓ - Forum Virus
3 réponses
afideg
Messages postés
10517
Date d'inscription
lundi 10 octobre 2005
Statut
Contributeur sécurité
Dernière intervention
12 avril 2022
602
4 mars 2013 à 09:55
4 mars 2013 à 09:55
Hello Lili,
Déjà, il y a cette recommandation pour l'internaute : http://www.technicland.com/fixvirus.php3
Aussi, il pourrait détailler davantage son souci; en effet, de quoi se plaint-il ?
Quant à jeter à notre vue un rapport d'analyse, il s'agirait à tout le moins qu'il fut complet ==> il y a des procédures à respecter !
Cet internaute aurait eu une bonne idée en exprimant sa demande accompagnée d'un simple "S'il vous plaît"; ...
Bien vu Lili ;)
Amicalement.
Albert
Déjà, il y a cette recommandation pour l'internaute : http://www.technicland.com/fixvirus.php3
Aussi, il pourrait détailler davantage son souci; en effet, de quoi se plaint-il ?
Quant à jeter à notre vue un rapport d'analyse, il s'agirait à tout le moins qu'il fut complet ==> il y a des procédures à respecter !
Cet internaute aurait eu une bonne idée en exprimant sa demande accompagnée d'un simple "S'il vous plaît"; ...
Bien vu Lili ;)
Amicalement.
Albert
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 806
4 mars 2013 à 08:15
4 mars 2013 à 08:15
Hello
Ta version de Windows n est pas légale
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
Ta version de Windows n est pas légale
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline
Utilisateur anonyme
4 mars 2013 à 14:12
4 mars 2013 à 14:12
Bonjour Ranam
Un merci et un s'il vous plait ne serait pas de trop
Il serait conseillé de se procurer une licence légale de Windows.
Un merci et un s'il vous plait ne serait pas de trop
Il serait conseillé de se procurer une licence légale de Windows.
4 mars 2013 à 10:02