PC rame

Résolu
lutece -  
Fish66 Messages postés 18337 Statut Contributeur sécurité -
Bonjour,

Mon PC rame tres severe quand je suis sur internet, temps d'affichage parfois long.
Je me demande si ca ne viendrait pas du PC ?
Ci dessous scan de AD remover:

======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 16/01/11 à 02:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [3]) -> Lancé à 17:41:53 le 15/08/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 3 (X86)
H@LUTECE ( )

============== RECHERCHE ==============

Dossier trouvé: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\conduit
Dossier trouvé: C:\Documents and Settings\H\Local Settings\Application Data\Conduit
Dossier trouvé: C:\Program Files\Conduit

-- Fichier ouvert: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\Prefs.js --
Ligne trouvée: user_pref("CT2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
Ligne trouvée: user_pref("CT2613520.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261...
Ligne trouvée: user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=U...
Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
Ligne trouvée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
Ligne trouvée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
Ligne trouvée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613520&Sea...
-- Fichier Fermé --

Clé trouvée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé trouvée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Clé trouvée: HKLM\Software\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2613520
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKCU\Software\Toolbar
Clé trouvée: HKCU\Software\Conduit
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.18 (fr)] **

-- C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\Prefs.js --
browser.download.lastDir, D:\\Olivier\\[TELECHARGEMENT]\\Adèle
browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613520&SearchSource=3&q={searchTerms}
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.buildID, 20110413222027
browser.startup.homepage_override.mstone, rv:1.9.2.18
keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=24f3922d0000000000000019660fdbdb&tlver=1.4.19.19&instlRef=ss...
privacy.popups.showBrowserMessage, false

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=24f3922d0000000000000019660fdbdb&tlver=1.4.19.19&ss=1&affID=18026
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=24f3922d0000000000000019660fdbdb&tlver=1.4.19.19&ss=1&affID=18026
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 20 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 18 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 12/09/2010 (6262 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 12/09/2010 (2217 Octet(s))
C:\Ad-Report-CLEAN[3].txt - 16/01/2011 (4162 Octet(s))
C:\Ad-Report-SCAN[1].txt - 12/09/2010 (6227 Octet(s))
C:\Ad-Report-SCAN[2].txt - 16/01/2011 (3980 Octet(s))
C:\Ad-Report-SCAN[3].txt - 15/08/2011 (2407 Octet(s))

Fin à: 17:42:39, 15/08/2011

============== E.O.F ==============

Merci d'avance a celle ou celui qui pourra me conseiller en cas de pb ds ce rapport

21 réponses

  • 1
  • 2
  1. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Salut,

    Tu désinstalle ta version d'ad-remover

    * Télécharge de AD-Remover sur ton Bureau.
    http://www.teamxscript.org/adremoverTelechargement.html

    /!\ Ferme toutes applications en cours /!\

    - Double-clique sur l'icône Ad-remover située sur ton Bureau.
    - Sur la page, clique sur le bouton « Nettoyer »
    - Confirme lancement du scan
    - Laisse travailler l'outil.
    - Poste le rapport qui apparaît à la fin.

    (Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c
    1
  2. lutece
     
    Bonsoir Fish66
    Ci dessous le rapport
    D'avance merci

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 12/04/11
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 23:55:17 le 15/08/2011, Mode normal

    Microsoft Windows XP Édition familiale Service Pack 3 (X86)
    H@LUTECE ( )

    ============== ACTION(S) ==============

    Dossier supprimé: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\conduit
    Dossier supprimé: C:\Documents and Settings\H\Local Settings\Application Data\Conduit
    Dossier supprimé: C:\Program Files\Conduit

    (!) -- Fichiers temporaires supprimés.

    -- Fichier ouvert: C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default\Prefs.js --
    Ligne supprimée: user_pref("CT2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_...
    Ligne supprimée: user_pref("CT2613520.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261...
    Ligne supprimée: user_pref("CT2613520.ct2613520.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=U...
    Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
    Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
    Ligne supprimée: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
    Ligne supprimée: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");
    Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613520&Sea...
    -- Fichier Fermé --

    Clé supprimée: HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
    Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
    Clé supprimée: HKLM\Software\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2613520
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKCU\Software\Conduit
    Clé supprimée: HKCU\Software\Toolbar
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

    ============== SCAN ADDITIONNEL ==============

    **** Mozilla Firefox Version [3.6.18 (fr)] ****

    HKLM_MozillaPlugins\@checkpoint.com/FFApi (x)
    Components\browsercomps.dll (Mozilla Foundation)
    Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
    HKLM_Extensions|{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\

    -- C:\Documents and Settings\H\Application Data\Mozilla\FireFox\Profiles\4ocmltw3.default --
    Extensions\nostmp (?)
    Extensions\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5} (Protection ZoneAlarm Community Toolbar)
    Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} (?)
    Prefs.js - browser.download.lastDir, D:\\Olivier\\[TELECHARGEMENT]\\Adèle
    Prefs.js - browser.startup.homepage, www.google.fr
    Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
    Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.18
    Prefs.js - keyword.URL, hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=24f3922d0000000000000019660fdbdb&tlver=1.4.19.19&instlRef=ss...
    Prefs.js - privacy.popups.showBrowserMessage, false

    ========================================

    **** Internet Explorer Version [8.0.6001.18702] ****

    HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
    HKCU_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
    HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
    HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM_Main|Start Page - hxxp://fr.msn.com/
    HKLM_Toolbar|{98889811-442D-49dd-99D7-DC866BE87DBC} (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll)
    HKLM_ElevationPolicy\${ELV_GUID} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
    HKLM_ElevationPolicy\{190DA45D-F0EE-47E5-AC2C-29F7723A6DB1} - C:\Program Files\Protection_ZoneAlarm\Protection_ZoneAlarmToolbarHelper1.exe (?)
    HKLM_ElevationPolicy\{6F6FF334-F651-449A-A5AD-103633FBD82B} - C:\Documents and Settings\H\Local Settings\Application Data\Conduit\CT2613520\Protection_ZoneAlarmAutoUpdaterHelper.exe (x)
    HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
    BHO\{2E03C0FD-4C48-43A7-9A54-00240C70FF16} - "ECarteBleueBrowserHelper Class" (C:\WINDOWS\system32\BhoECart.dll)
    BHO\{2EECD738-5844-4a99-B4B6-146BF802613B} - "CescrtHlpr Object" (C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll)
    BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
    BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 30 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 15/08/2011 23:55:51 (4974 Octet(s))

    Fin à: 23:57:33, 15/08/2011

    ============== E.O.F ==============
    0
  3. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Re,

    Nous allons effectuer un diagnostic de ton PC:
    *Télécharge ZHPDiag sur ton bureau :

    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
    ou :
    http://www.premiumorange.com/zeb-help-process/zhpdiag.html

    * Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"

    /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

    * Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
    * Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
    * Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :
    http://pjjoint.malekal.com/

    Si indisponible:

    http://ww38.toofiles.com/fr/documents-upload.html

    ou :

    https://www.casimages.com/

    * Tuto zhpdiag :
    http://www.premiumorange.com/zeb-help-process/zhpdiag.html

    Hébergement de rapport sur pjjoint.malekal.com

    * Rends toi sur http://pjjoint.malekal.com/
    * Clique sur le bouton Parcourir
    * Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
    *Clique sur le bouton Envoyer
    * Un message de confirmation s'affiche, copie le lien dans ta prochaine réponse.

    @+
    0
  4. lutece
     
    Bonjour Fish66

    Merci pour ton aide, désole j'ai du quitter hier soir
    Ci dessous le lien du rapport pjjoint.maketal.com, qui pour information a mouliné, mouliné, mouliné,...... pendant au moins 10 mn avant de s'afficher . Normal?
    http://pjjoint.malekal.com/files.php?id=dfbcc8ba59l5z10d6r7q13w6j13q15h11s13e11j14k8b14k9x12h12h14z7p5

    D'avance merci pour ton retour
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Bonjour,
    1/
    Tu désinstalles ce logiciel : Logiciel: Babylon toolbar

    Puis tu supprimes également ces dossiers :

    C:\Program Files\BabylonToolbar
    C:\Program Files\Protection_ZoneAlarm
    C:\Documents and Settings\H\Application Data\BabylonToolbar
    C:\Documents and Settings\H\Local Settings\Application Data\Protection_ZoneAlarm


    2/
    Télécharge AdwCleaner (merci à Xplode)
    Lance AdwCleaner
    Clique sur le bouton [ Recherche ]
    Patiente...
    Poste le rapport qui apparait en fin de recherche.

    @+

    0
  7. lutece
     
    Re,

    je pense avoir correctement tout supprimé, cependant l'ordi s'est bloqué apres avoir supprimé babylon ds "Ajout Suprression de programmes" et une page web du site babylon s'est ouverte. Pb ?

    Voici le rapport AdwCleaner

    # AdwCleaner v1.0 - Rapport créé le 16/08/2011 à 13:11:34
    # Mis à jour le 15/08/11 à 15h30 par Xplode
    # Système d'exploitation : Microsoft Windows XPService Pack 3 (32 bits)
    # Nom d'utilisateur : H - LUTECE (Administrateur)
    # Exécuté depuis : C:\Documents and Settings\H\Bureau\AdwCleaner.exe
    # Option [Recherche]

    ***** [Processus] *****

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    Dossier Présent : C:\Documents and Settings\H\Local Settings\Temp\conduit

    ***** [Registre] *****

    Clé Présente : HKCU\Toolbar
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
    Clé Présente : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v3.6.18 (fr)

    Profil : 4ocmltw3.default
    Fichier : C:\Documents and Settings\H\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js

    Présente : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
    Présente : user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
    Présente : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
    Présente : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
    Présente : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");

    *************************

    AdwCleaner[R1].txt - [1511 octets] - [16/08/2011 13:11:34]

    ########## EOF - C:\AdwCleaner[R1].txt - [1639 octets] ##########

    Merci et a plus.
    0
  8. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Re,
    1/
    Lance AdwCleaner
    Clique sur le bouton [ Suppression]
    Patiente...
    Poste le rapport qui apparait en fin de recherche.

    2/ Ensuite

    Prépare un nouveau rapport ZHPDiag stp

    0
  9. lutece
     
    Bonsoir Fish66
    Voici le rapport AdwCleaner ci dessous
    Par contre je n'arrive pas a obtenir de rapport ZHP Diag: qd je clique l'icone sur le bureau, le sablier apparait 10 sec et puis plus rien !

    # AdwCleaner v1.0 - Rapport créé le 16/08/2011 à 20:50:21
    # Mis à jour le 15/08/11 à 15h30 par Xplode
    # Système d'exploitation : Microsoft Windows XPService Pack 3 (32 bits)
    # Nom d'utilisateur : H - LUTECE (Administrateur)
    # Exécuté depuis : C:\Documents and Settings\H\Bureau\AdwCleaner.exe
    # Option [Suppression]

    ***** [KillNav] *****

    ***** [Processus] *****

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Documents and Settings\H\Local Settings\Temp\conduit

    ***** [Registre] *****

    Clé Supprimée : HKCU\Toolbar
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v3.6.18 (fr)

    Profil : 4ocmltw3.default
    Fichier : C:\Documents and Settings\H\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js

    Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
    Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT2613520");
    Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT2613520");
    Supprimée : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 08:35:43 GMT+0100");
    Supprimée : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2613520");

    *************************

    AdwCleaner[R1].txt - [1640 octets] - [16/08/2011 13:11:34]
    AdwCleaner[S1].txt - [1609 octets] - [16/08/2011 20:50:21]

    ########## EOF - C:\AdwCleaner[S1].txt - [1737 octets] ##########

    Merci pour ton retour
    0
    1. lutece
       
      Fish66
      Apres beaucoup de miseres et de stop forces du PC (ecran bleu et tout le toutim.....) j'ai reussi un ZHPDiag
      Ci dessous
      Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011
      Run by H at 16/08/2011 22:22:38
      Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


      ---\\ Web Browser
      MSIE: Internet Explorer v8.0.6001.18702
      MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)

      ---\\ Windows Product Information
      Windows XP Home Edition Service Pack 3 (Build 2600)
      Windows Automatic Updates : OK
      Windows Genuine Adventage : KO

      ---\\ System Information
      ~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
      ~ Operating System: 32 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 1023 MB (49% free)
      System Restore: Activé (Enable)
      System drive C: has 40 GB (58%) free of 68 GB

      ---\\ Logged in mode
      ~ Computer Name: LUTECE
      ~ User Name: H
      ~ All Users Names: SUPPORT_388945a0, HelpAssistant, H, ASPNET, Administrateur,
      ~ Unselected Option: O45,O61,O62,O65,O66,O82
      Logged in as Administrator

      ---\\ Environnement Variables
      ~ System Unit : C:\
      ~ %AppData% : C:\Documents and Settings\H\Application Data\
      ~ %Desktop% : C:\Documents and Settings\H\Bureau\
      ~ %Favorites% : C:\Documents and Settings\H\Favoris\
      ~ %LocalAppData% : C:\Documents and Settings\H\Local Settings\Application Data\
      ~ %StartMenu% : C:\Documents and Settings\H\Menu Démarrer\
      ~ %Windir% : C:\WINDOWS\
      ~ %System% : C:\WINDOWS\system32\

      ---\\ DOS/Devices
      C:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 68 Go)
      D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 165 Go)
      E:\ CD-ROM drive (Not Inserted)



      ---\\ Security Center & Tools Informations
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
      [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
      [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
      [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
      [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
      ~ Scan Security Center in 00mn 00s



      ---\\ Recherche particulière de fichiers génériques
      [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
      [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/08/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
      [MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
      [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/08/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
      [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/08/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
      [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/08/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
      ~ Scan Generic Processes in 00mn 00s



      ---\\ Etat des fichiers cachés (Caché/Total)
      ~ Mes images (My Pictures) : 10/102
      ~ Mes musiques (My Musics) : 17/664
      ~ Mes Favoris (My Favorites) : 2/28
      ~ Mes Documents (My Documents) : 32/8091
      ~ Mon Bureau (My Desktop) : 1/56
      ~ Menu demarrer (Programs) : 5/37
      ~ Scan Hidden Files in 00mn 09s



      ---\\ Processus lancés
      [MD5.D5406AD4263487BD6C6B2D7735B095BC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.]
      [MD5.E9372A17C22FC4E5C9FD8798A97775FC] - (.Nero AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [871424] [PID.]
      [MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.]
      [MD5.2202BA7450E6BE65D92A40377206C626] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [488952] [PID.]
      [MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
      [MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.]
      [MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.]
      [MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
      [MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
      [MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.]
      [MD5.BBCDBEBBF1BD6DC5912240391874C0DC] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [161632] [PID.]
      [MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.2916]
      [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
      [MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3493720] [PID.2256]
      [MD5.DDACBCA1D0E66BBA5C984842F372A6D4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2468]
      [MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768] [PID.2476]
      [MD5.CF508A3971DECEEC1CE575DDDCA4A019] - (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe [1397760] [PID.2504]
      [MD5.37BF603C3685289CA684C4D3400A9DE7] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.2628]
      [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2656]
      [MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2672]
      [MD5.5ADA30D570F877E4F01C8DF67F781E0E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16208384] [PID.2848]
      [MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2912]
      [MD5.ACC5596B15EB0351261A483DA06F3EB3] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1531904] [PID.2964]
      [MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.]
      [MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3348]
      [MD5.C72FB9CC856ECFF3B6459B27CB674638] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584] [PID.3536]
      [MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3600]
      [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.224]
      [MD5.16F1D5CF6465FCA139FA289648B349EE] - (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [663552] [PID.168]
      [MD5.DCB3796E0169419618C72F0CE34C68ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008] [PID.]
      [MD5.2D841B7B7F6DEC32162EDFCC69D61F42] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [615936] [PID.]
      [MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Documents and Settings\H\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.4076]
      [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.4084]
      [MD5.F4631A1BE95655DE86C256776E49019A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [138752] [PID.]
      [MD5.46A9D1FCC55EC6A62FE1D2ACE79C6CA8] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
      [MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.2984]
      [MD5.258B59C03A5E5C53177C5D52A714C12A] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808] [PID.]
      [MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.1968]
      [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
      ~ Scan Processes Running in 00mn 02s



      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
      C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
      C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
      M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
      M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
      M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
      M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
      M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
      M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
      P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
      P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
      P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
      P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
      P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
      P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
      P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
      P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
      P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
      P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
      P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
      P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
      P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
      P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
      P2 - FPN: [HKLM] [@nosltd.com/getPlus+(R),version=1.6.2.90] - (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\NOS\bin\np_gp.dll
      P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
      P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
      ~ Scan Firefox Browser in 00mn 00s



      ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
      R0 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
      R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
      R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) (No version) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
      ~ Scan IE Browser in 00mn 00s



      ---\\ Internet Explorer, Proxy Management (R5)
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
      ~ Scan Proxy management in 00mn 00s



      ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
      F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
      ~ Scan Keys in 00mn 00s



      ---\\ Redirection du fichier Hosts (O1)
      ~ Scan Hosts File in 00mn 00s



      ---\\ Browser Helper Objects de navigateur (O2)
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll
      O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
      O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      ~ Scan BHO in 00mn 00s



      ---\\ Internet Explorer Toolbars (O3)
      O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
      O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
      ~ Scan Toolbar in 00mn 00s



      ---\\ Applications démarrées par registre & par dossier (O4)
      O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe
      O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
      O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
      O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
      O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
      O4 - HKLM\..\Run: [InCD] . (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
      O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
      O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
      O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
      O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
      O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
      O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
      O4 - HKLM\..\Run: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
      O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
      O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
      O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
      O4 - HKLM\..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
      O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
      O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
      O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
      O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
      ~ Scan Application in 00mn 00s



      ---\\ Autres liens utilisateurs (O4)
      O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
      O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
      O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
      O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
      O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
      O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
      O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
      ~ Scan Global Startup in 00mn 00s



      ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
      O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
      ~ Scan IE Menu Contextuel in 00mn 00s



      ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
      O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
      O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
      O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
      O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
      O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
      ~ Scan IE Extra Buttons in 00mn 00s



      ---\\ Winsock hijacker (Layered Service Provider) (O10)
      O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
      O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
      O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
      O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
      ~ Scan Winsock in 00mn 00s



      ---\\ Modification Domaine/Adresses DNS (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS2\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS3\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
      ~ Scan Domain in 00mn 00s



      ---\\ Protocole additionnel (O18)
      O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
      O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
      O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
      O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
      O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
      O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
      O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
      O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
      O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
      O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
      O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
      O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
      O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
      O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
      O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
      O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
      O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
      O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
      O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
      O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
      O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
      O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
      O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
      ~ Scan Protocole Additionnel in 00mn 00s



      ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
      O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
      O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
      O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
      O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
      O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
      O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
      O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
      O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
      O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
      O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
      O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
      ~ Scan Winlogon in 00mn 00s



      ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
      O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
      O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
      O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
      O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
      O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
      O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
      ~ Scan SSODL in 00mn 00s



      ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
      O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
      O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
      ~ Scan STS/SSO in 00mn 00s



      ---\\ Liste des services NT non Microsoft et non désactivés (O23)
      O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
      O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
      O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
      O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
      O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
      O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
      O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
      O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      ~ Scan Services in 00mn 00s



      ---\\ Enumération Active Desktop & MHTML Editor (O24)
      O24 - Default MHTML Editor: Last - .(...) - (.not file.)
      ~ Scan Desktop Component in 00mn 00s



      ---\\ Tâches planifiées en automatique (O39)
      O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
      O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
      O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
      O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for H.job
      ~ Scan Scheduled Task in 00mn 00s



      ---\\ Pilotes lancés au démarrage (O41)
      O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
      O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
      O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
      O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys
      O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
      O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
      O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
      O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
      O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
      O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
      O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
      O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
      O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
      O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
      O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
      O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
      O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys
      O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
      ~ Scan Drivers in 00mn 00s



      ---\\ Logiciels installés (O42)
      O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
      O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software
      O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
      O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
      O42 - Logiciel: ATI HYDRAVISION - (.Pas de propriétaire.) [HKLM] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
      O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
      O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
      O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
      O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
      O42 - Logiciel: ArcSoft PhotoImpression 5 - (.ArcSoft.) [HKLM] -- {7AFDF9AE-66B2-4A1F-8249-32EF14B97150}
      O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
      O42 - Logiciel: AxCrypt (Désinstaller uniquement) - (.Axon Data.) [HKLM] -- AxCrypt
      O42 - Logiciel: DVD Solution - (.Pas de propriétaire.) [HKLM] -- {B97CF5C3-0487-11D8-A36E-0050BAE317E1}
      O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
      O42 - Logiciel: Electronic Arts Product Registration - (.Electronic Arts.) [HKLM] -- InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}
      O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
      O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
      O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
      O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
      O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
      O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
      O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey
      O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
      O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
      O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
      O42 - Logiciel: LimeWire 5.5.14 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
      O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
      O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
      O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
      O42 - Logiciel: Microsoft Age of Empires Expansion - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion 1.0
      O42 - Logiciel: Microsoft Age of Empires Expansion Trial - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion Trial 1.00
      O42 - Logiciel: Microsoft Age of Empires II Trial Version - (.Pas de propriétaire.) [HKLM] -- Age of Empires II Trial
      O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
      O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
      O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
      O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
      O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
      O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
      O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}
      O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
      O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
      O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
      O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
      O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
      O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
      O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
      O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
      O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
      O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
      O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
      O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
      O42 - Logiciel: PhotoScape - (.Pas de propriétaire.) [HKLM] -- PhotoScape
      O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
      O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
      O42 - Logiciel: REALTEK PCIE NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {17E2F183-BAC4-4D01-BD7A-59F781E17EFA}
      O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
      O42 - Logiciel: Risk - (.Pas de propriétaire.) [HKLM] -- Risk
      O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
      O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
      O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
      O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
      O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
      O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
      O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
      O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
      O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
      O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
      O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
      O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}
      O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
      O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
      O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}
      O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
      O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}
      O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
      O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
      O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
      O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
      O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
      O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
      O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
      O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
      O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
      O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
      O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
      O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
      O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
      O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
      O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
      O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
      O42 - Logiciel: Videora iPod Converter 6 - (.Red Kawa.) [HKLM] -- Videora iPod Converter
      O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel
      O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
      O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
      O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
      O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
      O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
      O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
      O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
      O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
      O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm
      O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
      O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
      O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
      O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
      O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\7-Zip]
      [HKCU\Software\ALWIL Software]
      [HKCU\Software\ATI]
      [HKCU\Software\AVAST Software]
      [HKCU\Software\Adobe]
      [HKCU\Software\AppDataLow\ISWVolatile]
      [HKCU\Software\AppDataLow]
      [HKCU\Software\Apple Computer, Inc.]
      [HKCU\Software\Apple Inc.]
      [HKCU\Software\ArcSoft]
      [HKCU\Software\Astonsoft]
      [HKCU\Software\Axon Data]
      [HKCU\Software\BitTorrent]
      [HKCU\Software\CheckPoint]
      [HKCU\Software\Classes]
      [HKCU\Software\Clients]
      [HKCU\Software\CyberLink]
      [HKCU\Software\EA Sports]
      [HKCU\Software\EasyBits]
      [HKCU\Software\Google]
      [HKCU\Software\HP]
      [HKCU\Software\Hewlett-Packard]
      [HKCU\Software\HookNetwork]
      [HKCU\Software\IADirectShow]
      [HKCU\Software\IM Providers]
      [HKCU\Software\Intel]
      [HKCU\Software\InterActual Technologies]
      [HKCU\Software\JavaSoft]
      [HKCU\Software\Lake]
      [HKCU\Software\Leadertech]
      [HKCU\Software\Macromedia]
      [HKCU\Software\Magnet]
      [HKCU\Software\Monitored]
      [HKCU\Software\Mooii]
      [HKCU\Software\Mozilla]
      [HKCU\Software\Netscape]
      [HKCU\Software\Nokia]
      [HKCU\Software\ODBC]
      [HKCU\Software\Policies]
      [HKCU\Software\Protection_ZoneAlarm]
      [HKCU\Software\Realtek]
      [HKCU\Software\SOFTWARE]
      [HKCU\Software\SecuROM]
      [HKCU\Software\SkypeApps]
      [HKCU\Software\Skype]
      [HKCU\Software\Softonic]
      [HKCU\Software\TeamViewer]
      [HKCU\Software\Trolltech]
      [HKCU\Software\YahooPartnerToolbar]
      [HKCU\Software\Zone Labs]
      [HKCU\Software\ahead]
      [HKCU\Software\cspep]
      [HKCU\Software\digital publishing]
      [HKCU\Software\keyhole.com]
      [HKCU\Software\settings]
      [HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
      [HKLM\Software\ALWIL Software]
      [HKLM\Software\ATI Technologies Inc.]
      [HKLM\Software\ATI Technologies]
      [HKLM\Software\ATI]
      [HKLM\Software\AVAST Software]
      [HKLM\Software\Adobe]
      [HKLM\Software\AdwCleaner]
      [HKLM\Software\Aecotech]
      [HKLM\Software\Ahead]
      [HKLM\Software\AppDataLow]
      [HKLM\Software\Apple Computer, Inc.]
      [HKLM\Software\Apple Inc.]
      [HKLM\Software\ArcSoft]
      [HKLM\Software\Axon Data]
      [HKLM\Software\C07ft5Y]
      [HKLM\Software\CheckPoint]
      [HKLM\Software\Classes]
      [HKLM\Software\Clients]
      [HKLM\Software\CyberLink]
      [HKLM\Software\DivXNetworks]
      [HKLM\Software\Dofus 2]
      [HKLM\Software\EA Sports]
      [HKLM\Software\GEAR Software]
      [HKLM\Software\Gemplus]
      [HKLM\Software\Google]
      [HKLM\Software\HP]
      [HKLM\Software\Hewlett-Packard]
      [HKLM\Software\ICE]
      [HKLM\Software\InstallShield]
      [HKLM\Software\Intel]
      [HKLM\Software\InterActual Technologies]
      [HKLM\Software\JavaSoft]
      [HKLM\Software\JreMetrics]
      [HKLM\Software\Lake]
      [HKLM\Software\LanSetup]
      [HKLM\Software\MCCI]
      [HKLM\Software\Macromedia]
      [HKLM\Software\Mooii]
      [HKLM\Software\MozillaPlugins]
      [HKLM\Software\Mozilla]
      [HKLM\Software\NOS]
      [HKLM\Software\Nero]
      [HKLM\Software\Nokia Mobile Phones]
      [HKLM\Software\Nokia]
      [HKLM\Software\Norton]
      [HKLM\Software\ODBC]
      [HKLM\Software\OMSI]
      [HKLM\Software\PC Connectivity Solution]
      [HKLM\Software\PCSuite]
      [HKLM\Software\PixArt]
      [HKLM\Software\Policies]
      [HKLM\Software\Program Groups]
      [HKLM\Software\Protection_ZoneAlarm]
      [HKLM\Software\REALTEK Semiconductor Corporation]
      [HKLM\Software\Realtek Semiconductor Corp.]
      [HKLM\Software\Realtek]
      [HKLM\Software\RegisteredApplications]
      [HKLM\Software\SEGA]
      [HKLM\Software\SOFTWARE]
      [HKLM\Software\Samsung Electronics Co., Ltd.]
      [HKLM\Software\Schlumberger]
      [HKLM\Software\Secure]
      [HKLM\Software\Set8168]
      [HKLM\Software\Skype]
      [HKLM\Software\Symantec]
      [HKLM\Software\TeamViewer]
      [HKLM\Software\VideoLAN]
      [HKLM\Software\Windows 3.1 Migration Status]
      [HKLM\Software\Windows]
      [HKLM\Software\Zone Labs]
      [HKLM\Software\mozilla.org]
      ~ Scan Softwares in 00mn 00s



      ---\\ Contenu des
      0
  10. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Re,

    1/
    * Télécharge load_tdsskiller (de Loup Blanc) sur ton Bureau

    http://fradesch.perso.cegetel.net/transf/Load_tdsskiller.exe

    * Lance load_tdsskiller en faisant un double-clic dessus / Lance par un clic-droit dessus ? Exécuter en temps qu'administrateur
    * L'outil va se connecter pour télécharger une copie à jour de TDSSKiller, puis va lancer une analyse
    * Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés, vérifier que l'option (Cure) est sélectionnée,
    * Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),
    * A la fin, il te sera demandé d'appuyer sur une touche, puis le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (C:\tdsskiller\report.txt)

    2/
    Le rapport ZHPDiag est incomplet, héberge le stp comme indiqué ici

    3/
    Pour connaitre du problème, je dois analyser le rapport ZHPDiag

    0
  11. lutece
     
    Re,

    Désolé, rapport ZHP Diag que j'espere complet cette fois ci et plus bas le rapport Tdsskiller:

    1/
    Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011
    Run by H at 16/08/2011 22:22:38
    Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

    ---\\ Web Browser
    MSIE: Internet Explorer v8.0.6001.18702
    MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)

    ---\\ Windows Product Information
    Windows XP Home Edition Service Pack 3 (Build 2600)
    Windows Automatic Updates : OK
    Windows Genuine Adventage : KO

    ---\\ System Information
    ~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1023 MB (49% free)
    System Restore: Activé (Enable)
    System drive C: has 40 GB (58%) free of 68 GB

    ---\\ Logged in mode
    ~ Computer Name: LUTECE
    ~ User Name: H
    ~ All Users Names: SUPPORT_388945a0, HelpAssistant, H, ASPNET, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O82
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ System Unit : C:\
    ~ %AppData% : C:\Documents and Settings\H\Application Data\
    ~ %Desktop% : C:\Documents and Settings\H\Bureau\
    ~ %Favorites% : C:\Documents and Settings\H\Favoris\
    ~ %LocalAppData% : C:\Documents and Settings\H\Local Settings\Application Data\
    ~ %StartMenu% : C:\Documents and Settings\H\Menu Démarrer\
    ~ %Windir% : C:\WINDOWS\
    ~ %System% : C:\WINDOWS\system32\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 68 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 165 Go)
    E:\ CD-ROM drive (Not Inserted)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
    [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
    [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
    ~ Scan Security Center in 00mn 00s

    ---\\ Recherche particulière de fichiers génériques
    [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
    [MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/08/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
    [MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
    [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/08/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
    [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/08/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
    [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/08/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
    ~ Scan Generic Processes in 00mn 00s

    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 10/102
    ~ Mes musiques (My Musics) : 17/664
    ~ Mes Favoris (My Favorites) : 2/28
    ~ Mes Documents (My Documents) : 32/8091
    ~ Mon Bureau (My Desktop) : 1/56
    ~ Menu demarrer (Programs) : 5/37
    ~ Scan Hidden Files in 00mn 09s

    ---\\ Processus lancés
    [MD5.D5406AD4263487BD6C6B2D7735B095BC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.]
    [MD5.E9372A17C22FC4E5C9FD8798A97775FC] - (.Nero AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [871424] [PID.]
    [MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.]
    [MD5.2202BA7450E6BE65D92A40377206C626] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [488952] [PID.]
    [MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
    [MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.]
    [MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.]
    [MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
    [MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
    [MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.]
    [MD5.BBCDBEBBF1BD6DC5912240391874C0DC] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [161632] [PID.]
    [MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.2916]
    [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
    [MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3493720] [PID.2256]
    [MD5.DDACBCA1D0E66BBA5C984842F372A6D4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2468]
    [MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768] [PID.2476]
    [MD5.CF508A3971DECEEC1CE575DDDCA4A019] - (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe [1397760] [PID.2504]
    [MD5.37BF603C3685289CA684C4D3400A9DE7] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.2628]
    [MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2656]
    [MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2672]
    [MD5.5ADA30D570F877E4F01C8DF67F781E0E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16208384] [PID.2848]
    [MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2912]
    [MD5.ACC5596B15EB0351261A483DA06F3EB3] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1531904] [PID.2964]
    [MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.]
    [MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3348]
    [MD5.C72FB9CC856ECFF3B6459B27CB674638] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584] [PID.3536]
    [MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3600]
    [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.224]
    [MD5.16F1D5CF6465FCA139FA289648B349EE] - (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [663552] [PID.168]
    [MD5.DCB3796E0169419618C72F0CE34C68ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008] [PID.]
    [MD5.2D841B7B7F6DEC32162EDFCC69D61F42] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [615936] [PID.]
    [MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Documents and Settings\H\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.4076]
    [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.4084]
    [MD5.F4631A1BE95655DE86C256776E49019A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [138752] [PID.]
    [MD5.46A9D1FCC55EC6A62FE1D2ACE79C6CA8] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
    [MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.2984]
    [MD5.258B59C03A5E5C53177C5D52A714C12A] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808] [PID.]
    [MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.1968]
    [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
    ~ Scan Processes Running in 00mn 02s

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
    C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
    M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
    M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
    M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
    M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
    M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
    M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
    P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
    P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
    P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
    P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
    P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
    P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
    P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
    P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
    P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
    P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    P2 - FPN: [HKLM] [@nosltd.com/getPlus+(R),version=1.6.2.90] - (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\NOS\bin\np_gp.dll
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    ~ Scan Firefox Browser in 00mn 00s

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
    R0 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
    R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
    R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) (No version) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
    ~ Scan IE Browser in 00mn 00s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Scan Proxy management in 00mn 00s

    ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
    ~ Scan Keys in 00mn 00s

    ---\\ Redirection du fichier Hosts (O1)
    ~ Scan Hosts File in 00mn 00s

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    ~ Scan BHO in 00mn 00s

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    ~ Scan Toolbar in 00mn 00s

    ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe
    O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
    O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    O4 - HKLM\..\Run: [InCD] . (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
    O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
    O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
    O4 - HKLM\..\Run: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
    ~ Scan Application in 00mn 00s

    ---\\ Autres liens utilisateurs (O4)
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
    O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
    O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
    O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
    ~ Scan Global Startup in 00mn 00s

    ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
    O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
    ~ Scan IE Menu Contextuel in 00mn 00s

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
    O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
    O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
    ~ Scan IE Extra Buttons in 00mn 00s

    ---\\ Winsock hijacker (Layered Service Provider) (O10)
    O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
    O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
    O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
    ~ Scan Winsock in 00mn 00s

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
    ~ Scan Domain in 00mn 00s

    ---\\ Protocole additionnel (O18)
    O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
    O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
    O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
    O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
    O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
    O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
    O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
    O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
    O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
    O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
    O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
    O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
    O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
    O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
    O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
    O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
    O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
    O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    ~ Scan Protocole Additionnel in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
    O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
    O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
    O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
    O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
    O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
    O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
    O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    ~ Scan Winlogon in 00mn 00s

    ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
    O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
    O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
    ~ Scan SSODL in 00mn 00s

    ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
    O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
    ~ Scan STS/SSO in 00mn 00s

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    ~ Scan Services in 00mn 00s

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Default MHTML Editor: Last - .(...) - (.not file.)
    ~ Scan Desktop Component in 00mn 00s

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for H.job
    ~ Scan Scheduled Task in 00mn 00s

    ---\\ Pilotes lancés au démarrage (O41)
    O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
    O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
    O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
    O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys
    O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
    O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
    O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
    O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
    O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
    O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
    O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
    O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
    O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
    O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
    O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
    O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
    O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys
    O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
    ~ Scan Drivers in 00mn 00s

    ---\\ Logiciels installés (O42)
    O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
    O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software
    O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
    O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
    O42 - Logiciel: ATI HYDRAVISION - (.Pas de propriétaire.) [HKLM] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
    O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
    O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
    O42 - Logiciel: ArcSoft PhotoImpression 5 - (.ArcSoft.) [HKLM] -- {7AFDF9AE-66B2-4A1F-8249-32EF14B97150}
    O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
    O42 - Logiciel: AxCrypt (Désinstaller uniquement) - (.Axon Data.) [HKLM] -- AxCrypt
    O42 - Logiciel: DVD Solution - (.Pas de propriétaire.) [HKLM] -- {B97CF5C3-0487-11D8-A36E-0050BAE317E1}
    O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
    O42 - Logiciel: Electronic Arts Product Registration - (.Electronic Arts.) [HKLM] -- InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}
    O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
    O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
    O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
    O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
    O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
    O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
    O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey
    O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
    O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
    O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
    O42 - Logiciel: LimeWire 5.5.14 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
    O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
    O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
    O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
    O42 - Logiciel: Microsoft Age of Empires Expansion - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion 1.0
    O42 - Logiciel: Microsoft Age of Empires Expansion Trial - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion Trial 1.00
    O42 - Logiciel: Microsoft Age of Empires II Trial Version - (.Pas de propriétaire.) [HKLM] -- Age of Empires II Trial
    O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
    O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
    O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
    O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
    O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
    O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
    O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
    O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
    O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
    O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
    O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
    O42 - Logiciel: PhotoScape - (.Pas de propriétaire.) [HKLM] -- PhotoScape
    O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
    O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
    O42 - Logiciel: REALTEK PCIE NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {17E2F183-BAC4-4D01-BD7A-59F781E17EFA}
    O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 - Logiciel: Risk - (.Pas de propriétaire.) [HKLM] -- Risk
    O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
    O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
    O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
    O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
    O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
    O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}
    O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
    O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
    O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}
    O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
    O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}
    O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
    O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
    O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
    O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
    O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
    O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
    O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
    O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
    O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
    O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
    O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
    O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
    O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
    O42 - Logiciel: Videora iPod Converter 6 - (.Red Kawa.) [HKLM] -- Videora iPod Converter
    O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel
    O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
    O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
    O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
    O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
    O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
    O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
    O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
    O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
    O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm
    O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
    O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
    O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
    O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
    O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\7-Zip]
    [HKCU\Software\ALWIL Software]
    [HKCU\Software\ATI]
    [HKCU\Software\AVAST Software]
    [HKCU\Software\Adobe]
    [HKCU\Software\AppDataLow\ISWVolatile]
    [HKCU\Software\AppDataLow]
    [HKCU\Software\Apple Computer, Inc.]
    [HKCU\Software\Apple Inc.]
    [HKCU\Software\ArcSoft]
    [HKCU\Software\Astonsoft]
    [HKCU\Software\Axon Data]
    [HKCU\Software\BitTorrent]
    [HKCU\Software\CheckPoint]
    [HKCU\Software\Classes]
    [HKCU\Software\Clients]
    [HKCU\Software\CyberLink]
    [HKCU\Software\EA Sports]
    [HKCU\Software\EasyBits]
    [HKCU\Software\Google]
    [HKCU\Software\HP]
    [HKCU\Software\Hewlett-Packard]
    [HKCU\Software\HookNetwork]
    [HKCU\Software\IADirectShow]
    [HKCU\Software\IM Providers]
    [HKCU\Software\Intel]
    [HKCU\Software\InterActual Technologies]
    [HKCU\Software\JavaSoft]
    [HKCU\Software\Lake]
    [HKCU\Software\Leadertech]
    [HKCU\Software\Macromedia]
    [HKCU\Software\Magnet]
    [HKCU\Software\Monitored]
    [HKCU\Software\Mooii]
    [HKCU\Software\Mozilla]
    [HKCU\Software\Netscape]
    [HKCU\Software\Nokia]
    [HKCU\Software\ODBC]
    [HKCU\Software\Policies]
    [HKCU\Software\Protection_ZoneAlarm]
    [HKCU\Software\Realtek]
    [HKCU\Software\SOFTWARE]
    [HKCU\Software\SecuROM]
    [HKCU\Software\SkypeApps]
    [HKCU\Software\Skype]
    [HKCU\Software\Softonic]
    [HKCU\Software\TeamViewer]
    [HKCU\Software\Trolltech]
    [HKCU\Software\YahooPartnerToolbar]
    [HKCU\Software\Zone Labs]
    [HKCU\Software\ahead]
    [HKCU\Software\cspep]
    [HKCU\Software\digital publishing]
    [HKCU\Software\keyhole.com]
    [HKCU\Software\settings]
    [HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
    [HKLM\Software\ALWIL Software]
    [HKLM\Software\ATI Technologies Inc.]
    [HKLM\Software\ATI Technologies]
    [HKLM\Software\ATI]
    [HKLM\Software\AVAST Software]
    [HKLM\Software\Adobe]
    [HKLM\Software\AdwCleaner]
    [HKLM\Software\Aecotech]
    [HKLM\Software\Ahead]
    [HKLM\Software\AppDataLow]
    [HKLM\Software\Apple Computer, Inc.]
    [HKLM\Software\Apple Inc.]
    [HKLM\Software\ArcSoft]
    [HKLM\Software\Axon Data]
    [HKLM\Software\C07ft5Y]
    [HKLM\Software\CheckPoint]
    [HKLM\Software\Classes]
    [HKLM\Software\Clients]
    [HKLM\Software\CyberLink]
    [HKLM\Software\DivXNetworks]
    [HKLM\Software\Dofus 2]
    [HKLM\Software\EA Sports]
    [HKLM\Software\GEAR Software]
    [HKLM\Software\Gemplus]
    [HKLM\Software\Google]
    [HKLM\Software\HP]
    [HKLM\Software\Hewlett-Packard]
    [HKLM\Software\ICE]
    [HKLM\Software\InstallShield]
    [HKLM\Software\Intel]
    [HKLM\Software\InterActual Technologies]
    [HKLM\Software\JavaSoft]
    [HKLM\Software\JreMetrics]
    [HKLM\Software\Lake]
    [HKLM\Software\LanSetup]
    [HKLM\Software\MCCI]
    [HKLM\Software\Macromedia]
    [HKLM\Software\Mooii]
    [HKLM\Software\MozillaPlugins]
    [HKLM\Software\Mozilla]
    [HKLM\Software\NOS]
    [HKLM\Software\Nero]
    [HKLM\Software\Nokia Mobile Phones]
    [HKLM\Software\Nokia]
    [HKLM\Software\Norton]
    [HKLM\Software\ODBC]
    [HKLM\Software\OMSI]
    [HKLM\Software\PC Connectivity Solution]
    [HKLM\Software\PCSuite]
    [HKLM\Software\PixArt]
    [HKLM\Software\Policies]
    [HKLM\Software\Program Groups]
    [HKLM\Software\Protection_ZoneAlarm]
    [HKLM\Software\REALTEK Semiconductor Corporation]
    [HKLM\Software\Realtek Semiconductor Corp.]
    [HKLM\Software\Realtek]
    [HKLM\Software\RegisteredApplications]
    [HKLM\Software\SEGA]
    [HKLM\Software\SOFTWARE]
    [HKLM\Software\Samsung Electronics Co., Ltd.]
    [HKLM\Software\Schlumberger]
    [HKLM\Software\Secure]
    [HKLM\Software\Set8168]
    [HKLM\Software\Skype]
    [HKLM\Software\Symantec]
    [HKLM\Software\TeamViewer]
    [HKLM\Software\VideoLAN]
    [HKLM\Software\Windows 3.1 Migration Status]
    [HKLM\Software\Windows]
    [HKLM\Software\Zone Labs]
    [HKLM\Software\mozilla.org]
    ~ Scan Softwares in 00mn 00s

    ---\\ Contenu des dossiers
    0
    1. lutece
       
      Fish66,
      Suite du message ci dessus qui se coupe, je ne sais pas pourquoi:

      --\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
      O43 - CFD: 24/05/2011 - 13:16:56 - [4621521] ----D- C:\Program Files\7-Zip
      O43 - CFD: 15/08/2011 - 23:55:18 - [57681117] ----D- C:\Program Files\Ad-Remover
      O43 - CFD: 09/10/2010 - 10:24:54 - [162915830] ----D- C:\Program Files\Adobe
      O43 - CFD: 20/03/2011 - 16:55:56 - [163840] ----D- C:\Program Files\Aecotech
      O43 - CFD: 12/09/2010 - 21:36:30 - [102212079] ----D- C:\Program Files\Ahead
      O43 - CFD: 05/09/2010 - 17:07:00 - [157681030] ----D- C:\Program Files\Alwil Software
      O43 - CFD: 11/09/2010 - 23:05:06 - [2306366] ----D- C:\Program Files\Apple Software Update
      O43 - CFD: 20/03/2011 - 16:58:04 - [310416363] ----D- C:\Program Files\ArcSoft
      O43 - CFD: 08/01/2011 - 22:24:44 - [7850366] ----D- C:\Program Files\Astonsoft
      O43 - CFD: 24/10/2010 - 11:18:30 - [89582258] ----D- C:\Program Files\ATI Technologies
      O43 - CFD: 23/03/2011 - 22:15:34 - [4859926] ----D- C:\Program Files\AviSynth 2.5
      O43 - CFD: 27/10/2010 - 22:13:36 - [2818095] ----D- C:\Program Files\Axon Data
      O43 - CFD: 11/09/2010 - 23:04:24 - [616871] ----D- C:\Program Files\Bonjour
      O43 - CFD: 24/10/2010 - 11:50:56 - [0] ----D- C:\Program Files\BumpTop
      O43 - CFD: 05/09/2010 - 19:22:00 - [26949067] ----D- C:\Program Files\CheckPoint
      O43 - CFD: 05/09/2010 - 16:11:42 - [0] ----D- C:\Program Files\ComPlus Applications
      O43 - CFD: 16/08/2011 - 22:19:54 - [1893070] ----D- C:\Program Files\cspep
      O43 - CFD: 12/09/2010 - 21:34:00 - [4375040] ----D- C:\Program Files\CyberLink
      O43 - CFD: 12/09/2010 - 21:41:44 - [285921027] ----D- C:\Program Files\CyberLink DVD Solution
      O43 - CFD: 08/01/2011 - 22:19:58 - [2863832] ----D- C:\Program Files\DeepBurner
      O43 - CFD: 23/11/2010 - 00:01:18 - [800824] ----D- C:\Program Files\DIFX
      O43 - CFD: 10/03/2011 - 16:03:40 - [1689058] ----D- C:\Program Files\Electronic Arts
      O43 - CFD: 20/06/2011 - 20:29:06 - [1070462252] ----D- C:\Program Files\Fichiers communs
      O43 - CFD: 28/05/2011 - 18:48:44 - [92110827] ----D- C:\Program Files\Google
      O43 - CFD: 26/09/2010 - 15:53:26 - [123519548] ----D- C:\Program Files\HP
      O43 - CFD: 05/07/2011 - 16:07:44 - [45852423] --H-D- C:\Program Files\InstallShield Installation Information
      O43 - CFD: 30/12/2010 - 11:54:42 - [7540292] ----D- C:\Program Files\InterActual
      O43 - CFD: 16/08/2011 - 13:40:28 - [5926440] ----D- C:\Program Files\Internet Explorer
      O43 - CFD: 11/09/2010 - 23:06:18 - [1856115] ----D- C:\Program Files\iPod
      O43 - CFD: 23/03/2011 - 22:13:28 - [20791199] ----D- C:\Program Files\Ipod Videora Converter
      O43 - CFD: 11/09/2010 - 23:16:46 - [121825212] ----D- C:\Program Files\iTunes
      O43 - CFD: 11/06/2011 - 08:23:24 - [82122271] ----D- C:\Program Files\Java
      O43 - CFD: 11/09/2010 - 22:55:24 - [30049944] ----D- C:\Program Files\Lime Wire
      O43 - CFD: 14/11/2010 - 12:09:22 - [102059057] ----D- C:\Program Files\LimeWire
      O43 - CFD: 13/03/2011 - 12:47:18 - [226432] ----D- C:\Program Files\Microsoft
      O43 - CFD: 03/10/2010 - 12:38:46 - [0] ----D- C:\Program Files\microsoft frontpage
      O43 - CFD: 05/07/2011 - 16:14:30 - [0] ----D- C:\Program Files\Microsoft Games
      O43 - CFD: 03/04/2011 - 15:09:34 - [97057405] ----D- C:\Program Files\Microsoft LifeCam
      O43 - CFD: 15/08/2011 - 17:36:14 - [694326443] ----D- C:\Program Files\Microsoft Office
      O43 - CFD: 16/06/2011 - 22:40:04 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
      O43 - CFD: 23/10/2010 - 10:07:34 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
      O43 - CFD: 23/10/2010 - 15:44:18 - [3726168] ----D- C:\Program Files\Microsoft Works
      O43 - CFD: 30/05/2011 - 22:01:04 - [16098828] ----D- C:\Program Files\Movie Maker
      O43 - CFD: 16/08/2011 - 22:20:52 - [44287599] ----D- C:\Program Files\Mozilla Firefox
      O43 - CFD: 24/10/2010 - 15:19:44 - [26521] ----D- C:\Program Files\MSBuild
      O43 - CFD: 29/09/2010 - 13:50:42 - [21471559] ----D- C:\Program Files\MSN
      O43 - CFD: 05/09/2010 - 16:10:54 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
      O43 - CFD: 27/09/2010 - 09:25:44 - [0] ----D- C:\Program Files\MSXML 4.0
      O43 - CFD: 05/09/2010 - 19:35:56 - [3285523] ----D- C:\Program Files\NetMeeting
      O43 - CFD: 23/11/2010 - 00:15:46 - [74027350] ----D- C:\Program Files\Nokia
      O43 - CFD: 27/02/2011 - 17:46:18 - [12404120] ----D- C:\Program Files\Norton Security Scan
      O43 - CFD: 27/02/2011 - 17:46:16 - [8446243] ----D- C:\Program Files\NortonInstaller
      O43 - CFD: 06/09/2010 - 23:26:00 - [494512] ----D- C:\Program Files\NOS
      O43 - CFD: 05/09/2010 - 16:11:04 - [1804] ----D- C:\Program Files\Online Services
      O43 - CFD: 16/12/2010 - 08:44:42 - [4379321] ----D- C:\Program Files\Outlook Express
      O43 - CFD: 23/11/2010 - 00:01:04 - [13402122] ----D- C:\Program Files\PC Connectivity Solution
      O43 - CFD: 05/01/2011 - 23:13:24 - [24438345] ----D- C:\Program Files\PhotoScape
      O43 - CFD: 11/09/2010 - 23:05:50 - [76334922] ----D- C:\Program Files\QuickTime
      O43 - CFD: 24/10/2010 - 14:15:24 - [47722444] ----D- C:\Program Files\Realtek
      O43 - CFD: 23/03/2011 - 22:15:20 - [42038429] ----D- C:\Program Files\Red Kawa
      O43 - CFD: 24/10/2010 - 15:19:34 - [37949185] ----D- C:\Program Files\Reference Assemblies
      O43 - CFD: 23/03/2011 - 22:15:40 - [25015139] ----D- C:\Program Files\Regensoft
      O43 - CFD: 26/09/2010 - 18:13:42 - [1936012] ----D- C:\Program Files\Samsung
      O43 - CFD: 05/09/2010 - 16:13:36 - [1025] ----D- C:\Program Files\Services en ligne
      O43 - CFD: 20/06/2011 - 20:29:22 - [24155848] R---D- C:\Program Files\Skype
      O43 - CFD: 05/09/2010 - 16:24:30 - [0] --H-D- C:\Program Files\Uninstall Information
      O43 - CFD: 26/04/2011 - 07:25:24 - [399736] ----D- C:\Program Files\uTorrent
      O43 - CFD: 05/09/2010 - 16:31:16 - [474722] ----D- C:\Program Files\VIA
      O43 - CFD: 12/09/2010 - 12:24:04 - [81188284] ----D- C:\Program Files\VideoLAN
      O43 - CFD: 20/09/2010 - 09:09:40 - [317264] ----D- C:\Program Files\Virtualis
      O43 - CFD: 13/03/2011 - 12:47:50 - [61856425] ----D- C:\Program Files\Windows Live
      O43 - CFD: 13/03/2011 - 12:46:56 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
      O43 - CFD: 05/02/2011 - 20:09:02 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
      O43 - CFD: 05/02/2011 - 20:09:00 - [8543450] ----D- C:\Program Files\Windows Media Player
      O43 - CFD: 05/09/2010 - 19:35:54 - [3942655] ----D- C:\Program Files\Windows NT
      O43 - CFD: 05/09/2010 - 16:13:42 - [0] --H-D- C:\Program Files\WindowsUpdate
      O43 - CFD: 05/09/2010 - 16:15:14 - [0] ----D- C:\Program Files\xerox
      O43 - CFD: 16/08/2011 - 22:22:54 - [4018322] ----D- C:\Program Files\ZHPDiag
      O43 - CFD: 05/09/2010 - 19:18:56 - [21742354] ----D- C:\Program Files\Zone Labs
      O43 - CFD: 09/10/2010 - 10:25:06 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
      O43 - CFD: 19/09/2010 - 00:51:34 - [30516688] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
      O43 - CFD: 12/09/2010 - 21:36:14 - [26989503] ----D- C:\Program Files\Fichiers Communs\Ahead
      O43 - CFD: 11/09/2010 - 23:06:16 - [80026250] ----D- C:\Program Files\Fichiers Communs\Apple
      O43 - CFD: 20/03/2011 - 16:59:24 - [13917211] ----D- C:\Program Files\Fichiers Communs\ArcSoft
      O43 - CFD: 24/10/2010 - 11:18:30 - [964265] ----D- C:\Program Files\Fichiers Communs\ATI Technologies
      O43 - CFD: 23/10/2010 - 10:07:34 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
      O43 - CFD: 26/09/2010 - 15:57:18 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
      O43 - CFD: 05/09/2010 - 16:44:48 - [10478698] ----D- C:\Program Files\Fichiers Communs\InstallShield
      O43 - CFD: 11/06/2011 - 08:24:30 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
      O43 - CFD: 13/03/2011 - 12:47:02 - [237389290] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
      O43 - CFD: 05/09/2010 - 16:12:36 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
      O43 - CFD: 23/11/2010 - 00:03:28 - [91459031] ----D- C:\Program Files\Fichiers Communs\Nokia
      O43 - CFD: 05/09/2010 - 17:58:00 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
      O43 - CFD: 20/03/2011 - 16:55:58 - [10164349] ----D- C:\Program Files\Fichiers Communs\PAC207
      O43 - CFD: 05/09/2010 - 16:12:42 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
      O43 - CFD: 05/09/2010 - 17:57:56 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
      O43 - CFD: 26/07/2011 - 14:57:32 - [470720865] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
      O43 - CFD: 23/10/2010 - 15:41:56 - [44383521] ----D- C:\Program Files\Fichiers Communs\System
      O43 - CFD: 13/03/2011 - 12:32:08 - [41467028] ----D- C:\Program Files\Fichiers Communs\Windows Live
      O43 - CFD: 27/02/2011 - 14:46:56 - [14103679] ----D- C:\Documents and Settings\H\Application Data\Adobe
      O43 - CFD: 19/09/2010 - 07:28:30 - [4314] ----D- C:\Documents and Settings\H\Application Data\app
      O43 - CFD: 11/09/2010 - 23:16:28 - [1229422] ----D- C:\Documents and Settings\H\Application Data\Apple Computer
      O43 - CFD: 20/03/2011 - 17:01:36 - [185549] ----D- C:\Documents and Settings\H\Application Data\ArcSoft
      O43 - CFD: 24/10/2010 - 11:20:50 - [0] ----D- C:\Documents and Settings\H\Application Data\ATI
      O43 - CFD: 24/10/2010 - 11:29:44 - [6706532] ----D- C:\Documents and Settings\H\Application Data\Bump Technologies, Inc
      O43 - CFD: 05/09/2010 - 19:22:16 - [24780] ----D- C:\Documents and Settings\H\Application Data\CheckPoint
      O43 - CFD: 09/03/2011 - 20:44:58 - [10758] ----D- C:\Documents and Settings\H\Application Data\CyberLink
      O43 - CFD: 08/01/2011 - 22:29:44 - [1107] ----D- C:\Documents and Settings\H\Application Data\DeepBurner
      O43 - CFD: 31/10/2010 - 12:59:24 - [21637376] ----D- C:\Documents and Settings\H\Application Data\digital publishing
      O43 - CFD: 19/09/2010 - 07:59:30 - [15077712] ----D- C:\Documents and Settings\H\Application Data\Dofus 2
      O43 - CFD: 19/09/2010 - 07:28:24 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
      O43 - CFD: 19/09/2010 - 10:03:10 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
      O43 - CFD: 03/07/2011 - 23:01:08 - [199] ----D- C:\Documents and Settings\H\Application Data\dvdcss
      O43 - CFD: 18/10/2010 - 16:32:58 - [119252] ----D- C:\Documents and Settings\H\Application Data\Google
      O43 - CFD: 26/09/2010 - 15:50:14 - [31682] ----D- C:\Documents and Settings\H\Application Data\HP
      O43 - CFD: 05/09/2010 - 16:24:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Identities
      O43 - CFD: 18/03/2011 - 19:06:22 - [0] ----D- C:\Documents and Settings\H\Application Data\InstallShield
      O43 - CFD: 24/05/2011 - 13:39:42 - [414] ----D- C:\Documents and Settings\H\Application Data\Leadertech
      O43 - CFD: 16/08/2011 - 22:20:38 - [23586180] ----D- C:\Documents and Settings\H\Application Data\LimeWire
      O43 - CFD: 05/09/2010 - 17:21:16 - [3115061] ----D- C:\Documents and Settings\H\Application Data\Macromedia
      O43 - CFD: 26/03/2011 - 00:59:48 - [7243730] -S--D- C:\Documents and Settings\H\Application Data\Microsoft
      O43 - CFD: 03/10/2010 - 12:39:00 - [0] ----D- C:\Documents and Settings\H\Application Data\Microsoft Web Folders
      O43 - CFD: 05/09/2010 - 16:52:24 - [27705531] ----D- C:\Documents and Settings\H\Application Data\Mozilla
      O43 - CFD: 23/11/2010 - 00:14:46 - [196197] ----D- C:\Documents and Settings\H\Application Data\Nokia
      O43 - CFD: 23/11/2010 - 00:14:50 - [32804] ----D- C:\Documents and Settings\H\Application Data\Nokia Ovi Suite
      O43 - CFD: 28/03/2011 - 21:52:24 - [19988325] ----D- C:\Documents and Settings\H\Application Data\PC Suite
      O43 - CFD: 05/01/2011 - 18:41:34 - [606] ----D- C:\Documents and Settings\H\Application Data\PhotoFiltre
      O43 - CFD: 29/01/2011 - 15:37:50 - [41796] ----D- C:\Documents and Settings\H\Application Data\PhotoScape
      O43 - CFD: 23/03/2011 - 22:26:28 - [218737] ----D- C:\Documents and Settings\H\Application Data\Red Kawa
      O43 - CFD: 19/09/2010 - 07:28:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
      O43 - CFD: 23/03/2011 - 22:18:38 - [688] ----D- C:\Documents and Settings\H\Application Data\Regensoft
      O43 - CFD: 01/04/2011 - 17:57:04 - [9872] R-H-D- C:\Documents and Settings\H\Application Data\SecuROM
      O43 - CFD: 20/07/2011 - 22:42:36 - [18122096] ----D- C:\Documents and Settings\H\Application Data\Skype
      O43 - CFD: 20/06/2011 - 20:28:38 - [28736] ----D- C:\Documents and Settings\H\Application Data\skypePM
      O43 - CFD: 11/09/2010 - 22:56:00 - [12980907] ----D- C:\Documents and Settings\H\Application Data\Sun
      O43 - CFD: 23/10/2010 - 09:36:24 - [28030] ----D- C:\Documents and Settings\H\Application Data\TeamViewer
      O43 - CFD: 20/07/2011 - 10:18:28 - [2262714] ----D- C:\Documents and Settings\H\Application Data\uTorrent
      O43 - CFD: 23/03/2011 - 22:23:44 - [1012699] ----D- C:\Documents and Settings\H\Application Data\vlc
      O43 - CFD: 09/10/2010 - 10:24:32 - [161329624] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Adobe
      O43 - CFD: 04/12/2010 - 23:01:02 - [1950597] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Ahead
      O43 - CFD: 11/09/2010 - 23:05:08 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple
      O43 - CFD: 11/09/2010 - 23:07:30 - [59543610] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple Computer
      O43 - CFD: 20/03/2011 - 16:59:42 - [265] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ArcSoft
      O43 - CFD: 07/01/2011 - 18:42:22 - [291402] ----D- C:\Documents and Settings\H\Local Settings\Application Data\assembly
      O43 - CFD: 24/10/2010 - 11:20:50 - [69792] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ATI
      O43 - CFD: 24/10/2010 - 11:30:18 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Bump Technologies, Inc
      O43 - CFD: 23/03/2011 - 22:18:38 - [1754977] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Geckofx
      O43 - CFD: 02/05/2011 - 20:41:02 - [2021204387] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Google
      O43 - CFD: 21/09/2010 - 22:28:52 - [379896] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Identities
      O43 - CFD: 18/07/2011 - 12:09:32 - [200151856] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft
      O43 - CFD: 23/10/2010 - 10:02:48 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft Help
      O43 - CFD: 05/09/2010 - 16:52:16 - [43939273] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Mozilla
      O43 - CFD: 23/11/2010 - 00:14:34 - [870131] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Nokia
      O43 - CFD: 23/11/2010 - 00:14:18 - [269] ----D- C:\Documents and Settings\H\Local Settings\Application Data\NokiaAccount
      O43 - CFD: 02/05/2011 - 20:36:36 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Temp
      O43 - CFD: 06/04/2011 - 13:39:44 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\WMTools Downloaded Files
      ~ Scan Program Folder in 00mn 39s



      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.DD871EF63406B8C5AD3FEB2C96171F50] - 16/08/2011 - 21:20:15 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1881064]
      O44 - LFC:[MD5.F0B3CDC7C060CCBA8C2FE2850FE20103] - 16/08/2011 - 21:20:04 ---A- . (...) -- C:\WINDOWS\setupapi.log [565412]
      O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/08/2011 - 21:19:25 ---A- . (...) -- C:\WINDOWS\0.log [0]
      O44 - LFC:[MD5.B5EF86FA82BA12544A0099ADCCD3338C] - 16/08/2011 - 21:19:24 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
      O44 - LFC:[MD5.EE28A4D953B04AB47C195DFC492E12DA] - 16/08/2011 - 21:19:22 ---A- . (...) -- C:\WINDOWS\wiaservc.log [0]
      O44 - LFC:[MD5.F558A2C42795FC6FDBA74B2EB41C8913] - 16/08/2011 - 21:18:55 ---A- . (...) -- C:\WINDOWS\system32\ativvaxx.cap [167952]
      O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/08/2011 - 21:18:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
      O44 - LFC:[MD5.1EF633EA3E7239B06BE01C5C916434B2] - 16/08/2011 - 19:55:03 ---A- . (...) -- C:\AdwCleaner[S1].txt [1738]
      O44 - LFC:[MD5.76B6F05D6CF731914698F3BA2C63621B] - 16/08/2011 - 12:50:28 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32410]
      O44 - LFC:[MD5.2B72AE98DEE6841EC1CD2C95D7648D85] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [4836]
      O44 - LFC:[MD5.03E3CD966892A20A9CBA8D6FC3D6943A] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [110592]
      O44 - LFC:[MD5.0E3D5A9D7CE251A2C323DC26FCCF4154] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [135424]
      O44 - LFC:[MD5.7A908657C4429DDF9EBA23D9F3F8DA99] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [540658]
      O44 - LFC:[MD5.ABF40657E935C0E86857498058C045A5] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [624646]
      O44 - LFC:[MD5.237E7A60055B5FEAF6D6F79CC7DF7333] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1500363]
      O44 - LFC:[MD5.4000B5284DD2590F8FF0B68542CC1928] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15470]
      O44 - LFC:[MD5.8D7FA191D83E7D5EE08B4EB6C5804021] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\comsetup.log [394562]
      O44 - LFC:[MD5.F40451D403542BBE00CA0CBE1391907E] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\iis6.log [236040]
      O44 - LFC:[MD5.82E1FB8E2E92BFE87D9E7B0963E0D009] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
      O44 - LFC:[MD5.FC98035FA1F5192FF4D8E65E15EB1FCC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75011]
      O44 - LFC:[MD5.FEF3E617FB8E79F0627AEE04103B34CC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [237503]
      O44 - LFC:[MD5.D2964A2EE566280AE55FA7D2105F07F9] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocgen.log [732369]
      O44 - LFC:[MD5.478233628C64FEAE91DFE07E6B06B51D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocmsn.log [63833]
      O44 - LFC:[MD5.BBC6B38E91BF8433175AF527E396345D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\tsoc.log [577493]
      O44 - LFC:[MD5.C75C2BCBDF0FA26D6E1A7317DE8716C9] - 16/08/2011 - 12:47:09 ---A- . (...) -- C:\WINDOWS\updspapi.log [218906]
      O44 - LFC:[MD5.BC7962B2EF211D2EA4522D100D90FB42] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11047]
      O44 - LFC:[MD5.E0BE60BBD6AF8B21BFA79402777F9EB3] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
      O44 - LFC:[MD5.F0EF3465232490351513C8927C925106] - 16/08/2011 - 12:45:56 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10938]
      O44 - LFC:[MD5.F1B5C4D4A2892EE11B6FE9E058053B4B] - 16/08/2011 - 12:40:33 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14858]
      O44 - LFC:[MD5.865A2DCE61ADE1F9A3285E3D0DB28DFD] - 16/08/2011 - 12:39:59 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6883]
      O44 - LFC:[MD5.AD6F726CFE4CA22C58CDBAD49E093DA3] - 16/08/2011 - 12:39:46 ---A- . (...) -- C:\WINDOWS\KB2562937.log [6212]
      O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 16/08/2011 - 12:37:26 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
      O44 - LFC:[MD5.A8D4C05C1BD108F2C98FD2A96398BD22] - 16/08/2011 - 12:15:07 ---A- . (...) -- C:\AdwCleaner[R1].txt [1640]
      O44 - LFC:[MD5.45038E3AE2BAA9C47E9AC3AE266D8A1A] - 16/08/2011 - 07:16:09 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
      O44 - LFC:[MD5.E8C00D32037549BB9538181B7FD0704B] - 15/08/2011 - 22:57:34 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [5781]
      O44 - LFC:[MD5.D926D44123AE8B852FB6459879D8A5E8] - 15/08/2011 - 15:37:49 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
      ~ Scan Files in 00mn 26s



      ---\\ Export de clé d'application autorisée (O47)
      O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(...) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe (.not file.)
      O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\LimeWire\LimeWire.exe" [Enabled] .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
      O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe
      O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ZoneLabs\vsmon.exe" [Enabled] .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeCam.exe" [Enabled] .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" [Enabled] .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [Enabled] .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeTray.exe" [Enabled] .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe
      O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
      O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
      O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
      O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      ~ Scan Keys in 00mn 00s



      ---\\ Contrôle du Safe Boot (CSB) (O49)
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
      O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
      ~ Scan CSB in 00mn 00s



      ---\\ Image File Execution Options (IFEO) (O50)
      O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
      ~ Scan IFEO in 00mn 00s



      ---\\ MountPoints2 Shell Key (O51)
      O51 - MPSK:{ae740f7a-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\Install_Nokia_Ovi_Suite.exe (.not file.)
      O51 - MPSK:{ae740fc0-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
      ~ Scan Keys in 00mn 00s



      ---\\ Trojan Driver Search Data (HKLM) (O52)
      O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
      O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
      O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
      O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
      O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.dll" . (.Intel Corporation - Intel Indeo(R) Video Interactive 32-bit Driver.) -- C:\WINDOWS\system32\ir41_32.dll
      O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
      O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
      O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
      O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
      O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
      O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
      O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
      O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
      O52 - TDSD: \drivers.desc\"ir41_32.dll"="Intel Indeo (R) Video Interactive 32-bit Driver R4.1" . (...) -- (.not file.)
      ~ Scan Keys in 00mn 00s



      ---\\ Microsoft Control Security Providers (O54)
      O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
      O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
      O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
      O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
      O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
      O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
      ~ Scan Keys in 00mn 00s



      ---\\ Microsoft Windows Policies System (O55)
      O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
      O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
      O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
      O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
      ~ Scan Keys in 00mn 00s



      ---\\ Microsoft Windows Policies Explorer (O56)
      O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
      O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
      ~ Scan Keys in 00mn 00s



      ---\\ Liste des Drivers Système (O58)
      O58 - SDL:[MD5.DFCDD5936CAD0138775D5A105D4C7716] - 16/08/2011 - 12:32:13 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]
      O58 - SDL:[MD5.FE3EA6E9AFC1A78E6EDCA121E006AFB7] - 16/08/2011 - 15:05:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [18688]
      O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 16/08/2011 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824]
      O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 16/08/2011 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544]
      O58 - SDL:[MD5.4FAE55469A56AA2B423E5E26FD1449D1] - 16/08/2011 - 12:35:09 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344]
      O58 - SDL:[MD5.7857E0B4C817F69FF463EEA2C63E56F9] - 16/08/2011 - 12:35:12 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102616]
      O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 16/08/2011 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432]
      O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 16/08/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [441176]
      O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 16/08/2011 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [309848]
      O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 16/08/2011 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [43608]
      O58 - SDL:[MD5.8E54C76DB5D88BF8B4E82B37E1322671] - 16/08/2011 - 04:30:44 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [3643904]
      O58 - SDL:[MD5.1E82F05CFF41316BCAA513909D99A004] - 16/08/2011 - 12:28:32 R--A- . (.ATI Research Inc. - Ati High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys [93184]
      O58 - SDL:[MD5.C3963D85B721A7F80D8A55F4E2867A3A] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176]
      O58 - SDL:[MD5.3859C69A77793180548802DAC9F34A38] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [22528]
      O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
      O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 16/08/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
      O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 16/08/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
      O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 16/08/2011 - 06:52:26 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [51120]
      O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 16/08/2011 - 06:52:27 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
      O58 - SDL:[MD5.CF1B7951B4EC8D13F3C93B74BB2B461B] - 16/08/2011 - 06:52:28 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21744]
      O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
      O58 - SDL:[MD5.338F83EE9CB9E15EEACF0CBB90218CBF] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137344]
      O58 - SDL:[MD5.D15BAC979144FB69ED28F97B2DD84D48] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8320]
      O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 16/08/2011 - 10:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]
      O58 - SDL:[MD5.4A410C7AEA51123519C20D43A20BCE96] - 16/08/2011 - 13:17:26 ---A- . (.PixArt Imaging Inc. - PFC027.) -- C:\WINDOWS\system32\drivers\PFC027.SYS [618112]
      O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 16/08/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
      O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
      O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
      O58 - SDL:[MD5.D6E1B1BD04FAD422AF17FC4B810CB9AF] - 16/08/2011 - 09:08:16 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [78976]
      O58 - SDL:[MD5.3000E98F519CF6FDA669BAE8E47F7B4F] - 16/08/2011 - 05:09:26 R---- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys [4284928]
      O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 16/08/2011 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
      O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 16/08/2011 - 11:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80272]
      O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [11877]
      O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [11877]
      O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [10864]
      O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [137884]
      O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [11188]
      O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [11188]
      O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 16/08/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
      O58 - SDL:[MD5.4B8A9C16B6D9258ED99C512AECB8C555] - 16/08/2011 - 19:47:42 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984]
      O58 - SDL:[MD5.0CCADC7391021376EDBB8AA649D04E68] - 16/08/2011 - 14:32:46 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192]
      O58 - SDL:[MD5.68B4F83CCCF70A2FF32EE142C234332A] - 16/08/2011 - 14:32:58 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192]
      O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
      O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
      O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
      O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
      O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
      O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
      O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
      O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
      O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
      O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
      O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
      O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
      O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
      O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
      O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
      O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
      O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 16/08/2011 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32\vsdatant.sys [532224]
      ~ Scan Drivers in 00mn 04s



      ---\\ Liste des outils de nettoyage (O63)
      O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
      O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
      ~ Scan ADS in 00mn 00s



      ---\\ Liste des services Legacy (O64)
      O64 - Services: CurCS - 18/03/2010 - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe - ArcSoft Connect Daemon(ACDaemon) .(.ArcSoft Inc. - ArcSoft Connect Service.) - LEGACY_ACDAEMON
      O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\H\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
      O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
      O64 - Services: CurCS - 02/03/2006 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
      O64 - Services: CurCS - 18/10/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
      O64 - Services: CurCS - 08/07/2005 - C:\Program Files\Ahead\InCD\InCDsrv.exe - InCD Helper(InCDsrv) .(.Nero AG - incdsrv.) - LEGACY_INCDSRV
      O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys - ZoneAlarm Toolbar ISWKL(ISWKL) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWKL
      O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe - ZoneAlarm Toolbar IswSvc(IswSvc) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWSVC
      O64 - Services: CurCS - 04/05/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
      O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv(Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
      O64 - Services: CurCS - 14/06/2010 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER
      O64 - Services: CurCS - 13/05/2010 - C:\WINDOWS\system32\vsdatant.sys - vsdatant(vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT
      O64 - Services: CurCS - 18/02/2011 - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - TrueVector Internet Monitor(vsmon) .(.Check Point Software Technologies LTD - TrueVector Service.) - LEGACY_VSMON
      ~ Scan Services in 00mn 03s



      ---\\ File Associations Shell Spawning (O67)
      O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
      O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
      O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
      O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
      O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
      O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
      O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
      O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
      O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
      O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
      O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
      O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
      O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
      O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
      O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
      O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
      O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
      ~ Scan Keys in 00mn 00s



      ---\\ Start Menu Internet (O68)
      O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
      O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
      ~ Scan Keys in 00mn 00s



      ---\\ Search Browser Infection (O69)
      O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
      O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
      O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
      O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
      O69 - SBI: SearchScopes [HKCU] {E8CB2B75-1CCB-483D-9C94-644501916F96} - (Google) - http://www.google.com
      ~ Scan Keys in 00mn 00s



      ---\\ Recherche particuliere à la racine de certains dossiers (O84)
      [MD5.37802DC23540941D3D5FFC0CFB97D9F0] [SPRF][15/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AD-R.exe [1563105]
      [MD5.DF903EF91F74AF913888FCA7C3066ED9] [SPRF][16/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AdwCleaner.exe [450808]
      [MD5.C1AD5FE74BD19EDAB96B84123BDE9BD7] [SPRF][16/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\H\Bureau\ZHPDiag2.exe [2575661]
      [MD5.BB8DEAA5685FDE0FB12328ABBAB57D0D] [SPRF][13/03/2011] (.Microsoft Corporation - Installation_WLMessenger2009.) -- C:\Program Files\Installation_WLMessenger2009.exe [1794920]
      [MD5.34224D0544EB516DA2452BBC41CECC17] [SPRF][18/03/2011] (...) -- C:\Program Files\SoftonicDownloader_pour_age-of-empires-ii.exe [287056]
      ~ Scan Files in 00mn 01s



      ---\\ Scan Additionnel (O88)
      Database Version : 8611 - (14/08/2011)
      Clés trouvées (Keys found) : 10
      Valeurs trouvées (Values found) : 0
      Dossiers trouvés (Folders found) : 0
      Fichiers trouvés (Files found) : 0

      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
      [HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
      [HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
      [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Installer] =>Adware.InstallPedia
      ~ Scan Additionnel in 00mn 08s



      ---\\ Recherche détournement de DNS routeur (O89)
      Serveur : Livebox-AA40
      Address: 192.168.1.1
      Nom : www.l.google.com
      Addresses: 209.85.148.106, 209.85.148.105, 209.85.148.147, 209.85.148.103
      209.85.148.99, 209.85.148.104
      Aliases: www.google.fr, www.google.com
      ~ Scan DNS in 00mn 02s



      ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
      SR - | Auto 16/08/2011 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
      SR - | Auto 16/08/2011 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      SR - | Auto 16/08/2011 602112 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
      SS - | Auto 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
      SR - | Auto 16/08/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
      SR - | Auto 16/08/2011 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
      SS - | Demand 16/08/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
      SS - | Auto 16/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
      SS - | Demand 16/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
      SR - | Auto 16/08/2011 871424 | C:\Program Files\Ahead\InCD\InCDsrv.exe (InCDsrv) . (.Nero AG.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
      SR - | Demand 16/08/2011 820008 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
      SR - | Auto 16/08/2011 488952 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
      SR - | Auto 16/08/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
      SR - | Auto 16/08/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
      SR - | Demand 16/08/2011 615936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      SR - | Auto 16/08/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      ~ Scan Services in 00mn 03s



      ---\\ Recherche Master Boot Record Infection (MBR)(O80)
      Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
      Run by H at 16/08/2011 22:24:29

      device: opened successfully
      user: MBR read successfully

      Disk trace:
      called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
      1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86D46AB8]
      3 CLASSPNP[0xF765CFD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000072[0x86D8AF18]
      5 ACPI[0xF74F2620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP2T0L0-7[0x86D28940]
      kernel: MBR read successfully
      user & kernel MBR OK
      ~ Scan MBR in 00mn 05s



      ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
      Written by ad13, http://ad13.geekstog
      Run by H at 16/08/2011 22:24:31

      ********* Dump file Name *********
      C:\PhysicalDisk0_MBR.bin
      ~ Scan MBR in 00mn 07s



      End of the scan (1226 lines in 01mn 52s)(0)

      2/
      Rapport Tdsskiller
      2011/08/17 00:34:02.0890 0780 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
      2011/08/17 00:34:03.0078 0780 ================================================================================
      2011/08/17 00:34:03.0078 0780 SystemInfo:
      2011/08/17 00:34:03.0078 0780
      2011/08/17 00:34:03.0078 0780 OS Version: 5.1.2600 ServicePack: 3.0
      2011/08/17 00:34:03.0078 0780 Product type: Workstation
      2011/08/17 00:34:03.0078 0780 ComputerName: LUTECE
      2011/08/17 00:34:03.0078 0780 UserName: H
      2011/08/17 00:34:03.0078 0780 Windows directory: C:\WINDOWS
      2011/08/17 00:34:03.0078 0780 System windows directory: C:\WINDOWS
      2011/08/17 00:34:03.0078 0780 Processor architecture: Intel x86
      2011/08/17 00:34:03.0078 0780 Number of processors: 2
      2011/08/17 00:34:03.0078 0780 Page size: 0x1000
      2011/08/17 00:34:03.0078 0780 Boot type: Normal boot
      2011/08/17 00:34:03.0078 0780 ================================================================================
      2011/08/17 00:34:04.0390 0780 Initialize success
      2011/08/17 00:34:09.0406 0476 ================================================================================
      2011/08/17 00:34:09.0406 0476 Scan started
      2011/08/17 00:34:09.0406 0476 Mode: Manual;
      2011/08/17 00:34:09.0406 0476 ================================================================================
      2011/08/17 00:34:10.0343 0476 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
      2011/08/17 00:34:10.0500 0476 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
      2011/08/17 00:34:10.0562 0476 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
      2011/08/17 00:34:10.0640 0476 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
      2011/08/17 00:34:10.0687 0476 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
      2011/08/17 00:34:10.0796 0476 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
      2011/08/17 00:34:11.0140 0476 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
      2011/08/17 00:34:11.0203 0476 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
      2011/08/17 00:34:11.0250 0476 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
      2011/08/17 00:34:11.0312 0476 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
      2011/08/17 00:34:11.0359 0476 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
      2011/08/17 00:34:11.0406 0476 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
      2011/08/17 00:34:11.0468 0476 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
      2011/08/17 00:34:11.0546 0476 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
      2011/08/17 00:34:11.0812 0476 ati2mtag (8e54c76db5d88bf8b4e82b37e1322671) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
      2011/08/17 00:34:11.0906 0476 AtiHdmiService (1e82f05cff41316bcaa513909d99a004) C:\WINDOWS\system32\drivers\AtiHdmi.sys
      2011/08/17 00:34:11.0937 0476 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
      2011/08/17 00:34:12.0000 0476 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
      2011/08/17 00:34:12.0046 0476 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
      2011/08/17 00:34:12.0203 0476 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
      2011/08/17 00:34:12.0281 0476 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
      2011/08/17 00:34:12.0343 0476 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
      2011/08/17 00:34:12.0390 0476 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
      2011/08/17 00:34:12.0421 0476 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
      2011/08/17 00:34:12.0765 0476 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
      2011/08/17 00:34:12.0828 0476 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
      2011/08/17 00:34:12.0906 0476 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
      2011/08/17 00:34:12.0953 0476 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
      2011/08/17 00:34:13.0000 0476 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
      2011/08/17 00:34:13.0093 0476 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
      2011/08/17 00:34:13.0156 0476 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
      2011/08/17 00:34:13.0250 0476 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
      2011/08/17 00:34:13.0296 0476 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
      2011/08/17 00:34:13.0328 0476 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
      2011/08/17 00:34:13.0375 0476 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
      2011/08/17 00:34:13.0421 0476 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
      2011/08/17 00:34:13.0468 0476 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
      2011/08/17 00:34:13.0500 0476 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
      2011/08/17 00:34:13.0562 0476 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
      2011/08/17 00:34:13.0625 0476 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
      2011/08/17 00:34:13.0671 0476 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
      2011/08/17 00:34:13.0890 0476 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
      2011/08/17 00:34:14.0140 0476 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
      2011/08/17 00:34:14.0203 0476 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
      201
      0
    2. lutece
       
      et suite et fin de rapport Tdsskiller egalement coupé (??):

      2011/08/17 00:34:14.0281 0476 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
      2011/08/17 00:34:14.0406 0476 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
      2011/08/17 00:34:14.0437 0476 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
      2011/08/17 00:34:14.0500 0476 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
      2011/08/17 00:34:14.0562 0476 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
      2011/08/17 00:34:14.0609 0476 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
      2011/08/17 00:34:14.0656 0476 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
      2011/08/17 00:34:14.0875 0476 IntcAzAudAddService (3000e98f519cf6fda669bae8e47f7b4f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
      2011/08/17 00:34:15.0031 0476 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
      2011/08/17 00:34:15.0109 0476 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
      2011/08/17 00:34:15.0171 0476 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
      2011/08/17 00:34:15.0218 0476 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
      2011/08/17 00:34:15.0265 0476 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
      2011/08/17 00:34:15.0328 0476 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
      2011/08/17 00:34:15.0390 0476 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
      2011/08/17 00:34:15.0453 0476 ISWKL (eb8594268cf50baaecbe82d70c833533) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
      2011/08/17 00:34:15.0500 0476 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
      2011/08/17 00:34:15.0562 0476 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
      2011/08/17 00:34:15.0609 0476 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
      2011/08/17 00:34:15.0796 0476 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
      2011/08/17 00:34:15.0859 0476 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
      2011/08/17 00:34:15.0890 0476 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
      2011/08/17 00:34:15.0937 0476 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
      2011/08/17 00:34:16.0015 0476 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
      2011/08/17 00:34:16.0093 0476 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
      2011/08/17 00:34:16.0187 0476 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
      2011/08/17 00:34:16.0234 0476 MSHUSBVideo (066f26efe273125b352e35405d258e85) C:\WINDOWS\system32\Drivers\nx6000.sys
      2011/08/17 00:34:16.0296 0476 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
      2011/08/17 00:34:16.0359 0476 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
      2011/08/17 00:34:16.0406 0476 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
      2011/08/17 00:34:16.0437 0476 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
      2011/08/17 00:34:16.0500 0476 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
      2011/08/17 00:34:16.0593 0476 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
      2011/08/17 00:34:16.0656 0476 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
      2011/08/17 00:34:16.0750 0476 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
      2011/08/17 00:34:16.0796 0476 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
      2011/08/17 00:34:16.0859 0476 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
      2011/08/17 00:34:16.0937 0476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
      2011/08/17 00:34:16.0984 0476 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
      2011/08/17 00:34:17.0031 0476 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
      2011/08/17 00:34:17.0078 0476 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
      2011/08/17 00:34:17.0140 0476 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
      2011/08/17 00:34:17.0234 0476 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
      2011/08/17 00:34:17.0296 0476 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
      2011/08/17 00:34:17.0375 0476 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
      2011/08/17 00:34:17.0437 0476 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
      2011/08/17 00:34:17.0500 0476 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
      2011/08/17 00:34:17.0578 0476 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
      2011/08/17 00:34:17.0625 0476 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
      2011/08/17 00:34:17.0812 0476 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
      2011/08/17 00:34:17.0843 0476 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
      2011/08/17 00:34:17.0937 0476 PAC207 (4a410c7aea51123519c20d43a20bce96) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
      2011/08/17 00:34:17.0984 0476 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
      2011/08/17 00:34:18.0031 0476 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
      2011/08/17 00:34:18.0062 0476 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
      2011/08/17 00:34:18.0140 0476 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
      2011/08/17 00:34:18.0171 0476 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
      2011/08/17 00:34:18.0250 0476 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
      2011/08/17 00:34:18.0296 0476 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
      2011/08/17 00:34:18.0531 0476 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
      2011/08/17 00:34:18.0546 0476 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
      2011/08/17 00:34:18.0593 0476 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
      2011/08/17 00:34:18.0609 0476 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
      2011/08/17 00:34:18.0859 0476 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
      2011/08/17 00:34:18.0921 0476 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
      2011/08/17 00:34:18.0984 0476 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
      2011/08/17 00:34:19.0031 0476 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
      2011/08/17 00:34:19.0062 0476 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
      2011/08/17 00:34:19.0093 0476 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
      2011/08/17 00:34:19.0156 0476 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
      2011/08/17 00:34:19.0203 0476 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
      2011/08/17 00:34:19.0281 0476 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
      2011/08/17 00:34:19.0359 0476 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
      2011/08/17 00:34:19.0406 0476 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
      2011/08/17 00:34:19.0437 0476 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
      2011/08/17 00:34:19.0484 0476 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
      2011/08/17 00:34:19.0546 0476 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
      2011/08/17 00:34:19.0625 0476 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
      2011/08/17 00:34:19.0703 0476 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
      2011/08/17 00:34:19.0781 0476 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
      2011/08/17 00:34:19.0859 0476 sscdbus (2d4027c46b4c6e45875e3c4ba3f67492) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
      2011/08/17 00:34:19.0921 0476 sscdmdfl (f548f1eba107bc19e91189e6a460bd0e) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
      2011/08/17 00:34:19.0968 0476 sscdmdm (71d348d53597379dfe1de255d70af13c) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
      2011/08/17 00:34:20.0000 0476 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
      2011/08/17 00:34:20.0031 0476 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
      2011/08/17 00:34:20.0109 0476 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
      2011/08/17 00:34:20.0250 0476 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
      2011/08/17 00:34:20.0312 0476 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
      2011/08/17 00:34:20.0375 0476 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
      2011/08/17 00:34:20.0437 0476 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
      2011/08/17 00:34:20.0468 0476 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
      2011/08/17 00:34:20.0578 0476 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
      2011/08/17 00:34:20.0656 0476 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
      2011/08/17 00:34:20.0718 0476 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
      2011/08/17 00:34:20.0781 0476 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
      2011/08/17 00:34:20.0843 0476 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
      2011/08/17 00:34:20.0890 0476 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
      2011/08/17 00:34:20.0937 0476 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
      2011/08/17 00:34:20.0968 0476 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
      2011/08/17 00:34:21.0015 0476 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
      2011/08/17 00:34:21.0062 0476 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
      2011/08/17 00:34:21.0109 0476 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
      2011/08/17 00:34:21.0125 0476 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
      2011/08/17 00:34:21.0156 0476 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
      2011/08/17 00:34:21.0187 0476 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
      2011/08/17 00:34:21.0250 0476 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
      2011/08/17 00:34:21.0281 0476 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
      2011/08/17 00:34:21.0328 0476 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
      2011/08/17 00:34:21.0343 0476 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
      2011/08/17 00:34:21.0406 0476 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
      2011/08/17 00:34:21.0484 0476 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
      2011/08/17 00:34:21.0562 0476 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
      2011/08/17 00:34:21.0640 0476 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
      2011/08/17 00:34:21.0796 0476 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
      2011/08/17 00:34:21.0843 0476 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
      2011/08/17 00:34:21.0937 0476 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
      2011/08/17 00:34:21.0984 0476 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
      2011/08/17 00:34:22.0031 0476 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
      2011/08/17 00:34:22.0140 0476 Boot (0x1200) (bcaebc573050d80499b9754a83cc4505) \Device\Harddisk0\DR0\Partition0
      2011/08/17 00:34:22.0171 0476 Boot (0x1200) (064a9544e856a831ba9837544b1e5511) \Device\Harddisk0\DR0\Partition1
      2011/08/17 00:34:22.0171 0476 ================================================================================
      2011/08/17 00:34:22.0171 0476 Scan finished
      2011/08/17 00:34:22.0171 0476 ================================================================================
      2011/08/17 00:34:22.0187 0460 Detected object count: 0
      2011/08/17 00:34:22.0187 0460 Actual detected object count: 0

      Désolé pour cette transmission en morceaux, je ne comprends pas pourquoi
      a plus
      0
  12. lutece
     
    Bonjour Fish66

    je viens de relire ton message precedent et ta reco de deposer les rapports sur pjjoint.makelal
    Ci dessous les liens:

    rapport ZHP Diag
    http://pjjoint.malekal.com/files.php?id=c4be238846l10f12v14v6y14e7e11p8y14d7q5r7k8p14d811k5j15s10j11

    rapport TDSSkiller
    http://pjjoint.malekal.com/files.php?id=68a2b02d0bx10l9i5d5o7t7n5t13y13x5g6d11i14b11l5y6j11h8l14o6

    Desole pour tous ces bricolages des precedents messages

    a plus
    0
  13. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Bonjour,
    1/
    Désinstalle ce logiciel : Logiciel: installer - (.Install Pedia Limited.)

    2/
    Copie tout le texte présent en gras ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )

    C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
    C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
    O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
    [HKCU\Software\Protection_ZoneAlarm]
    O51 - MPSK:{ae740f7a-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\Install_Nokia_Ovi_Suite.exe (.not file.)
    O51 - MPSK:{ae740fc0-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}]
    [HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
    [HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]

    FirewallRAZ
    EmptyTemp
    EmptyFlash


    Puis Lance ZHPFix depuis le raccourci du bureau .

    * Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

    * Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

    Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

    Clique sur le bouton GO

    Copie/Colle le rapport à l'écran dans ton prochain message.

    @+

    0
  14. lutece
     
    Re,

    1/
    Desinstallation de Installer faite. Une fenetre m'a informée qu'il etait deja desinstallé, j'ai confirmé suppression tout de meme.

    2/
    Rapport ZHP Fix
    Pendant la moulinette apres GO, toutes les icones et barre Demarrer ont disparu du Bureau. Impossible donc de manipuler le PC, j'ai du faire un stop forcé pour le relancer

    Rapport de ZHPFix 1.12.3354 par Nicolas Coolman, Update du 14/08/2011
    Fichier d'export Registre :
    Run by H at 17/08/2011 14:03:05
    Windows XP Home Edition Service Pack 3 (Build 2600)
    Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

    ========== Clé(s) du Registre ==========
    SUPPRIME Key: HKCU\Software\Protection_ZoneAlarm
    SUPPRIME CLSID MPSK: {ae740f7a-f67b-11df-b67b-0019660fdbdb}
    SUPPRIME CLSID MPSK: {ae740fc0-f67b-11df-b67b-0019660fdbdb}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}
    SUPPRIME Key: HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
    SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
    ABSENT Key: HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
    SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}

    ========== Valeur(s) du Registre ==========
    SUPPRIME Toolbar: {d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
    SUPPRIME FirewallRaz (SP) : C:\Program Files\Skype\Plugin Manager\skypePM.exe
    SUPPRIME FirewallRaz (SP) : C:\Program Files\Messenger\msmsgs.exe
    Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

    ========== Dossier(s) ==========
    SUPPRIME Temporaires Windows: : 670
    SUPPRIME Flash Cookies: 928

    ========== Fichier(s) ==========
    ABSENT Folder/File: c:\documents and settings\h\local settings\application data\mozilla\firefox\profiles\4ocmltw3.default\prefs.js (.not file.)
    ABSENT Folder/File: c:\documents and settings\h\local settings\application data\mozilla\firefox\profiles\4ocmltw3.default\user.js (.not file.)
    ABSENT File: c:\program files\protection_zonealarm\prxtbpro0.dll
    SUPPRIME Temporaires Windows: : 13270
    SUPPRIME Flash Cookies: 414

    ========== Récapitulatif ==========
    12 : Clé(s) du Registre
    4 : Valeur(s) du Registre
    2 : Dossier(s)
    5 : Fichier(s)

    End of the scan in 01mn 30s

    ========== Chemin de fichier rapport ==========
    C:\ZHP\ZHPFix[R1].txt - 17/08/2011 14:03:05
    0
  15. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Re,

    Redémarre ton PC, prépare un nouveau rapport ZHPDiag pour vérifier et voir ce qui nous reste!

    0
  16. lutece
     
    Re,

    Ci dessous lien du nouveau rapport ZHPdiag
    Merci

    http://pjjoint.malekal.com/files.php?id=65f8be5187l8f15s11m6c13s9w13z5z11k12b12k5w9c14t14s15h10i11i14v12
    0
  17. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Re,

    Mise à jour Avast :

    *Télécharge Avast V6
    *Désinstalle ton Antivirus Avast5 en suivant ces procédures
    *Exécute le fichier téléchargé pour avoir la dernière version d'avast

    Finalisation :

    Pour finir :

    1/

    IMPORTANT

    Purger les points de restauration système:

    Télécharge OneClick2RestorePoint

    http://www.multifa7.be/Laddy/OneClick2RP.exe

    Mirroirs si non accessible :
    http://batchdhelus.open-web.fr/Laddy/OneClick2RP.exe
    https://app.box.com/s/cqcsz5m0oz

    * Double clic sur OneClick2RP pour l'exécuter (Clic-droit choisir Executer en tant qu'administrateur sous Vista/Seven)
    * Clic sur le bouton "Purger", l'outil de nettoyage de windows va s'ouvrir
    * Choisis ton disque dur principal en général (C:\) ... Patiente pendant le scan...
    * Rends toi dans l'onglet "Autres options"
    * Dans la zone restauration système, clic sur le bouton nettoyer puis sur le bouton Supprimer.
    * Les points de restauration système seront purgés sauf le dernier créé.

    Ensuite avec le même outil
    Créer un nouveau point de restauration reconnaissable

    Aide ICI
    2/

    Télécharge DelFix sur ton bureau.
    * Lance le, tape suppression puis valide

    Patiente pendant le scan jusqu'à l'ouverture du rapport.

    * Copie/Colle le contenu du rapport dans ta prochaine réponse.

    Note : Le rapport se trouve également sous C:\DelFix.txt

    tu peux le desinstaller

    3/
    Mise à jour Java
    * Tu peux vérifier ta Console Java :

    Installer la nouvelle version si besoin (dans ce cas désinstalle avant l'ancienne version).

    voici pour desinstaller :

    JavaRa

    Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
    * Double-clique (clic droit "en tant qu'administrateur" pour Vista) sur le répertoire JavaRa.
    * Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
    * Choisis Français puis clique sur Select.
    * Clique sur Recherche de mises à jour.
    * Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
    * Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
    * L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
    * Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
    * Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
    * Ferme l'application.

    Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
    4/
    Télécharge et installe :

    CCleaner version Slim

    * Lance-le.(clic droit "en tant qu'administrateur" pour Vista et Seven) Va dans Options puis

    Avancé et décoche la case Effacer uniquement les fichiers etc....

    * Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.

    * Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare

    toutes les erreurs tant de fois qu il en trouve a l analyse .

    **************** Aide ICI ******************

    Tu peux utiliser Ccleaner une fois par semaine

    5/

    Téléchage updatechecker pour t'indiquer les logiciels qui ne sont pas à jour et te permet aussi d'effectuer ces mises à jour

    Fais la mise à jour surtout d'adobe reader

    6/

    Aussi tu peux garder Malwarebytes et l'utiliser aussi une fois par semaine.

    7/

    Je te conseille d'utiliser le navigateur Firefox et d'installer les modules

    complémentaires WOT pour t'indiquer les fichiers douteux et Adblock plus pour bloquer les publicités...
    8/
    Un peu de lecture :
    * Les dangers du Peer-To-Peer, Emule etc..
    * Comment Sécuriser son ordinateur...

    J'attend les rapports ...
    0
  18. lutece
     
    Bonsoir Fish66

    J'espere avoir bien validé tous tes points ci dessus

    1/
    Mise à jour Avast V6: fait. En fait, je n'ai pas eu a supprimer v5, il s'st mis a jour en v6 qd j'ai lance l'exécution. c'est Ok ?

    2/
    Purger les points de restauration système et recréer: Ok fait

    3/
    DelFix : scan et suppression de plusieurs icones sur mon bureau mais je ne retrouve pas le rapport sous C:\DelFix.txt

    4/
    Mise à jour Java: ok verification confirme bonne version

    5/
    CCleaner version Slim: ok fait

    6/
    Updatechecker: Ok maj Adobe reader fait

    8/
    Firefox : ok cest celui la que j'utilise

    9/
    J'attend les rapports ... : a part DelFix que je ne trouve pas quels rapports attends tu ?

    Merci d'avance
    0
  19. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Re,
    1/
    Relance Delfix et clique sur "chercher" pour vérifier si les outils de désinfection sont tous supprimés!

    2/
    As tu exécuté JavaRa ?
    A la fin il y'aura un rapport de JavaRa correspondant à la suppression des anciennes version de Java!

    @+
    0
  20. lutece
     
    Bonjour,

    1/
    Rapport DelFix relance ce matin:
    # DelFix v8.3 - Rapport créé le 18/08/2011 à 08:42
    # Mis à jour le 04/08/11 à 11h par Xplode
    # Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
    # Nom d'utilisateur : H - LUTECE (Administrateur)
    # Exécuté depuis : C:\Documents and Settings\H\Bureau\delfix0.exe
    # Option [Suppression]

    ~~~~~~ Dossier(s) ~~~~~~

    ~~~~~~ Fichier(s) ~~~~~~

    ~~~~~~ Registre ~~~~~~

    ~~~~~~ Autre ~~~~~~

    -> Prefetch vidé

    ########## EOF - "C:\DelFixSuppr.txt" - [576 octets] ##########

    2/
    Rapport Java
    Il ne se passe rien qd je clique sur "Rechercher" au stade Mettre à jour via jucheck.exe
    Pour info , la verif faite hier m'avait annonce que j'avais la bonne version de Java

    Pb ?
    Merci

    a plus
    0
  21. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
     
    Bonjour,

    Non, tous va bien, j'ai voulu tout simplement vérifier!

    Bon surf et si tu n'as pas de souci pense à mettre ton sujet comme résolu

    @+

    0
    1. lutece
       
      Fish,
      désolé, j'ai zappé la marque "Résolu" en te postant un message de fin. Il me faut une reponse desormais a nouveau pour me permettre de le faire ??
      0
    2. Fish66 Messages postés 18337 Statut Contributeur sécurité 1 318
       
      C'est pas un problème

      Bon surf...
      0
  • 1
  • 2