Mon flash disk est infecté

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:30:17 le 10/04/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Administrateur@SWEET-2C68BB0B5 ( )

============== RECHERCHE ==============



Clé trouvée: HKLM\Software\Classes\TypeLib\{199C34A4-5436-403F-A250-219E16672570}
Clé trouvée: HKLM\Software\Classes\BHO.GamePlayLabsBHO
Clé trouvée: HKLM\Software\Classes\BHO.GamePlayLabsBHO.1
Clé trouvée: HKLM\Software\Classes\AppID\BHO.dll
Clé trouvée: HKLM\Software\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0 (en-US)] ****

HKLM_MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 (x)
HKLM_MozillaPlugins\@movenetworks.com/Quantum Media Player (x)
HKCU_MozillaPlugins\@movenetworks.com/Quantum Media Player (x)
Searchplugins\amazondotcom.xml (hxxp://www.amazon.com/exec/obidos/external-search/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\eBay.xml (hxxp://rover.ebay.com/rover/1/711-47294-18009-3/4)
Searchplugins\wikipedia.xml (hxxp://en.wikipedia.org/wiki/Special:Search)
Components\browsercomps.dll (Mozilla Foundation)
HKCU_Extensions|{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - C:\Program Files\DAP\DAPFireFox
HKCU_Extensions|moveplayer@movenetworks.com - C:\Documents and Settings\Administrateur\Application Data\Move Networks

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default --
Extensions\filtersetg@updater (Adblock Filterset.G Updater)
Extensions\ietab@ip.cn (IE Tab Plus)
Extensions\plugin2@gameplaylabs.com (GamePlayLabs Plugin)
Extensions\snaplinks@snaplinks.net (Snap Links (EladKarako Mod))
Extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e} (Gmail Notifier)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrateur\\Bureau\\mes recherches
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{39965FA6-7019-406b-B135-50CF6A2FFB2B} - "SpeedBit Search" (hxxp://home.speedbit.com/search.aspx?aff=206&q={searchTerms})
HKCU_Toolbar\WebBrowser|{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} (x)
HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Documents and Settings\Administrateur\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKLM_ElevationPolicy\45da49ad-db08-4666-af8f-697ebd9cdea9 - C:\Program Files\IsoBuster\IsoBusterToolbarHelper.exe (?)
HKLM_ElevationPolicy\{180B71E5-6730-42D4-994F-7F73F1CE0D2B} - C:\Program Files\IsoBuster\IsoBusterToolbarHelper1.exe (Conduit Ltd.)
HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKCU_Extensions\SolidConverterPDF - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{259F616C-A300-44F5-B04A-ED001A26C85C} (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{984A9162-8891-4D19-8CFE-17648BB4E1EC} - "GamePlayLabsBHO Class" (C:\Documents and Settings\Administrateur\Local Settings\Application Data\GamePlayLabs Plugin\BHO.dll)
BHO\{FF6C3CF0-4B15-11D1-ABED-709549C10000} - "Download Accelerator Plus Integration" (C:\PROGRA~1\DAP\DAPIEL~1.DLL)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 10/04/2011 14:30:29 (4168 Octet(s))

Fin à: 14:31:43, 10/04/2011

============== E.O.F ==============

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 08/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 15:19:29 le 10/04/2011, Mode normal

Microsoft Windows XP Professionnel Service Pack 3 (X86)
Administrateur@SWEET-2C68BB0B5 ( )

============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\TypeLib\{199C34A4-5436-403F-A250-219E16672570}
Clé supprimée: HKLM\Software\Classes\BHO.GamePlayLabsBHO
Clé supprimée: HKLM\Software\Classes\BHO.GamePlayLabsBHO.1
Clé supprimée: HKLM\Software\Classes\AppID\BHO.dll
Clé supprimée: HKLM\Software\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0 (en-US)] ****

Plugins\NPSWF32.dll (?)
HKLM_MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 (x)
HKLM_MozillaPlugins\@movenetworks.com/Quantum Media Player (x)
HKCU_MozillaPlugins\@movenetworks.com/Quantum Media Player (x)
Searchplugins\amazondotcom.xml (hxxp://www.amazon.com/exec/obidos/external-search/)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\eBay.xml (hxxp://rover.ebay.com/rover/1/711-47294-18009-3/4)
Searchplugins\wikipedia.xml (hxxp://en.wikipedia.org/wiki/Special:Search)
Components\browsercomps.dll (Mozilla Foundation)
HKCU_Extensions|{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - C:\Program Files\DAP\DAPFireFox
HKCU_Extensions|moveplayer@movenetworks.com - C:\Documents and Settings\Administrateur\Application Data\Move Networks

-- C:\Documents and Settings\Administrateur\Application Data\Mozilla\FireFox\Profiles\mteietq8.default --
Extensions\filtersetg@updater (Adblock Filterset.G Updater)
Extensions\ietab@ip.cn (IE Tab Plus)
Extensions\plugin2@gameplaylabs.com (GamePlayLabs Plugin)
Extensions\snaplinks@snaplinks.net (Snap Links (EladKarako Mod))
Extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e} (Gmail Notifier)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrateur\\Bureau\\mes recherches
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0

========================================

**** Internet Explorer Version [8.0.6001.18702] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{39965FA6-7019-406b-B135-50CF6A2FFB2B} - "SpeedBit Search" (hxxp://home.speedbit.com/search.aspx?aff=206&q={searchTerms})
HKCU_Toolbar\WebBrowser|{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} (x)
HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Documents and Settings\Administrateur\Application Data\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKLM_ElevationPolicy\45da49ad-db08-4666-af8f-697ebd9cdea9 - C:\Program Files\IsoBuster\IsoBusterToolbarHelper.exe (?)
HKLM_ElevationPolicy\{180B71E5-6730-42D4-994F-7F73F1CE0D2B} - C:\Program Files\IsoBuster\IsoBusterToolbarHelper1.exe (Conduit Ltd.)
HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (x)
HKCU_Extensions\SolidConverterPDF - "?" (?)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{259F616C-A300-44F5-B04A-ED001A26C85C} (?)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{984A9162-8891-4D19-8CFE-17648BB4E1EC} - "GamePlayLabsBHO Class" (C:\Documents and Settings\Administrateur\Local Settings\Application Data\GamePlayLabs Plugin\BHO.dll)
BHO\{FF6C3CF0-4B15-11D1-ABED-709549C10000} - "Download Accelerator Plus Integration" (C:\PROGRA~1\DAP\DAPIEL~1.DLL)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 10/04/2011 15:19:38 (2424 Octet(s))
C:\Ad-Report-SCAN[1].txt - 10/04/2011 14:30:29 (5003 Octet(s))

Fin à: 15:20:37, 10/04/2011

============== E.O.F ==============

le voilà:
Rapport de ZHPDiag v1.27.1867 par Nicolas Coolman, Update du 10/04/2011
Run by Administrateur at 10/04/2011 16:47:30
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 4.0 v4.0 (Defaut)
GCIE: Google Chrome

---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 13 Stepping 8, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 502 MB (5% free)
System Restore: Activé (Enable)
System drive C: has 34 GB (60%) free of 56 GB

---\\ Logged in mode
Computer Name: SWEET-2C68BB0B5
User Name: Administrateur
All Users Names: HelpAssistant, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=%APPDATA%
%LocalAppData%=C:\Documents and Settings\Administrateur\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\Administrateur\Menu Démarrer

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 34 Go of 56 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Free 2 Go of 2 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK



---\\ Search Generic System Files
[MD5.BFBBBFE0913E6C9706F97598A6588B8F] - (.Microsoft Corporation - Explorateur Windows.) (.27/09/2008 11:24:52.) -- C:\WINDOWS\Explorer.exe [1573888]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.4BB6301D634C857A5089E8B24C5555E4] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.27/09/2008 11:27:21.) -- C:\WINDOWS\system32\Winlogon.exe [593408]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.27/09/2008 02:58:26.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.A0857C97770034FD2AF17DC4014B5ABD] - (.Microsoft Corporation - NT File System Driver.) (.22/04/2008 14:45:52.) -- C:\WINDOWS\system32\drivers\ntfs.sys [576384]



---\\ Running Processes
[MD5.7207DB389CEAD101251883511A676F91] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [135336]
[MD5.1C1A3FFD1CB5FC4FD1BE8DADC0E16D0C] - (...) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [73728]
[MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480]
[MD5.78D5B0BF7C2737E861E3B521A2C63810] - (.NetSupport Ltd - NetSupport Client Application.) -- C:\PROGRA~1\NETSUP~1\client32.exe [16447]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.FA680935110ECE1BF93E9AADEBDC865B] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [94208]
[MD5.FBC32DBF9E460E9CAA516BBABB730925] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824]
[MD5.63C99498AD5D9F177B581A906B13C1DC] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [163840]
[MD5.F302148C7BD644206181E208E7C31447] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784]
[MD5.79858E0ABAD22CEE51A814AC064A88D1] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352]
[MD5.77CE2CF917ACBFB957ECF7984C313B8F] - (.Motorola Inc. - Motorola SM56 Win32 Utility.) -- C:\WINDOWS\sm56hlpr.exe [544768]
[MD5.9251920A850093DF771B80FBBCC524F3] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [98394]
[MD5.267EDCE06D1B263FBAD0D16E6BD6BB03] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [688218]
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016]
[MD5.25328FF38D128EF5891C13843168C30B] - (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [172032]
[MD5.7D750887E39563620BC5F057295A501D] - (.Hewlett-Packard - hpotdd01.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [40960]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]
[MD5.9428A8346787367BF687360B55C540E0] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [824224]
[MD5.8D6B4BB1BEA52A7F2A2CB813F74E6B60] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files\Athan\Athan.exe [937984]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
[MD5.4B4D7626E7330F091100BFC22230ECF0] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe [273544]
[MD5.BF98AF55736FB805FC208B89A09E0C4F] - (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe [10240]
[MD5.98A5F9B03F005E9B2650A0E24E62AD1E] - (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.EXE [2836656]
[MD5.2B7885EA0F34BA522FEFF97738126A84] - (.Unknown owner - SDII MFC Application.) -- C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe [335872]
[MD5.4CEC4B72C5B255EC2F7C54CD03554540] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [963976]
[MD5.C0D12E6C85FC6DD7FF1DBB04F2DC933B] - (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [5252408]
[MD5.C09116C3F2F168DAB019C047AFDD5285] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [14944136]
[MD5.2CE8F1C52F490875592166316C512B6F] - (.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe [80256]
[MD5.7AAF26E5CEC48A364FAB61A3505668FB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.356A22A5871AC798035E4082C0508F76] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.48E2336E591A5FE4AA9EE35E0DE9F27A] - (.RealNetworks, Inc. - RealPlayer Downloader.) -- C:\Program Files\Real\RealPlayer\RecordingManager.exe [414392]
[MD5.CEAA5817A65E914AA178B28F12359A46] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files\Microsoft Office\Office12\WINWORD.EXE [347432]
[MD5.239BC05AF0D0636DAAAB7E502900BF00] - (.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe [490112]
[MD5.3CAADCE41AF3CAFC00EB8414A864720D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642560]



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\amazondotcom.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.633.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.Unknown owner - No comment.) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files\Yahoo!\Shared\npYState.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 1.0.30716.0.) -- C:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll
P2 - FPN: [HKLM] [@movenetworks.com/Quantum Media Player] - (.Move Networks - npmnqmp 989898989877.) -- C:\Documents and Settings\Administrateur\Application Data\Move Networks\plugins\npqmp071700000016.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.633] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.633] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.633] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videos
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.633] - (.RealNetworks, Inc. - 12.0.1.633.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKCU] [@movenetworks.com/Quantum Media Player] - (.Move Networks - npmnqmp 989898989877.) -- C:\Documents and Settings\Administrateur\Application Data\Move Networks\plugins\npqmp071700000016.dll



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1



---\\ ---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Orphean Key
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} Orphean Key
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordP
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} . (.GamePlayLabs - GamePlayLabs Browser Helper Object.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GamePlayLabs Plugin\BHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} . (.IniCom Networks, Inc. - No comment.) -- C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} . (.SpeedBit Ltd. - Download Accelerator Plus (DAP) MSIE Loader.) -- C:\PROGRA~1\DAP\DAPIEL~1.DLL



---\\ ---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SMSERIAL] . (.Motorola Inc. - Motorola SM56 Win32 Utility.) -- C:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPLpr] . (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] . (.Hewlett-Packard - hpotdd01.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [USB Antivirus] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe
O4 - HKCU\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe
O4 - HKCU\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll
O4 - HKUS\S-1-5-20\..\RunOnce: [JkDefrag] rundll32 advpack.dll
O4 - HKUS\S-1-5-20\..\RunOnce: [SweetRegistry] rundll32 advpack.dll
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\BizChecker.lnk . (...) -- C:\Program Files\Samsung\Samsung Biz Reader\BizChecker.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check(2).lnk . (.SEIKO EPSON CORPORATION.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microtek Scanner Finder.lnk . (...) -- C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe



---\\ ---\\ Other User Links (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AA0000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\FlashFXP.lnk . (.IniCom Networks, Inc..) -- C:\Program Files\FlashFXP\FlashFXP.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PuTTY.lnk . (.Simon Tatham.) -- C:\Program Files\PuTTY\PuTTY.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\QuickPar.lnk . (.Peter B Clements.) -- C:\Program Files\QuickPar\QuickPar.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: &Clean Traces . (.Unknown owner - No comment.) -- C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP . (.Unknown owner - No comment.) -- C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP . (.Unknown owner - No comment.) -- C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: S&end to OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CS1\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CS2\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CCS\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



---\\ Extra protocols and protocol Hijackers (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notifications.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll



---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll



---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: (Client32) . (.NetSupport Ltd - NetSupport Client Application.) - C:\PROGRA~1\NETSUP~1\client32.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (EpsonBidirectionalService) . (...) - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)



---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1214440339-1229272821-1606980848-500.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1214440339-1229272821-1606980848-500.job
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Unknown owner.) -- C:\Program âiles\Apple Soâtware Update\SoâtwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1214440339-1229272821-1606980848-500] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1214440339-1229272821-1606980848-500] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)



---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys



---\\ Software installed (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.0.1) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA0000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Athan Pro 3.0 - (.Unknown owner.) [HKLM] -- Athan
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CPU-Z - (.Unknown owner.) [HKLM] -- CPUZ
O42 - Logiciel: ClearType Tuning - (.Unknown owner.) [HKLM] -- ClearTypeCPL
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-040C-0000-0000000FF1CE}
O42 - Logiciel: CurrPorts - (.Unknown owner.) [HKLM] -- CurrPorts
O42 - Logiciel: Download Accelerator Plus (DAP) - (.Speedbit Ltd..) [HKLM] -- Download Accelerator Plus (DAP)
O42 - Logiciel: EPLN3000 Paper Jam Guide - (.Unknown owner.) [HKLM] -- EPLN3000 Paper Jam Guide
O42 - Logiciel: EPLN3000 Reference Guide - (.Unknown owner.) [HKLM] -- EPLN3000 Reference Guide
O42 - Logiciel: EPSON Printer Software - (.Unknown owner.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: FastStone Capture 6.7 - (.FastStone Soft.) [HKLM] -- FastStone Capture
O42 - Logiciel: FileHippo.com Update Checker - (.Unknown owner.) [HKLM] -- FileHippo.com
O42 - Logiciel: FlashFXP v3 - (.IniCom Networks, Inc..) [HKLM] -- {96E3AED5-3D0B-4BB0-84C2-1EDADB204487}
O42 - Logiciel: GPU-Z - (.Unknown owner.) [HKLM] -- GPUZ
O42 - Logiciel: GamePlayLabs Plugin - (.Unknown owner.) [HKLM] -- GamePlayLabs Plugin
O42 - Logiciel: GoRC - (.Unknown owner.) [HKLM] -- GoRC
O42 - Logiciel: HD Tune - (.Unknown owner.) [HKLM] -- HDTune
O42 - Logiciel: HP Photo and Imaging 2.0 - Deskjet Series - (.{&Tahoma8}Hewlett-Packard.) [HKLM] -- {E0828692-FD9D-459F-9312-C645C3CA6650}
O42 - Logiciel: HWMonitor - (.Unknown owner.) [HKLM] -- HWMonitor
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver for Mobile - (.Unknown owner.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: IsoBuster Toolbar - (.Unknown owner.) [HKLM] -- IsoBuster Toolbar
O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: JkDefrag - (.Unknown owner.) [HKLM] -- JkDefrag
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: MATLAB R2009a - (.The MathWorks, Inc..) [HKLM] -- MatlabR2009a
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Macromedia Extension Manager - (.Macromedia, Inc..) [HKLM] -- {5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
O42 - Logiciel: Macromedia Flash 8 - (.Macromedia.) [HKLM] -- {2BD5C305-1B27-4D41-B690-7A61172D2FEB}
O42 - Logiciel: Macromedia Flash 8 Video Encoder - (.Macromedia.) [HKLM] -- {8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- {885A63EA-382B-4DD4-A755-14809B8557D6}
O42 - Logiciel: Macromedia Flash Player 8 Plugin - (.Macromedia.) [HKLM] -- {91057632-CA70-413C-B628-2D3CDBBB906B}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MemTest - (.Unknown owner.) [HKLM] -- MemTest
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft DirectX Control Panel 9.0c - (.Unknown owner.) [HKLM] -- DirectXCPL
O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA
O42 - Logiciel: Motorola SM56 Data Fax Modem - (.Unknown owner.) [HKLM] -- SMSERIAL
O42 - Logiciel: Move Media Player - (.Move Networks.) [HKCU] -- Move Media Player
O42 - Logiciel: Mozilla Firefox 4.0 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 en-US)
O42 - Logiciel: Muslim Bag - (.Soft4ISlam.) [HKLM] -- Muslim Bag1.48
O42 - Logiciel: Nero 8 Lite 8.3.6.0 - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1
O42 - Logiciel: Nero Info Tool - (.Unknown owner.) [HKLM] -- InfoTool
O42 - Logiciel: NetSupport School - (.NetSupport Ltd.) [HKLM] -- NetSupport School
O42 - Logiciel: Notepad++ - (.Unknown owner.) [HKLM] -- Notepad++
O42 - Logiciel: Open Command Prompt Shell Extension - (.Kai Liu.) [HKLM] -- CmdOpen
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PhotoFiltre - (.Unknown owner.) [HKCU] -- PhotoFiltre
O42 - Logiciel: Pserv - (.Unknown owner.) [HKLM] -- Pserv
O42 - Logiciel: PuTTY - (.Unknown owner.) [HKLM] -- PuTTY
O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] -- QuickPar
O42 - Logiciel: Quicksys RegDefrag - (.Unknown owner.) [HKLM] -- RegDefrag
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: RegScanner - (.Unknown owner.) [HKLM] -- RegScanner
O42 - Logiciel: Samsung Biz Reader - (.Unknown owner.) [HKLM] -- {1950BB98-676E-4EB2-8F63-395AC767A02F}
O42 - Logiciel: Samsung Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: Samsung USB Driver - (.Samsung Techwin.) [HKLM] -- {713E5AB1-2389-43A6-8313-CB4D3C44C4FA}
O42 - Logiciel: ScanWizard 5 - (.Unknown owner.) [HKLM] -- {B08D262E-D902-11D5-9C28-0080C85A0C2D}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype(TM) 5.0 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Unknown owner.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Sysinternals Suite - (.Unknown owner.) [HKLM] -- Sysinternals
O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers. - (.Texas Instruments Inc..) [HKLM] -- InstallShield_{E7A744FD-E1B8-4FF6-ADC1-EA4C32181457}
O42 - Logiciel: Tweak UI - (.Unknown owner.) [HKLM] -- TweakUI
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: Utilitaires Gnu Unix - (.GnuWin32.) [HKLM] -- Unix
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinMover 3.2.0.6 - (.Andreas Eliasson (EliasAE).) [HKLM] -- WinMover_is1
O42 - Logiciel: Windows Installer CleanUp - (.Unknown owner.) [HKLM] -- MSI
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Safety Scanner - (.Unknown owner.) [HKLM] -- Windows Live Safety Scanner
O42 - Logiciel: Xvid 1.1.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger
O42 - Logiciel: Yahoo! Toolbar - (.Unknown owner.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: hp deskjet 3500 - (.Hewlett-Packard.) [HKLM] -- {8FD62EBB-3175-4907-A326-989B14E5C757}
O42 - Logiciel: hp print screen utility - (.Unknown owner.) [HKLM] -- hp print screen utility

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Analog Devices]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BizReader]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\EliasAE]
[HKCU\Software\FastStone]
[HKCU\Software\FileHippo.com]
[HKCU\Software\FlashFXP]
[HKCU\Software\Flock]
[HKCU\Software\GNU]
[HKCU\Software\GamePlayLabs]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\IsoBuster]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MathWorks]
[HKCU\Software\Monitored]
[HKCU\Software\MoveNetworks]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QuickPar]
[HKCU\Software\RealNetworks]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\ScanWizard 5]
[HKCU\Software\SecureMedia]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Smart Projects]
[HKCU\Software\SolidDocuments]
[HKCU\Software\SpeedBit]
[HKCU\Software\Stoik]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Tensons]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WPI]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Yahoo]
[HKCU\Software\p-nand-q.com]
[HKCU\Software\settings]
[HKCU\Software\techPowerUp]
[HKLM\Software\8322898]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Analog Devices]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EPSON]
[HKLM\Software\FlashFXP]
[HKLM\Software\GNU]
[HKLM\Software\GODSP]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\INTEL]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\IsoBuster]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kodak]
[HKLM\Software\Licenses]
[HKLM\Software\Lidan]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MathWorks]
[HKLM\Software\Microtek]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Productive Computer Insight]
[HKLM\Software\Program Groups]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Samsung Techwin]
[HKLM\Software\SamsungMaster]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\SolidDocuments]
[HKLM\Software\SpeedBit]
[HKLM\Software\SuppHelpDir]
[HKLM\Software\Synaptics]
[HKLM\Software\Tensons]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Wise Solutions]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 10/04/2011 - 14:30:16 - [49349009] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 17/03/2011 - 10:21:40 - [111499108] ----D- C:\Program Files\Adobe
O43 - CFD: 11/11/2010 - 03:17:24 - [1155072] ----D- C:\Program Files\Analog Devices
O43 - CFD: 12/11/2010 - 19:14:22 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 23/02/2011 - 19:22:08 - [9500724] ----D- C:\Program Files\Athan
O43 - CFD: 12/11/2010 - 17:05:34 - [112410698] ----D- C:\Program Files\Avira
O43 - CFD: 05/04/2011 - 19:37:04 - [3673632] ----D- C:\Program Files\CCleaner
O43 - CFD: 11/11/2010 - 02:21:16 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 18/11/2010 - 09:32:04 - [16980255] ----D- C:\Program Files\DAP
O43 - CFD: 18/11/2010 - 13:24:08 - [8911702] ----D- C:\Program Files\EPSON
O43 - CFD: 09/12/2010 - 11:50:10 - [1952233] ----D- C:\Program Files\FastStone Capture
O43 - CFD: 10/04/2011 - 15:08:36 - [478271772] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 17/03/2011 - 09:48:36 - [381086] ----D- C:\Program Files\FileHippo.com
O43 - CFD: 11/11/2010 - 02:52:00 - [7212686] ----D- C:\Program Files\FlashFXP
O43 - CFD: 11/11/2010 - 10:52:18 - [73075912] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 14/02/2011 - 12:55:30 - [14942699] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 21/02/2011 - 19:58:08 - [3266301] ----D- C:\Program Files\Internet Download Manager
O43 - CFD: 10/04/2011 - 13:28:30 - [5133304] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 22/01/2011 - 18:17:56 - [6167750] ----D- C:\Program Files\IsoBuster
O43 - CFD: 17/03/2011 - 10:36:36 - [164854163] ----D- C:\Program Files\Java
O43 - CFD: 21/11/2010 - 14:53:10 - [0] ----D- C:\Program Files\LingvoSoft
O43 - CFD: 10/04/2011 - 15:11:08 - [193345211] ----D- C:\Program Files\Macromedia
O43 - CFD: 22/01/2011 - 19:52:40 - [4941932] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 14/11/2010 - 13:18:56 - [3812877720] ----D- C:\Program Files\MATLAB
O43 - CFD: 05/03/2011 - 19:07:58 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 11/11/2010 - 10:19:08 - [804795830] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 11/11/2010 - 02:20:24 - [3231712] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 11/11/2010 - 10:18:54 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 11/11/2010 - 10:15:12 - [1654295] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 11/11/2010 - 10:19:28 - [3178824] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 11/11/2010 - 10:18:12 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 14/02/2011 - 12:55:30 - [22200519] ----D- C:\Program Files\Microtek
O43 - CFD: 11/11/2010 - 02:22:50 - [12797658] ----D- C:\Program Files\Movie Maker
O43 - CFD: 25/03/2011 - 14:15:00 - [36453003] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 11/11/2010 - 10:19:18 - [764] ----D- C:\Program Files\MSBuild
O43 - CFD: 11/11/2010 - 02:51:10 - [1528435] ----D- C:\Program Files\MSECache
O43 - CFD: 11/11/2010 - 02:20:18 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 28/11/2010 - 17:27:40 - [22346895] ----D- C:\Program Files\Muslim Bag
O43 - CFD: 11/11/2010 - 02:51:32 - [58715222] ----D- C:\Program Files\Nero
O43 - CFD: 11/11/2010 - 02:23:08 - [4817427] ----D- C:\Program Files\NetMeeting
O43 - CFD: 24/11/2010 - 13:25:12 - [40475782] ----D- C:\Program Files\NetSupport School
O43 - CFD: 23/02/2011 - 16:15:22 - [11953397] ----D- C:\Program Files\Notepad++
O43 - CFD: 11/11/2010 - 02:23:04 - [6686905] ----D- C:\Program Files\Outlook Express
O43 - CFD: 08/01/2011 - 13:35:40 - [3783579] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 22/02/2011 - 13:23:02 - [3697922] ----D- C:\Program Files\PhotoFiltre 6.4.0 English
O43 - CFD: 11/11/2010 - 02:52:12 - [454656] ----D- C:\Program Files\PuTTY
O43 - CFD: 11/11/2010 - 02:52:06 - [941108] ----D- C:\Program Files\QuickPar
O43 - CFD: 17/03/2011 - 11:35:52 - [91722055] ----D- C:\Program Files\Real
O43 - CFD: 13/11/2010 - 21:23:22 - [236449101] ----D- C:\Program Files\Samsung
O43 - CFD: 11/11/2010 - 02:23:54 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 03/01/2011 - 20:48:34 - [19061103] R---D- C:\Program Files\Skype
O43 - CFD: 11/11/2010 - 09:52:12 - [32128234] ----D- C:\Program Files\Synaptics
O43 - CFD: 17/03/2011 - 09:35:38 - [0] ----D- C:\Program Files\Trend Micro
O43 - CFD: 11/11/2010 - 06:25:36 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/11/2010 - 17:56:26 - [3563828] ----D- C:\Program Files\USB Disk Security
O43 - CFD: 11/11/2010 - 02:20:38 - [23338970] ----D- C:\Program Files\Utilitaires
O43 - CFD: 20/01/2011 - 21:38:38 - [92139173] ----D- C:\Program Files\VideoLAN
O43 - CFD: 05/03/2011 - 19:09:54 - [87327597] ----D- C:\Program Files\Windows Live
O43 - CFD: 11/11/2010 - 06:25:36 - [4486909] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 05/03/2011 - 19:07:32 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 11/11/2010 - 02:23:44 - [3595692] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 11/11/2010 - 02:25:44 - [7558076] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 11/11/2010 - 02:20:08 - [4012287] ----D- C:\Program Files\Windows NT
O43 - CFD: 11/11/2010 - 02:23:58 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 11/11/2010 - 02:52:10 - [446789] ----D- C:\Program Files\WinMover
O43 - CFD: 11/11/2010 - 02:55:08 - [3436449] ----D- C:\Program Files\WinRAR
O43 - CFD: 28/11/2010 - 13:13:10 - [765394] ----D- C:\Program Files\Xvid
O43 - CFD: 25/03/2011 - 13:56:26 - [44097813] ----D- C:\Program Files\Yahoo!
O43 - CFD: 10/04/2011 - 16:48:56 - [4921515] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 17/03/2011 - 10:21:58 - [2901648] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 12/11/2010 - 19:14:36 - [44307712] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 11/11/2010 - 10:18:54 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 18/11/2010 - 13:22:14 - [2351974] ----D- C:\Program Files\Fichiers Communs\EPSON
O43 - CFD: 11/11/2010 - 09:52:26 - [5439577] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 17/03/2011 - 10:43:00 - [32340712] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 10/04/2011 - 15:12:14 - [393340] ----D- C:\Program Files\Fichiers Communs\Macromedia
O43 - CFD: 27/01/2011 - 17:14:08 - [247855946] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 11/11/2010 - 02:23:02 - [568832] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 11/11/2010 - 02:51:28 - [36371954] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 11/11/2010 - 03:13:48 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 17/03/2011 - 11:34:44 - [106564] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 11/11/2010 - 02:23:06 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 03/01/2011 - 20:48:34 - [2164104] ----D- C:\Program Files\Fichiers Communs\Skype
O43 - CFD: 11/11/2010 - 03:13:42 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 11/11/2010 - 10:14:22 - [42482772] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 05/03/2011 - 15:36:36 - [56746070] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 17/03/2011 - 11:35:46 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 17/03/2011 - 10:36:50 - [446036] ----D- C:\Documents and Settings\Administrateur\Application Data\Adobe
O43 - CFD: 24/11/2010 - 08:32:04 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Avira
O43 - CFD: 21/02/2011 - 19:56:04 - [20480] ----D- C:\Documents and Settings\Administrateur\Application Data\DMCache
O43 - CFD: 11/11/2010 - 02:52:10 - [1303] ----D- C:\Documents and Settings\Administrateur\Application Data\EliasAE
O43 - CFD: 09/12/2010 - 11:51:14 - [8531] ----D- C:\Documents and Settings\Administrateur\Application Data\FastStone
O43 - CFD: 04/12/2010 - 16:10:24 - [1854] ----D- C:\Documents and Settings\Administrateur\Application Data\Hewlett-Packard
O43 - CFD: 11/11/2010 - 06:25:52 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Identities
O43 - CFD: 21/02/2011 - 09:51:32 - [15897840] ----D- C:\Documents and Settings\Administrateur\Application Data\IDM
O43 - CFD: 13/11/2010 - 21:22:14 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\InstallShield
O43 - CFD: 11/11/2010 - 10:02:00 - [15310] ----D- C:\Documents and Settings\Administrateur\Application Data\Macromedia
O43 - CFD: 12/11/2010 - 17:18:40 - [567278] ----D- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
O43 - CFD: 14/11/2010 - 13:50:56 - [1571692] ----D- C:\Documents and Settings\Administrateur\Application Data\MathWorks
O43 - CFD: 10/04/2011 - 15:09:08 - [3321577] -S--D- C:\Documents and Settings\Administrateur\Application Data\Microsoft
O43 - CFD: 17/03/2011 - 10:17:18 - [163113945] ----D- C:\Documents and Settings\Administrateur\Application Data\Move Networks
O43 - CFD: 11/11/2010 - 06:27:36 - [28138324] ----D- C:\Documents and Settings\Administrateur\Application Data\Mozilla
O43 - CFD: 11/11/2010 - 10:14:30 - [124917] ----D- C:\Documents and Settings\Administrateur\Application Data\Nero
O43 - CFD: 23/02/2011 - 16:16:46 - [345330] ----D- C:\Documents and Settings\Administrateur\Application Data\Notepad++
O43 - CFD: 09/01/2011 - 01:20:58 - [2297] ----D- C:\Documents and Settings\Administrateur\Application Data\PhotoFiltre
O43 - CFD: 17/03/2011 - 11:41:06 - [2205145] ----D- C:\Documents and Settings\Administrateur\Application Data\Real
O43 - CFD: 10/04/2011 - 16:30:56 - [4481957] ----D- C:\Documents and Settings\Administrateur\Application Data\Skype
O43 - CFD: 10/04/2011 - 16:31:06 - [6400] ----D- C:\Documents and Settings\Administrateur\Application Data\skypePM
O43 - CFD: 25/03/2011 - 10:55:02 - [21242] ----D- C:\Documents and Settings\Administrateur\Application Data\SolidDocuments
O43 - CFD: 11/11/2010 - 02:35:06 - [38609571] ----D- C:\Documents and Settings\Administrateur\Application Data\Sun
O43 - CFD: 17/11/2010 - 12:11:36 - [10377297] ----D- C:\Documents and Settings\Administrateur\Application Data\Thinstall
O43 - CFD: 30/03/2011 - 12:16:48 - [1553907] ----D- C:\Documents and Settings\Administrateur\Application Data\vlc
O43 - CFD: 15

ok,
https://pjjoint.malekal.com/files.php?id=44bd8ab67515119

j'ai réalisé un scan avec malwarebyte avec de lire votre dernier post, voivi le résultat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Version de la base de données: 6323

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/04/2011 19:52:03
mbam-log-2011-04-10 (19-52-03).txt

Type d'examen: Examen complet (C:\|E:\|)
Elément(s) analysé(s): 329977
Temps écoulé: 2 heure(s), 30 minute(s), 42 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{984A9162-8891-4D19-8CFE-17648BB4E1EC} (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC} (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{984A9162-8891-4D19-8CFE-17648BB4E1EC} (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{984A9162-8891-4D19-8CFE-17648BB4E1EC} (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\documents and settings\administrateur\local settings\application data\gameplaylabs plugin\BHO.dll (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.
c:\documents and settings\administrateur\mes documents\kawther\software\dreamweaver\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\system volume information\_restore{c247d393-ec94-49bd-ae9b-c7969d5b4641}\RP5\A0002194.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\Recycler\s-1-5-21-1214440339-1229272821-1606980848-500\dc39.exe.vir (Spyware.GamePlayLabs) -> Quarantined and deleted successfully.

j'ai fait ce que vous m'avez demandé avec ZHPFIX, voici le rapport:
Rapport de ZHPFix 1.12.3274 par Nicolas Coolman, Update du 06/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-10-04-2011-20-25-49.txt
Run by Administrateur at 10/04/2011 20:25:49
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Registry Key ==========
O42 - Logiciel: GamePlayLabs Plugin - (.Unknown owner.) [HKLM] -- GamePlayLabs Plugin => Software uninstall stopped by user or not full uninstall !
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} . (.GamePlayLabs - GamePlayLabs Browser Helper Object.) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GamePlayLabs Plugin\BHO.dll => Registry Key removed successfully
O64 - Services: CurCS - (.not file.) - SolidPDFConverterReadSpool (ScReadSpool) .(...) - LEGACY_SCREADSPOOL => Registry Key removed successfully
HKCU\Software\GamePlayLabs => Registry Key removed successfully

========== Repertory ==========
Dossiers Flash Cookies supprimés : 12

========== File ==========
Fichiers Flash Cookies supprimés : 11

========== Task ==========
Task : AppleSoftwareUpdate => Task deleted successfully
Task : RealUpgradeLogonTaskS-1-5-21-1214440339-1229272821-1606980848-500 => Task deleted successfully
Task : RealUpgradeScheduledTaskS-1-5-21-1214440339-1229272821-1606980848-500 => Task deleted successfully


========== Summary ==========
4 : Registry Key
1 : Repertory
1 : File
3 : Task


End of the scan

Rapport de ZHPFix 1.12.3274 par Nicolas Coolman, Update du 06/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-10-04-2011-22-27-32.txt
Run by Administrateur at 10/04/2011 22:27:32
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Software ==========
O42 - Logiciel: GamePlayLabs Plugin - (.Unknown owner.) [HKLM] -- GamePlayLabs Plugin => Software Already Removed

========== Registry Key ==========
HKCU\Software\GamePlayLabs => Registry key not found


========== Summary ==========
1 : Registry Key
1 : Software


End of the scan

et voici le résultat de ZHPDiad: https://pjjoint.malekal.com/files.php?id=1999d3458f567
merci bien et bonne nuit.

1/
Rapport de ZHPFix 1.12.3274 par Nicolas Coolman, Update du 06/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-13-04-2011-22-03-54.txt
Run by Administrateur at 13/04/2011 22:03:54
Windows XP Professional Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Registry Key ==========
O64 - Services: CurCS - (.not file.) - SolidPDFConverterReadSpool (ScReadSpool) .(...) - LEGACY_SCREADSPOOL => Registry Key removed successfully

========== Task ==========
Task : RealUpgradeLogonTaskS-1-5-21-1214440339-1229272821-1606980848-500 => Task deleted successfully
Task : RealUpgradeScheduledTaskS-1-5-21-1214440339-1229272821-1606980848-500 => Task deleted successfully


========== Summary ==========
1 : Registry Key
2 : Task


End of the scan

ComboFix 11-04-12.02 - Administrateur 13/04/2011 22:16:33.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1256.216.1036.18.502.242 [GMT 1:00]
Running from: c:\documents and settings\Administrateur\Bureau\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrateur\Bureau\install_flash_player.exe
c:\documents and settings\Administrateur\WINDOWS
c:\windows\system\VB40032.DLL
.
c:\windows\regedit.exe . . . is infected!!
.
.
((((((((((((((((((((((((( Files Created from 2011-03-13 to 2011-04-13 )))))))))))))))))))))))))))))))
.
.
2011-04-11 12:41 . 2011-04-11 12:41 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Macromedia
2011-04-10 17:22 . 2011-04-10 17:22 -------- d-----w- c:\windows\Sun
2011-04-10 14:09 . 2011-04-10 14:09 45056 ----a-r- c:\documents and settings\Administrateur\Application Data\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
2011-04-10 14:08 . 2011-04-10 14:08 -------- d-----w- c:\windows\system32\QuickTime
2011-04-10 14:08 . 2011-04-10 14:12 -------- d-----w- c:\program files\Fichiers communs\Macromedia
2011-04-10 14:08 . 2011-04-10 14:11 -------- d-----w- c:\program files\Macromedia
2011-04-10 14:06 . 2011-04-10 14:06 180224 ------w- c:\program files\Fichiers communs\InstallShield\Driver\10\Intel 32\iGdiCnv.dll
2011-04-10 14:06 . 2011-04-10 14:06 266240 ------w- c:\program files\Fichiers communs\InstallShield\Driver\10\Intel 32\IScrCnv.dll
2011-04-10 14:06 . 2011-04-10 14:06 32768 ------w- c:\program files\Fichiers communs\InstallShield\Driver\10\Intel 32\objpscnv.dll
2011-04-10 14:06 . 2011-04-10 14:06 409600 ------w- c:\program files\Fichiers communs\InstallShield\Driver\10\Intel 32\ISRT.dll
2011-04-10 14:06 . 2011-04-10 14:06 172032 ------w- c:\program files\Fichiers communs\InstallShield\Driver\10\Intel 32\IUserCnv.dll
2011-04-10 14:06 . 2011-04-10 14:06 761856 ------w- c:\program files\Fichiers communs\InstallShield\Driver\10\Intel 32\IDriver.exe
2011-04-10 14:06 . 2011-04-10 14:08 540772 ------w- c:\program files\Fichiers communs\InstallShield\Driver\10\Intel 32\_ISRES1033.dll
2011-04-10 14:03 . 2011-04-10 14:03 -------- d-----w- c:\windows\Downloaded Installations
2011-04-10 13:30 . 2011-04-10 13:30 -------- d-----w- c:\program files\Ad-Remover
2011-04-10 13:02 . 2011-04-10 13:02 512 ------w- C:\PhysicalDisk0_MBR.bin
2011-04-10 12:51 . 2011-04-10 12:51 -------- d-sh--w- c:\documents and settings\Administrateur\PrivacIE
2011-04-10 12:24 . 2011-04-10 12:26 -------- dc-h--w- c:\windows\ie8
2011-04-09 19:25 . 2011-04-13 10:10 -------- d-----w- C:\UsbFix
2011-04-07 08:37 . 2011-04-11 00:09 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\GamePlayLabs Plugin
2011-03-25 13:14 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-25 13:14 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-25 13:14 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-25 13:14 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-25 13:14 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-25 13:14 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-25 13:14 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-25 13:14 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-25 11:55 . 2011-04-05 18:37 -------- d-----w- c:\program files\CCleaner
2011-03-17 12:06 . 2011-03-17 12:06 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2011-03-17 10:36 . 2011-03-17 10:36 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-03-17 10:35 . 2011-03-17 10:35 -------- d-----w- c:\program files\Fichiers communs\xing shared
2011-03-17 10:35 . 2011-03-17 10:35 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-03-17 10:35 . 2011-03-17 10:35 100864 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-03-17 09:56 . 2011-03-17 09:57 -------- d--h--w- c:\windows\$hf_mig$
2011-03-17 09:38 . 2011-03-17 09:36 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-03-17 09:38 . 2011-03-17 09:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-17 09:36 . 2011-03-17 09:36 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp
2011-03-17 09:35 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-03-17 09:35 . 2010-12-20 23:53 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-03-17 09:35 . 2010-12-20 23:53 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-03-17 09:35 . 2010-12-20 23:53 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-03-17 09:35 . 2010-12-20 23:53 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-03-17 09:35 . 2010-12-20 23:53 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-03-17 09:35 . 2010-12-20 23:53 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-03-17 09:35 . 2010-12-21 04:23 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-03-17 09:21 . 2011-03-17 09:21 -------- d-----w- c:\program files\Fichiers communs\Adobe
2011-03-17 08:48 . 2011-03-17 08:48 -------- d-----w- c:\program files\FileHippo.com
2011-03-16 07:22 . 2008-09-27 00:58 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-13 10:10 . 2011-04-13 10:09 399642451 ----a-w- C:\UsbFix_Upload_Me_SWEET-2C68BB0B5.zip
2011-04-09 14:44 . 2010-11-12 16:05 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-17 10:34 . 2007-02-02 02:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-03-17 09:36 . 2010-11-11 01:35 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-23 18:21 . 2011-02-23 18:22 737280 ----a-w- c:\windows\iun6002.exe
2011-03-18 17:53 . 2011-03-25 13:14 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
.
[-] 2008-09-27 10:24 . 0F350F1870E65C510FFFF60D7EE14BA8 . 1504256 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-09-27 . 4BB6301D634C857A5089E8B24C5555E4 . 593408 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-09-27 . AAC42FD16A1976DE9A0773E740597644 . 693248 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2008-04-14 . F92E6BEA9349D49341383F8403B4DFE5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
[-] 2008-09-27 . EF31A8266AF7996746392E4F45502536 . 517632 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-09-27 . BFBBBFE0913E6C9706F97598A6588B8F . 1573888 . . [6.00.2900.5634] . . c:\windows\explorer.exe
.
[-] 2008-09-27 . B3D95BCB6D0B033BEBFB81FADDA8B8AC . 37376 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-09-27 . A3CA2B158B645447964ADC84FA7E6EE6 . 2207872 . . [5.1.2600.5586] . . c:\windows\system32\ntkrnlpa.exe
.
[-] 2008-09-27 . 65A2D2BD594EB3E670CECFFEED75FB69 . 2331008 . . [5.1.2600.5586] . . c:\windows\system32\ntoskrnl.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinMover"="c:\program files\WinMover\WinMover.exe" [2005-12-02 10240]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2010-11-18 2836656]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-03-16 868352]
"SMSERIAL"="sm56hlpr.exe" [2005-04-26 544768]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-05 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-05 688218]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 172032]
"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2002-12-02 40960]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]
"USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2010-11-09 824224]
"Athan"="c:\program files\Athan\Athan.exe" [2005-09-12 937984]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-10-29 249064]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-03-17 273544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"JkDefrag"="advpack.dll" [2009-03-08 128512]
"SweetRegistry"="advpack.dll" [2009-03-08 128512]
.
c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
BizChecker.lnk - c:\program files\Samsung\Samsung Biz Reader\BizChecker.exe [2010-11-13 32768]
EPSON Status Monitor 3 Environment Check(2).lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE [2010-11-18 131584]
Microtek Scanner Finder.lnk - c:\program files\Microtek\ScanWizard 5\ScannerFinder.exe [2011-2-14 335872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideRunAsVerb"= 1 (0x1)
"NoNetConnectDisconnect"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoStrCmpLogical"= 0 (0x0)
"NoWelcomeScreen"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [12/11/2010 17:05 135336]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - BROWSER
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
.
------- Supplementary Scan -------
.
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {A62304E4-984F-4F48-9C09-6EBEE7E3F27F} = 208.67.222.123,208.67.220.123
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\mteietq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-13 22:28
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1214440339-1229272821-1606980848-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7e,18,cb,4a,07,46,76,42,9c,94,a8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7e,18,cb,4a,07,46,76,42,9c,94,a8,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3f,0e,e3,9e,c8,2d,17,f4,b9,05,a0,81,29,9f,e2,55,cf,19,bf,7d,31,
cb,1b,8c,cc,c4,53,2b,eb,83,ba,75,f7,69,b5,6f,76,62,6a,d0,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{cd54a513-1986-4bbc-8f5f-ae92e42e220e}]
@Denied: (Full) (Everyone)
"Model"=dword:0000002c
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,7c,a3,58,23,ec,af,2d,15,15,ef,a1,46,54,19,6c,0d,35,95,e0,f3,7c,6d,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1240)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'lsass.exe'(1520)
c:\windows\system32\scecli.dll
c:\windows\system32\SETUPAPI.dll
.
Completion time: 2011-04-13 22:32:34
ComboFix-quarantined-files.txt 2011-04-13 21:32
.
Pre-Run: 35 398 733 824 octets libres
Post-Run: 35 368 738 816 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
.
- - End Of File - - 8696B19F934604EF5818F6ABFFE4481B

concernant c:\program files\utilitaire je ne le connais pas.
bonne nuit.

bonjour,
ça fonctionne normallement, espérant que toutes les infections ont été traité. infiniment merci pour votre aide.

re,
j'ai un autre PC infecté, j'ai réalisé un rapport ZHPDiag, est ce que je contenu à poster dans le même sujet ou je crée un nouveau.
merci

Pour l'autre PC, poste le rapport dans un autre sujet..
@+

ok

Rapport de ZHPDiag v1.27.1867 par Nicolas Coolman, Update du 10/04/2011
Run by Administrateur at 14/04/2011 10:00:44
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 4.0 v4.0 (Defaut)
GCIE: Google Chrome

---\\ System Information
Windows XP Professional Service Pack 3 (Build 2600)
Processor: x86 Family 6 Model 13 Stepping 8, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 502 MB (23% free)
System Restore: Activé (Enable)
System drive C: has 33 GB (58%) free of 56 GB

---\\ Logged in mode
Computer Name: SWEET-2C68BB0B5
User Name: Administrateur
All Users Names: HelpAssistant, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=%APPDATA%
%LocalAppData%=C:\Documents and Settings\Administrateur\Local Settings\Application Data
%StartMenu%=C:\Documents and Settings\Administrateur\Menu Démarrer

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 33 Go of 56 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK



---\\ Search Generic System Files
[MD5.BFBBBFE0913E6C9706F97598A6588B8F] - (.Microsoft Corporation - Explorateur Windows.) (.27/09/2008 11:24:52.) -- C:\WINDOWS\Explorer.exe [1573888]
[MD5.AF4EAA3B35A2D206E1902D7CA61B958A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.21/12/2010 00:53:04.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.4BB6301D634C857A5089E8B24C5555E4] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.27/09/2008 11:27:21.) -- C:\WINDOWS\system32\Winlogon.exe [593408]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.27/09/2008 02:58:26.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.A0857C97770034FD2AF17DC4014B5ABD] - (.Microsoft Corporation - NT File System Driver.) (.22/04/2008 14:45:52.) -- C:\WINDOWS\system32\drivers\ntfs.sys [576384]



---\\ Running Processes
[MD5.7207DB389CEAD101251883511A676F91] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [135336]
[MD5.1C1A3FFD1CB5FC4FD1BE8DADC0E16D0C] - (...) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe [73728]
[MD5.62F7FD637CE42ADDA3748E1B6E8780D2] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480]
[MD5.78D5B0BF7C2737E861E3B521A2C63810] - (.NetSupport Ltd - NetSupport Client Application.) -- C:\PROGRA~1\NETSUP~1\client32.exe [16447]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968]
[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]
[MD5.FA680935110ECE1BF93E9AADEBDC865B] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [94208]
[MD5.FBC32DBF9E460E9CAA516BBABB730925] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [77824]
[MD5.63C99498AD5D9F177B581A906B13C1DC] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [163840]
[MD5.F302148C7BD644206181E208E7C31447] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784]
[MD5.79858E0ABAD22CEE51A814AC064A88D1] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [868352]
[MD5.77CE2CF917ACBFB957ECF7984C313B8F] - (.Motorola Inc. - Motorola SM56 Win32 Utility.) -- C:\WINDOWS\sm56hlpr.exe [544768]
[MD5.9251920A850093DF771B80FBBCC524F3] - (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [98394]
[MD5.267EDCE06D1B263FBAD0D16E6BD6BB03] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [688218]
[MD5.38D198A2DD54A67120040566A38103BA] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016]
[MD5.25328FF38D128EF5891C13843168C30B] - (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [172032]
[MD5.7D750887E39563620BC5F057295A501D] - (.Hewlett-Packard - hpotdd01.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [40960]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768]
[MD5.9428A8346787367BF687360B55C540E0] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe [824224]
[MD5.8D6B4BB1BEA52A7F2A2CB813F74E6B60] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files\Athan\Athan.exe [937984]
[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]
[MD5.4B4D7626E7330F091100BFC22230ECF0] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe [273544]
[MD5.BF98AF55736FB805FC208B89A09E0C4F] - (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe [10240]
[MD5.98A5F9B03F005E9B2650A0E24E62AD1E] - (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.EXE [2836656]
[MD5.1E60C2B180925F84CE3F25D71D262F30] - (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe [248832]
[MD5.9E1F78251BDCC44E6A5D3057B92C0E11] - (...) -- C:\Program Files\Samsung\Samsung Biz Reader\BizChecker.exe [32768]
[MD5.2B7885EA0F34BA522FEFF97738126A84] - (.Unknown owner - SDII MFC Application.) -- C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe [335872]
[MD5.C0D12E6C85FC6DD7FF1DBB04F2DC933B] - (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [5252408]
[MD5.F640C9E3A35BF7270ED887A3AC3F520D] - (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe [1306008]
[MD5.7AAF26E5CEC48A364FAB61A3505668FB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.356A22A5871AC798035E4082C0508F76] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.3CAADCE41AF3CAFC00EB8414A864720D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [642560]



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.0.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.633.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Unknown owner - No comment.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files\Yahoo!\Shared\npYState.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 1.0.30716.0.) -- C:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll
P2 - FPN: [HKLM] [@movenetworks.com/Quantum Media Player] - (.Move Networks - npmnqmp 989898989877.) -- C:\Documents and Settings\Administrateur\Application Data\Move Networks\plugins\npqmp071700000016.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.633] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.633] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.633] - (.RealNetworks, Inc. - RealPlayer(tm) HTML5VideoShim Plug-In.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videos
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.633] - (.RealNetworks, Inc. - 12.0.1.633.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKCU] [@movenetworks.com/Quantum Media Player] - (.Move Networks - npmnqmp 989898989877.) -- C:\Documents and Settings\Administrateur\Application Data\Move Networks\plugins\npqmp071700000016.dll



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=17DBE7D168544FA98200E890A8051984
R1 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19019 (longhorn_ie8_gdr.101217-1700)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1



---\\ ---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Orphean Key
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} Orphean Key
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordP
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} . (.IniCom Networks, Inc. - No comment.) -- C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} . (.SpeedBit Ltd. - Download Accelerator Plus (DAP) MSIE Loader.) -- C:\PROGRA~1\DAP\DAPIEL~1.DLL



---\\ ---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SMSERIAL] . (.Motorola Inc. - Motorola SM56 Win32 Utility.) -- C:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPLpr] . (.Synaptics, Inc. - TouchPad Driver Helper Application.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] . (.HP - No comment.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] . (.Hewlett-Packard - hpotdd01.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [USB Antivirus] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe
O4 - HKCU\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe
O4 - HKCU\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [WinMover] . (.Andreas Eliasson (EliasAE) - WinMover executable.) -- C:\Program Files\WinMover\WinMover.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files\DAP\DAP.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - HKUS\S-1-5-21-1214440339-1229272821-1606980848-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [JkDefrag] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [SweetRegistry] rundll32 advpack.dll
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\BizChecker.lnk . (...) -- C:\Program Files\Samsung\Samsung Biz Reader\BizChecker.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\EPSON Status Monitor 3 Environment Check(2).lnk . (.SEIKO EPSON CORPORATION.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microtek Scanner Finder.lnk . (...) -- C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe



---\\ ---\\ Other User Links (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AA0000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\FlashFXP.lnk . (.IniCom Networks, Inc..) -- C:\Program Files\FlashFXP\FlashFXP.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PuTTY.lnk . (.Simon Tatham.) -- C:\Program Files\PuTTY\PuTTY.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\QuickPar.lnk . (.Peter B Clements.) -- C:\Program Files\QuickPar\QuickPar.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe
O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Extra items in the IE right-click menu (O8)
O8 - Extra context menu item: &Clean Traces . (.Unknown owner - No comment.) -- C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP . (.Unknown owner - No comment.) -- C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP . (.Unknown owner - No comment.) -- C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: S&end to OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.Unknown owner - No comment.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CS1\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CS2\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CCS\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A62304E4-984F-4F48-9C09-6EBEE7E3F27F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1



---\\ Extra protocols and protocol Hijackers (O18)
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Windows Genuine Advantage Notifications.) -- C:\Windows\System32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll



---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll



---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: (Client32) . (.NetSupport Ltd - NetSupport Client Application.) - C:\PROGRA~1\NETSUP~1\client32.exe
O23 - Service: (dmadmin) . (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: (EpsonBidirectionalService) . (...) - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)



---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1214440339-1229272821-1606980848-500.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1214440339-1229272821-1606980848-500.job
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1214440339-1229272821-1606980848-500] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1214440339-1229272821-1606980848-500] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\realupgrade.exe (.not file.)



---\\ Drivers launched at startup (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys



---\\ Software installed (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.0.1) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA0000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}
O42 - Logiciel: Archiveur WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Athan Pro 3.0 - (.Unknown owner.) [HKLM] -- Athan
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CPU-Z - (.Unknown owner.) [HKLM] -- CPUZ
O42 - Logiciel: ClearType Tuning - (.Unknown owner.) [HKLM] -- ClearTypeCPL
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B2-040C-0000-0000000FF1CE}
O42 - Logiciel: CurrPorts - (.Unknown owner.) [HKLM] -- CurrPorts
O42 - Logiciel: Download Accelerator Plus (DAP) - (.Speedbit Ltd..) [HKLM] -- Download Accelerator Plus (DAP)
O42 - Logiciel: EPLN3000 Paper Jam Guide - (.Unknown owner.) [HKLM] -- EPLN3000 Paper Jam Guide
O42 - Logiciel: EPLN3000 Reference Guide - (.Unknown owner.) [HKLM] -- EPLN3000 Reference Guide
O42 - Logiciel: EPSON Printer Software - (.Unknown owner.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: FastStone Capture 6.7 - (.FastStone Soft.) [HKLM] -- FastStone Capture
O42 - Logiciel: FileHippo.com Update Checker - (.Unknown owner.) [HKLM] -- FileHippo.com
O42 - Logiciel: FlashFXP v3 - (.IniCom Networks, Inc..) [HKLM] -- {96E3AED5-3D0B-4BB0-84C2-1EDADB204487}
O42 - Logiciel: GPU-Z - (.Unknown owner.) [HKLM] -- GPUZ
O42 - Logiciel: GoRC - (.Unknown owner.) [HKLM] -- GoRC
O42 - Logiciel: HD Tune - (.Unknown owner.) [HKLM] -- HDTune
O42 - Logiciel: HP Photo and Imaging 2.0 - Deskjet Series - (.{&Tahoma8}Hewlett-Packard.) [HKLM] -- {E0828692-FD9D-459F-9312-C645C3CA6650}
O42 - Logiciel: HWMonitor - (.Unknown owner.) [HKLM] -- HWMonitor
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver for Mobile - (.Unknown owner.) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: IsoBuster Toolbar - (.Unknown owner.) [HKLM] -- IsoBuster Toolbar
O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}
O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}
O42 - Logiciel: JkDefrag - (.Unknown owner.) [HKLM] -- JkDefrag
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: MATLAB R2009a - (.The MathWorks, Inc..) [HKLM] -- MatlabR2009a
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Macromedia Extension Manager - (.Macromedia, Inc..) [HKLM] -- {5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
O42 - Logiciel: Macromedia Flash 8 - (.Macromedia.) [HKLM] -- {2BD5C305-1B27-4D41-B690-7A61172D2FEB}
O42 - Logiciel: Macromedia Flash 8 Video Encoder - (.Macromedia.) [HKLM] -- {8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- {885A63EA-382B-4DD4-A755-14809B8557D6}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MemTest - (.Unknown owner.) [HKLM] -- MemTest
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft DirectX Control Panel 9.0c - (.Unknown owner.) [HKLM] -- DirectXCPL
O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA
O42 - Logiciel: Motorola SM56 Data Fax Modem - (.Unknown owner.) [HKLM] -- SMSERIAL
O42 - Logiciel: Move Media Player - (.Move Networks.) [HKCU] -- Move Media Player
O42 - Logiciel: Mozilla Firefox 4.0 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0 (x86 en-US)
O42 - Logiciel: Muslim Bag - (.Soft4ISlam.) [HKLM] -- Muslim Bag1.48
O42 - Logiciel: Nero 8 Lite 8.3.6.0 - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1
O42 - Logiciel: Nero Info Tool - (.Unknown owner.) [HKLM] -- InfoTool
O42 - Logiciel: NetSupport School - (.NetSupport Ltd.) [HKLM] -- NetSupport School
O42 - Logiciel: Notepad++ - (.Unknown owner.) [HKLM] -- Notepad++
O42 - Logiciel: Open Command Prompt Shell Extension - (.Kai Liu.) [HKLM] -- CmdOpen
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PDFCreator - (.Frank Heind?rfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PhotoFiltre - (.Unknown owner.) [HKCU] -- PhotoFiltre
O42 - Logiciel: Pserv - (.Unknown owner.) [HKLM] -- Pserv
O42 - Logiciel: PuTTY - (.Unknown owner.) [HKLM] -- PuTTY
O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] -- QuickPar
O42 - Logiciel: Quicksys RegDefrag - (.Unknown owner.) [HKLM] -- RegDefrag
O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: RegScanner - (.Unknown owner.) [HKLM] -- RegScanner
O42 - Logiciel: Samsung Biz Reader - (.Unknown owner.) [HKLM] -- {1950BB98-676E-4EB2-8F63-395AC767A02F}
O42 - Logiciel: Samsung Master - (.Samsung.) [HKLM] -- {AEC0CEBC-0FC7-4716-8222-1C4A742719B1}
O42 - Logiciel: Samsung USB Driver - (.Samsung Techwin.) [HKLM] -- {713E5AB1-2389-43A6-8313-CB4D3C44C4FA}
O42 - Logiciel: ScanWizard 5 - (.Unknown owner.) [HKLM] -- {B08D262E-D902-11D5-9C28-0080C85A0C2D}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Skype(TM) 5.0 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Unknown owner.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Sysinternals Suite - (.Unknown owner.) [HKLM] -- Sysinternals
O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers. - (.Texas Instruments Inc..) [HKLM] -- InstallShield_{E7A744FD-E1B8-4FF6-ADC1-EA4C32181457}
O42 - Logiciel: Tweak UI - (.Unknown owner.) [HKLM] -- TweakUI
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: Utilitaires Gnu Unix - (.GnuWin32.) [HKLM] -- Unix
O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinMover 3.2.0.6 - (.Andreas Eliasson (EliasAE).) [HKLM] -- WinMover_is1
O42 - Logiciel: Windows Installer CleanUp - (.Unknown owner.) [HKLM] -- MSI
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Contrôle parental - (.Microsoft Corporation.) [HKLM] -- {9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Safety Scanner - (.Unknown owner.) [HKLM] -- Windows Live Safety Scanner
O42 - Logiciel: Xvid 1.1.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger
O42 - Logiciel: Yahoo! Toolbar - (.Unknown owner.) [HKLM] -- Yahoo! Companion
O42 - Logiciel: hp deskjet 3500 - (.Hewlett-Packard.) [HKLM] -- {8FD62EBB-3175-4907-A326-989B14E5C757}
O42 - Logiciel: hp print screen utility - (.Unknown owner.) [HKLM] -- hp print screen utility

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Analog Devices]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BizReader]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\EliasAE]
[HKCU\Software\FastStone]
[HKCU\Software\FileHippo.com]
[HKCU\Software\FlashFXP]
[HKCU\Software\Flock]
[HKCU\Software\GNU]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\IsoBuster]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MathWorks]
[HKCU\Software\MoveNetworks]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QuickPar]
[HKCU\Software\RealNetworks]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\STOIK Imagic 30]
[HKCU\Software\ScanWizard 5]
[HKCU\Software\SecureMedia]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Smart Projects]
[HKCU\Software\SolidDocuments]
[HKCU\Software\SpeedBit]
[HKCU\Software\Stoik]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Tensons]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WPI]
[HKCU\Software\Wget]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Yahoo]
[HKCU\Software\p-nand-q.com]
[HKCU\Software\techPowerUp]
[HKLM\Software\8322898]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Analog Devices]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EPSON]
[HKLM\Software\FlashFXP]
[HKLM\Software\GNU]
[HKLM\Software\GODSP]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\INTEL]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\IsoBuster]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kodak]
[HKLM\Software\Licenses]
[HKLM\Software\Lidan]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MathWorks]
[HKLM\Software\Microtek]
[HKLM\Software\Motorola]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\PDFCreator]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Productive Computer Insight]
[HKLM\Software\Program Groups]
[HKLM\Software\RealNetworks]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Samsung Techwin]
[HKLM\Software\SamsungMaster]
[HKLM\Software\Samsung]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Skype]
[HKLM\Software\SolidDocuments]
[HKLM\Software\SpeedBit]
[HKLM\Software\SuppHelpDir]
[HKLM\Software\Swearware]
[HKLM\Software\Synaptics]
[HKLM\Software\Tensons]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Wise Solutions]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 10/04/2011 - 14:30:16 - [49349009] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 17/03/2011 - 10:21:40 - [111499108] ----D- C:\Program Files\Adobe
O43 - CFD: 11/11/2010 - 03:17:24 - [1155072] ----D- C:\Program Files\Analog Devices
O43 - CFD: 12/11/2010 - 19:14:22 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 23/02/2011 - 19:22:08 - [9500725] ----D- C:\Program Files\Athan
O43 - CFD: 12/11/2010 - 17:05:34 - [112825930] ----D- C:\Program Files\Avira
O43 - CFD: 05/04/2011 - 19:37:04 - [3673632] ----D- C:\Program Files\CCleaner
O43 - CFD: 11/11/2010 - 02:21:16 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 18/11/2010 - 09:32:04 - [16980255] ----D- C:\Program Files\DAP
O43 - CFD: 18/11/2010 - 13:24:08 - [8911702] ----D- C:\Program Files\EPSON
O43 - CFD: 09/12/2010 - 11:50:10 - [1952233] ----D- C:\Program Files\FastStone Capture
O43 - CFD: 13/04/2011 - 22:23:08 - [478271772] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 17/03/2011 - 09:48:36 - [381086] ----D- C:\Program Files\FileHippo.com
O43 - CFD: 11/11/2010 - 02:52:00 - [7212686] ----D- C:\Program Files\FlashFXP
O43 - CFD: 11/11/2010 - 10:52:18 - [73075912] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 14/02/2011 - 12:55:30 - [14942699] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 21/02/2011 - 19:58:08 - [3266301] ----D- C:\Program Files\Internet Download Manager
O43 - CFD: 10/04/2011 - 13:28:30 - [5133304] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 22/01/2011 - 18:17:56 - [6167750] ----D- C:\Program Files\IsoBuster
O43 - CFD: 17/03/2011 - 10:36:36 - [164854163] ----D- C:\Program Files\Java
O43 - CFD: 21/11/2010 - 14:53:10 - [0] ----D- C:\Program Files\LingvoSoft
O43 - CFD: 10/04/2011 - 15:11:08 - [193345211] ----D- C:\Program Files\Macromedia
O43 - CFD: 22/01/2011 - 19:52:40 - [4941932] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 14/11/2010 - 13:18:56 - [3812877720] ----D- C:\Program Files\MATLAB
O43 - CFD: 05/03/2011 - 19:07:58 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 11/11/2010 - 10:19:08 - [804795830] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 11/11/2010 - 02:20:24 - [3231712] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 11/11/2010 - 10:18:54 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 11/11/2010 - 10:15:12 - [1654295] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 11/11/2010 - 10:19:28 - [3178824] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 11/11/2010 - 10:18:12 - [8152064] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 14/02/2011 - 12:55:30 - [22200519] ----D- C:\Program Files\Microtek
O43 - CFD: 11/11/2010 - 02:22:50 - [12797658] ----D- C:\Program Files\Movie Maker
O43 - CFD: 25/03/2011 - 14:15:00 - [35050036] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 11/11/2010 - 10:19:18 - [764] ----D- C:\Program Files\MSBuild
O43 - CFD: 11/11/2010 - 02:51:10 - [1528435] ----D- C:\Program Files\MSECache
O43 - CFD: 11/11/2010 - 02:20:18 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 28/11/2010 - 17:27:40 - [22346895] ----D- C:\Program Files\Muslim Bag
O43 - CFD: 11/11/2010 - 02:51:32 - [58715222] ----D- C:\Program Files\Nero
O43 - CFD: 11/11/2010 - 02:23:08 - [4817427] ----D- C:\Program Files\NetMeeting
O43 - CFD: 24/11/2010 - 13:25:12 - [40475782] ----D- C:\Program Files\NetSupport School
O43 - CFD: 23/02/2011 - 16:15:22 - [11953397] ----D- C:\Program Files\Notepad++
O43 - CFD: 11/11/2010 - 02:23:04 - [6686905] ----D- C:\Program Files\Outlook Express
O43 - CFD: 14/04/2011 - 00:09:58 - [26878587] ----D- C:\Program Files\PDFCreator
O43 - CFD: 08/01/2011 - 13:35:40 - [3783579] ----D- C:\Program Files\PhotoFiltre
O43 - CFD: 22/02/2011 - 13:23:02 - [3697922] ----D- C:\Program Files\PhotoFiltre 6.4.0 English
O43 - CFD: 11/11/2010 - 02:52:12 - [454656] ----D- C:\Program Files\PuTTY
O43 - CFD: 11/11/2010 - 02:52:06 - [941108] ----D- C:\Program Files\QuickPar
O43 - CFD: 17/03/2011 - 11:35:52 - [91722055] ----D- C:\Program Files\Real
O43 - CFD: 13/11/2010 - 21:23:22 - [236449101] ----D- C:\Program Files\Samsung
O43 - CFD: 11/11/2010 - 02:23:54 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 03/01/2011 - 20:48:34 - [19061103] R---D- C:\Program Files\Skype
O43 - CFD: 11/11/2010 - 09:52:12 - [32128234] ----D- C:\Program Files\Synaptics
O43 - CFD: 17/03/2011 - 09:35:38 - [0] ----D- C:\Program Files\Trend Micro
O43 - CFD: 11/11/2010 - 06:25:36 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 12/11/2010 - 17:56:26 - [3563828] ----D- C:\Program Files\USB Disk Security
O43 - CFD: 11/11/2010 - 02:20:38 - [23338970] ----D- C:\Program Files\Utilitaires
O43 - CFD: 20/01/2011 - 21:38:38 - [92139173] ----D- C:\Program Files\VideoLAN
O43 - CFD: 05/03/2011 - 19:09:54 - [87327597] ----D- C:\Program Files\Windows Live
O43 - CFD: 11/11/2010 - 06:25:36 - [4486909] ----D- C:\Program Files\Windows Live Safety Center
O43 - CFD: 05/03/2011 - 19:07:32 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 11/11/2010 - 02:23:44 - [3595692] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 11/11/2010 - 02:25:44 - [7558076] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 11/11/2010 - 02:20:08 - [4012287] ----D- C:\Program Files\Windows NT
O43 - CFD: 11/11/2010 - 02:23:58 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 11/11/2010 - 02:52:10 - [446789] ----D- C:\Program Files\WinMover
O43 - CFD: 11/11/2010 - 02:55:08 - [3436449] ----D- C:\Program Files\WinRAR
O43 - CFD: 28/11/2010 - 13:13:10 - [765394] ----D- C:\Program Files\Xvid
O43 - CFD: 25/03/2011 - 13:56:26 - [45413371] ----D- C:\Program Files\Yahoo!
O43 - CFD: 14/04/2011 - 10:01:22 - [4938770] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 17/03/2011 - 10:21:58 - [2901648] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 12/11/2010 - 19:14:36 - [44307712] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 11/11/2010 - 10:18:54 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 18/11/2010 - 13:22:14 - [2351974] ----D- C:\Program Files\Fichiers Communs\EPSON
O43 - CFD: 11/11/2010 - 09:52:26 - [5439577] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 17/03/2011 - 10:43:00 - [32340712] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 10/04/2011 - 15:12:14 - [393340] ----D- C:\Program Files\Fichiers Communs\Macromedia
O43 - CFD: 27/01/2011 - 17:14:08 - [247855946] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 11/11/2010 - 02:23:02 - [568832] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 11/11/2010 - 02:51:28 - [36371954] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 11/11/2010 - 03:13:48 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 17/03/2011 - 11:34:44 - [106564] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 11/11/2010 - 02:23:06 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 03/01/2011 - 20:48:34 - [2164104] ----D- C:\Program Files\Fichiers Communs\Skype
O43 - CFD: 11/11/2010 - 03:13:42 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 11/11/2010 - 10:14:22 - [42482772] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 05/03/2011 - 15:36:36 - [56746070] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 17/03/2011 - 11:35:46 - [352256] ----D- C:\Program Files\Fichiers Communs\xing shared
O43 - CFD: 17/03/2011 - 10:36:50 - [457005] ----D- C:\Documents and Settings\Administrateur\Application Data\Adobe
O43 - CFD: 24/11/2010 - 08:32:04 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Avira
O43 - CFD: 21/02/2011 - 19:56:04 - [20480] ----D- C:\Documents and Settings\Administrateur\Application Data\DMCache
O43 - CFD: 11/11/2010 - 02:52:10 - [1303] ----D- C:\Documents and Settings\Administrateur\Application Data\EliasAE
O43 - CFD: 09/12/2010 - 11:51:14 - [8531] ----D- C:\Documents and Settings\Administrateur\Application Data\FastStone
O43 - CFD: 04/12/2010 - 16:10:24 - [1854] ----D- C:\Documents and Settings\Administrateur\Application Data\Hewlett-Packard
O43 - CFD: 11/11/2010 - 06:25:52 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\Identities
O43 - CFD: 21/02/2011 - 09:51:32 - [15897840] ----D- C:\Documents and Settings\Administrateur\Application Data\IDM
O43 - CFD: 13/11/2010 - 21:22:14 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\InstallShield
O43 - CFD: 11/04/2011 - 13:21:44 - [3719] ----D- C:\Documents and Settings\Administrateur\Application Data\Macromedia
O43 - CFD: 12/11/2010 - 17:18:40 - [1999470] ----D- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
O43 - CFD: 14/11/2010 - 13:50:56 - [1571692] ----D- C:\Documents and Settings\Administrateur\Application Data\MathWorks
O43 - CFD: 10/04/2011 - 15:09:08 - [4205482] -S--D- C:\Documents and Settings\Administrateur\Application Data\Microsoft
O43 - CFD: 17/03/2011 - 10:17:18 - [163113945] ----D- C:\Documents and Settings\Administrateur\Application Data\Move Networks
O43 - CFD: 11/11/2010 - 06:27:36 - [28281834] ----D- C:\Documents and Settings\Administrateur\Application Data\Mozilla
O43 - CFD: 11/11/2010 - 10:14:30 - [120834] ----D- C:\Documents and Settings\Administrateur\Application Data\Nero
O43 - CFD: 23/02/2011 - 16:16:46 - [345717] ----D- C:\Documents and Settings\Administrateur\Application Data\Notepad++
O43 - CFD: 09/01/2011 - 01:20:58 - [1831] ----D- C:\Documents and Settings\Administrateur\Application Data\PhotoFiltre
O43 - CFD: 17/03/2011 - 11:41:06 - [2606768] ----D- C:\Documents and Settings\Administrateur\Application Data\Real
O43 - CFD: 10/04/2011 - 19:29:30 - [4475419] ----D- C:\Documents and Settings\Administrateur\Application Data\Skype
O43 - CFD: 10/04/2011 - 16:31:06 - [9016] ----D- C:\Documents and Settings\Administrateur\Application Data\skypePM
O43 - CFD: 25/03/2011 - 10:55:02 - [21242] ----D- C:\Documents and Settings\Administrateur\Application Data\SolidDocuments
O43 - CFD: 11/11/2010 - 02:35:06 - [38609509] ----D- C:\Documents and Settings\Administrateur\Application Data\Sun
O43 - CFD: 17/11/2010 - 12:11:36 - [10377297] ----D- C:\Documents and Settings\Administrateur\Application Data\Thinstall
O43 - CFD: 30/03/2011 - 12:16:48 - [1553907] ----D- C:\Documents and Settings\Administrateur\Application Data\vlc
O43 - CFD: 15/11/2010 - 09:30:10 - [0] ----D- C:\Documents and Settings\Administrateur\Application Data\WinRAR
O43 - CFD: 21/11/2010 - 10:12:28 - [534931] ----D- C:\Documents and Settings\Administrateur\Application Data\Yahoo!
O43 - CFD: 12/11/2010 - 17:58:36 - [27] ----D- C:\Documents and Settings\Administrateur\Application Data\Zbshareware Lab
O43 - CFD: 17/03/2011 - 10:21:14 - [891291] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Adobe
O43 - CFD: 12/11/2010 - 19:14:26 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple
O43 - CFD: 12/11/2010 - 19:14:12 - [15003] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Apple Computer
O43 - CFD: 11/04/2011 - 01:09:08 - [0] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\GamePlayLabs Plugin
O43 - CFD: 01/12/2010 - 13:58:26 - [303396] ----D- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Identities
O43 - CFD: 31/12/2010 - 14:43:12 - [1183456] ----D- C:\Documents and Settings\Administrateur\Local

https://pjjoint.malekal.com/files.php?id=9446d7f3a414126

bonjour,
2/
# DelFix v7.7B - Rapport créé le 17/04/2011 à 13:50
# Mis à jour le 15/04/11 à 19h30 par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [SP3 v5.1.2600] Service Pack 3
# Nom d'utilisateur : Administrateur - SWEET-2C68BB0B5 (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Administrateur\Bureau\DelFix.exe
# Option [Suppression]


~~~~~~ Dossier(s) ~~~~~~

-> C:\Qoobox\BackEnv ... ACL modifié avec succès.
Supprimé : C:\Qoobox
Supprimé : C:\USBFix
Supprimé : C:\Program Files\Ad-Remover
Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\ComboFix.txt
Supprimé : C:\UsbFix.txt
Supprimé : C:\UsbFix_Upload_Me_SWEET-2C68BB0B5.zip
Supprimé : C:\ZHPExportRegistry-10-04-2011-20-25-49.txt
Supprimé : C:\ZHPExportRegistry-13-04-2011-22-03-54.txt
Supprimé : C:\ZHPExportRegistry-17-03-2011-09-11-14.txt
Supprimé : C:\ZHPExportRegistry-19-12-2010-14-53-31.txt
Supprimé : C:\ZHPExportRegistry-19-12-2010-19-08-09.txt
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\WINDOWS\grep.exe
Supprimé : C:\WINDOWS\PEV.exe
Supprimé : C:\WINDOWS\NIRCMD.exe
Supprimé : C:\WINDOWS\MBR.exe
Supprimé : C:\WINDOWS\sed.exe
Supprimé : C:\WINDOWS\SWREG.exe
Supprimé : C:\WINDOWS\SWSC.exe
Supprimé : C:\WINDOWS\SWXCACLS.exe
Supprimé : C:\WINDOWS\zip.exe
Supprimé : C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
Supprimé : C:\Documents and Settings\Administrateur\Bureau\UsbFix.exe
Supprimé : C:\Documents and Settings\Administrateur\Bureau\AD-R.lnk
Supprimé : C:\Documents and Settings\Administrateur\Bureau\ZHPDiag.txt
Supprimé : C:\Documents and Settings\Administrateur\Bureau\ZHPDiag2.exe
Supprimé : C:\Documents and Settings\Administrateur\Bureau\ZHPDiag2_1.exe
Supprimé : C:\Documents and Settings\Administrateur\Bureau\OneClick2RP.exe
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKCU\SOFTWARE\Ad-Remover
Clé Supprimée : HKCU\SOFTWARE\USBFix
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\ZHP
Clé Supprimée : HKLM\Software\Classes\.cfxxe
Clé Supprimée : HKLM\Software\Classes\cfxxefile
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
ACL [0] -> [7] & Clé Supprimée : HKLM\SOFTWARE\Swearware

~~~~~~ Autre ~~~~~~

-> Prefetch vidé

########## EOF - "C:\DelFixSuppr.txt" - [2968 octets] ##########

3/
JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Apr 17 13:56:27 2011

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: C:\Documents and Settings\Administrateur\Application Data\Sun\Java\jre1.6.0_07

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_04

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_07

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_07

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610007

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160070}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

------------------------------------

Finished reporting.

Infinement merci pour votre aide.