PC rame
Résolu/Fermé
lutece
-
15 août 2011 à 23:25
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 - 18 août 2011 à 13:15
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 - 18 août 2011 à 13:15
A voir également:
- PC rame
- Pc qui rame - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Whatsapp pc - Télécharger - Messagerie
- Audacity enregistrer son pc - Guide
21 réponses
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
15 août 2011 à 23:45
15 août 2011 à 23:45
Salut,
Tu désinstalle ta version d'ad-remover
* Télécharge de AD-Remover sur ton Bureau.
http://www.teamxscript.org/adremoverTelechargement.html
/!\ Ferme toutes applications en cours /!\
- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c
Tu désinstalle ta version d'ad-remover
* Télécharge de AD-Remover sur ton Bureau.
http://www.teamxscript.org/adremoverTelechargement.html
/!\ Ferme toutes applications en cours /!\
- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Sur la page, clique sur le bouton « Nettoyer »
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c
Bonsoir Fish66
Ci dessous le rapport
D'avance merci
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 23:55:17 le 15/08/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
H@LUTECE ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\conduit
Dossier supprimé: C:\Documents and Settings\H\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\Prefs.js --
Ligne supprimée: user_pref("CT2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne supprimée: user_pref("CT2613520.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261...
Ligne supprimée: user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=U...
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613520&Sea...
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé supprimée: HKLM\Software\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2613520
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\Toolbar
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.18 (fr)] ****
HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
-- C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default --
Extensions\nostmp (?)
Extensions\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5} (Protection ZoneAlarm Community Toolbar)
Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} (?)
Prefs.js - browser.download.lastDir, D:\\Olivier\\[TELECHARGEMENT]\\Adèle
Prefs.js - browser.startup.homepage, www.google.fr
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=24f3922d0000000000000019660fdbdb&tlver=1.4.19.19&instlRef=ss...
Prefs.js - privacy.popups.showBrowserMessage, false
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\{190DA45D-F0EE-47E5-AC2C-29F7723A6DB1} - C:\Program Files\Protection_ZoneAlarm\Protection_ZoneAlarmToolbarHelper1.exe (?)
HKLM_ElevationPolicy\{6F6FF334-F651-449A-A5AD-103633FBD82B} - C:\Documents and Settings\H\Local Settings\Application Data\Conduit\CT2613520\Protection_ZoneAlarmAutoUpdaterHelper.exe (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - "ECarteBleueBrowserHelper Class" (C:\WINDOWS\system32\BhoECart.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 30 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 15/08/2011 23:55:51 (4974 Octet(s))
Fin à: 23:57:33, 15/08/2011
============== E.O.F ==============
Ci dessous le rapport
D'avance merci
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 23:55:17 le 15/08/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
H@LUTECE ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\conduit
Dossier supprimé: C:\Documents and Settings\H\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\Prefs.js --
Ligne supprimée: user_pref("CT2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne supprimée: user_pref("CT2613520.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261...
Ligne supprimée: user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=U...
Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613520&Sea...
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé supprimée: HKLM\Software\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2613520
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\Toolbar
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [3.6.18 (fr)] ****
HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
-- C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default --
Extensions\nostmp (?)
Extensions\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5} (Protection ZoneAlarm Community Toolbar)
Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} (?)
Prefs.js - browser.download.lastDir, D:\\Olivier\\[TELECHARGEMENT]\\Adèle
Prefs.js - browser.startup.homepage, www.google.fr
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18
Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=24f3922d0000000000000019660fdbdb&tlver=1.4.19.19&instlRef=ss...
Prefs.js - privacy.popups.showBrowserMessage, false
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
HKLM_ElevationPolicy\{190DA45D-F0EE-47E5-AC2C-29F7723A6DB1} - C:\Program Files\Protection_ZoneAlarm\Protection_ZoneAlarmToolbarHelper1.exe (?)
HKLM_ElevationPolicy\{6F6FF334-F651-449A-A5AD-103633FBD82B} - C:\Documents and Settings\H\Local Settings\Application Data\Conduit\CT2613520\Protection_ZoneAlarmAutoUpdaterHelper.exe (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - "ECarteBleueBrowserHelper Class" (C:\WINDOWS\system32\BhoECart.dll)
BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 30 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 15/08/2011 23:55:51 (4974 Octet(s))
Fin à: 23:57:33, 15/08/2011
============== E.O.F ==============
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
16 août 2011 à 00:12
16 août 2011 à 00:12
Re,
Nous allons effectuer un diagnostic de ton PC:
*Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://pjjoint.malekal.com/
Si indisponible:
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.casimages.com/
* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Hébergement de rapport sur pjjoint.malekal.com
* Rends toi sur http://pjjoint.malekal.com/
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
*Clique sur le bouton Envoyer
* Un message de confirmation s'affiche, copie le lien dans ta prochaine réponse.
@+
Nous allons effectuer un diagnostic de ton PC:
*Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
http://pjjoint.malekal.com/
Si indisponible:
http://ww38.toofiles.com/fr/documents-upload.html
ou :
https://www.casimages.com/
* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Hébergement de rapport sur pjjoint.malekal.com
* Rends toi sur http://pjjoint.malekal.com/
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
*Clique sur le bouton Envoyer
* Un message de confirmation s'affiche, copie le lien dans ta prochaine réponse.
@+
Bonjour Fish66
Merci pour ton aide, désole j'ai du quitter hier soir
Ci dessous le lien du rapport pjjoint.maketal.com, qui pour information a mouliné, mouliné, mouliné,...... pendant au moins 10 mn avant de s'afficher . Normal?
http://pjjoint.malekal.com/files.php?id=dfbcc8ba59l5z10d6r7q13w6j13q15h11s13e11j14k8b14k9x12h12h14z7p5
D'avance merci pour ton retour
Merci pour ton aide, désole j'ai du quitter hier soir
Ci dessous le lien du rapport pjjoint.maketal.com, qui pour information a mouliné, mouliné, mouliné,...... pendant au moins 10 mn avant de s'afficher . Normal?
http://pjjoint.malekal.com/files.php?id=dfbcc8ba59l5z10d6r7q13w6j13q15h11s13e11j14k8b14k9x12h12h14z7p5
D'avance merci pour ton retour
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
16 août 2011 à 09:33
16 août 2011 à 09:33
Bonjour,
1/
Tu désinstalles ce logiciel : Logiciel: Babylon toolbar
Puis tu supprimes également ces dossiers :
C:\Program Files\BabylonToolbar
C:\Program Files\Protection_ZoneAlarm
C:\Documents and Settings\H\Application Data\BabylonToolbar
C:\Documents and Settings\H\Local Settings\Application Data\Protection_ZoneAlarm
2/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Recherche ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
@+
1/
Tu désinstalles ce logiciel : Logiciel: Babylon toolbar
Puis tu supprimes également ces dossiers :
C:\Program Files\BabylonToolbar
C:\Program Files\Protection_ZoneAlarm
C:\Documents and Settings\H\Application Data\BabylonToolbar
C:\Documents and Settings\H\Local Settings\Application Data\Protection_ZoneAlarm
2/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Recherche ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
@+
Re,
je pense avoir correctement tout supprimé, cependant l'ordi s'est bloqué apres avoir supprimé babylon ds "Ajout Suprression de programmes" et une page web du site babylon s'est ouverte. Pb ?
Voici le rapport AdwCleaner
# AdwCleaner v1.0 - Rapport créé le 16/08/2011 à 13:11:34
# Mis à jour le 15/08/11 à 15h30 par Xplode
# Système d'exploitation : Microsoft Windows XPService Pack 3 (32 bits)
# Nom d'utilisateur : H - LUTECE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\H\Bureau\AdwCleaner.exe
# Option [Recherche]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Présent : C:\Documents and Settings\H\Local Settings\Temp\conduit
***** [Registre] *****
Clé Présente : HKCU\Toolbar
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Présente : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.6.18 (fr)
Profil : 4ocmltw3.default
Fichier : C:\Documents and Settings\H\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js
Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
Présente : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
Présente : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
*************************
AdwCleaner[R1].txt - [1511 octets] - [16/08/2011 13:11:34]
########## EOF - C:\AdwCleaner[R1].txt - [1639 octets] ##########
Merci et a plus.
je pense avoir correctement tout supprimé, cependant l'ordi s'est bloqué apres avoir supprimé babylon ds "Ajout Suprression de programmes" et une page web du site babylon s'est ouverte. Pb ?
Voici le rapport AdwCleaner
# AdwCleaner v1.0 - Rapport créé le 16/08/2011 à 13:11:34
# Mis à jour le 15/08/11 à 15h30 par Xplode
# Système d'exploitation : Microsoft Windows XPService Pack 3 (32 bits)
# Nom d'utilisateur : H - LUTECE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\H\Bureau\AdwCleaner.exe
# Option [Recherche]
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Présent : C:\Documents and Settings\H\Local Settings\Temp\conduit
***** [Registre] *****
Clé Présente : HKCU\Toolbar
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Présente : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.6.18 (fr)
Profil : 4ocmltw3.default
Fichier : C:\Documents and Settings\H\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js
Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
Présente : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
Présente : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
*************************
AdwCleaner[R1].txt - [1511 octets] - [16/08/2011 13:11:34]
########## EOF - C:\AdwCleaner[R1].txt - [1639 octets] ##########
Merci et a plus.
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
16 août 2011 à 13:35
16 août 2011 à 13:35
Re,
1/
Lance AdwCleaner
Clique sur le bouton [ Suppression]
Patiente...
Poste le rapport qui apparait en fin de recherche.
2/ Ensuite
Prépare un nouveau rapport ZHPDiag stp
1/
Lance AdwCleaner
Clique sur le bouton [ Suppression]
Patiente...
Poste le rapport qui apparait en fin de recherche.
2/ Ensuite
Prépare un nouveau rapport ZHPDiag stp
Bonsoir Fish66
Voici le rapport AdwCleaner ci dessous
Par contre je n'arrive pas a obtenir de rapport ZHP Diag: qd je clique l'icone sur le bureau, le sablier apparait 10 sec et puis plus rien !
# AdwCleaner v1.0 - Rapport créé le 16/08/2011 à 20:50:21
# Mis à jour le 15/08/11 à 15h30 par Xplode
# Système d'exploitation : Microsoft Windows XPService Pack 3 (32 bits)
# Nom d'utilisateur : H - LUTECE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\H\Bureau\AdwCleaner.exe
# Option [Suppression]
***** [KillNav] *****
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Documents and Settings\H\Local Settings\Temp\conduit
***** [Registre] *****
Clé Supprimée : HKCU\Toolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.6.18 (fr)
Profil : 4ocmltw3.default
Fichier : C:\Documents and Settings\H\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
Supprimée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
*************************
AdwCleaner[R1].txt - [1640 octets] - [16/08/2011 13:11:34]
AdwCleaner[S1].txt - [1609 octets] - [16/08/2011 20:50:21]
########## EOF - C:\AdwCleaner[S1].txt - [1737 octets] ##########
Merci pour ton retour
Voici le rapport AdwCleaner ci dessous
Par contre je n'arrive pas a obtenir de rapport ZHP Diag: qd je clique l'icone sur le bureau, le sablier apparait 10 sec et puis plus rien !
# AdwCleaner v1.0 - Rapport créé le 16/08/2011 à 20:50:21
# Mis à jour le 15/08/11 à 15h30 par Xplode
# Système d'exploitation : Microsoft Windows XPService Pack 3 (32 bits)
# Nom d'utilisateur : H - LUTECE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\H\Bureau\AdwCleaner.exe
# Option [Suppression]
***** [KillNav] *****
***** [Processus] *****
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Documents and Settings\H\Local Settings\Temp\conduit
***** [Registre] *****
Clé Supprimée : HKCU\Toolbar
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
-\\ Mozilla Firefox v3.6.18 (fr)
Profil : 4ocmltw3.default
Fichier : C:\Documents and Settings\H\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js
Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
Supprimée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
*************************
AdwCleaner[R1].txt - [1640 octets] - [16/08/2011 13:11:34]
AdwCleaner[S1].txt - [1609 octets] - [16/08/2011 20:50:21]
########## EOF - C:\AdwCleaner[S1].txt - [1737 octets] ##########
Merci pour ton retour
Fish66
Apres beaucoup de miseres et de stop forces du PC (ecran bleu et tout le toutim.....) j'ai reussi un ZHPDiag
Ci dessous
Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011
Run by H at 16/08/2011 22:22:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Adventage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 40 GB (58%) free of 68 GB
---\\ Logged in mode
~ Computer Name: LUTECE
~ User Name: H
~ All Users Names: SUPPORT_388945a0, HelpAssistant, H, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\H\Application Data\
~ %Desktop% : C:\Documents and Settings\H\Bureau\
~ %Favorites% : C:\Documents and Settings\H\Favoris\
~ %LocalAppData% : C:\Documents and Settings\H\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\H\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 68 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 165 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/08/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/08/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/08/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/08/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/102
~ Mes musiques (My Musics) : 17/664
~ Mes Favoris (My Favorites) : 2/28
~ Mes Documents (My Documents) : 32/8091
~ Mon Bureau (My Desktop) : 1/56
~ Menu demarrer (Programs) : 5/37
~ Scan Hidden Files in 00mn 09s
---\\ Processus lancés
[MD5.D5406AD4263487BD6C6B2D7735B095BC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.]
[MD5.E9372A17C22FC4E5C9FD8798A97775FC] - (.Nero AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [871424] [PID.]
[MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.]
[MD5.2202BA7450E6BE65D92A40377206C626] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [488952] [PID.]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.]
[MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.]
[MD5.BBCDBEBBF1BD6DC5912240391874C0DC] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [161632] [PID.]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.2916]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3493720] [PID.2256]
[MD5.DDACBCA1D0E66BBA5C984842F372A6D4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2468]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768] [PID.2476]
[MD5.CF508A3971DECEEC1CE575DDDCA4A019] - (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe [1397760] [PID.2504]
[MD5.37BF603C3685289CA684C4D3400A9DE7] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.2628]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2656]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2672]
[MD5.5ADA30D570F877E4F01C8DF67F781E0E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16208384] [PID.2848]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2912]
[MD5.ACC5596B15EB0351261A483DA06F3EB3] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1531904] [PID.2964]
[MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3348]
[MD5.C72FB9CC856ECFF3B6459B27CB674638] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584] [PID.3536]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3600]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.224]
[MD5.16F1D5CF6465FCA139FA289648B349EE] - (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [663552] [PID.168]
[MD5.DCB3796E0169419618C72F0CE34C68ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008] [PID.]
[MD5.2D841B7B7F6DEC32162EDFCC69D61F42] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [615936] [PID.]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Documents and Settings\H\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.4076]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.4084]
[MD5.F4631A1BE95655DE86C256776E49019A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [138752] [PID.]
[MD5.46A9D1FCC55EC6A62FE1D2ACE79C6CA8] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.2984]
[MD5.258B59C03A5E5C53177C5D52A714C12A] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808] [PID.]
[MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.1968]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nosltd.com/getPlus+(R),version=1.6.2.90] - (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\NOS\bin\np_gp.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) (No version) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InCD] . (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Run: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for H.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: ATI HYDRAVISION - (.Pas de propriétaire.) [HKLM] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: ArcSoft PhotoImpression 5 - (.ArcSoft.) [HKLM] -- {7AFDF9AE-66B2-4A1F-8249-32EF14B97150}
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: AxCrypt (Désinstaller uniquement) - (.Axon Data.) [HKLM] -- AxCrypt
O42 - Logiciel: DVD Solution - (.Pas de propriétaire.) [HKLM] -- {B97CF5C3-0487-11D8-A36E-0050BAE317E1}
O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
O42 - Logiciel: Electronic Arts Product Registration - (.Electronic Arts.) [HKLM] -- InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}
O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: LimeWire 5.5.14 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Age of Empires Expansion - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion 1.0
O42 - Logiciel: Microsoft Age of Empires Expansion Trial - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion Trial 1.00
O42 - Logiciel: Microsoft Age of Empires II Trial Version - (.Pas de propriétaire.) [HKLM] -- Age of Empires II Trial
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PhotoScape - (.Pas de propriétaire.) [HKLM] -- PhotoScape
O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: REALTEK PCIE NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {17E2F183-BAC4-4D01-BD7A-59F781E17EFA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Risk - (.Pas de propriétaire.) [HKLM] -- Risk
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Videora iPod Converter 6 - (.Red Kawa.) [HKLM] -- Videora iPod Converter
O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm
O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Astonsoft]
[HKCU\Software\Axon Data]
[HKCU\Software\BitTorrent]
[HKCU\Software\CheckPoint]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EA Sports]
[HKCU\Software\EasyBits]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IADirectShow]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterActual Technologies]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Monitored]
[HKCU\Software\Mooii]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Protection_ZoneAlarm]
[HKCU\Software\Realtek]
[HKCU\Software\SOFTWARE]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\ahead]
[HKCU\Software\cspep]
[HKCU\Software\digital publishing]
[HKCU\Software\keyhole.com]
[HKCU\Software\settings]
[HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Aecotech]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Axon Data]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Dofus 2]
[HKLM\Software\EA Sports]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterActual Technologies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\LanSetup]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Mooii]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nero]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PixArt]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protection_ZoneAlarm]
[HKLM\Software\REALTEK Semiconductor Corporation]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEGA]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Set8168]
[HKLM\Software\Skype]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Zone Labs]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des
Apres beaucoup de miseres et de stop forces du PC (ecran bleu et tout le toutim.....) j'ai reussi un ZHPDiag
Ci dessous
Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011
Run by H at 16/08/2011 22:22:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Adventage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 40 GB (58%) free of 68 GB
---\\ Logged in mode
~ Computer Name: LUTECE
~ User Name: H
~ All Users Names: SUPPORT_388945a0, HelpAssistant, H, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\H\Application Data\
~ %Desktop% : C:\Documents and Settings\H\Bureau\
~ %Favorites% : C:\Documents and Settings\H\Favoris\
~ %LocalAppData% : C:\Documents and Settings\H\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\H\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 68 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 165 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/08/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/08/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/08/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/08/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/102
~ Mes musiques (My Musics) : 17/664
~ Mes Favoris (My Favorites) : 2/28
~ Mes Documents (My Documents) : 32/8091
~ Mon Bureau (My Desktop) : 1/56
~ Menu demarrer (Programs) : 5/37
~ Scan Hidden Files in 00mn 09s
---\\ Processus lancés
[MD5.D5406AD4263487BD6C6B2D7735B095BC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.]
[MD5.E9372A17C22FC4E5C9FD8798A97775FC] - (.Nero AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [871424] [PID.]
[MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.]
[MD5.2202BA7450E6BE65D92A40377206C626] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [488952] [PID.]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.]
[MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.]
[MD5.BBCDBEBBF1BD6DC5912240391874C0DC] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [161632] [PID.]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.2916]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3493720] [PID.2256]
[MD5.DDACBCA1D0E66BBA5C984842F372A6D4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2468]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768] [PID.2476]
[MD5.CF508A3971DECEEC1CE575DDDCA4A019] - (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe [1397760] [PID.2504]
[MD5.37BF603C3685289CA684C4D3400A9DE7] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.2628]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2656]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2672]
[MD5.5ADA30D570F877E4F01C8DF67F781E0E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16208384] [PID.2848]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2912]
[MD5.ACC5596B15EB0351261A483DA06F3EB3] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1531904] [PID.2964]
[MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3348]
[MD5.C72FB9CC856ECFF3B6459B27CB674638] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584] [PID.3536]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3600]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.224]
[MD5.16F1D5CF6465FCA139FA289648B349EE] - (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [663552] [PID.168]
[MD5.DCB3796E0169419618C72F0CE34C68ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008] [PID.]
[MD5.2D841B7B7F6DEC32162EDFCC69D61F42] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [615936] [PID.]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Documents and Settings\H\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.4076]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.4084]
[MD5.F4631A1BE95655DE86C256776E49019A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [138752] [PID.]
[MD5.46A9D1FCC55EC6A62FE1D2ACE79C6CA8] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.2984]
[MD5.258B59C03A5E5C53177C5D52A714C12A] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808] [PID.]
[MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.1968]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nosltd.com/getPlus+(R),version=1.6.2.90] - (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\NOS\bin\np_gp.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) (No version) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InCD] . (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Run: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for H.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: ATI HYDRAVISION - (.Pas de propriétaire.) [HKLM] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: ArcSoft PhotoImpression 5 - (.ArcSoft.) [HKLM] -- {7AFDF9AE-66B2-4A1F-8249-32EF14B97150}
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: AxCrypt (Désinstaller uniquement) - (.Axon Data.) [HKLM] -- AxCrypt
O42 - Logiciel: DVD Solution - (.Pas de propriétaire.) [HKLM] -- {B97CF5C3-0487-11D8-A36E-0050BAE317E1}
O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
O42 - Logiciel: Electronic Arts Product Registration - (.Electronic Arts.) [HKLM] -- InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}
O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: LimeWire 5.5.14 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Age of Empires Expansion - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion 1.0
O42 - Logiciel: Microsoft Age of Empires Expansion Trial - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion Trial 1.00
O42 - Logiciel: Microsoft Age of Empires II Trial Version - (.Pas de propriétaire.) [HKLM] -- Age of Empires II Trial
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PhotoScape - (.Pas de propriétaire.) [HKLM] -- PhotoScape
O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: REALTEK PCIE NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {17E2F183-BAC4-4D01-BD7A-59F781E17EFA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Risk - (.Pas de propriétaire.) [HKLM] -- Risk
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Videora iPod Converter 6 - (.Red Kawa.) [HKLM] -- Videora iPod Converter
O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm
O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Astonsoft]
[HKCU\Software\Axon Data]
[HKCU\Software\BitTorrent]
[HKCU\Software\CheckPoint]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EA Sports]
[HKCU\Software\EasyBits]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IADirectShow]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterActual Technologies]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Monitored]
[HKCU\Software\Mooii]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Protection_ZoneAlarm]
[HKCU\Software\Realtek]
[HKCU\Software\SOFTWARE]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\ahead]
[HKCU\Software\cspep]
[HKCU\Software\digital publishing]
[HKCU\Software\keyhole.com]
[HKCU\Software\settings]
[HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Aecotech]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Axon Data]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Dofus 2]
[HKLM\Software\EA Sports]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterActual Technologies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\LanSetup]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Mooii]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nero]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PixArt]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protection_ZoneAlarm]
[HKLM\Software\REALTEK Semiconductor Corporation]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEGA]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Set8168]
[HKLM\Software\Skype]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Zone Labs]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
17 août 2011 à 00:19
17 août 2011 à 00:19
Re,
1/
* Télécharge load_tdsskiller (de Loup Blanc) sur ton Bureau
http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe
* Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur
* L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse
* Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option (Cure) est sélectionnée,
* Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),
* A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)
2/
Le rapport ZHPDiag est incomplet, héberge le stp comme indiqué ici
3/
Pour connaitre du problème, je dois analyser le rapport ZHPDiag
1/
* Télécharge load_tdsskiller (de Loup Blanc) sur ton Bureau
http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe
* Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur
* L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse
* Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option (Cure) est sélectionnée,
* Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),
* A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)
2/
Le rapport ZHPDiag est incomplet, héberge le stp comme indiqué ici
3/
Pour connaitre du problème, je dois analyser le rapport ZHPDiag
Re,
Désolé, rapport ZHP Diag que j'espere complet cette fois ci et plus bas le rapport Tdsskiller:
1/
Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011
Run by H at 16/08/2011 22:22:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Adventage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 40 GB (58%) free of 68 GB
---\\ Logged in mode
~ Computer Name: LUTECE
~ User Name: H
~ All Users Names: SUPPORT_388945a0, HelpAssistant, H, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\H\Application Data\
~ %Desktop% : C:\Documents and Settings\H\Bureau\
~ %Favorites% : C:\Documents and Settings\H\Favoris\
~ %LocalAppData% : C:\Documents and Settings\H\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\H\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 68 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 165 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/08/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/08/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/08/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/08/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/102
~ Mes musiques (My Musics) : 17/664
~ Mes Favoris (My Favorites) : 2/28
~ Mes Documents (My Documents) : 32/8091
~ Mon Bureau (My Desktop) : 1/56
~ Menu demarrer (Programs) : 5/37
~ Scan Hidden Files in 00mn 09s
---\\ Processus lancés
[MD5.D5406AD4263487BD6C6B2D7735B095BC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.]
[MD5.E9372A17C22FC4E5C9FD8798A97775FC] - (.Nero AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [871424] [PID.]
[MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.]
[MD5.2202BA7450E6BE65D92A40377206C626] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [488952] [PID.]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.]
[MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.]
[MD5.BBCDBEBBF1BD6DC5912240391874C0DC] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [161632] [PID.]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.2916]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3493720] [PID.2256]
[MD5.DDACBCA1D0E66BBA5C984842F372A6D4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2468]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768] [PID.2476]
[MD5.CF508A3971DECEEC1CE575DDDCA4A019] - (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe [1397760] [PID.2504]
[MD5.37BF603C3685289CA684C4D3400A9DE7] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.2628]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2656]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2672]
[MD5.5ADA30D570F877E4F01C8DF67F781E0E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16208384] [PID.2848]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2912]
[MD5.ACC5596B15EB0351261A483DA06F3EB3] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1531904] [PID.2964]
[MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3348]
[MD5.C72FB9CC856ECFF3B6459B27CB674638] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584] [PID.3536]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3600]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.224]
[MD5.16F1D5CF6465FCA139FA289648B349EE] - (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [663552] [PID.168]
[MD5.DCB3796E0169419618C72F0CE34C68ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008] [PID.]
[MD5.2D841B7B7F6DEC32162EDFCC69D61F42] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [615936] [PID.]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Documents and Settings\H\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.4076]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.4084]
[MD5.F4631A1BE95655DE86C256776E49019A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [138752] [PID.]
[MD5.46A9D1FCC55EC6A62FE1D2ACE79C6CA8] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.2984]
[MD5.258B59C03A5E5C53177C5D52A714C12A] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808] [PID.]
[MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.1968]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nosltd.com/getPlus+(R),version=1.6.2.90] - (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\NOS\bin\np_gp.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) (No version) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InCD] . (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Run: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for H.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: ATI HYDRAVISION - (.Pas de propriétaire.) [HKLM] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: ArcSoft PhotoImpression 5 - (.ArcSoft.) [HKLM] -- {7AFDF9AE-66B2-4A1F-8249-32EF14B97150}
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: AxCrypt (Désinstaller uniquement) - (.Axon Data.) [HKLM] -- AxCrypt
O42 - Logiciel: DVD Solution - (.Pas de propriétaire.) [HKLM] -- {B97CF5C3-0487-11D8-A36E-0050BAE317E1}
O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
O42 - Logiciel: Electronic Arts Product Registration - (.Electronic Arts.) [HKLM] -- InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}
O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: LimeWire 5.5.14 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Age of Empires Expansion - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion 1.0
O42 - Logiciel: Microsoft Age of Empires Expansion Trial - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion Trial 1.00
O42 - Logiciel: Microsoft Age of Empires II Trial Version - (.Pas de propriétaire.) [HKLM] -- Age of Empires II Trial
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PhotoScape - (.Pas de propriétaire.) [HKLM] -- PhotoScape
O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: REALTEK PCIE NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {17E2F183-BAC4-4D01-BD7A-59F781E17EFA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Risk - (.Pas de propriétaire.) [HKLM] -- Risk
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Videora iPod Converter 6 - (.Red Kawa.) [HKLM] -- Videora iPod Converter
O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm
O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Astonsoft]
[HKCU\Software\Axon Data]
[HKCU\Software\BitTorrent]
[HKCU\Software\CheckPoint]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EA Sports]
[HKCU\Software\EasyBits]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IADirectShow]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterActual Technologies]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Monitored]
[HKCU\Software\Mooii]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Protection_ZoneAlarm]
[HKCU\Software\Realtek]
[HKCU\Software\SOFTWARE]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\ahead]
[HKCU\Software\cspep]
[HKCU\Software\digital publishing]
[HKCU\Software\keyhole.com]
[HKCU\Software\settings]
[HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Aecotech]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Axon Data]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Dofus 2]
[HKLM\Software\EA Sports]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterActual Technologies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\LanSetup]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Mooii]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nero]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PixArt]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protection_ZoneAlarm]
[HKLM\Software\REALTEK Semiconductor Corporation]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEGA]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Set8168]
[HKLM\Software\Skype]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Zone Labs]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers
Désolé, rapport ZHP Diag que j'espere complet cette fois ci et plus bas le rapport Tdsskiller:
1/
Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011
Run by H at 16/08/2011 22:22:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)
---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Adventage : KO
---\\ System Information
~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 40 GB (58%) free of 68 GB
---\\ Logged in mode
~ Computer Name: LUTECE
~ User Name: H
~ All Users Names: SUPPORT_388945a0, HelpAssistant, H, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\H\Application Data\
~ %Desktop% : C:\Documents and Settings\H\Bureau\
~ %Favorites% : C:\Documents and Settings\H\Favoris\
~ %LocalAppData% : C:\Documents and Settings\H\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\H\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 68 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 165 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/08/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/08/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/08/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/08/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/102
~ Mes musiques (My Musics) : 17/664
~ Mes Favoris (My Favorites) : 2/28
~ Mes Documents (My Documents) : 32/8091
~ Mon Bureau (My Desktop) : 1/56
~ Menu demarrer (Programs) : 5/37
~ Scan Hidden Files in 00mn 09s
---\\ Processus lancés
[MD5.D5406AD4263487BD6C6B2D7735B095BC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.]
[MD5.E9372A17C22FC4E5C9FD8798A97775FC] - (.Nero AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [871424] [PID.]
[MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.]
[MD5.2202BA7450E6BE65D92A40377206C626] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [488952] [PID.]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.]
[MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.]
[MD5.BBCDBEBBF1BD6DC5912240391874C0DC] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [161632] [PID.]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.2916]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3493720] [PID.2256]
[MD5.DDACBCA1D0E66BBA5C984842F372A6D4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2468]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768] [PID.2476]
[MD5.CF508A3971DECEEC1CE575DDDCA4A019] - (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe [1397760] [PID.2504]
[MD5.37BF603C3685289CA684C4D3400A9DE7] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.2628]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2656]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2672]
[MD5.5ADA30D570F877E4F01C8DF67F781E0E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16208384] [PID.2848]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2912]
[MD5.ACC5596B15EB0351261A483DA06F3EB3] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1531904] [PID.2964]
[MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3348]
[MD5.C72FB9CC856ECFF3B6459B27CB674638] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584] [PID.3536]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3600]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.224]
[MD5.16F1D5CF6465FCA139FA289648B349EE] - (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [663552] [PID.168]
[MD5.DCB3796E0169419618C72F0CE34C68ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008] [PID.]
[MD5.2D841B7B7F6DEC32162EDFCC69D61F42] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [615936] [PID.]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Documents and Settings\H\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.4076]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.4084]
[MD5.F4631A1BE95655DE86C256776E49019A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [138752] [PID.]
[MD5.46A9D1FCC55EC6A62FE1D2ACE79C6CA8] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.2984]
[MD5.258B59C03A5E5C53177C5D52A714C12A] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808] [PID.]
[MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.1968]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nosltd.com/getPlus+(R),version=1.6.2.90] - (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\NOS\bin\np_gp.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) (No version) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
~ Scan Toolbar in 00mn 00s
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InCD] . (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Run: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
~ Scan SSODL in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 00s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for H.job
~ Scan Scheduled Task in 00mn 00s
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: ATI HYDRAVISION - (.Pas de propriétaire.) [HKLM] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: ArcSoft PhotoImpression 5 - (.ArcSoft.) [HKLM] -- {7AFDF9AE-66B2-4A1F-8249-32EF14B97150}
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: AxCrypt (Désinstaller uniquement) - (.Axon Data.) [HKLM] -- AxCrypt
O42 - Logiciel: DVD Solution - (.Pas de propriétaire.) [HKLM] -- {B97CF5C3-0487-11D8-A36E-0050BAE317E1}
O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
O42 - Logiciel: Electronic Arts Product Registration - (.Electronic Arts.) [HKLM] -- InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}
O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: LimeWire 5.5.14 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Age of Empires Expansion - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion 1.0
O42 - Logiciel: Microsoft Age of Empires Expansion Trial - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion Trial 1.00
O42 - Logiciel: Microsoft Age of Empires II Trial Version - (.Pas de propriétaire.) [HKLM] -- Age of Empires II Trial
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PhotoScape - (.Pas de propriétaire.) [HKLM] -- PhotoScape
O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: REALTEK PCIE NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {17E2F183-BAC4-4D01-BD7A-59F781E17EFA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Risk - (.Pas de propriétaire.) [HKLM] -- Risk
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Videora iPod Converter 6 - (.Red Kawa.) [HKLM] -- Videora iPod Converter
O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm
O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent
---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Astonsoft]
[HKCU\Software\Axon Data]
[HKCU\Software\BitTorrent]
[HKCU\Software\CheckPoint]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EA Sports]
[HKCU\Software\EasyBits]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IADirectShow]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterActual Technologies]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Monitored]
[HKCU\Software\Mooii]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Protection_ZoneAlarm]
[HKCU\Software\Realtek]
[HKCU\Software\SOFTWARE]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\ahead]
[HKCU\Software\cspep]
[HKCU\Software\digital publishing]
[HKCU\Software\keyhole.com]
[HKCU\Software\settings]
[HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Aecotech]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Axon Data]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Dofus 2]
[HKLM\Software\EA Sports]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterActual Technologies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\LanSetup]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Mooii]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nero]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PixArt]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protection_ZoneAlarm]
[HKLM\Software\REALTEK Semiconductor Corporation]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEGA]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Set8168]
[HKLM\Software\Skype]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Zone Labs]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers
Fish66,
Suite du message ci dessus qui se coupe, je ne sais pas pourquoi:
--\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/05/2011 - 13:16:56 - [4621521] ----D- C:\Program Files\7-Zip
O43 - CFD: 15/08/2011 - 23:55:18 - [57681117] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 09/10/2010 - 10:24:54 - [162915830] ----D- C:\Program Files\Adobe
O43 - CFD: 20/03/2011 - 16:55:56 - [163840] ----D- C:\Program Files\Aecotech
O43 - CFD: 12/09/2010 - 21:36:30 - [102212079] ----D- C:\Program Files\Ahead
O43 - CFD: 05/09/2010 - 17:07:00 - [157681030] ----D- C:\Program Files\Alwil Software
O43 - CFD: 11/09/2010 - 23:05:06 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 20/03/2011 - 16:58:04 - [310416363] ----D- C:\Program Files\ArcSoft
O43 - CFD: 08/01/2011 - 22:24:44 - [7850366] ----D- C:\Program Files\Astonsoft
O43 - CFD: 24/10/2010 - 11:18:30 - [89582258] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 23/03/2011 - 22:15:34 - [4859926] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 27/10/2010 - 22:13:36 - [2818095] ----D- C:\Program Files\Axon Data
O43 - CFD: 11/09/2010 - 23:04:24 - [616871] ----D- C:\Program Files\Bonjour
O43 - CFD: 24/10/2010 - 11:50:56 - [0] ----D- C:\Program Files\BumpTop
O43 - CFD: 05/09/2010 - 19:22:00 - [26949067] ----D- C:\Program Files\CheckPoint
O43 - CFD: 05/09/2010 - 16:11:42 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 16/08/2011 - 22:19:54 - [1893070] ----D- C:\Program Files\cspep
O43 - CFD: 12/09/2010 - 21:34:00 - [4375040] ----D- C:\Program Files\CyberLink
O43 - CFD: 12/09/2010 - 21:41:44 - [285921027] ----D- C:\Program Files\CyberLink DVD Solution
O43 - CFD: 08/01/2011 - 22:19:58 - [2863832] ----D- C:\Program Files\DeepBurner
O43 - CFD: 23/11/2010 - 00:01:18 - [800824] ----D- C:\Program Files\DIFX
O43 - CFD: 10/03/2011 - 16:03:40 - [1689058] ----D- C:\Program Files\Electronic Arts
O43 - CFD: 20/06/2011 - 20:29:06 - [1070462252] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 28/05/2011 - 18:48:44 - [92110827] ----D- C:\Program Files\Google
O43 - CFD: 26/09/2010 - 15:53:26 - [123519548] ----D- C:\Program Files\HP
O43 - CFD: 05/07/2011 - 16:07:44 - [45852423] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 30/12/2010 - 11:54:42 - [7540292] ----D- C:\Program Files\InterActual
O43 - CFD: 16/08/2011 - 13:40:28 - [5926440] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 11/09/2010 - 23:06:18 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 23/03/2011 - 22:13:28 - [20791199] ----D- C:\Program Files\Ipod Videora Converter
O43 - CFD: 11/09/2010 - 23:16:46 - [121825212] ----D- C:\Program Files\iTunes
O43 - CFD: 11/06/2011 - 08:23:24 - [82122271] ----D- C:\Program Files\Java
O43 - CFD: 11/09/2010 - 22:55:24 - [30049944] ----D- C:\Program Files\Lime Wire
O43 - CFD: 14/11/2010 - 12:09:22 - [102059057] ----D- C:\Program Files\LimeWire
O43 - CFD: 13/03/2011 - 12:47:18 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 03/10/2010 - 12:38:46 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 05/07/2011 - 16:14:30 - [0] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 03/04/2011 - 15:09:34 - [97057405] ----D- C:\Program Files\Microsoft LifeCam
O43 - CFD: 15/08/2011 - 17:36:14 - [694326443] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/06/2011 - 22:40:04 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 23/10/2010 - 10:07:34 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 23/10/2010 - 15:44:18 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 30/05/2011 - 22:01:04 - [16098828] ----D- C:\Program Files\Movie Maker
O43 - CFD: 16/08/2011 - 22:20:52 - [44287599] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 24/10/2010 - 15:19:44 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 29/09/2010 - 13:50:42 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 05/09/2010 - 16:10:54 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 27/09/2010 - 09:25:44 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 05/09/2010 - 19:35:56 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 23/11/2010 - 00:15:46 - [74027350] ----D- C:\Program Files\Nokia
O43 - CFD: 27/02/2011 - 17:46:18 - [12404120] ----D- C:\Program Files\Norton Security Scan
O43 - CFD: 27/02/2011 - 17:46:16 - [8446243] ----D- C:\Program Files\NortonInstaller
O43 - CFD: 06/09/2010 - 23:26:00 - [494512] ----D- C:\Program Files\NOS
O43 - CFD: 05/09/2010 - 16:11:04 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 16/12/2010 - 08:44:42 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 23/11/2010 - 00:01:04 - [13402122] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 05/01/2011 - 23:13:24 - [24438345] ----D- C:\Program Files\PhotoScape
O43 - CFD: 11/09/2010 - 23:05:50 - [76334922] ----D- C:\Program Files\QuickTime
O43 - CFD: 24/10/2010 - 14:15:24 - [47722444] ----D- C:\Program Files\Realtek
O43 - CFD: 23/03/2011 - 22:15:20 - [42038429] ----D- C:\Program Files\Red Kawa
O43 - CFD: 24/10/2010 - 15:19:34 - [37949185] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 23/03/2011 - 22:15:40 - [25015139] ----D- C:\Program Files\Regensoft
O43 - CFD: 26/09/2010 - 18:13:42 - [1936012] ----D- C:\Program Files\Samsung
O43 - CFD: 05/09/2010 - 16:13:36 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 20/06/2011 - 20:29:22 - [24155848] R---D- C:\Program Files\Skype
O43 - CFD: 05/09/2010 - 16:24:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 26/04/2011 - 07:25:24 - [399736] ----D- C:\Program Files\uTorrent
O43 - CFD: 05/09/2010 - 16:31:16 - [474722] ----D- C:\Program Files\VIA
O43 - CFD: 12/09/2010 - 12:24:04 - [81188284] ----D- C:\Program Files\VideoLAN
O43 - CFD: 20/09/2010 - 09:09:40 - [317264] ----D- C:\Program Files\Virtualis
O43 - CFD: 13/03/2011 - 12:47:50 - [61856425] ----D- C:\Program Files\Windows Live
O43 - CFD: 13/03/2011 - 12:46:56 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 05/02/2011 - 20:09:02 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 05/02/2011 - 20:09:00 - [8543450] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/09/2010 - 19:35:54 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 05/09/2010 - 16:13:42 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 05/09/2010 - 16:15:14 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/08/2011 - 22:22:54 - [4018322] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 05/09/2010 - 19:18:56 - [21742354] ----D- C:\Program Files\Zone Labs
O43 - CFD: 09/10/2010 - 10:25:06 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 19/09/2010 - 00:51:34 - [30516688] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 12/09/2010 - 21:36:14 - [26989503] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 11/09/2010 - 23:06:16 - [80026250] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 20/03/2011 - 16:59:24 - [13917211] ----D- C:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD: 24/10/2010 - 11:18:30 - [964265] ----D- C:\Program Files\Fichiers Communs\ATI Technologies
O43 - CFD: 23/10/2010 - 10:07:34 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 26/09/2010 - 15:57:18 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 05/09/2010 - 16:44:48 - [10478698] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 11/06/2011 - 08:24:30 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 13/03/2011 - 12:47:02 - [237389290] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 05/09/2010 - 16:12:36 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 23/11/2010 - 00:03:28 - [91459031] ----D- C:\Program Files\Fichiers Communs\Nokia
O43 - CFD: 05/09/2010 - 17:58:00 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 20/03/2011 - 16:55:58 - [10164349] ----D- C:\Program Files\Fichiers Communs\PAC207
O43 - CFD: 05/09/2010 - 16:12:42 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 05/09/2010 - 17:57:56 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 26/07/2011 - 14:57:32 - [470720865] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 23/10/2010 - 15:41:56 - [44383521] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 13/03/2011 - 12:32:08 - [41467028] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 27/02/2011 - 14:46:56 - [14103679] ----D- C:\Documents and Settings\H\Application Data\Adobe
O43 - CFD: 19/09/2010 - 07:28:30 - [4314] ----D- C:\Documents and Settings\H\Application Data\app
O43 - CFD: 11/09/2010 - 23:16:28 - [1229422] ----D- C:\Documents and Settings\H\Application Data\Apple Computer
O43 - CFD: 20/03/2011 - 17:01:36 - [185549] ----D- C:\Documents and Settings\H\Application Data\ArcSoft
O43 - CFD: 24/10/2010 - 11:20:50 - [0] ----D- C:\Documents and Settings\H\Application Data\ATI
O43 - CFD: 24/10/2010 - 11:29:44 - [6706532] ----D- C:\Documents and Settings\H\Application Data\Bump Technologies, Inc
O43 - CFD: 05/09/2010 - 19:22:16 - [24780] ----D- C:\Documents and Settings\H\Application Data\CheckPoint
O43 - CFD: 09/03/2011 - 20:44:58 - [10758] ----D- C:\Documents and Settings\H\Application Data\CyberLink
O43 - CFD: 08/01/2011 - 22:29:44 - [1107] ----D- C:\Documents and Settings\H\Application Data\DeepBurner
O43 - CFD: 31/10/2010 - 12:59:24 - [21637376] ----D- C:\Documents and Settings\H\Application Data\digital publishing
O43 - CFD: 19/09/2010 - 07:59:30 - [15077712] ----D- C:\Documents and Settings\H\Application Data\Dofus 2
O43 - CFD: 19/09/2010 - 07:28:24 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 19/09/2010 - 10:03:10 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 03/07/2011 - 23:01:08 - [199] ----D- C:\Documents and Settings\H\Application Data\dvdcss
O43 - CFD: 18/10/2010 - 16:32:58 - [119252] ----D- C:\Documents and Settings\H\Application Data\Google
O43 - CFD: 26/09/2010 - 15:50:14 - [31682] ----D- C:\Documents and Settings\H\Application Data\HP
O43 - CFD: 05/09/2010 - 16:24:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Identities
O43 - CFD: 18/03/2011 - 19:06:22 - [0] ----D- C:\Documents and Settings\H\Application Data\InstallShield
O43 - CFD: 24/05/2011 - 13:39:42 - [414] ----D- C:\Documents and Settings\H\Application Data\Leadertech
O43 - CFD: 16/08/2011 - 22:20:38 - [23586180] ----D- C:\Documents and Settings\H\Application Data\LimeWire
O43 - CFD: 05/09/2010 - 17:21:16 - [3115061] ----D- C:\Documents and Settings\H\Application Data\Macromedia
O43 - CFD: 26/03/2011 - 00:59:48 - [7243730] -S--D- C:\Documents and Settings\H\Application Data\Microsoft
O43 - CFD: 03/10/2010 - 12:39:00 - [0] ----D- C:\Documents and Settings\H\Application Data\Microsoft Web Folders
O43 - CFD: 05/09/2010 - 16:52:24 - [27705531] ----D- C:\Documents and Settings\H\Application Data\Mozilla
O43 - CFD: 23/11/2010 - 00:14:46 - [196197] ----D- C:\Documents and Settings\H\Application Data\Nokia
O43 - CFD: 23/11/2010 - 00:14:50 - [32804] ----D- C:\Documents and Settings\H\Application Data\Nokia Ovi Suite
O43 - CFD: 28/03/2011 - 21:52:24 - [19988325] ----D- C:\Documents and Settings\H\Application Data\PC Suite
O43 - CFD: 05/01/2011 - 18:41:34 - [606] ----D- C:\Documents and Settings\H\Application Data\PhotoFiltre
O43 - CFD: 29/01/2011 - 15:37:50 - [41796] ----D- C:\Documents and Settings\H\Application Data\PhotoScape
O43 - CFD: 23/03/2011 - 22:26:28 - [218737] ----D- C:\Documents and Settings\H\Application Data\Red Kawa
O43 - CFD: 19/09/2010 - 07:28:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 23/03/2011 - 22:18:38 - [688] ----D- C:\Documents and Settings\H\Application Data\Regensoft
O43 - CFD: 01/04/2011 - 17:57:04 - [9872] R-H-D- C:\Documents and Settings\H\Application Data\SecuROM
O43 - CFD: 20/07/2011 - 22:42:36 - [18122096] ----D- C:\Documents and Settings\H\Application Data\Skype
O43 - CFD: 20/06/2011 - 20:28:38 - [28736] ----D- C:\Documents and Settings\H\Application Data\skypePM
O43 - CFD: 11/09/2010 - 22:56:00 - [12980907] ----D- C:\Documents and Settings\H\Application Data\Sun
O43 - CFD: 23/10/2010 - 09:36:24 - [28030] ----D- C:\Documents and Settings\H\Application Data\TeamViewer
O43 - CFD: 20/07/2011 - 10:18:28 - [2262714] ----D- C:\Documents and Settings\H\Application Data\uTorrent
O43 - CFD: 23/03/2011 - 22:23:44 - [1012699] ----D- C:\Documents and Settings\H\Application Data\vlc
O43 - CFD: 09/10/2010 - 10:24:32 - [161329624] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Adobe
O43 - CFD: 04/12/2010 - 23:01:02 - [1950597] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Ahead
O43 - CFD: 11/09/2010 - 23:05:08 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple
O43 - CFD: 11/09/2010 - 23:07:30 - [59543610] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple Computer
O43 - CFD: 20/03/2011 - 16:59:42 - [265] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ArcSoft
O43 - CFD: 07/01/2011 - 18:42:22 - [291402] ----D- C:\Documents and Settings\H\Local Settings\Application Data\assembly
O43 - CFD: 24/10/2010 - 11:20:50 - [69792] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ATI
O43 - CFD: 24/10/2010 - 11:30:18 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Bump Technologies, Inc
O43 - CFD: 23/03/2011 - 22:18:38 - [1754977] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Geckofx
O43 - CFD: 02/05/2011 - 20:41:02 - [2021204387] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Google
O43 - CFD: 21/09/2010 - 22:28:52 - [379896] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Identities
O43 - CFD: 18/07/2011 - 12:09:32 - [200151856] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft
O43 - CFD: 23/10/2010 - 10:02:48 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft Help
O43 - CFD: 05/09/2010 - 16:52:16 - [43939273] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Mozilla
O43 - CFD: 23/11/2010 - 00:14:34 - [870131] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Nokia
O43 - CFD: 23/11/2010 - 00:14:18 - [269] ----D- C:\Documents and Settings\H\Local Settings\Application Data\NokiaAccount
O43 - CFD: 02/05/2011 - 20:36:36 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Temp
O43 - CFD: 06/04/2011 - 13:39:44 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\WMTools Downloaded Files
~ Scan Program Folder in 00mn 39s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.DD871EF63406B8C5AD3FEB2C96171F50] - 16/08/2011 - 21:20:15 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1881064]
O44 - LFC:[MD5.F0B3CDC7C060CCBA8C2FE2850FE20103] - 16/08/2011 - 21:20:04 ---A- . (...) -- C:\WINDOWS\setupapi.log [565412]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/08/2011 - 21:19:25 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.B5EF86FA82BA12544A0099ADCCD3338C] - 16/08/2011 - 21:19:24 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.EE28A4D953B04AB47C195DFC492E12DA] - 16/08/2011 - 21:19:22 ---A- . (...) -- C:\WINDOWS\wiaservc.log [0]
O44 - LFC:[MD5.F558A2C42795FC6FDBA74B2EB41C8913] - 16/08/2011 - 21:18:55 ---A- . (...) -- C:\WINDOWS\system32\ativvaxx.cap [167952]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/08/2011 - 21:18:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.1EF633EA3E7239B06BE01C5C916434B2] - 16/08/2011 - 19:55:03 ---A- . (...) -- C:\AdwCleaner[S1].txt [1738]
O44 - LFC:[MD5.76B6F05D6CF731914698F3BA2C63621B] - 16/08/2011 - 12:50:28 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32410]
O44 - LFC:[MD5.2B72AE98DEE6841EC1CD2C95D7648D85] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [4836]
O44 - LFC:[MD5.03E3CD966892A20A9CBA8D6FC3D6943A] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [110592]
O44 - LFC:[MD5.0E3D5A9D7CE251A2C323DC26FCCF4154] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [135424]
O44 - LFC:[MD5.7A908657C4429DDF9EBA23D9F3F8DA99] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [540658]
O44 - LFC:[MD5.ABF40657E935C0E86857498058C045A5] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [624646]
O44 - LFC:[MD5.237E7A60055B5FEAF6D6F79CC7DF7333] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1500363]
O44 - LFC:[MD5.4000B5284DD2590F8FF0B68542CC1928] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15470]
O44 - LFC:[MD5.8D7FA191D83E7D5EE08B4EB6C5804021] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\comsetup.log [394562]
O44 - LFC:[MD5.F40451D403542BBE00CA0CBE1391907E] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\iis6.log [236040]
O44 - LFC:[MD5.82E1FB8E2E92BFE87D9E7B0963E0D009] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.FC98035FA1F5192FF4D8E65E15EB1FCC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75011]
O44 - LFC:[MD5.FEF3E617FB8E79F0627AEE04103B34CC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [237503]
O44 - LFC:[MD5.D2964A2EE566280AE55FA7D2105F07F9] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocgen.log [732369]
O44 - LFC:[MD5.478233628C64FEAE91DFE07E6B06B51D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocmsn.log [63833]
O44 - LFC:[MD5.BBC6B38E91BF8433175AF527E396345D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\tsoc.log [577493]
O44 - LFC:[MD5.C75C2BCBDF0FA26D6E1A7317DE8716C9] - 16/08/2011 - 12:47:09 ---A- . (...) -- C:\WINDOWS\updspapi.log [218906]
O44 - LFC:[MD5.BC7962B2EF211D2EA4522D100D90FB42] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11047]
O44 - LFC:[MD5.E0BE60BBD6AF8B21BFA79402777F9EB3] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.F0EF3465232490351513C8927C925106] - 16/08/2011 - 12:45:56 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10938]
O44 - LFC:[MD5.F1B5C4D4A2892EE11B6FE9E058053B4B] - 16/08/2011 - 12:40:33 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14858]
O44 - LFC:[MD5.865A2DCE61ADE1F9A3285E3D0DB28DFD] - 16/08/2011 - 12:39:59 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6883]
O44 - LFC:[MD5.AD6F726CFE4CA22C58CDBAD49E093DA3] - 16/08/2011 - 12:39:46 ---A- . (...) -- C:\WINDOWS\KB2562937.log [6212]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 16/08/2011 - 12:37:26 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.A8D4C05C1BD108F2C98FD2A96398BD22] - 16/08/2011 - 12:15:07 ---A- . (...) -- C:\AdwCleaner[R1].txt [1640]
O44 - LFC:[MD5.45038E3AE2BAA9C47E9AC3AE266D8A1A] - 16/08/2011 - 07:16:09 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.E8C00D32037549BB9538181B7FD0704B] - 15/08/2011 - 22:57:34 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [5781]
O44 - LFC:[MD5.D926D44123AE8B852FB6459879D8A5E8] - 15/08/2011 - 15:37:49 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
~ Scan Files in 00mn 26s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(...) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe (.not file.)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\Program Files\LimeWire\LimeWire.exe" [Enabled] .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ZoneLabs\vsmon.exe" [Enabled] .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeCam.exe" [Enabled] .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" [Enabled] .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [Enabled] .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeTray.exe" [Enabled] .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{ae740f7a-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\Install_Nokia_Ovi_Suite.exe (.not file.)
O51 - MPSK:{ae740fc0-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.dll" . (.Intel Corporation - Intel Indeo(R) Video Interactive 32-bit Driver.) -- C:\WINDOWS\system32\ir41_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ir41_32.dll"="Intel Indeo (R) Video Interactive 32-bit Driver R4.1" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.DFCDD5936CAD0138775D5A105D4C7716] - 16/08/2011 - 12:32:13 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]
O58 - SDL:[MD5.FE3EA6E9AFC1A78E6EDCA121E006AFB7] - 16/08/2011 - 15:05:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [18688]
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 16/08/2011 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 16/08/2011 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.4FAE55469A56AA2B423E5E26FD1449D1] - 16/08/2011 - 12:35:09 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344]
O58 - SDL:[MD5.7857E0B4C817F69FF463EEA2C63E56F9] - 16/08/2011 - 12:35:12 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102616]
O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 16/08/2011 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 16/08/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [441176]
O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 16/08/2011 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [309848]
O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 16/08/2011 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [43608]
O58 - SDL:[MD5.8E54C76DB5D88BF8B4E82B37E1322671] - 16/08/2011 - 04:30:44 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [3643904]
O58 - SDL:[MD5.1E82F05CFF41316BCAA513909D99A004] - 16/08/2011 - 12:28:32 R--A- . (.ATI Research Inc. - Ati High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys [93184]
O58 - SDL:[MD5.C3963D85B721A7F80D8A55F4E2867A3A] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176]
O58 - SDL:[MD5.3859C69A77793180548802DAC9F34A38] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [22528]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 16/08/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 16/08/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 16/08/2011 - 06:52:26 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [51120]
O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 16/08/2011 - 06:52:27 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.CF1B7951B4EC8D13F3C93B74BB2B461B] - 16/08/2011 - 06:52:28 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21744]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.338F83EE9CB9E15EEACF0CBB90218CBF] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137344]
O58 - SDL:[MD5.D15BAC979144FB69ED28F97B2DD84D48] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8320]
O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 16/08/2011 - 10:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]
O58 - SDL:[MD5.4A410C7AEA51123519C20D43A20BCE96] - 16/08/2011 - 13:17:26 ---A- . (.PixArt Imaging Inc. - PFC027.) -- C:\WINDOWS\system32\drivers\PFC027.SYS [618112]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 16/08/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.D6E1B1BD04FAD422AF17FC4B810CB9AF] - 16/08/2011 - 09:08:16 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [78976]
O58 - SDL:[MD5.3000E98F519CF6FDA669BAE8E47F7B4F] - 16/08/2011 - 05:09:26 R---- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys [4284928]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 16/08/2011 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 16/08/2011 - 11:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80272]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [11877]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [11877]
O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [10864]
O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [137884]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [11188]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [11188]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 16/08/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.4B8A9C16B6D9258ED99C512AECB8C555] - 16/08/2011 - 19:47:42 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.0CCADC7391021376EDBB8AA649D04E68] - 16/08/2011 - 14:32:46 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192]
O58 - SDL:[MD5.68B4F83CCCF70A2FF32EE142C234332A] - 16/08/2011 - 14:32:58 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 16/08/2011 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32\vsdatant.sys [532224]
~ Scan Drivers in 00mn 04s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 18/03/2010 - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe - ArcSoft Connect Daemon(ACDaemon) .(.ArcSoft Inc. - ArcSoft Connect Service.) - LEGACY_ACDAEMON
O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\H\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 02/03/2006 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 18/10/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 08/07/2005 - C:\Program Files\Ahead\InCD\InCDsrv.exe - InCD Helper(InCDsrv) .(.Nero AG - incdsrv.) - LEGACY_INCDSRV
O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys - ZoneAlarm Toolbar ISWKL(ISWKL) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWKL
O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe - ZoneAlarm Toolbar IswSvc(IswSvc) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWSVC
O64 - Services: CurCS - 04/05/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv(Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/06/2010 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - 13/05/2010 - C:\WINDOWS\system32\vsdatant.sys - vsdatant(vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT
O64 - Services: CurCS - 18/02/2011 - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - TrueVector Internet Monitor(vsmon) .(.Check Point Software Technologies LTD - TrueVector Service.) - LEGACY_VSMON
~ Scan Services in 00mn 03s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {E8CB2B75-1CCB-483D-9C94-644501916F96} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.37802DC23540941D3D5FFC0CFB97D9F0] [SPRF][15/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AD-R.exe [1563105]
[MD5.DF903EF91F74AF913888FCA7C3066ED9] [SPRF][16/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AdwCleaner.exe [450808]
[MD5.C1AD5FE74BD19EDAB96B84123BDE9BD7] [SPRF][16/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\H\Bureau\ZHPDiag2.exe [2575661]
[MD5.BB8DEAA5685FDE0FB12328ABBAB57D0D] [SPRF][13/03/2011] (.Microsoft Corporation - Installation_WLMessenger2009.) -- C:\Program Files\Installation_WLMessenger2009.exe [1794920]
[MD5.34224D0544EB516DA2452BBC41CECC17] [SPRF][18/03/2011] (...) -- C:\Program Files\SoftonicDownloader_pour_age-of-empires-ii.exe [287056]
~ Scan Files in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : 8611 - (14/08/2011)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Installer] =>Adware.InstallPedia
~ Scan Additionnel in 00mn 08s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : Livebox-AA40
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.148.106, 209.85.148.105, 209.85.148.147, 209.85.148.103
209.85.148.99, 209.85.148.104
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 16/08/2011 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 16/08/2011 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/08/2011 602112 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SR - | Auto 16/08/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 16/08/2011 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 16/08/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 16/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 16/08/2011 871424 | C:\Program Files\Ahead\InCD\InCDsrv.exe (InCDsrv) . (.Nero AG.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
SR - | Demand 16/08/2011 820008 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 16/08/2011 488952 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
SR - | Auto 16/08/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 16/08/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SR - | Demand 16/08/2011 615936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 16/08/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by H at 16/08/2011 22:24:29
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86D46AB8]
3 CLASSPNP[0xF765CFD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000072[0x86D8AF18]
5 ACPI[0xF74F2620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP2T0L0-7[0x86D28940]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by H at 16/08/2011 22:24:31
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s
End of the scan (1226 lines in 01mn 52s)(0)
2/
Rapport Tdsskiller
2011/08/17 00:34:02.0890 0780 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/17 00:34:03.0078 0780 ================================================================================
2011/08/17 00:34:03.0078 0780 SystemInfo:
2011/08/17 00:34:03.0078 0780
2011/08/17 00:34:03.0078 0780 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/17 00:34:03.0078 0780 Product type: Workstation
2011/08/17 00:34:03.0078 0780 ComputerName: LUTECE
2011/08/17 00:34:03.0078 0780 UserName: H
2011/08/17 00:34:03.0078 0780 Windows directory: C:\WINDOWS
2011/08/17 00:34:03.0078 0780 System windows directory: C:\WINDOWS
2011/08/17 00:34:03.0078 0780 Processor architecture: Intel x86
2011/08/17 00:34:03.0078 0780 Number of processors: 2
2011/08/17 00:34:03.0078 0780 Page size: 0x1000
2011/08/17 00:34:03.0078 0780 Boot type: Normal boot
2011/08/17 00:34:03.0078 0780 ================================================================================
2011/08/17 00:34:04.0390 0780 Initialize success
2011/08/17 00:34:09.0406 0476 ================================================================================
2011/08/17 00:34:09.0406 0476 Scan started
2011/08/17 00:34:09.0406 0476 Mode: Manual;
2011/08/17 00:34:09.0406 0476 ================================================================================
2011/08/17 00:34:10.0343 0476 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/17 00:34:10.0500 0476 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/17 00:34:10.0562 0476 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/17 00:34:10.0640 0476 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/17 00:34:10.0687 0476 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
2011/08/17 00:34:10.0796 0476 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/17 00:34:11.0140 0476 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/17 00:34:11.0203 0476 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/17 00:34:11.0250 0476 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/17 00:34:11.0312 0476 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/17 00:34:11.0359 0476 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/17 00:34:11.0406 0476 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/17 00:34:11.0468 0476 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/17 00:34:11.0546 0476 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/17 00:34:11.0812 0476 ati2mtag (8e54c76db5d88bf8b4e82b37e1322671) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/08/17 00:34:11.0906 0476 AtiHdmiService (1e82f05cff41316bcaa513909d99a004) C:\WINDOWS\system32\drivers\AtiHdmi.sys
2011/08/17 00:34:11.0937 0476 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/17 00:34:12.0000 0476 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/17 00:34:12.0046 0476 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/17 00:34:12.0203 0476 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/17 00:34:12.0281 0476 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/17 00:34:12.0343 0476 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/17 00:34:12.0390 0476 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/17 00:34:12.0421 0476 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/17 00:34:12.0765 0476 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/17 00:34:12.0828 0476 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/17 00:34:12.0906 0476 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/17 00:34:12.0953 0476 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/17 00:34:13.0000 0476 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/17 00:34:13.0093 0476 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/17 00:34:13.0156 0476 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/17 00:34:13.0250 0476 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/17 00:34:13.0296 0476 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/17 00:34:13.0328 0476 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/17 00:34:13.0375 0476 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/17 00:34:13.0421 0476 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/17 00:34:13.0468 0476 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/17 00:34:13.0500 0476 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/08/17 00:34:13.0562 0476 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/08/17 00:34:13.0625 0476 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/17 00:34:13.0671 0476 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/17 00:34:13.0890 0476 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/08/17 00:34:14.0140 0476 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/08/17 00:34:14.0203 0476 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
201
Suite du message ci dessus qui se coupe, je ne sais pas pourquoi:
--\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/05/2011 - 13:16:56 - [4621521] ----D- C:\Program Files\7-Zip
O43 - CFD: 15/08/2011 - 23:55:18 - [57681117] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 09/10/2010 - 10:24:54 - [162915830] ----D- C:\Program Files\Adobe
O43 - CFD: 20/03/2011 - 16:55:56 - [163840] ----D- C:\Program Files\Aecotech
O43 - CFD: 12/09/2010 - 21:36:30 - [102212079] ----D- C:\Program Files\Ahead
O43 - CFD: 05/09/2010 - 17:07:00 - [157681030] ----D- C:\Program Files\Alwil Software
O43 - CFD: 11/09/2010 - 23:05:06 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 20/03/2011 - 16:58:04 - [310416363] ----D- C:\Program Files\ArcSoft
O43 - CFD: 08/01/2011 - 22:24:44 - [7850366] ----D- C:\Program Files\Astonsoft
O43 - CFD: 24/10/2010 - 11:18:30 - [89582258] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 23/03/2011 - 22:15:34 - [4859926] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 27/10/2010 - 22:13:36 - [2818095] ----D- C:\Program Files\Axon Data
O43 - CFD: 11/09/2010 - 23:04:24 - [616871] ----D- C:\Program Files\Bonjour
O43 - CFD: 24/10/2010 - 11:50:56 - [0] ----D- C:\Program Files\BumpTop
O43 - CFD: 05/09/2010 - 19:22:00 - [26949067] ----D- C:\Program Files\CheckPoint
O43 - CFD: 05/09/2010 - 16:11:42 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 16/08/2011 - 22:19:54 - [1893070] ----D- C:\Program Files\cspep
O43 - CFD: 12/09/2010 - 21:34:00 - [4375040] ----D- C:\Program Files\CyberLink
O43 - CFD: 12/09/2010 - 21:41:44 - [285921027] ----D- C:\Program Files\CyberLink DVD Solution
O43 - CFD: 08/01/2011 - 22:19:58 - [2863832] ----D- C:\Program Files\DeepBurner
O43 - CFD: 23/11/2010 - 00:01:18 - [800824] ----D- C:\Program Files\DIFX
O43 - CFD: 10/03/2011 - 16:03:40 - [1689058] ----D- C:\Program Files\Electronic Arts
O43 - CFD: 20/06/2011 - 20:29:06 - [1070462252] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 28/05/2011 - 18:48:44 - [92110827] ----D- C:\Program Files\Google
O43 - CFD: 26/09/2010 - 15:53:26 - [123519548] ----D- C:\Program Files\HP
O43 - CFD: 05/07/2011 - 16:07:44 - [45852423] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 30/12/2010 - 11:54:42 - [7540292] ----D- C:\Program Files\InterActual
O43 - CFD: 16/08/2011 - 13:40:28 - [5926440] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 11/09/2010 - 23:06:18 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 23/03/2011 - 22:13:28 - [20791199] ----D- C:\Program Files\Ipod Videora Converter
O43 - CFD: 11/09/2010 - 23:16:46 - [121825212] ----D- C:\Program Files\iTunes
O43 - CFD: 11/06/2011 - 08:23:24 - [82122271] ----D- C:\Program Files\Java
O43 - CFD: 11/09/2010 - 22:55:24 - [30049944] ----D- C:\Program Files\Lime Wire
O43 - CFD: 14/11/2010 - 12:09:22 - [102059057] ----D- C:\Program Files\LimeWire
O43 - CFD: 13/03/2011 - 12:47:18 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 03/10/2010 - 12:38:46 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 05/07/2011 - 16:14:30 - [0] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 03/04/2011 - 15:09:34 - [97057405] ----D- C:\Program Files\Microsoft LifeCam
O43 - CFD: 15/08/2011 - 17:36:14 - [694326443] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/06/2011 - 22:40:04 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 23/10/2010 - 10:07:34 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 23/10/2010 - 15:44:18 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 30/05/2011 - 22:01:04 - [16098828] ----D- C:\Program Files\Movie Maker
O43 - CFD: 16/08/2011 - 22:20:52 - [44287599] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 24/10/2010 - 15:19:44 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 29/09/2010 - 13:50:42 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 05/09/2010 - 16:10:54 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 27/09/2010 - 09:25:44 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 05/09/2010 - 19:35:56 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 23/11/2010 - 00:15:46 - [74027350] ----D- C:\Program Files\Nokia
O43 - CFD: 27/02/2011 - 17:46:18 - [12404120] ----D- C:\Program Files\Norton Security Scan
O43 - CFD: 27/02/2011 - 17:46:16 - [8446243] ----D- C:\Program Files\NortonInstaller
O43 - CFD: 06/09/2010 - 23:26:00 - [494512] ----D- C:\Program Files\NOS
O43 - CFD: 05/09/2010 - 16:11:04 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 16/12/2010 - 08:44:42 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 23/11/2010 - 00:01:04 - [13402122] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 05/01/2011 - 23:13:24 - [24438345] ----D- C:\Program Files\PhotoScape
O43 - CFD: 11/09/2010 - 23:05:50 - [76334922] ----D- C:\Program Files\QuickTime
O43 - CFD: 24/10/2010 - 14:15:24 - [47722444] ----D- C:\Program Files\Realtek
O43 - CFD: 23/03/2011 - 22:15:20 - [42038429] ----D- C:\Program Files\Red Kawa
O43 - CFD: 24/10/2010 - 15:19:34 - [37949185] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 23/03/2011 - 22:15:40 - [25015139] ----D- C:\Program Files\Regensoft
O43 - CFD: 26/09/2010 - 18:13:42 - [1936012] ----D- C:\Program Files\Samsung
O43 - CFD: 05/09/2010 - 16:13:36 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 20/06/2011 - 20:29:22 - [24155848] R---D- C:\Program Files\Skype
O43 - CFD: 05/09/2010 - 16:24:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 26/04/2011 - 07:25:24 - [399736] ----D- C:\Program Files\uTorrent
O43 - CFD: 05/09/2010 - 16:31:16 - [474722] ----D- C:\Program Files\VIA
O43 - CFD: 12/09/2010 - 12:24:04 - [81188284] ----D- C:\Program Files\VideoLAN
O43 - CFD: 20/09/2010 - 09:09:40 - [317264] ----D- C:\Program Files\Virtualis
O43 - CFD: 13/03/2011 - 12:47:50 - [61856425] ----D- C:\Program Files\Windows Live
O43 - CFD: 13/03/2011 - 12:46:56 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 05/02/2011 - 20:09:02 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 05/02/2011 - 20:09:00 - [8543450] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/09/2010 - 19:35:54 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 05/09/2010 - 16:13:42 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 05/09/2010 - 16:15:14 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/08/2011 - 22:22:54 - [4018322] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 05/09/2010 - 19:18:56 - [21742354] ----D- C:\Program Files\Zone Labs
O43 - CFD: 09/10/2010 - 10:25:06 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 19/09/2010 - 00:51:34 - [30516688] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 12/09/2010 - 21:36:14 - [26989503] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 11/09/2010 - 23:06:16 - [80026250] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 20/03/2011 - 16:59:24 - [13917211] ----D- C:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD: 24/10/2010 - 11:18:30 - [964265] ----D- C:\Program Files\Fichiers Communs\ATI Technologies
O43 - CFD: 23/10/2010 - 10:07:34 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 26/09/2010 - 15:57:18 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 05/09/2010 - 16:44:48 - [10478698] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 11/06/2011 - 08:24:30 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 13/03/2011 - 12:47:02 - [237389290] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 05/09/2010 - 16:12:36 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 23/11/2010 - 00:03:28 - [91459031] ----D- C:\Program Files\Fichiers Communs\Nokia
O43 - CFD: 05/09/2010 - 17:58:00 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 20/03/2011 - 16:55:58 - [10164349] ----D- C:\Program Files\Fichiers Communs\PAC207
O43 - CFD: 05/09/2010 - 16:12:42 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 05/09/2010 - 17:57:56 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 26/07/2011 - 14:57:32 - [470720865] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 23/10/2010 - 15:41:56 - [44383521] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 13/03/2011 - 12:32:08 - [41467028] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 27/02/2011 - 14:46:56 - [14103679] ----D- C:\Documents and Settings\H\Application Data\Adobe
O43 - CFD: 19/09/2010 - 07:28:30 - [4314] ----D- C:\Documents and Settings\H\Application Data\app
O43 - CFD: 11/09/2010 - 23:16:28 - [1229422] ----D- C:\Documents and Settings\H\Application Data\Apple Computer
O43 - CFD: 20/03/2011 - 17:01:36 - [185549] ----D- C:\Documents and Settings\H\Application Data\ArcSoft
O43 - CFD: 24/10/2010 - 11:20:50 - [0] ----D- C:\Documents and Settings\H\Application Data\ATI
O43 - CFD: 24/10/2010 - 11:29:44 - [6706532] ----D- C:\Documents and Settings\H\Application Data\Bump Technologies, Inc
O43 - CFD: 05/09/2010 - 19:22:16 - [24780] ----D- C:\Documents and Settings\H\Application Data\CheckPoint
O43 - CFD: 09/03/2011 - 20:44:58 - [10758] ----D- C:\Documents and Settings\H\Application Data\CyberLink
O43 - CFD: 08/01/2011 - 22:29:44 - [1107] ----D- C:\Documents and Settings\H\Application Data\DeepBurner
O43 - CFD: 31/10/2010 - 12:59:24 - [21637376] ----D- C:\Documents and Settings\H\Application Data\digital publishing
O43 - CFD: 19/09/2010 - 07:59:30 - [15077712] ----D- C:\Documents and Settings\H\Application Data\Dofus 2
O43 - CFD: 19/09/2010 - 07:28:24 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 19/09/2010 - 10:03:10 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 03/07/2011 - 23:01:08 - [199] ----D- C:\Documents and Settings\H\Application Data\dvdcss
O43 - CFD: 18/10/2010 - 16:32:58 - [119252] ----D- C:\Documents and Settings\H\Application Data\Google
O43 - CFD: 26/09/2010 - 15:50:14 - [31682] ----D- C:\Documents and Settings\H\Application Data\HP
O43 - CFD: 05/09/2010 - 16:24:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Identities
O43 - CFD: 18/03/2011 - 19:06:22 - [0] ----D- C:\Documents and Settings\H\Application Data\InstallShield
O43 - CFD: 24/05/2011 - 13:39:42 - [414] ----D- C:\Documents and Settings\H\Application Data\Leadertech
O43 - CFD: 16/08/2011 - 22:20:38 - [23586180] ----D- C:\Documents and Settings\H\Application Data\LimeWire
O43 - CFD: 05/09/2010 - 17:21:16 - [3115061] ----D- C:\Documents and Settings\H\Application Data\Macromedia
O43 - CFD: 26/03/2011 - 00:59:48 - [7243730] -S--D- C:\Documents and Settings\H\Application Data\Microsoft
O43 - CFD: 03/10/2010 - 12:39:00 - [0] ----D- C:\Documents and Settings\H\Application Data\Microsoft Web Folders
O43 - CFD: 05/09/2010 - 16:52:24 - [27705531] ----D- C:\Documents and Settings\H\Application Data\Mozilla
O43 - CFD: 23/11/2010 - 00:14:46 - [196197] ----D- C:\Documents and Settings\H\Application Data\Nokia
O43 - CFD: 23/11/2010 - 00:14:50 - [32804] ----D- C:\Documents and Settings\H\Application Data\Nokia Ovi Suite
O43 - CFD: 28/03/2011 - 21:52:24 - [19988325] ----D- C:\Documents and Settings\H\Application Data\PC Suite
O43 - CFD: 05/01/2011 - 18:41:34 - [606] ----D- C:\Documents and Settings\H\Application Data\PhotoFiltre
O43 - CFD: 29/01/2011 - 15:37:50 - [41796] ----D- C:\Documents and Settings\H\Application Data\PhotoScape
O43 - CFD: 23/03/2011 - 22:26:28 - [218737] ----D- C:\Documents and Settings\H\Application Data\Red Kawa
O43 - CFD: 19/09/2010 - 07:28:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 23/03/2011 - 22:18:38 - [688] ----D- C:\Documents and Settings\H\Application Data\Regensoft
O43 - CFD: 01/04/2011 - 17:57:04 - [9872] R-H-D- C:\Documents and Settings\H\Application Data\SecuROM
O43 - CFD: 20/07/2011 - 22:42:36 - [18122096] ----D- C:\Documents and Settings\H\Application Data\Skype
O43 - CFD: 20/06/2011 - 20:28:38 - [28736] ----D- C:\Documents and Settings\H\Application Data\skypePM
O43 - CFD: 11/09/2010 - 22:56:00 - [12980907] ----D- C:\Documents and Settings\H\Application Data\Sun
O43 - CFD: 23/10/2010 - 09:36:24 - [28030] ----D- C:\Documents and Settings\H\Application Data\TeamViewer
O43 - CFD: 20/07/2011 - 10:18:28 - [2262714] ----D- C:\Documents and Settings\H\Application Data\uTorrent
O43 - CFD: 23/03/2011 - 22:23:44 - [1012699] ----D- C:\Documents and Settings\H\Application Data\vlc
O43 - CFD: 09/10/2010 - 10:24:32 - [161329624] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Adobe
O43 - CFD: 04/12/2010 - 23:01:02 - [1950597] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Ahead
O43 - CFD: 11/09/2010 - 23:05:08 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple
O43 - CFD: 11/09/2010 - 23:07:30 - [59543610] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple Computer
O43 - CFD: 20/03/2011 - 16:59:42 - [265] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ArcSoft
O43 - CFD: 07/01/2011 - 18:42:22 - [291402] ----D- C:\Documents and Settings\H\Local Settings\Application Data\assembly
O43 - CFD: 24/10/2010 - 11:20:50 - [69792] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ATI
O43 - CFD: 24/10/2010 - 11:30:18 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Bump Technologies, Inc
O43 - CFD: 23/03/2011 - 22:18:38 - [1754977] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Geckofx
O43 - CFD: 02/05/2011 - 20:41:02 - [2021204387] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Google
O43 - CFD: 21/09/2010 - 22:28:52 - [379896] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Identities
O43 - CFD: 18/07/2011 - 12:09:32 - [200151856] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft
O43 - CFD: 23/10/2010 - 10:02:48 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft Help
O43 - CFD: 05/09/2010 - 16:52:16 - [43939273] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Mozilla
O43 - CFD: 23/11/2010 - 00:14:34 - [870131] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Nokia
O43 - CFD: 23/11/2010 - 00:14:18 - [269] ----D- C:\Documents and Settings\H\Local Settings\Application Data\NokiaAccount
O43 - CFD: 02/05/2011 - 20:36:36 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Temp
O43 - CFD: 06/04/2011 - 13:39:44 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\WMTools Downloaded Files
~ Scan Program Folder in 00mn 39s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.DD871EF63406B8C5AD3FEB2C96171F50] - 16/08/2011 - 21:20:15 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1881064]
O44 - LFC:[MD5.F0B3CDC7C060CCBA8C2FE2850FE20103] - 16/08/2011 - 21:20:04 ---A- . (...) -- C:\WINDOWS\setupapi.log [565412]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/08/2011 - 21:19:25 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.B5EF86FA82BA12544A0099ADCCD3338C] - 16/08/2011 - 21:19:24 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.EE28A4D953B04AB47C195DFC492E12DA] - 16/08/2011 - 21:19:22 ---A- . (...) -- C:\WINDOWS\wiaservc.log [0]
O44 - LFC:[MD5.F558A2C42795FC6FDBA74B2EB41C8913] - 16/08/2011 - 21:18:55 ---A- . (...) -- C:\WINDOWS\system32\ativvaxx.cap [167952]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/08/2011 - 21:18:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.1EF633EA3E7239B06BE01C5C916434B2] - 16/08/2011 - 19:55:03 ---A- . (...) -- C:\AdwCleaner[S1].txt [1738]
O44 - LFC:[MD5.76B6F05D6CF731914698F3BA2C63621B] - 16/08/2011 - 12:50:28 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32410]
O44 - LFC:[MD5.2B72AE98DEE6841EC1CD2C95D7648D85] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [4836]
O44 - LFC:[MD5.03E3CD966892A20A9CBA8D6FC3D6943A] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [110592]
O44 - LFC:[MD5.0E3D5A9D7CE251A2C323DC26FCCF4154] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [135424]
O44 - LFC:[MD5.7A908657C4429DDF9EBA23D9F3F8DA99] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [540658]
O44 - LFC:[MD5.ABF40657E935C0E86857498058C045A5] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [624646]
O44 - LFC:[MD5.237E7A60055B5FEAF6D6F79CC7DF7333] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1500363]
O44 - LFC:[MD5.4000B5284DD2590F8FF0B68542CC1928] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15470]
O44 - LFC:[MD5.8D7FA191D83E7D5EE08B4EB6C5804021] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\comsetup.log [394562]
O44 - LFC:[MD5.F40451D403542BBE00CA0CBE1391907E] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\iis6.log [236040]
O44 - LFC:[MD5.82E1FB8E2E92BFE87D9E7B0963E0D009] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.FC98035FA1F5192FF4D8E65E15EB1FCC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75011]
O44 - LFC:[MD5.FEF3E617FB8E79F0627AEE04103B34CC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [237503]
O44 - LFC:[MD5.D2964A2EE566280AE55FA7D2105F07F9] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocgen.log [732369]
O44 - LFC:[MD5.478233628C64FEAE91DFE07E6B06B51D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocmsn.log [63833]
O44 - LFC:[MD5.BBC6B38E91BF8433175AF527E396345D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\tsoc.log [577493]
O44 - LFC:[MD5.C75C2BCBDF0FA26D6E1A7317DE8716C9] - 16/08/2011 - 12:47:09 ---A- . (...) -- C:\WINDOWS\updspapi.log [218906]
O44 - LFC:[MD5.BC7962B2EF211D2EA4522D100D90FB42] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11047]
O44 - LFC:[MD5.E0BE60BBD6AF8B21BFA79402777F9EB3] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.F0EF3465232490351513C8927C925106] - 16/08/2011 - 12:45:56 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10938]
O44 - LFC:[MD5.F1B5C4D4A2892EE11B6FE9E058053B4B] - 16/08/2011 - 12:40:33 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14858]
O44 - LFC:[MD5.865A2DCE61ADE1F9A3285E3D0DB28DFD] - 16/08/2011 - 12:39:59 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6883]
O44 - LFC:[MD5.AD6F726CFE4CA22C58CDBAD49E093DA3] - 16/08/2011 - 12:39:46 ---A- . (...) -- C:\WINDOWS\KB2562937.log [6212]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 16/08/2011 - 12:37:26 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.A8D4C05C1BD108F2C98FD2A96398BD22] - 16/08/2011 - 12:15:07 ---A- . (...) -- C:\AdwCleaner[R1].txt [1640]
O44 - LFC:[MD5.45038E3AE2BAA9C47E9AC3AE266D8A1A] - 16/08/2011 - 07:16:09 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.E8C00D32037549BB9538181B7FD0704B] - 15/08/2011 - 22:57:34 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [5781]
O44 - LFC:[MD5.D926D44123AE8B852FB6459879D8A5E8] - 15/08/2011 - 15:37:49 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
~ Scan Files in 00mn 26s
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(...) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe (.not file.)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\Program Files\LimeWire\LimeWire.exe" [Enabled] .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ZoneLabs\vsmon.exe" [Enabled] .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeCam.exe" [Enabled] .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" [Enabled] .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [Enabled] .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeTray.exe" [Enabled] .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Scan Keys in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{ae740f7a-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\Install_Nokia_Ovi_Suite.exe (.not file.)
O51 - MPSK:{ae740fc0-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.dll" . (.Intel Corporation - Intel Indeo(R) Video Interactive 32-bit Driver.) -- C:\WINDOWS\system32\ir41_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ir41_32.dll"="Intel Indeo (R) Video Interactive 32-bit Driver R4.1" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.DFCDD5936CAD0138775D5A105D4C7716] - 16/08/2011 - 12:32:13 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]
O58 - SDL:[MD5.FE3EA6E9AFC1A78E6EDCA121E006AFB7] - 16/08/2011 - 15:05:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [18688]
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 16/08/2011 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 16/08/2011 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.4FAE55469A56AA2B423E5E26FD1449D1] - 16/08/2011 - 12:35:09 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344]
O58 - SDL:[MD5.7857E0B4C817F69FF463EEA2C63E56F9] - 16/08/2011 - 12:35:12 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102616]
O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 16/08/2011 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 16/08/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [441176]
O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 16/08/2011 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [309848]
O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 16/08/2011 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [43608]
O58 - SDL:[MD5.8E54C76DB5D88BF8B4E82B37E1322671] - 16/08/2011 - 04:30:44 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [3643904]
O58 - SDL:[MD5.1E82F05CFF41316BCAA513909D99A004] - 16/08/2011 - 12:28:32 R--A- . (.ATI Research Inc. - Ati High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys [93184]
O58 - SDL:[MD5.C3963D85B721A7F80D8A55F4E2867A3A] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176]
O58 - SDL:[MD5.3859C69A77793180548802DAC9F34A38] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [22528]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 16/08/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 16/08/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 16/08/2011 - 06:52:26 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [51120]
O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 16/08/2011 - 06:52:27 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.CF1B7951B4EC8D13F3C93B74BB2B461B] - 16/08/2011 - 06:52:28 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21744]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.338F83EE9CB9E15EEACF0CBB90218CBF] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137344]
O58 - SDL:[MD5.D15BAC979144FB69ED28F97B2DD84D48] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8320]
O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 16/08/2011 - 10:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]
O58 - SDL:[MD5.4A410C7AEA51123519C20D43A20BCE96] - 16/08/2011 - 13:17:26 ---A- . (.PixArt Imaging Inc. - PFC027.) -- C:\WINDOWS\system32\drivers\PFC027.SYS [618112]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 16/08/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.D6E1B1BD04FAD422AF17FC4B810CB9AF] - 16/08/2011 - 09:08:16 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [78976]
O58 - SDL:[MD5.3000E98F519CF6FDA669BAE8E47F7B4F] - 16/08/2011 - 05:09:26 R---- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys [4284928]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 16/08/2011 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 16/08/2011 - 11:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80272]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [11877]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [11877]
O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [10864]
O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [137884]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [11188]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [11188]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 16/08/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.4B8A9C16B6D9258ED99C512AECB8C555] - 16/08/2011 - 19:47:42 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.0CCADC7391021376EDBB8AA649D04E68] - 16/08/2011 - 14:32:46 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192]
O58 - SDL:[MD5.68B4F83CCCF70A2FF32EE142C234332A] - 16/08/2011 - 14:32:58 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 16/08/2011 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32\vsdatant.sys [532224]
~ Scan Drivers in 00mn 04s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 18/03/2010 - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe - ArcSoft Connect Daemon(ACDaemon) .(.ArcSoft Inc. - ArcSoft Connect Service.) - LEGACY_ACDAEMON
O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\H\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 02/03/2006 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 18/10/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 08/07/2005 - C:\Program Files\Ahead\InCD\InCDsrv.exe - InCD Helper(InCDsrv) .(.Nero AG - incdsrv.) - LEGACY_INCDSRV
O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys - ZoneAlarm Toolbar ISWKL(ISWKL) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWKL
O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe - ZoneAlarm Toolbar IswSvc(IswSvc) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWSVC
O64 - Services: CurCS - 04/05/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv(Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/06/2010 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - 13/05/2010 - C:\WINDOWS\system32\vsdatant.sys - vsdatant(vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT
O64 - Services: CurCS - 18/02/2011 - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - TrueVector Internet Monitor(vsmon) .(.Check Point Software Technologies LTD - TrueVector Service.) - LEGACY_VSMON
~ Scan Services in 00mn 03s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {E8CB2B75-1CCB-483D-9C94-644501916F96} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.37802DC23540941D3D5FFC0CFB97D9F0] [SPRF][15/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AD-R.exe [1563105]
[MD5.DF903EF91F74AF913888FCA7C3066ED9] [SPRF][16/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AdwCleaner.exe [450808]
[MD5.C1AD5FE74BD19EDAB96B84123BDE9BD7] [SPRF][16/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\H\Bureau\ZHPDiag2.exe [2575661]
[MD5.BB8DEAA5685FDE0FB12328ABBAB57D0D] [SPRF][13/03/2011] (.Microsoft Corporation - Installation_WLMessenger2009.) -- C:\Program Files\Installation_WLMessenger2009.exe [1794920]
[MD5.34224D0544EB516DA2452BBC41CECC17] [SPRF][18/03/2011] (...) -- C:\Program Files\SoftonicDownloader_pour_age-of-empires-ii.exe [287056]
~ Scan Files in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : 8611 - (14/08/2011)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Installer] =>Adware.InstallPedia
~ Scan Additionnel in 00mn 08s
---\\ Recherche détournement de DNS routeur (O89)
Serveur : Livebox-AA40
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.148.106, 209.85.148.105, 209.85.148.147, 209.85.148.103
209.85.148.99, 209.85.148.104
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 02s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 16/08/2011 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 16/08/2011 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/08/2011 602112 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SR - | Auto 16/08/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 16/08/2011 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 16/08/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 16/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 16/08/2011 871424 | C:\Program Files\Ahead\InCD\InCDsrv.exe (InCDsrv) . (.Nero AG.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
SR - | Demand 16/08/2011 820008 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 16/08/2011 488952 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
SR - | Auto 16/08/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 16/08/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SR - | Demand 16/08/2011 615936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 16/08/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by H at 16/08/2011 22:24:29
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86D46AB8]
3 CLASSPNP[0xF765CFD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000072[0x86D8AF18]
5 ACPI[0xF74F2620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP2T0L0-7[0x86D28940]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by H at 16/08/2011 22:24:31
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s
End of the scan (1226 lines in 01mn 52s)(0)
2/
Rapport Tdsskiller
2011/08/17 00:34:02.0890 0780 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/17 00:34:03.0078 0780 ================================================================================
2011/08/17 00:34:03.0078 0780 SystemInfo:
2011/08/17 00:34:03.0078 0780
2011/08/17 00:34:03.0078 0780 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/17 00:34:03.0078 0780 Product type: Workstation
2011/08/17 00:34:03.0078 0780 ComputerName: LUTECE
2011/08/17 00:34:03.0078 0780 UserName: H
2011/08/17 00:34:03.0078 0780 Windows directory: C:\WINDOWS
2011/08/17 00:34:03.0078 0780 System windows directory: C:\WINDOWS
2011/08/17 00:34:03.0078 0780 Processor architecture: Intel x86
2011/08/17 00:34:03.0078 0780 Number of processors: 2
2011/08/17 00:34:03.0078 0780 Page size: 0x1000
2011/08/17 00:34:03.0078 0780 Boot type: Normal boot
2011/08/17 00:34:03.0078 0780 ================================================================================
2011/08/17 00:34:04.0390 0780 Initialize success
2011/08/17 00:34:09.0406 0476 ================================================================================
2011/08/17 00:34:09.0406 0476 Scan started
2011/08/17 00:34:09.0406 0476 Mode: Manual;
2011/08/17 00:34:09.0406 0476 ================================================================================
2011/08/17 00:34:10.0343 0476 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/17 00:34:10.0500 0476 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/17 00:34:10.0562 0476 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/17 00:34:10.0640 0476 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/17 00:34:10.0687 0476 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
2011/08/17 00:34:10.0796 0476 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/17 00:34:11.0140 0476 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/17 00:34:11.0203 0476 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/17 00:34:11.0250 0476 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/17 00:34:11.0312 0476 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/17 00:34:11.0359 0476 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/17 00:34:11.0406 0476 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/17 00:34:11.0468 0476 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/17 00:34:11.0546 0476 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/17 00:34:11.0812 0476 ati2mtag (8e54c76db5d88bf8b4e82b37e1322671) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/08/17 00:34:11.0906 0476 AtiHdmiService (1e82f05cff41316bcaa513909d99a004) C:\WINDOWS\system32\drivers\AtiHdmi.sys
2011/08/17 00:34:11.0937 0476 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/17 00:34:12.0000 0476 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/17 00:34:12.0046 0476 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/17 00:34:12.0203 0476 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/17 00:34:12.0281 0476 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/17 00:34:12.0343 0476 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/17 00:34:12.0390 0476 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/17 00:34:12.0421 0476 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/17 00:34:12.0765 0476 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/17 00:34:12.0828 0476 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/17 00:34:12.0906 0476 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/17 00:34:12.0953 0476 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/17 00:34:13.0000 0476 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/17 00:34:13.0093 0476 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/17 00:34:13.0156 0476 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/17 00:34:13.0250 0476 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/17 00:34:13.0296 0476 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/17 00:34:13.0328 0476 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/17 00:34:13.0375 0476 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/17 00:34:13.0421 0476 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/17 00:34:13.0468 0476 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/17 00:34:13.0500 0476 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/08/17 00:34:13.0562 0476 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/08/17 00:34:13.0625 0476 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/17 00:34:13.0671 0476 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/17 00:34:13.0890 0476 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/08/17 00:34:14.0140 0476 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/08/17 00:34:14.0203 0476 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
201
et suite et fin de rapport Tdsskiller egalement coupé (??):
2011/08/17 00:34:14.0281 0476 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/17 00:34:14.0406 0476 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/17 00:34:14.0437 0476 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/17 00:34:14.0500 0476 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/08/17 00:34:14.0562 0476 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/08/17 00:34:14.0609 0476 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/08/17 00:34:14.0656 0476 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
2011/08/17 00:34:14.0875 0476 IntcAzAudAddService (3000e98f519cf6fda669bae8e47f7b4f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/17 00:34:15.0031 0476 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/17 00:34:15.0109 0476 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/17 00:34:15.0171 0476 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/17 00:34:15.0218 0476 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/17 00:34:15.0265 0476 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/17 00:34:15.0328 0476 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/17 00:34:15.0390 0476 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/17 00:34:15.0453 0476 ISWKL (eb8594268cf50baaecbe82d70c833533) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
2011/08/17 00:34:15.0500 0476 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/17 00:34:15.0562 0476 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/17 00:34:15.0609 0476 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/17 00:34:15.0796 0476 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/17 00:34:15.0859 0476 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/17 00:34:15.0890 0476 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/17 00:34:15.0937 0476 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/17 00:34:16.0015 0476 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/17 00:34:16.0093 0476 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/17 00:34:16.0187 0476 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/17 00:34:16.0234 0476 MSHUSBVideo (066f26efe273125b352e35405d258e85) C:\WINDOWS\system32\Drivers\nx6000.sys
2011/08/17 00:34:16.0296 0476 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/17 00:34:16.0359 0476 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/17 00:34:16.0406 0476 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/17 00:34:16.0437 0476 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/17 00:34:16.0500 0476 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/17 00:34:16.0593 0476 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/17 00:34:16.0656 0476 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/17 00:34:16.0750 0476 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/17 00:34:16.0796 0476 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/17 00:34:16.0859 0476 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/17 00:34:16.0937 0476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/17 00:34:16.0984 0476 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/17 00:34:17.0031 0476 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/17 00:34:17.0078 0476 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/17 00:34:17.0140 0476 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/17 00:34:17.0234 0476 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/08/17 00:34:17.0296 0476 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/08/17 00:34:17.0375 0476 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011/08/17 00:34:17.0437 0476 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011/08/17 00:34:17.0500 0476 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/17 00:34:17.0578 0476 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/17 00:34:17.0625 0476 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/17 00:34:17.0812 0476 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/17 00:34:17.0843 0476 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/17 00:34:17.0937 0476 PAC207 (4a410c7aea51123519c20d43a20bce96) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
2011/08/17 00:34:17.0984 0476 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/17 00:34:18.0031 0476 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/17 00:34:18.0062 0476 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/17 00:34:18.0140 0476 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/08/17 00:34:18.0171 0476 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/17 00:34:18.0250 0476 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/17 00:34:18.0296 0476 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/17 00:34:18.0531 0476 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/17 00:34:18.0546 0476 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/17 00:34:18.0593 0476 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/17 00:34:18.0609 0476 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/17 00:34:18.0859 0476 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/17 00:34:18.0921 0476 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/17 00:34:18.0984 0476 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/17 00:34:19.0031 0476 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/17 00:34:19.0062 0476 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/17 00:34:19.0093 0476 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/17 00:34:19.0156 0476 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/17 00:34:19.0203 0476 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/17 00:34:19.0281 0476 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/08/17 00:34:19.0359 0476 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/17 00:34:19.0406 0476 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/17 00:34:19.0437 0476 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/17 00:34:19.0484 0476 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/17 00:34:19.0546 0476 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/17 00:34:19.0625 0476 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/17 00:34:19.0703 0476 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/17 00:34:19.0781 0476 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/17 00:34:19.0859 0476 sscdbus (2d4027c46b4c6e45875e3c4ba3f67492) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
2011/08/17 00:34:19.0921 0476 sscdmdfl (f548f1eba107bc19e91189e6a460bd0e) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
2011/08/17 00:34:19.0968 0476 sscdmdm (71d348d53597379dfe1de255d70af13c) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
2011/08/17 00:34:20.0000 0476 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/17 00:34:20.0031 0476 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/17 00:34:20.0109 0476 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/17 00:34:20.0250 0476 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/17 00:34:20.0312 0476 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/17 00:34:20.0375 0476 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/17 00:34:20.0437 0476 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/17 00:34:20.0468 0476 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/17 00:34:20.0578 0476 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/17 00:34:20.0656 0476 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/17 00:34:20.0718 0476 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/08/17 00:34:20.0781 0476 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/17 00:34:20.0843 0476 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/17 00:34:20.0890 0476 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/17 00:34:20.0937 0476 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/17 00:34:20.0968 0476 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/17 00:34:21.0015 0476 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/17 00:34:21.0062 0476 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/17 00:34:21.0109 0476 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/08/17 00:34:21.0125 0476 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/08/17 00:34:21.0156 0476 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/17 00:34:21.0187 0476 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/17 00:34:21.0250 0476 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/08/17 00:34:21.0281 0476 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/17 00:34:21.0328 0476 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/17 00:34:21.0343 0476 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/17 00:34:21.0406 0476 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
2011/08/17 00:34:21.0484 0476 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/17 00:34:21.0562 0476 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/17 00:34:21.0640 0476 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/17 00:34:21.0796 0476 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/17 00:34:21.0843 0476 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/17 00:34:21.0937 0476 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/17 00:34:21.0984 0476 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/17 00:34:22.0031 0476 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
2011/08/17 00:34:22.0140 0476 Boot (0x1200) (bcaebc573050d80499b9754a83cc4505) \Device\Harddisk0\DR0\Partition0
2011/08/17 00:34:22.0171 0476 Boot (0x1200) (064a9544e856a831ba9837544b1e5511) \Device\Harddisk0\DR0\Partition1
2011/08/17 00:34:22.0171 0476 ================================================================================
2011/08/17 00:34:22.0171 0476 Scan finished
2011/08/17 00:34:22.0171 0476 ================================================================================
2011/08/17 00:34:22.0187 0460 Detected object count: 0
2011/08/17 00:34:22.0187 0460 Actual detected object count: 0
Désolé pour cette transmission en morceaux, je ne comprends pas pourquoi
a plus
2011/08/17 00:34:14.0281 0476 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/17 00:34:14.0406 0476 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/17 00:34:14.0437 0476 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/17 00:34:14.0500 0476 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/08/17 00:34:14.0562 0476 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/08/17 00:34:14.0609 0476 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/08/17 00:34:14.0656 0476 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
2011/08/17 00:34:14.0875 0476 IntcAzAudAddService (3000e98f519cf6fda669bae8e47f7b4f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/17 00:34:15.0031 0476 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/17 00:34:15.0109 0476 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/17 00:34:15.0171 0476 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/17 00:34:15.0218 0476 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/17 00:34:15.0265 0476 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/17 00:34:15.0328 0476 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/17 00:34:15.0390 0476 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/17 00:34:15.0453 0476 ISWKL (eb8594268cf50baaecbe82d70c833533) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
2011/08/17 00:34:15.0500 0476 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/17 00:34:15.0562 0476 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/17 00:34:15.0609 0476 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/17 00:34:15.0796 0476 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/17 00:34:15.0859 0476 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/17 00:34:15.0890 0476 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/17 00:34:15.0937 0476 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/17 00:34:16.0015 0476 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/17 00:34:16.0093 0476 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/17 00:34:16.0187 0476 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/17 00:34:16.0234 0476 MSHUSBVideo (066f26efe273125b352e35405d258e85) C:\WINDOWS\system32\Drivers\nx6000.sys
2011/08/17 00:34:16.0296 0476 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/17 00:34:16.0359 0476 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/17 00:34:16.0406 0476 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/17 00:34:16.0437 0476 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/17 00:34:16.0500 0476 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/17 00:34:16.0593 0476 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/17 00:34:16.0656 0476 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/17 00:34:16.0750 0476 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/17 00:34:16.0796 0476 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/17 00:34:16.0859 0476 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/17 00:34:16.0937 0476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/17 00:34:16.0984 0476 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/17 00:34:17.0031 0476 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/17 00:34:17.0078 0476 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/17 00:34:17.0140 0476 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/17 00:34:17.0234 0476 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/08/17 00:34:17.0296 0476 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/08/17 00:34:17.0375 0476 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011/08/17 00:34:17.0437 0476 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011/08/17 00:34:17.0500 0476 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/17 00:34:17.0578 0476 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/17 00:34:17.0625 0476 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/17 00:34:17.0812 0476 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/17 00:34:17.0843 0476 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/17 00:34:17.0937 0476 PAC207 (4a410c7aea51123519c20d43a20bce96) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
2011/08/17 00:34:17.0984 0476 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/17 00:34:18.0031 0476 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/17 00:34:18.0062 0476 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/17 00:34:18.0140 0476 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/08/17 00:34:18.0171 0476 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/17 00:34:18.0250 0476 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/17 00:34:18.0296 0476 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/17 00:34:18.0531 0476 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/17 00:34:18.0546 0476 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/17 00:34:18.0593 0476 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/17 00:34:18.0609 0476 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/17 00:34:18.0859 0476 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/17 00:34:18.0921 0476 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/17 00:34:18.0984 0476 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/17 00:34:19.0031 0476 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/17 00:34:19.0062 0476 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/17 00:34:19.0093 0476 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/17 00:34:19.0156 0476 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/17 00:34:19.0203 0476 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/17 00:34:19.0281 0476 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/08/17 00:34:19.0359 0476 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/17 00:34:19.0406 0476 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/17 00:34:19.0437 0476 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/17 00:34:19.0484 0476 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/17 00:34:19.0546 0476 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/17 00:34:19.0625 0476 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/17 00:34:19.0703 0476 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/17 00:34:19.0781 0476 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/17 00:34:19.0859 0476 sscdbus (2d4027c46b4c6e45875e3c4ba3f67492) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
2011/08/17 00:34:19.0921 0476 sscdmdfl (f548f1eba107bc19e91189e6a460bd0e) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
2011/08/17 00:34:19.0968 0476 sscdmdm (71d348d53597379dfe1de255d70af13c) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
2011/08/17 00:34:20.0000 0476 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/17 00:34:20.0031 0476 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/17 00:34:20.0109 0476 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/17 00:34:20.0250 0476 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/17 00:34:20.0312 0476 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/17 00:34:20.0375 0476 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/17 00:34:20.0437 0476 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/17 00:34:20.0468 0476 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/17 00:34:20.0578 0476 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/17 00:34:20.0656 0476 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/17 00:34:20.0718 0476 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/08/17 00:34:20.0781 0476 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/17 00:34:20.0843 0476 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/17 00:34:20.0890 0476 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/17 00:34:20.0937 0476 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/17 00:34:20.0968 0476 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/17 00:34:21.0015 0476 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/17 00:34:21.0062 0476 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/17 00:34:21.0109 0476 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/08/17 00:34:21.0125 0476 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/08/17 00:34:21.0156 0476 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/17 00:34:21.0187 0476 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/17 00:34:21.0250 0476 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/08/17 00:34:21.0281 0476 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/17 00:34:21.0328 0476 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/17 00:34:21.0343 0476 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/17 00:34:21.0406 0476 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
2011/08/17 00:34:21.0484 0476 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/17 00:34:21.0562 0476 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/17 00:34:21.0640 0476 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/17 00:34:21.0796 0476 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/17 00:34:21.0843 0476 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/17 00:34:21.0937 0476 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/17 00:34:21.0984 0476 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/17 00:34:22.0031 0476 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
2011/08/17 00:34:22.0140 0476 Boot (0x1200) (bcaebc573050d80499b9754a83cc4505) \Device\Harddisk0\DR0\Partition0
2011/08/17 00:34:22.0171 0476 Boot (0x1200) (064a9544e856a831ba9837544b1e5511) \Device\Harddisk0\DR0\Partition1
2011/08/17 00:34:22.0171 0476 ================================================================================
2011/08/17 00:34:22.0171 0476 Scan finished
2011/08/17 00:34:22.0171 0476 ================================================================================
2011/08/17 00:34:22.0187 0460 Detected object count: 0
2011/08/17 00:34:22.0187 0460 Actual detected object count: 0
Désolé pour cette transmission en morceaux, je ne comprends pas pourquoi
a plus
Bonjour Fish66
je viens de relire ton message precedent et ta reco de deposer les rapports sur pjjoint.makelal
Ci dessous les liens:
rapport ZHP Diag
http://pjjoint.malekal.com/files.php?id=c4be238846l10f12v14v6y14e7e11p8y14d7q5r7k8p14d811k5j15s10j11
rapport TDSSkiller
http://pjjoint.malekal.com/files.php?id=68a2b02d0bx10l9i5d5o7t7n5t13y13x5g6d11i14b11l5y6j11h8l14o6
Desole pour tous ces bricolages des precedents messages
a plus
je viens de relire ton message precedent et ta reco de deposer les rapports sur pjjoint.makelal
Ci dessous les liens:
rapport ZHP Diag
http://pjjoint.malekal.com/files.php?id=c4be238846l10f12v14v6y14e7e11p8y14d7q5r7k8p14d811k5j15s10j11
rapport TDSSkiller
http://pjjoint.malekal.com/files.php?id=68a2b02d0bx10l9i5d5o7t7n5t13y13x5g6d11i14b11l5y6j11h8l14o6
Desole pour tous ces bricolages des precedents messages
a plus
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
17 août 2011 à 10:14
17 août 2011 à 10:14
Bonjour,
1/
Désinstalle ce logiciel : Logiciel: installer - (.Install Pedia Limited.)
2/
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
[HKCU\Software\Protection_ZoneAlarm]
O51 - MPSK:{ae740f7a-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\Install_Nokia_Ovi_Suite.exe (.not file.)
O51 - MPSK:{ae740fc0-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
FirewallRAZ
EmptyTemp
EmptyFlash
Puis Lance ZHPFix depuis le raccourci du bureau .
* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur le bouton GO
Copie/Colle le rapport à l'écran dans ton prochain message.
@+
1/
Désinstalle ce logiciel : Logiciel: installer - (.Install Pedia Limited.)
2/
Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
[HKCU\Software\Protection_ZoneAlarm]
O51 - MPSK:{ae740f7a-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\Install_Nokia_Ovi_Suite.exe (.not file.)
O51 - MPSK:{ae740fc0-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
FirewallRAZ
EmptyTemp
EmptyFlash
Puis Lance ZHPFix depuis le raccourci du bureau .
* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur le bouton GO
Copie/Colle le rapport à l'écran dans ton prochain message.
@+
Re,
1/
Desinstallation de Installer faite. Une fenetre m'a informée qu'il etait deja desinstallé, j'ai confirmé suppression tout de meme.
2/
Rapport ZHP Fix
Pendant la moulinette apres GO, toutes les icones et barre Demarrer ont disparu du Bureau. Impossible donc de manipuler le PC, j'ai du faire un stop forcé pour le relancer
Rapport de ZHPFix 1.12.3354 par Nicolas Coolman, Update du 14/08/2011
Fichier d'export Registre :
Run by H at 17/08/2011 14:03:05
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Clé(s) du Registre ==========
SUPPRIME Key: HKCU\Software\Protection_ZoneAlarm
SUPPRIME CLSID MPSK: {ae740f7a-f67b-11df-b67b-0019660fdbdb}
SUPPRIME CLSID MPSK: {ae740fc0-f67b-11df-b67b-0019660fdbdb}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
ABSENT Key: HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
========== Valeur(s) du Registre ==========
SUPPRIME Toolbar: {d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME FirewallRaz (SP) : C:\Program Files\Skype\Plugin Manager\skypePM.exe
SUPPRIME FirewallRaz (SP) : C:\Program Files\Messenger\msmsgs.exe
Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)
========== Dossier(s) ==========
SUPPRIME Temporaires Windows: : 670
SUPPRIME Flash Cookies: 928
========== Fichier(s) ==========
ABSENT Folder/File: c:\documents and settings\h\local settings\application data\mozilla\firefox\profiles\4ocmltw3.default\prefs.js (.not file.)
ABSENT Folder/File: c:\documents and settings\h\local settings\application data\mozilla\firefox\profiles\4ocmltw3.default\user.js (.not file.)
ABSENT File: c:\program files\protection_zonealarm\prxtbpro0.dll
SUPPRIME Temporaires Windows: : 13270
SUPPRIME Flash Cookies: 414
========== Récapitulatif ==========
12 : Clé(s) du Registre
4 : Valeur(s) du Registre
2 : Dossier(s)
5 : Fichier(s)
End of the scan in 01mn 30s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 17/08/2011 14:03:05
1/
Desinstallation de Installer faite. Une fenetre m'a informée qu'il etait deja desinstallé, j'ai confirmé suppression tout de meme.
2/
Rapport ZHP Fix
Pendant la moulinette apres GO, toutes les icones et barre Demarrer ont disparu du Bureau. Impossible donc de manipuler le PC, j'ai du faire un stop forcé pour le relancer
Rapport de ZHPFix 1.12.3354 par Nicolas Coolman, Update du 14/08/2011
Fichier d'export Registre :
Run by H at 17/08/2011 14:03:05
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
========== Clé(s) du Registre ==========
SUPPRIME Key: HKCU\Software\Protection_ZoneAlarm
SUPPRIME CLSID MPSK: {ae740f7a-f67b-11df-b67b-0019660fdbdb}
SUPPRIME CLSID MPSK: {ae740fc0-f67b-11df-b67b-0019660fdbdb}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
ABSENT Key: HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
========== Valeur(s) du Registre ==========
SUPPRIME Toolbar: {d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME FirewallRaz (SP) : C:\Program Files\Skype\Plugin Manager\skypePM.exe
SUPPRIME FirewallRaz (SP) : C:\Program Files\Messenger\msmsgs.exe
Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)
========== Dossier(s) ==========
SUPPRIME Temporaires Windows: : 670
SUPPRIME Flash Cookies: 928
========== Fichier(s) ==========
ABSENT Folder/File: c:\documents and settings\h\local settings\application data\mozilla\firefox\profiles\4ocmltw3.default\prefs.js (.not file.)
ABSENT Folder/File: c:\documents and settings\h\local settings\application data\mozilla\firefox\profiles\4ocmltw3.default\user.js (.not file.)
ABSENT File: c:\program files\protection_zonealarm\prxtbpro0.dll
SUPPRIME Temporaires Windows: : 13270
SUPPRIME Flash Cookies: 414
========== Récapitulatif ==========
12 : Clé(s) du Registre
4 : Valeur(s) du Registre
2 : Dossier(s)
5 : Fichier(s)
End of the scan in 01mn 30s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 17/08/2011 14:03:05
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
17 août 2011 à 14:16
17 août 2011 à 14:16
Re,
Redémarre ton PC, prépare un nouveau rapport ZHPDiag pour vérifier et voir ce qui nous reste!
Redémarre ton PC, prépare un nouveau rapport ZHPDiag pour vérifier et voir ce qui nous reste!
Re,
Ci dessous lien du nouveau rapport ZHPdiag
Merci
http://pjjoint.malekal.com/files.php?id=65f8be5187l8f15s11m6c13s9w13z5z11k12b12k5w9c14t14s15h10i11i14v12
Ci dessous lien du nouveau rapport ZHPdiag
Merci
http://pjjoint.malekal.com/files.php?id=65f8be5187l8f15s11m6c13s9w13z5z11k12b12k5w9c14t14s15h10i11i14v12
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
17 août 2011 à 17:58
17 août 2011 à 17:58
Re,
Mise à jour Avast :
*Télécharge Avast V6
*Désinstalle ton Antivirus Avast5 en suivant ces procédures
*Exécute le fichier téléchargé pour avoir la dernière version d'avast
Finalisation :
Pour finir :
1/
IMPORTANT
Purger les points de restauration système:
Télécharge OneClick2RestorePoint
http://www.multifa7.be/Laddy/OneClick2RP.exe
Mirroirs si non accessible :
http://batchdhelus.open-web.fr/Laddy/OneClick2RP.exe
https://app.box.com/s/cqcsz5m0oz
* Double clic sur OneClick2RP pour l'exécuter (Clic-droit choisir Executer en tant qu'administrateur sous Vista/Seven)
* Clic sur le bouton "Purger", l'outil de nettoyage de windows va s'ouvrir
* Choisis ton disque dur principal en général (C:\) ... Patiente pendant le scan...
* Rends toi dans l'onglet "Autres options"
* Dans la zone restauration système, clic sur le bouton nettoyer puis sur le bouton Supprimer.
* Les points de restauration système seront purgés sauf le dernier créé.
Ensuite avec le même outil
Créer un nouveau point de restauration reconnaissable
Aide ICI
2/
Télécharge DelFix sur ton bureau.
* Lance le, tape suppression puis valide
Patiente pendant le scan jusqu'à l'ouverture du rapport.
* Copie/Colle le contenu du rapport dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\DelFix.txt
tu peux le desinstaller
3/
Mise à jour Java
* Tu peux vérifier ta Console Java :
Installer la nouvelle version si besoin (dans ce cas désinstalle avant l'ancienne version).
voici pour desinstaller :
JavaRa
Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique (clic droit "en tant qu'administrateur" pour Vista) sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
4/
Télécharge et installe :
CCleaner version Slim
* Lance-le.(clic droit "en tant qu'administrateur" pour Vista et Seven) Va dans Options puis
Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare
toutes les erreurs tant de fois qu il en trouve a l analyse .
**************** Aide ICI ******************
Tu peux utiliser Ccleaner une fois par semaine
5/
Téléchage updatechecker pour t'indiquer les logiciels qui ne sont pas à jour et te permet aussi d'effectuer ces mises à jour
Fais la mise à jour surtout d'adobe reader
6/
Aussi tu peux garder Malwarebytes et l'utiliser aussi une fois par semaine.
7/
Je te conseille d'utiliser le navigateur Firefox et d'installer les modules
complémentaires WOT pour t'indiquer les fichiers douteux et Adblock plus pour bloquer les publicités...
8/
Un peu de lecture :
* Les dangers du Peer-To-Peer, Emule etc..
* Comment Sécuriser son ordinateur...
J'attend les rapports ...
Mise à jour Avast :
*Télécharge Avast V6
*Désinstalle ton Antivirus Avast5 en suivant ces procédures
*Exécute le fichier téléchargé pour avoir la dernière version d'avast
Finalisation :
Pour finir :
1/
IMPORTANT
Purger les points de restauration système:
Télécharge OneClick2RestorePoint
http://www.multifa7.be/Laddy/OneClick2RP.exe
Mirroirs si non accessible :
http://batchdhelus.open-web.fr/Laddy/OneClick2RP.exe
https://app.box.com/s/cqcsz5m0oz
* Double clic sur OneClick2RP pour l'exécuter (Clic-droit choisir Executer en tant qu'administrateur sous Vista/Seven)
* Clic sur le bouton "Purger", l'outil de nettoyage de windows va s'ouvrir
* Choisis ton disque dur principal en général (C:\) ... Patiente pendant le scan...
* Rends toi dans l'onglet "Autres options"
* Dans la zone restauration système, clic sur le bouton nettoyer puis sur le bouton Supprimer.
* Les points de restauration système seront purgés sauf le dernier créé.
Ensuite avec le même outil
Créer un nouveau point de restauration reconnaissable
Aide ICI
2/
Télécharge DelFix sur ton bureau.
* Lance le, tape suppression puis valide
Patiente pendant le scan jusqu'à l'ouverture du rapport.
* Copie/Colle le contenu du rapport dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\DelFix.txt
tu peux le desinstaller
3/
Mise à jour Java
* Tu peux vérifier ta Console Java :
Installer la nouvelle version si besoin (dans ce cas désinstalle avant l'ancienne version).
voici pour desinstaller :
JavaRa
Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique (clic droit "en tant qu'administrateur" pour Vista) sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
4/
Télécharge et installe :
CCleaner version Slim
* Lance-le.(clic droit "en tant qu'administrateur" pour Vista et Seven) Va dans Options puis
Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare
toutes les erreurs tant de fois qu il en trouve a l analyse .
**************** Aide ICI ******************
Tu peux utiliser Ccleaner une fois par semaine
5/
Téléchage updatechecker pour t'indiquer les logiciels qui ne sont pas à jour et te permet aussi d'effectuer ces mises à jour
Fais la mise à jour surtout d'adobe reader
6/
Aussi tu peux garder Malwarebytes et l'utiliser aussi une fois par semaine.
7/
Je te conseille d'utiliser le navigateur Firefox et d'installer les modules
complémentaires WOT pour t'indiquer les fichiers douteux et Adblock plus pour bloquer les publicités...
8/
Un peu de lecture :
* Les dangers du Peer-To-Peer, Emule etc..
* Comment Sécuriser son ordinateur...
J'attend les rapports ...
Bonsoir Fish66
J'espere avoir bien validé tous tes points ci dessus
1/
Mise à jour Avast V6: fait. En fait, je n'ai pas eu a supprimer v5, il s'st mis a jour en v6 qd j'ai lance l'exécution. c'est Ok ?
2/
Purger les points de restauration système et recréer: Ok fait
3/
DelFix : scan et suppression de plusieurs icones sur mon bureau mais je ne retrouve pas le rapport sous C:\DelFix.txt
4/
Mise à jour Java: ok verification confirme bonne version
5/
CCleaner version Slim: ok fait
6/
Updatechecker: Ok maj Adobe reader fait
8/
Firefox : ok cest celui la que j'utilise
9/
J'attend les rapports ... : a part DelFix que je ne trouve pas quels rapports attends tu ?
Merci d'avance
J'espere avoir bien validé tous tes points ci dessus
1/
Mise à jour Avast V6: fait. En fait, je n'ai pas eu a supprimer v5, il s'st mis a jour en v6 qd j'ai lance l'exécution. c'est Ok ?
2/
Purger les points de restauration système et recréer: Ok fait
3/
DelFix : scan et suppression de plusieurs icones sur mon bureau mais je ne retrouve pas le rapport sous C:\DelFix.txt
4/
Mise à jour Java: ok verification confirme bonne version
5/
CCleaner version Slim: ok fait
6/
Updatechecker: Ok maj Adobe reader fait
8/
Firefox : ok cest celui la que j'utilise
9/
J'attend les rapports ... : a part DelFix que je ne trouve pas quels rapports attends tu ?
Merci d'avance
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
18 août 2011 à 00:02
18 août 2011 à 00:02
Re,
1/
Relance Delfix et clique sur "chercher" pour vérifier si les outils de désinfection sont tous supprimés!
2/
As tu exécuté JavaRa ?
A la fin il y'aura un rapport de JavaRa correspondant à la suppression des anciennes version de Java!
@+
1/
Relance Delfix et clique sur "chercher" pour vérifier si les outils de désinfection sont tous supprimés!
2/
As tu exécuté JavaRa ?
A la fin il y'aura un rapport de JavaRa correspondant à la suppression des anciennes version de Java!
@+
Bonjour,
1/
Rapport DelFix relance ce matin:
# DelFix v8.3 - Rapport créé le 18/08/2011 à 08:42
# Mis à jour le 04/08/11 à 11h par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : H - LUTECE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\H\Bureau\delfix0.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
~~~~~~ Fichier(s) ~~~~~~
~~~~~~ Registre ~~~~~~
~~~~~~ Autre ~~~~~~
-> Prefetch vidé
########## EOF - "C:\DelFixSuppr.txt" - [576 octets] ##########
2/
Rapport Java
Il ne se passe rien qd je clique sur "Rechercher" au stade Mettre à jour via jucheck.exe
Pour info , la verif faite hier m'avait annonce que j'avais la bonne version de Java
Pb ?
Merci
a plus
1/
Rapport DelFix relance ce matin:
# DelFix v8.3 - Rapport créé le 18/08/2011 à 08:42
# Mis à jour le 04/08/11 à 11h par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : H - LUTECE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\H\Bureau\delfix0.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
~~~~~~ Fichier(s) ~~~~~~
~~~~~~ Registre ~~~~~~
~~~~~~ Autre ~~~~~~
-> Prefetch vidé
########## EOF - "C:\DelFixSuppr.txt" - [576 octets] ##########
2/
Rapport Java
Il ne se passe rien qd je clique sur "Rechercher" au stade Mettre à jour via jucheck.exe
Pour info , la verif faite hier m'avait annonce que j'avais la bonne version de Java
Pb ?
Merci
a plus
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
18 août 2011 à 09:22
18 août 2011 à 09:22
Bonjour,
Non, tous va bien, j'ai voulu tout simplement vérifier!
Bon surf et si tu n'as pas de souci pense à mettre ton sujet comme résolu
@+
Non, tous va bien, j'ai voulu tout simplement vérifier!
Bon surf et si tu n'as pas de souci pense à mettre ton sujet comme résolu
@+
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
18 août 2011 à 13:15
18 août 2011 à 13:15
C'est pas un problème
Bon surf...
Bon surf...