FORUM D'ORDISECOURS

Forum créé le 1/5/2000 15:38 et administré par jean-luc ANDRE

Obtenez 1000 visiteurs rapidement !

M'inscrire

Me connecter

Mot de passe oublié

Retour au forum

Pages: 1

Auteur

Message

Trier par date décroissante

sandrarasta

Posté le:
11/10/2011 23:10

Sujet du message:
virus trojan

bonsoir j'ai un pc compaq avec windows xp famillial 2002 mon antivirus est microsof security essentiel et j'ai un probleme l'antivirus m'affiche sans cesse que des fichiers sont infectes il me dit que j'ai des virus et un cheval de troie me demande de faire un nettoyage redemarrer et une analyse me dit apres que c fait avec succes seulement a chaque redemarrage les virus sont tjrs la et se multiplient que faire?c'est penible ca ralentit mes connexions internet et l'antivirus lui meme deconne il ne se met plus en route directement au redemarrage je suis obligee de l'ouvrir et il me demande une analyse un nettoyage etc tjrs pr les fichiers infectes et windows me signale que le pc est en danger parce qu'il n'est pas protege par un antivirus je suis depassee aidez moi svp merci je vous poste un rapport zhp diag si d fois ca peut etre utile!

sandrarasta

Posté le:
11/10/2011 23:17

Sujet du message:
rapport zhpdiag

voila le Rapport de ZHPDiag v1.28.1350 par Nicolas Coolman, Update du 20/09/2011
Run by Compaq_Propriétaire at 11/10/2011 23:13:27
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ System Information
~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 958 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 390 GB (84%) free of 460 GB

---\\ Logged in mode
~ Computer Name: VEJUX-PC
~ User Name: Compaq_Propriétaire
~ All Users Names: SUPPORT_fddfa904, SUPPORT_388945a0, HelpAssistant, Compaq_Propriétaire, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:~ %AppData% : C:\Documents and Settings\Compaq_Propriétaire\Application Data~ %Desktop% : C:\Documents and Settings\Compaq_Propriétaire\Bureau~ %Favorites% : C:\Documents and Settings\Compaq_Propriétaire\Favoris~ %LocalAppData% : C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data~ %StartMenu% : C:\Documents and Settings\Compaq_Propriétaire\Menu Démarrer~ %Windir% : C:\WINDOWS~ %System% : C:\WINDOWS\system32
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 390 Go of 460 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 162 Go of 233 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 6 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2011 - 18:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.11/10/2011 - 18:34:22.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.11/10/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.11/10/2011 - 18:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.11/10/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.11/10/2011 - 11:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 5/514
~ Mes musiques (My Musics) : 25/63
~ Mes Videos (My Videos) : 1/5
~ Mes Favoris (My Favorites) : 2/23
~ Mes Documents (My Documents) : 46/736
~ Mon Bureau (My Desktop) : 0/5
~ Menu demarrer (Programs) : 5/50
~ Scan Hidden Files in 00mn 00s

---\\ Processus lancés
[MD5.CFCE43B70CA0CC4DCC8ADB62B792B173] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736] [PID.1092]
[MD5.10DD3509F84E9E5BDC2086288D009335] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16010240] [PID.1320]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54840] [PID.1592]
[MD5.3501509DD60CC40E88614847D19024C0] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE [98304] [PID.1956]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376] [PID.2292]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files\Micro Application\LauncherMA.exe [485376] [PID.2444]
[MD5.5712DCBE52D68865CCA91AE04807B755] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [73728] [PID.3388]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2880]
[MD5.C81BE1B951C36E97D3DA90DA745DA5F7] - (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.EXE [61440] [PID.2216]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816] [PID.3240]
[MD5.06A1ECB63DF139EC639E084D4AB3C9D7] - (.Hewlett-Packard Company - hpsysdrv.) -- c:\windows\system\hpsysdrv.exe [52736] [PID.2168]
[MD5.4428823C1EDCC549E3F494F7A90B46A3] - (.Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition binary.) -- C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe [36975] [PID.2584]
[MD5.21B7B06BE63DA790A031328CEBCDD715] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files\Java\jre1.5.0_05\bin\jucheck.exe [241775] [PID.2352]
[MD5.B26A2F3CD6459548DB6891D138080876] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2121216] [PID.2672]
~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé)
G2 - GCE: Preference [User Data\Default] [kpionmjnkbpcdpcflammlgllecmejgjj] vshare plugin v.1.3 (Activé)
~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch
R0 - HKUS\S-1-5-21-1134005648-898974031-3703468595-1008\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.redirect.hp.com
R1 - HKUS\S-1-5-21-1134005648-898974031-3703468595-1008\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\fqptylxl\kwhgjohc.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files\DivX\DivX Plus Web
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} . (.VShare Inc. - This is a module that is required for the o.) -- C:\Program Files\vShare.tv plugin\BarLcher.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Barre d'outils client IE Google.) -- c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Barre d'outils client IE Google.) -- c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} . (.VShare Inc. - This is a module that is required for the o.) -- C:\Program Files\vShare.tv plugin\BarLcher.dll
~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe
O4 - HKLM\..\Run: [Recguard] . (.Pas de propriétaire - Recguard Application.) -- C:\WINDOWS\SMINST\RECGUARD.exe
O4 - HKLM\..\Run: [PCDrProfiler] Clé orpheline
O4 - HKLM\..\Run: [HPBootOp] . (.Hewlett-Packard Company - HP Boot Optimizer.) -- C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime Alternative\qttask.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KwhGjohc] C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\fqptylxl\kwhgjohc.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1134005648-898974031-3703468595-1008\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1134005648-898974031-3703468595-1008\..\Run: [KwhGjohc] C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\fqptylxl\kwhgjohc.exe (.not file.)
~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Encore plus de jeux.lnk - Clé orpheline
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Jouer à Mes jeux.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\Compaq_Propriétaire\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O

O8 - Extra context menu item: &Traduire à partir de l'anglais . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Pages liées . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Pages similaires . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Recherche &Google . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google . (.Google Inc. - Barre d'outils client IE Google.) -- C:\Program Files\Google\GoogleToolbar1.dll
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\conn_support.ico
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1307466648578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307471101312
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC02D3E1-84EC-4763-8BD3-0F1AB88C9CAE}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{CC02D3E1-84EC-4763-8BD3-0F1AB88C9CAE}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CS1\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{CC02D3E1-84EC-4763-8BD3-0F1AB88C9CAE}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpNameServer = 15.243.128.51 15.243.160.51
O17 - HKLM\System\CS2\Services\Tcpip\..\{DE246E2C-8697-44FE-A5BB-FA04D12D4DEC}: DhcpDomain = rgv.hp.com
~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O1

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Scan Protocole Additionnel in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.05.) - C:\WINDOWS\system32\nvsvc32.exe
~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MP Scheduled Scan.job
~ Scan Scheduled Task in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (AmdK

. (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\WINDOWS\system32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl4f9d3976) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A9C2E868-66F3-4601-9130-5C947ECDD273}\MpKsl4f9d3976.sys
O41 - Driver: (MpKsl94bbb111) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A74A62B-0EDA-425B-BB65-12648F3C393D}\MpKsl94bbb111.sys (.not file.)
O41 - Driver: (MpKslda38ec5e) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{40E75B2F-2E5B-4036-94C6-F8FA190D8BDE}\MpKslda38ec5e.sys (.not file.)
O41 - Driver: (MpKsle624af05) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A309BC5-487A-44DB-9FB9-8EED4387F9E6}\MpKsle624af05.sys (.not file.)
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM] -- ASIO4ALL
O42 - Logiciel: Adibou et l'Ombre Verte V.1.00 on C - (.Pas de propriétaire.) [HKLM] -- Adibou et l'Ombre Verte V.1.00 on C
O42 - Logiciel: Adibou joue à lire et à compter 6-7 ans - (.Mindscape.) [HKLM] -- {678FBA54-2084-4431-829B-4046753578ED}
O42 - Logiciel: Adiboud’Chou soigne les animaux - (.Mindscape.) [HKLM] -- {D5C587D6-2B17-4781-9EB2-32A35C0FF5B8}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Amélioration de nos services - (.Hewlett-Packard.) [HKLM] -- InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}
O42 - Logiciel: Big Fish Games Client - (.Pas de propriétaire.) [HKLM] -- BFGC
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com
O42 - Logiciel: Cudbe - (.Pas de propriétaire.) [HKCU] -- CUDBE
O42 - Logiciel: EPSON CardMonitor - (.Pas de propriétaire.) [HKLM] -- {109D28C7-FB38-483A-9C91-001CB59E2699}
O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON PRINT Image Framer Tool2.1 - (.Pas de propriétaire.) [HKLM] -- {23B59ED4-C360-11D7-875B-0090CC005647}
O42 - Logiciel: EPSON PhotoQuicker3.5 - (.Pas de propriétaire.) [HKLM] -- {65F5B7AF-3363-11D7-BB6B-00018021113F}
O42 - Logiciel: EPSON PhotoStarter3.1 - (.Pas de propriétaire.) [HKLM] -- {C48817E7-AA05-4151-A99D-1E1E550CE801}
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Smart Panel - (.Pas de propriétaire.) [HKLM] -- {6C11D561-620B-47DA-A693-4C597F3CDF40}
O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
O42 - Logiciel: ESPRX420 Guide de réf. - (.Pas de propriétaire.) [HKLM] -- ESPRX420 Guide de réf.
O42 - Logiciel: ESPRX420 Guide des logiciels - (.Pas de propriétaire.) [HKLM] -- ESPRX420 Guide des logiciels
O42 - Logiciel: Enhanced Multimedia Keyboard Solution - (.Pas de propriétaire.) [HKLM] -- KBD
O42 - Logiciel: FL Studio 10 - (.Image-Line.) [HKLM] -- FL Studio 10
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Pas de propriétaire.) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: HP DVD Play 2.1 - (.Pas de propriétaire.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Imaging Device Functions 7.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart Premier Software 6.5 - (.HP.) [HKLM] -- HP Photo & Imaging
O42 - Logiciel: Hidden Expedition: Titanic ™ - (.Pas de propriétaire.) [HKLM] -- BFG-Hidden Expedition Titanic
O42 - Logiciel: High Definition Audio - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM] -- IL Download Manager
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: La Guerre de Sécession - (.Pas de propriétaire.) [HKLM] -- {5ADC2BF6-6C02-4869-9186-678D1EFFFE82}
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Nero Suite - (.Pas de propriétaire.) [HKLM] -- NeroMultiInstaller!UninstallKey
O42 - Logiciel: PIF DESIGNER2.1 - (.Pas de propriétaire.) [HKLM] -- {7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}
O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce - (.Microsoft Corporation.) [HKLM] -- KB909520
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452
O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161
O42 - Logiciel: PhotoImpression 5 - (.Pas de propriétaire.) [HKLM] -- {66C8BE35-8BBB-472B-96C7-C7C9A499F988}
O42 - Logiciel: Pixia 4.3a FR - (.Pas de propriétaire.) [HKCU] -- Pixia 4.3a FR
O42 - Logiciel: Python 2.2 pywin32 extensions (build 203) - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.2
O42 - Logiciel: Python 2.2.3 - (.PythonLabs at Zope Corporation.) [HKLM] -- Python 2.2.3
O42 - Logiciel: QuickTime Alternative 3.2.2 - (.Pas de propriétaire.) [HKLM] -- QuicktimeAlt_is1
O42 - Logiciel: Rayman 3 - (.Pas de propriétaire.) [HKLM] -- {15F52B39-04CB-4EDB-9A8C-496C4A5588E2}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97}
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: ScanToWeb - (.Pas de propriétaire.) [HKLM] -- {EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: SopCast 3.4.0 - (.www.sopcast.com.) [HKLM] -- SopCast
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Management Framework Core - (.Microsoft Corporation.) [HKLM] -- KB968930
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: vShare.tv plugin 1.3 - (.vShare.tv, Inc..) [HKLM] -- vShare.tv plugin
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\?? ?? ???? ????? ??? ?? ????]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\BVRP Software]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BitTorrent]
[HKCU\Software\CDDB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Cudbe]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\EPSON]
[HKCU\Software\Game Mill]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Image-Line]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MOVDLTool]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\PC SOFT]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Realtek]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Samsung PC Studio]
[HKCU\Software\Samsung]
[HKCU\Software\SoftVoice]
[HKCU\Software\Softonic]
[HKCU\Software\StartSearch]
[HKCU\Software\Symantec]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\vShare.tv]
[HKLM\Software\1 Jeu par jour]
[HKLM\Software\ASIO]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\BVRP Software]
[HKLM\Software\Big Fish Games]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Debug]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\EPSON]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Image-Line]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\NewSoft]
[HKLM\Software\ODBC]
[HKLM\Software\Outsim]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\Python]
[HKLM\Software\QTAlternative]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Smart Panel]
[HKLM\Software\SoftVoice]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\Ubi Soft]
[HKLM\Software\Ubisoft]
[HKLM\Software\VST]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\mcafeeupdater]
~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/06/2011 - 10:10:20 - [91812426] ----D- C:\Program Files\1 Jeu par jour
O43 - CFD: 07/06/2011 - 19:51:26 - [245022952] ----D- C:\Program Files\Adobe
O43 - CFD: 02/08/2011 - 00:15:12 - [216934223] ----D- C:\Program Files\Ahead
O43 - CFD: 11/09/2011 - 12:48:16 - [2428606] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 01/07/2011 - 13:43:34 - [178990830] ----D- C:\Program Files\ArcSoft
O43 - CFD: 11/10/2011 - 21:54:10 - [532817] ----D- C:\Program Files\ASIO4ALL v2
O43 - CFD: 11/10/2011 - 21:54:10 - [5602198] ----D- C:\Program Files\bfgclient
O43 - CFD: 20/10/2005 - 21:06:30 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 05/10/2011 - 17:15:32 - [2916264] ----D- C:\Program Files\DIFX
O43 - CFD: 09/06/2011 - 17:29:40 - [0] ----D- C:\Program Files\directx
O43 - CFD: 09/10/2011 - 21:13:32 - [101594267] ----D- C:\Program Files\DivX
O43 - CFD: 16/06/2011 - 19:00:16 - [92259839] ----D- C:\Program Files\epson
O43 - CFD: 02/08/2011 - 00:15:00 - [352201764] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 09/10/2011 - 21:13:00 - [189227202] ----D- C:\Program Files\Google
O43 - CFD: 07/06/2011 - 18:52:48 - [3772521] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 27/07/2011 - 19:18:20 - [32891540] ----D- C:\Program Files\Hidden Expedition Titanic
O43 - CFD: 07/06/2011 - 18:52:50 - [188955735] ----D- C:\Program Files\HP
O43 - CFD: 09/10/2011 - 22:39:12 - [633877788] ----D- C:\Program Files\Image-Line
O43 - CFD: 05/10/2011 - 17:14:38 - [56470127] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/10/2011 - 22:20:48 - [5756560] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 12/07/2006 - 00:14:06 - [72692053] ----D- C:\Program Files\Java
O43 - CFD: 11/10/2011 - 19:15:56 - [7004122] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 11/10/2011 - 22:34:32 - [2152579] ----D- C:\Program Files\Messenger
O43 - CFD: 24/06/2011 - 10:09:56 - [485376] ----D- C:\Program Files\Micro Application
O43 - CFD: 07/06/2011 - 20:24:08 - [854520] ----D- C:\Program Files\Microsoft
O43 - CFD: 08/06/2011 - 11:08:28 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 27/10/2005 - 00:36:16 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 12/07/2006 - 00:36:44 - [4249034] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 29/07/2011 - 09:46:16 - [18407068] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 16/06/2011 - 08:44:34 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 07/06/2011 - 20:24:50 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 07/06/2011 - 20:25:28 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 11/10/2011 - 19:43:32 - [149660739] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 13/08/2011 - 19:23:06 - [648226005] ----D- C:\Program Files\Mindscape
O43 - CFD: 11/10/2011 - 22:05:12 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 07/06/2011 - 19:32:06 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 27/10/2005 - 00:36:22 - [19278399] ----D- C:\Program Files\MSN
O43 - CFD: 27/10/2005 - 00:36:32 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 07/06/2011 - 19:42:32 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 07/06/2011 - 19:05:10 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 27/10/2005 - 00:36:44 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 11/10/2011 - 22:06:02 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 09/10/2011 - 22:38:56 - [3620877] ----D- C:\Program Files\Outsim
O43 - CFD: 11/10/2011 - 22:34:14 - [28785461] ----D- C:\Program Files\Pixia 4.3a FR
O43 - CFD: 11/10/2011 - 19:48:04 - [104565023] ----D- C:\Program Files\QuickTime Alternative
O43 - CFD: 12/07/2006 - 00:31:26 - [0] ----D- C:\Program Files\Real
O43 - CFD: 07/06/2011 - 19:32:02 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 05/10/2011 - 17:13:58 - [144942711] ----D- C:\Program Files\Samsung
O43 - CFD: 12/07/2006 - 00:45:58 - [79839674] ----D- C:\Program Files\Services en ligne
O43 - CFD: 11/10/2011 - 19:58:16 - [134333855] ----D- C:\Program Files\Smart Panel
O43 - CFD: 08/06/2011 - 18:34:34 - [7458816] ----D- C:\Program Files\Sonic
O43 - CFD: 11/10/2011 - 19:58:00 - [9124553] ----D- C:\Program Files\SopCast
O43 - CFD: 19/07/2011 - 18:43:30 - [1743429087] ----D- C:\Program Files\Ubisoft
O43 - CFD: 20/10/2005 - 21:06:02 - [0] ----D- C:\Program Files\Uninstall Information
O43 - CFD: 08/06/2011 - 18:56:48 - [399736] ----D- C:\Program Files\uTorrent
O43 - CFD: 15/09/2011 - 21:29:42 - [593428] ----D- C:\Program Files\vShare.tv plugin
O43 - CFD: 09/10/2011 - 22:39:18 - [1871872] ----D- C:\Program Files\VstPlugins
O43 - CFD: 07/06/2011 - 20:25:54 - [141906362] ----D- C:\Program Files\Windows Live
O43 - CFD: 07/06/2011 - 20:23:52 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 11/10/2011 - 19:57:56 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 11/10/2011 - 22:41:36 - [8749996] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 07/06/2011 - 19:05:06 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 20/10/2005 - 21:05:52 - [0] ----D- C:\Program Files\WindowsUpdate
O43 - CFD: 27/10/2005 - 00:37:08 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 11/10/2011 - 23:13:30 - [5422485] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 05/10/2011 - 17:10:56 - [6293192] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 02/08/2011 - 00:11:40 - [30201063] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 19/07/2011 - 18:29:20 - [62253589] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 01/07/2011 - 13:43:36 - [166] ----D- C:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD: 09/06/2011 - 17:30:16 - [3872] ----D- C:\Program Files\Fichiers Communs\DirectX
O43 - CFD: 08/06/2011 - 18:50:44 - [24016384] ----D- C:\Program Files\Fichiers Communs\DivX Shared
O43 - CFD: 12/07/2006 - 00:28:34 - [5557190] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 13/06/2011 - 10:45:56 - [7942454] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 12/07/2006 - 00:13:42 - [29811771] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 11/10/2011 - 19:27:06 - [4930062] ----D- C:\Program Files\Fichiers Communs\LightScribe
O43 - CFD: 16/06/2011 - 07:59:06 - [65521212] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 27/10/2005 - 00:35:44 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 02/08/2011 - 00:13:14 - [2274788] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 27/10/2005 - 00:35:44 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 08/06/2011 - 18:31:32 - [105852] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 27/10/2005 - 00:35:46 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 11/10/2011 - 22:11:54 - [208896] ----D- C:\Program Files\Fichiers Communs\Sonic Shared
O43 - CFD: 27/10/2005 - 00:35:46 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 07/06/2011 - 18:57:40 - [436312] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 07/06/2011 - 19:05:04 - [6811317] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 07/06/2011 - 20:19:46 - [101754149] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 07/06/2011 - 20:36:30 - [5022380] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Adobe
O43 - CFD: 07/10/2011 - 08:53:08 - [182074] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Ahead
O43 - CFD: 11/09/2011 - 12:57:42 - [3154] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Apple Computer
O43 - CFD: 01/07/2011 - 13:52:34 - [27681577] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\ArcSoft
O43 - CFD: 26/07/2011 - 23:03:24 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Cudbe
O43 - CFD: 09/10/2011 - 21:14:54 - [106] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\DDMSettings
O43 - CFD: 08/08/2011 - 07:35:48 - [137216] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\DivX
O43 - CFD: 28/08/2011 - 17:38:00 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\HPQ
O43 - CFD: 27/10/2005 - 00:34:56 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Identities
O43 - CFD: 24/06/2011 - 10:04:24 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\InstallShield
O43 - CFD: 07/06/2011 - 18:39:44 - [470] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Macromedia
O43 - CFD: 11/10/2011 - 19:16:02 - [1070] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Malwarebytes
O43 - CFD: 13/09/2011 - 19:26:38 - [12103428] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Microsoft
O43 - CFD: 13/08/2011 - 19:24:38 - [16367] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Mindscape
O43 - CFD: 12/07/2011 - 19:39:54 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Pixia
O43 - CFD: 08/06/2011 - 18:31:22 - [1400] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Real
O43 - CFD: 05/10/2011 - 17:21:14 - [428418] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Samsung
O43 - CFD: 27/08/2011 - 01:36:04 - [34898] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\Sun
O43 - CFD: 27/07/2011 - 17:04:30 - [17506] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\TeamViewer
O43 - CFD: 28/09/2011 - 17:13:58 - [1846593] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\uTorrent
O43 - CFD: 07/06/2011 - 18:51:46 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Application Data\WinBatch
O43 - CFD: 07/06/2011 - 20:36:30 - [15988] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Adobe
O43 - CFD: 08/09/2011 - 23:28:44 - [1950597] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Ahead
O43 - CFD: 19/07/2011 - 18:29:10 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Apple
O43 - CFD: 19/07/2011 - 18:28:58 - [14191] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Apple Computer
O43 - CFD: 07/06/2011 - 19:46:08 - [8968] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 30/06/2011 - 20:08:48 - [259] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\ArcSoft
O43 - CFD: 11/10/2011 - 17:34:20 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\fqptylxl
O43 - CFD: 08/07/2011 - 17:53:02 - [72980] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Game Mill Files
O43 - CFD: 09/10/2011 - 21:14:14 - [7703964] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Google
O43 - CFD: 26/06/2011 - 22:16:08 - [226896] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Identities
O43 - CFD: 09/10/2011 - 19:14:36 - [9140074] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Microsoft
O43 - CFD: 12/07/2006 - 00:34:58 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\PowerCinema
O43 - CFD: 09/10/2011 - 21:17:18 - [0] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\Temp
O43 - CFD: 12/07/2006 - 00:13:40 - [11831808] ----D- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150050}
~ Scan Program Folder in 00mn 01s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E3438469EF7474AF5D264114C13CFD9C] - 11/10/2011 - 21:53:39 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1071771]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/10/2011 - 21:52:58 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.028BC9384C43ADF97E03C3CBD24144AE] - 11/10/2011 - 21:52:43 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.BD826AF759D92D6E4FC872B6EACCA48D] - 11/10/2011 - 21:52:42 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 11/10/2011 - 21:52:27 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.BF66E5DC9D8BF765B88170737F89B613] - 11/10/2011 - 21:51:41 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32338]
O44 - LFC:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 11/10/2011 - 18:15:48 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]
O44 - LFC:[MD5.F7DDD0C7766750E089337B2491D622A8] - 11/10/2011 - 18:14:05 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.0FECB3FB879F3ED7AB5BB878D947E87A] - 09/10/2011 - 21:39:15 ---A- . (.Propellerhead Software AB - ReWire.) -- C:\WINDOWS\system32\rewire.dll [225280]
O44 - LFC:[MD5.E5EE472E51D434A0556CAC8CB8F9B5D1] - 09/10/2011 - 21:39:05 ---A- . (...) -- C:\WINDOWS\setupapi.log [233762]
O44 - LFC:[MD5.9033DAF3277F0498BC86C8D4566C25CE] - 09/10/2011 - 21:39:02 ---A- . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\system32\vorbis.acm [1554944]
O44 - LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] - 09/10/2011 - 21:13:09 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116]
O44 - LFC:[MD5.441099C401518676CA291B92F63E7AAE] - 05/10/2011 - 16:26:01 ---A- . (...) -- C:\CMLoader.log [74]
O44 - LFC:[MD5.3A5F1E52EE7CAB5B126196EB33C34EC6] - 05/10/2011 - 16:15:47 ---A- . (...) -- C:\WINDOWS\wmsetup.log [64443]
O44 - LFC:[MD5.6F6ACF4CD20B74D3968FE1B577091A13] - 05/10/2011 - 16:15:30 ---A- . (...) -- C:\WINDOWS\DPINST.LOG [10028]
O44 - LFC:[MD5.5C49DA579C2A1F886C1BCB5E3F14740A] - 05/10/2011 - 16:07:18 ---A- . (...) -- C:\WINDOWS\setupact.log [219500]
O44 - LFC:[MD5.EEBB0FA277FF042F70E581A2E4C494F9] - 05/10/2011 - 15:33:14 ---A- . (...) -- C:\WINDOWS\PhotoSnapViewer.INI [151]
O44 - LFC:[MD5.0AB3B9DCA1011B676B2561BD5E117F36] - 02/10/2011 - 02:22:48 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158]
O44 - LFC:[MD5.760552C0A5D3E8D721A231B44AC2106B] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1082251]
O44 - LFC:[MD5.021CA9E700772A81FD2A2CF3B6633D53] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\KB2616676.log [11712]
O44 - LFC:[MD5.A591D82DD36187A37919A02BFB936F05] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\comsetup.log [364086]
O44 - LFC:[MD5.759F8986FAB3441C11149023DCFC9A35] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\iis6.log [166620]
O44 - LFC:[MD5.16C6914440F2E58F10BB7DE836D6C5A1] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.8EBF8149A1BD528081A4F423D298C76D] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\msgsocm.log [53504]
O44 - LFC:[MD5.45E3489D5A91A2D0E15AD0522771C93F] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [219179]
O44 - LFC:[MD5.2F7BD41547DF69BFED7E4112AD82B974] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\ocgen.log [524373]
O44 - LFC:[MD5.7AB40EA7BF4E6D9BFB4210DB121CCE8C] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\ocmsn.log [59045]
O44 - LFC:[MD5.130326467C1FE74E7DCC9DE9C63293A4] - 15/09/2011 - 22:09:13 ---A- . (...) -- C:\WINDOWS\tsoc.log [411783]
O44 - LFC:[MD5.2230341E6AF7328D3C50AE91EEA672DE] - 15/09/2011 - 22:09:12 ---A- . (...) -- C:\WINDOWS\updspapi.log [180355]
O44 - LFC:[MD5.32401C65E0D89ABC2F43052EC2BEAA29] - 15/09/2011 - 22:07:17 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.1A30608BEA0620FC8A081F16F667289A] - 15/09/2011 - 22:07:16 ---A- . (...) -- C:\WINDOWS\KB2570947.log [6472]
O44 - LFC:[MD5.3ADB99529939136B1BD8B23056876A87] - 15/09/2011 - 20:29:30 ---A- . (...) -- C:\prefs.js [355]
O44 - LFC:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 15:05:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]
O44 - LFC:[MD5.89237A73CDEA80FDE79B79C0C8B67758] - 28/08/2005 - 19:51:42 ---A- . (...) -- C:\WINDOWS\system32\Uninstall.ico [766]
~ Scan Files in 00mn 07s

---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe" [Enabled] .(...) -- C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\CyberLink\PowerCinema\PCMService.exe" [Enabled] .(...) -- C:\Program Files\CyberLink\PowerCinema\PCMService.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\AOL 9.0\waol.exe" [Enabled] .(...) -- C:\Program Files\AOL 9.0\waol.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\7zS7B.tmp\SymNRT.exe" [Enabled] .(.Symantec Corporation.) -- C:\Documents and Settings\Compaq_Propriétaire\Local Settings\Temp\7zS7B.tmp\SymNRT.exe
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\Temp\NavBrowser.exe" [Enabled] .(.Naviant, Inc. - NAVBrowser.) -- C:\WINDOWS\Temp\NavBrowser.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe" [Enabled] .(.Apple Inc..) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\WebKit2WebProcess.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
~ Scan Keys in 00mn 04s

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.LEAD"="LCODCCMP.DLL" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3codecp"="" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll
O52 - TDSD: \Drivers32\"msacm.vorbis"="vorbis.acm" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\system32\vorbis.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"LCODCCMP.DLL"="LEAD MCMP/MJPEG Codec (VFW)" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\system32\l3codecp.acm
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"vorbis.acm"="Ogg Vorbis Audio CODEC" . (.HMS http://hp.vector.co.jp/authors/VA012897 - Ogg Vorbis CODEC for MSACM.) -- C:\WINDOWS\system32\vorbis.acm
~ Scan Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O5

O58 - SDL:[MD5.62271FF14BAA810323AC816C5D355BA9] - 11/10/2011 - 22:53:00 ---A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys [43008]
O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 11/10/2011 - 09:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdr4_xp.sys [2432]
O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 11/10/2011 - 09:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\system32\drivers\cdralw2k.sys [2560]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 11/10/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 11/10/2011 - 12:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.89A8D929FDD51E6557E12A46BD3E2BA6] - 11/10/2011 - 08:20:26 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8169 Hardware Diagnostics Driver for Win2k/xp.) -- C:\WINDOWS\system32\drivers\diag69xp.sys [11351]
O58 - SDL:[MD5.919DE7D76D2C0C0139E08B3E7592D62E] - 11/10/2011 - 00:46:46 ---A- . (.LT - LT Windows Modem.) -- C:\WINDOWS\system32\drivers\ltmdmnt.sys [607452]
O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 11/10/2011 - 16:00:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22216]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 11/10/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.642A87877F83313EB5302749CD479024] - 11/10/2011 - 21:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.08.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3535680]
O58 - SDL:[MD5.22EEDB34C4D7613A25B10C347C6C4C21] - 11/10/2011 - 22:31:02 ---A- . (.NVIDIA Corporation - NVIDIA Networking Function Driver..) -- C:\WINDOWS\system32\drivers\NVENETFD.sys [34176]
O58 - SDL:[MD5.5E3F6AD5CAD0F12D3CCCD06FD964087A] - 11/10/2011 - 22:31:04 ---A- . (.NVIDIA Corporation - NVIDIA Networking Bus Driver..) -- C:\WINDOWS\system32\drivers\nvnetbus.sys [13056]
O58 - SDL:[MD5.B80EB11F6BA8596153FE7067ACDBFE43] - 11/10/2011 - 22:30:46 ---A- . (.NVIDIA Corporation - NVIDIA Network Resource Manager..) -- C:\WINDOWS\system32\drivers\nvnrm.sys [305024]
O58 - SDL:[MD5.60CA4F6F077CCC73AF7B5556BE81639A] - 11/10/2011 - 22:30:32 ---A- . (.NVIDIA Corporation - NVIDIA Networking Soft-NPU Driver..) -- C:\WINDOWS\system32\drivers\nvsnpu.sys [222592]
O58 - SDL:[MD5.C3B4DDFDDEB512790EA24DE867FCB7C3] - 11/10/2011 - 22:30:54 ---A- . (.NVIDIA Corporation - NVIDIA Networking Protocol Driver..) -- C:\WINDOWS\system32\drivers\nvtcp.sys [101888]
O58 - SDL:[MD5.263AA696D8A1D78234F17C303E89B78D] - 11/10/2011 - 08:14:38 ---A- . (.Windows (R) 2000 DDK provider - PCDR NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\drivers\pcdrndisuio.sys [13440]
O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 11/10/2011 - 01:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\WINDOWS\system32\drivers\PS2.sys [19072]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 11/10/2011 - 05:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 11/10/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 11/10/2011 - 12:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.64BE56B8858CA0153C725C720FFD194F] - 11/10/2011 - 21:27:12 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4246016]
O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 11/10/2011 - 22:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys [20992]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 11/10/2011 - 08:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 11/10/2011 - 15:05:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 11/10/2011 - 12:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.F2CE99DD9F56BAFC49234A1EFB0AFC8E] - 11/10/2011 - 08:07:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\USBkey.sys [28848]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 11/10/2011 - 12:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.358EB398616AAEE2C413EAF99D1C1F00] - 11/10/2011 - 23:39:27 ---A- . (...) -- C:\WINDOWS\system32\CHODDI.SYS [13066]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 11/10/2011 - 05:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 11/10/2011 - 12:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Scan Drivers in 00mn 01s

---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??/??/???? - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe (.not file.) - ArcSoft Connect Daemon (ACDaemon) .(...) - LEGACY_ACDAEMON
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 05/08/2004 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 09/10/2011 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 22/10/2004 - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT
O64 - Services: CurCS - 24/04/2006 - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service(LightScribeService) .(.Hewlett-Packard Company - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE
O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A74A62B-0EDA-425B-BB65-12648F3C393D}\MpKsl94bbb111.sys (.not file.) - MpKsl94bbb111 (MpKsl94bbb111) .(...) - L
O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{40E75B2F-2E5B-4036-94C6-F8FA190D8BDE}\MpKslda38ec5e.sys (.not file.) - MpKslda38ec5e (MpKslda38ec5e) .(...) - L
O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0A309BC5-487A-44DB-9FB9-8EED4387F9E6}\MpKsle624af05.sys (.not file.) - MpKsle624af05 (MpKsle624af05) .(...) - L
O64 - Services: CurCS - 25/01/2006 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 82.05.) - LEGACY_NVSVC
O64 - Services: CurCS - 14/01/2009 - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe - SeaPort(SeaPort) .(.Microsoft Corp. - Microsoft SeaPort Search Enhancement Broker.) - LEGACY_SEAPORT
~ Scan Services in 00mn 01s

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O6

O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Web Search) - http://startsear.ch
O69 - SBI: SearchScopes [HKCU] {735ABBAD-2028-4EC6-BCF0-67141F46DA2A} - (Bing) - http://www.bing.com
~ Scan Keys in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.ACA94F6BB06703CA625F0404D0E5C0D5] [SPRF][11/10/2011] (...) -- C:\Documents and Settings\Compaq_Propriétaire\Bureau\0.23748549935895635.exe [117325]
~ Scan Files in 00mn 00s

---\\ Scan Additionnel (O8

Database Version : 8707 - (20/09/2011)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKCU\Software\StartSearch] =>Hijacker.Agent
[HKCU\Software\vShare.tv] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\vShare.tv plugin] =>Toolbar.Agent
~ Scan Additionnel in 00mn 17s

---\\ Recherche détournement de DNS routeur (O89)
Serveur : UnKnown
Address: 192.168.1.254
Nom : www.l.google.com
Addresses: 74.125.39.105, 74.125.39.147, 74.125.39.106, 74.125.39.104
74.125.39.103, 74.125.39.99
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 02s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 0 | (ACDaemon) . (...) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
SS - | Demand 11/10/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 11/10/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/10/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/10/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SR - | Auto 11/10/2011 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
SS - | Auto 11/10/2011 131139 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
~ Scan Services in 00mn 02s

---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Compaq_Propriétaire at 11/10/2011 23:14:09

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x85968AB8]
3 CLASSPNP[0xF75D0FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000066[0x858E2E98]
5 ACPI[0xF7446620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP2T0L0-5[0x858DED98]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 04s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Compaq_Propriétaire at 11/10/2011 23:14:11

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s

End of the scan (1037 lines in 00mn 44s)(0)
rapport

Pages: 1

M'inscrire

Me connecter

Mot de passe oublié

Retour au forum