PC rame

Fish66
Apres beaucoup de miseres et de stop forces du PC (ecran bleu et tout le toutim.....) j'ai reussi un ZHPDiag
Ci dessous
Rapport de ZHPDiag v1.28.1333 par Nicolas Coolman, Update du 14/08/2011
Run by H at 16/08/2011 22:22:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox v3.6.18 (fr) (Defaut)

---\\ Windows Product Information
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Adventage : KO

---\\ System Information
~ Processor: x86 Family 15 Model 75 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1023 MB (49% free)
System Restore: Activé (Enable)
System drive C: has 40 GB (58%) free of 68 GB

---\\ Logged in mode
~ Computer Name: LUTECE
~ User Name: H
~ All Users Names: SUPPORT_388945a0, HelpAssistant, H, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\H\Application Data\
~ %Desktop% : C:\Documents and Settings\H\Bureau\
~ %Favorites% : C:\Documents and Settings\H\Favoris\
~ %LocalAppData% : C:\Documents and Settings\H\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\H\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 40 Go of 68 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 165 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.16/08/2011 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.16/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.16/08/2011 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.16/08/2011 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.16/08/2011 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 10/102
~ Mes musiques (My Musics) : 17/664
~ Mes Favoris (My Favorites) : 2/28
~ Mes Documents (My Documents) : 32/8091
~ Mon Bureau (My Desktop) : 1/56
~ Menu demarrer (Programs) : 5/37
~ Scan Hidden Files in 00mn 09s



---\\ Processus lancés
[MD5.D5406AD4263487BD6C6B2D7735B095BC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [602112] [PID.]
[MD5.E9372A17C22FC4E5C9FD8798A97775FC] - (.Nero AG - incdsrv.) -- C:\Program Files\Ahead\InCD\InCDsrv.exe [871424] [PID.]
[MD5.6797E0F85E5F419EEFBE2E4C7A622EA1] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2435592] [PID.]
[MD5.2202BA7450E6BE65D92A40377206C626] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [488952] [PID.]
[MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [PID.]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.]
[MD5.70D7BE78061126DD0C3ACCDB7E129017] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.]
[MD5.673CF4F6BB1FBE09331B526802FBB892] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [345376] [PID.]
[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.]
[MD5.BBCDBEBBF1BD6DC5912240391874C0DC] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [161632] [PID.]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.2916]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.]
[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [3493720] [PID.2256]
[MD5.DDACBCA1D0E66BBA5C984842F372A6D4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160] [PID.2468]
[MD5.8FB740D758B14B1BC950CC347C21E461] - (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [32768] [PID.2476]
[MD5.CF508A3971DECEEC1CE575DDDCA4A019] - (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe [1397760] [PID.2504]
[MD5.37BF603C3685289CA684C4D3400A9DE7] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760] [PID.2628]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2656]
[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2672]
[MD5.5ADA30D570F877E4F01C8DF67F781E0E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16208384] [PID.2848]
[MD5.6B87742F27B087AF7FD4ADC2DB685DE0] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2912]
[MD5.ACC5596B15EB0351261A483DA06F3EB3] - (.Nokia - Nokia M Platform.) -- C:\Program Files\Fichiers communs\Nokia\MPlatform\NokiaMServer.exe [1531904] [PID.2964]
[MD5.F052CB43FCA828CF5C711BAFBECD692F] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [PID.]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3348]
[MD5.C72FB9CC856ECFF3B6459B27CB674638] - (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe [323584] [PID.3536]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.3600]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.224]
[MD5.16F1D5CF6465FCA139FA289648B349EE] - (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [663552] [PID.168]
[MD5.DCB3796E0169419618C72F0CE34C68ED] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [820008] [PID.]
[MD5.2D841B7B7F6DEC32162EDFCC69D61F42] - (.Nokia - ServiceLayer Module.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [615936] [PID.]
[MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Documents and Settings\H\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.4076]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [PID.4084]
[MD5.F4631A1BE95655DE86C256776E49019A] - (.Nokia - USB Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe [138752] [PID.]
[MD5.46A9D1FCC55EC6A62FE1D2ACE79C6CA8] - (.Nokia - Serial Media Server.) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [120832] [PID.]
[MD5.4C08FB7ACB28689B586D986D3F5826CF] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe [49152] [PID.2984]
[MD5.258B59C03A5E5C53177C5D52A714C12A] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738808] [PID.]
[MD5.2A8264401B801142021C0FBAC8653622] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.1968]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\prefs.js (.not file.)
C:\Documents and Settings\H\Local Settings\Application Data\Mozilla\Firefox\Profiles\4ocmltw3.default\user.js (.not file.)
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [H] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nosltd.com/getPlus+(R),version=1.6.2.90] - (.NOS Microsystems Ltd. - getplusplusadobe16290.) -- C:\Program Files\NOS\bin\np_gp.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) (No version) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Protection ZoneAlarm Toolbar - {d7f26d0e-9801-45c3-a091-8a65e4ed73b5} . (...) -- C:\Program Files\Protection_ZoneAlarm\prxtbPro0.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SkyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\WINDOWS\SkyTel.exe
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InCD] . (.Nero AG - InCD.) -- C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [NokiaMServer] Clé orpheline
O4 - HKLM\..\Run: [cspep.exe] . (.Pas de propriétaire - cspep.) -- C:\Program Files\cspep\cspep.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-73586283-1214440339-839522115-1004\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files\Nokia\PC Internet Access\NPCIA.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 9.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A94000000001}\SC_Reader.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\H\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{B6A86DA3-63E8-4692-B46C-DA68FAB7D375}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} . (.Microsoft Corporation - Moniteur et dossier UPNP Tray.) -- C:\WINDOWS\system32\upnpui.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart (ATI Smart) . (.Pas de propriétaire - ATI Smart.) - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) . (.Nero AG - incdsrv.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Norton Security Scan for H.job
~ Scan Scheduled Task in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (InCDPass) . (.Nero AG - Ahead RW Filter Driver.) - C:\WINDOWS\system32\DRIVERS\InCDPass.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\WINDOWS\system32\vsdatant.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: ATI HYDRAVISION - (.Pas de propriétaire.) [HKLM] -- {3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: ArcSoft PhotoImpression 5 - (.ArcSoft.) [HKLM] -- {7AFDF9AE-66B2-4A1F-8249-32EF14B97150}
O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth
O42 - Logiciel: AxCrypt (Désinstaller uniquement) - (.Axon Data.) [HKLM] -- AxCrypt
O42 - Logiciel: DVD Solution - (.Pas de propriétaire.) [HKLM] -- {B97CF5C3-0487-11D8-A36E-0050BAE317E1}
O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
O42 - Logiciel: Electronic Arts Product Registration - (.Electronic Arts.) [HKLM] -- InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}
O42 - Logiciel: HP PSC & OfficeJet 5.3.A - (.HP.) [HKLM] -- {3E386744-10FA-44b2-98C9-DF7A270DECB3}
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: InCD - (.Pas de propriétaire.) [HKLM] -- InCD!UninstallKey
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: LimeWire 5.5.14 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Age of Empires Expansion - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion 1.0
O42 - Logiciel: Microsoft Age of Empires Expansion Trial - (.Pas de propriétaire.) [HKLM] -- Age of Empires Expansion Trial 1.00
O42 - Logiciel: Microsoft Age of Empires II Trial Version - (.Pas de propriétaire.) [HKLM] -- Age of Empires II Trial
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)
O42 - Logiciel: Nero OEM - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: Nokia Ovi Suite - (.Nokia.) [HKLM] -- Nokia Ovi Suite
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN
O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre
O42 - Logiciel: PhotoScape - (.Pas de propriétaire.) [HKLM] -- PhotoScape
O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}
O42 - Logiciel: REALTEK PCIE NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {17E2F183-BAC4-4D01-BD7A-59F781E17EFA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Risk - (.Pas de propriétaire.) [HKLM] -- Risk
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Videora iPod Converter 6 - (.Red Kawa.) [HKLM] -- Videora iPod Converter
O42 - Logiciel: Virtualis Crédit Mutuel - (.Pas de propriétaire.) [HKLM] -- Virtualis Crédit Mutuel
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP
O42 - Logiciel: YouTube Downloader App 3.00 - (.Regensoft.) [HKLM] -- YouTube Downloader App
O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm
O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: cspep.0 - (.cspep.) [HKLM] -- cspep_is1
O42 - Logiciel: installer - (.Install Pedia Limited.) [HKLM] -- installer
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Astonsoft]
[HKCU\Software\Axon Data]
[HKCU\Software\BitTorrent]
[HKCU\Software\CheckPoint]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\EA Sports]
[HKCU\Software\EasyBits]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IADirectShow]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterActual Technologies]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Leadertech]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Monitored]
[HKCU\Software\Mooii]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Protection_ZoneAlarm]
[HKCU\Software\Realtek]
[HKCU\Software\SOFTWARE]
[HKCU\Software\SecuROM]
[HKCU\Software\SkypeApps]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\ahead]
[HKCU\Software\cspep]
[HKCU\Software\digital publishing]
[HKCU\Software\keyhole.com]
[HKCU\Software\settings]
[HKLM\Software\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Aecotech]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArcSoft]
[HKLM\Software\Axon Data]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\DivXNetworks]
[HKLM\Software\Dofus 2]
[HKLM\Software\EA Sports]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\ICE]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterActual Technologies]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\LanSetup]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Mooii]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NOS]
[HKLM\Software\Nero]
[HKLM\Software\Nokia Mobile Phones]
[HKLM\Software\Nokia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OMSI]
[HKLM\Software\PC Connectivity Solution]
[HKLM\Software\PCSuite]
[HKLM\Software\PixArt]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\Protection_ZoneAlarm]
[HKLM\Software\REALTEK Semiconductor Corporation]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEGA]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Set8168]
[HKLM\Software\Skype]
[HKLM\Software\Symantec]
[HKLM\Software\TeamViewer]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Zone Labs]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des

Fish66,
Suite du message ci dessus qui se coupe, je ne sais pas pourquoi:

--\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/05/2011 - 13:16:56 - [4621521] ----D- C:\Program Files\7-Zip
O43 - CFD: 15/08/2011 - 23:55:18 - [57681117] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 09/10/2010 - 10:24:54 - [162915830] ----D- C:\Program Files\Adobe
O43 - CFD: 20/03/2011 - 16:55:56 - [163840] ----D- C:\Program Files\Aecotech
O43 - CFD: 12/09/2010 - 21:36:30 - [102212079] ----D- C:\Program Files\Ahead
O43 - CFD: 05/09/2010 - 17:07:00 - [157681030] ----D- C:\Program Files\Alwil Software
O43 - CFD: 11/09/2010 - 23:05:06 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 20/03/2011 - 16:58:04 - [310416363] ----D- C:\Program Files\ArcSoft
O43 - CFD: 08/01/2011 - 22:24:44 - [7850366] ----D- C:\Program Files\Astonsoft
O43 - CFD: 24/10/2010 - 11:18:30 - [89582258] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 23/03/2011 - 22:15:34 - [4859926] ----D- C:\Program Files\AviSynth 2.5
O43 - CFD: 27/10/2010 - 22:13:36 - [2818095] ----D- C:\Program Files\Axon Data
O43 - CFD: 11/09/2010 - 23:04:24 - [616871] ----D- C:\Program Files\Bonjour
O43 - CFD: 24/10/2010 - 11:50:56 - [0] ----D- C:\Program Files\BumpTop
O43 - CFD: 05/09/2010 - 19:22:00 - [26949067] ----D- C:\Program Files\CheckPoint
O43 - CFD: 05/09/2010 - 16:11:42 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 16/08/2011 - 22:19:54 - [1893070] ----D- C:\Program Files\cspep
O43 - CFD: 12/09/2010 - 21:34:00 - [4375040] ----D- C:\Program Files\CyberLink
O43 - CFD: 12/09/2010 - 21:41:44 - [285921027] ----D- C:\Program Files\CyberLink DVD Solution
O43 - CFD: 08/01/2011 - 22:19:58 - [2863832] ----D- C:\Program Files\DeepBurner
O43 - CFD: 23/11/2010 - 00:01:18 - [800824] ----D- C:\Program Files\DIFX
O43 - CFD: 10/03/2011 - 16:03:40 - [1689058] ----D- C:\Program Files\Electronic Arts
O43 - CFD: 20/06/2011 - 20:29:06 - [1070462252] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 28/05/2011 - 18:48:44 - [92110827] ----D- C:\Program Files\Google
O43 - CFD: 26/09/2010 - 15:53:26 - [123519548] ----D- C:\Program Files\HP
O43 - CFD: 05/07/2011 - 16:07:44 - [45852423] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 30/12/2010 - 11:54:42 - [7540292] ----D- C:\Program Files\InterActual
O43 - CFD: 16/08/2011 - 13:40:28 - [5926440] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 11/09/2010 - 23:06:18 - [1856115] ----D- C:\Program Files\iPod
O43 - CFD: 23/03/2011 - 22:13:28 - [20791199] ----D- C:\Program Files\Ipod Videora Converter
O43 - CFD: 11/09/2010 - 23:16:46 - [121825212] ----D- C:\Program Files\iTunes
O43 - CFD: 11/06/2011 - 08:23:24 - [82122271] ----D- C:\Program Files\Java
O43 - CFD: 11/09/2010 - 22:55:24 - [30049944] ----D- C:\Program Files\Lime Wire
O43 - CFD: 14/11/2010 - 12:09:22 - [102059057] ----D- C:\Program Files\LimeWire
O43 - CFD: 13/03/2011 - 12:47:18 - [226432] ----D- C:\Program Files\Microsoft
O43 - CFD: 03/10/2010 - 12:38:46 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 05/07/2011 - 16:14:30 - [0] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 03/04/2011 - 15:09:34 - [97057405] ----D- C:\Program Files\Microsoft LifeCam
O43 - CFD: 15/08/2011 - 17:36:14 - [694326443] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 16/06/2011 - 22:40:04 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 23/10/2010 - 10:07:34 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 23/10/2010 - 15:44:18 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 30/05/2011 - 22:01:04 - [16098828] ----D- C:\Program Files\Movie Maker
O43 - CFD: 16/08/2011 - 22:20:52 - [44287599] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 24/10/2010 - 15:19:44 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 29/09/2010 - 13:50:42 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 05/09/2010 - 16:10:54 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 27/09/2010 - 09:25:44 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 05/09/2010 - 19:35:56 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 23/11/2010 - 00:15:46 - [74027350] ----D- C:\Program Files\Nokia
O43 - CFD: 27/02/2011 - 17:46:18 - [12404120] ----D- C:\Program Files\Norton Security Scan
O43 - CFD: 27/02/2011 - 17:46:16 - [8446243] ----D- C:\Program Files\NortonInstaller
O43 - CFD: 06/09/2010 - 23:26:00 - [494512] ----D- C:\Program Files\NOS
O43 - CFD: 05/09/2010 - 16:11:04 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 16/12/2010 - 08:44:42 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 23/11/2010 - 00:01:04 - [13402122] ----D- C:\Program Files\PC Connectivity Solution
O43 - CFD: 05/01/2011 - 23:13:24 - [24438345] ----D- C:\Program Files\PhotoScape
O43 - CFD: 11/09/2010 - 23:05:50 - [76334922] ----D- C:\Program Files\QuickTime
O43 - CFD: 24/10/2010 - 14:15:24 - [47722444] ----D- C:\Program Files\Realtek
O43 - CFD: 23/03/2011 - 22:15:20 - [42038429] ----D- C:\Program Files\Red Kawa
O43 - CFD: 24/10/2010 - 15:19:34 - [37949185] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 23/03/2011 - 22:15:40 - [25015139] ----D- C:\Program Files\Regensoft
O43 - CFD: 26/09/2010 - 18:13:42 - [1936012] ----D- C:\Program Files\Samsung
O43 - CFD: 05/09/2010 - 16:13:36 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 20/06/2011 - 20:29:22 - [24155848] R---D- C:\Program Files\Skype
O43 - CFD: 05/09/2010 - 16:24:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 26/04/2011 - 07:25:24 - [399736] ----D- C:\Program Files\uTorrent
O43 - CFD: 05/09/2010 - 16:31:16 - [474722] ----D- C:\Program Files\VIA
O43 - CFD: 12/09/2010 - 12:24:04 - [81188284] ----D- C:\Program Files\VideoLAN
O43 - CFD: 20/09/2010 - 09:09:40 - [317264] ----D- C:\Program Files\Virtualis
O43 - CFD: 13/03/2011 - 12:47:50 - [61856425] ----D- C:\Program Files\Windows Live
O43 - CFD: 13/03/2011 - 12:46:56 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 05/02/2011 - 20:09:02 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 05/02/2011 - 20:09:00 - [8543450] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/09/2010 - 19:35:54 - [3942655] ----D- C:\Program Files\Windows NT
O43 - CFD: 05/09/2010 - 16:13:42 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 05/09/2010 - 16:15:14 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/08/2011 - 22:22:54 - [4018322] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 05/09/2010 - 19:18:56 - [21742354] ----D- C:\Program Files\Zone Labs
O43 - CFD: 09/10/2010 - 10:25:06 - [6281214] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 19/09/2010 - 00:51:34 - [30516688] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 12/09/2010 - 21:36:14 - [26989503] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 11/09/2010 - 23:06:16 - [80026250] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 20/03/2011 - 16:59:24 - [13917211] ----D- C:\Program Files\Fichiers Communs\ArcSoft
O43 - CFD: 24/10/2010 - 11:18:30 - [964265] ----D- C:\Program Files\Fichiers Communs\ATI Technologies
O43 - CFD: 23/10/2010 - 10:07:34 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 26/09/2010 - 15:57:18 - [272917] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 05/09/2010 - 16:44:48 - [10478698] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 11/06/2011 - 08:24:30 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 13/03/2011 - 12:47:02 - [237389290] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 05/09/2010 - 16:12:36 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 23/11/2010 - 00:03:28 - [91459031] ----D- C:\Program Files\Fichiers Communs\Nokia
O43 - CFD: 05/09/2010 - 17:58:00 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 20/03/2011 - 16:55:58 - [10164349] ----D- C:\Program Files\Fichiers Communs\PAC207
O43 - CFD: 05/09/2010 - 16:12:42 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 05/09/2010 - 17:57:56 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 26/07/2011 - 14:57:32 - [470720865] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 23/10/2010 - 15:41:56 - [44383521] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 13/03/2011 - 12:32:08 - [41467028] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 27/02/2011 - 14:46:56 - [14103679] ----D- C:\Documents and Settings\H\Application Data\Adobe
O43 - CFD: 19/09/2010 - 07:28:30 - [4314] ----D- C:\Documents and Settings\H\Application Data\app
O43 - CFD: 11/09/2010 - 23:16:28 - [1229422] ----D- C:\Documents and Settings\H\Application Data\Apple Computer
O43 - CFD: 20/03/2011 - 17:01:36 - [185549] ----D- C:\Documents and Settings\H\Application Data\ArcSoft
O43 - CFD: 24/10/2010 - 11:20:50 - [0] ----D- C:\Documents and Settings\H\Application Data\ATI
O43 - CFD: 24/10/2010 - 11:29:44 - [6706532] ----D- C:\Documents and Settings\H\Application Data\Bump Technologies, Inc
O43 - CFD: 05/09/2010 - 19:22:16 - [24780] ----D- C:\Documents and Settings\H\Application Data\CheckPoint
O43 - CFD: 09/03/2011 - 20:44:58 - [10758] ----D- C:\Documents and Settings\H\Application Data\CyberLink
O43 - CFD: 08/01/2011 - 22:29:44 - [1107] ----D- C:\Documents and Settings\H\Application Data\DeepBurner
O43 - CFD: 31/10/2010 - 12:59:24 - [21637376] ----D- C:\Documents and Settings\H\Application Data\digital publishing
O43 - CFD: 19/09/2010 - 07:59:30 - [15077712] ----D- C:\Documents and Settings\H\Application Data\Dofus 2
O43 - CFD: 19/09/2010 - 07:28:24 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 19/09/2010 - 10:03:10 - [0] ----D- C:\Documents and Settings\H\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 03/07/2011 - 23:01:08 - [199] ----D- C:\Documents and Settings\H\Application Data\dvdcss
O43 - CFD: 18/10/2010 - 16:32:58 - [119252] ----D- C:\Documents and Settings\H\Application Data\Google
O43 - CFD: 26/09/2010 - 15:50:14 - [31682] ----D- C:\Documents and Settings\H\Application Data\HP
O43 - CFD: 05/09/2010 - 16:24:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Identities
O43 - CFD: 18/03/2011 - 19:06:22 - [0] ----D- C:\Documents and Settings\H\Application Data\InstallShield
O43 - CFD: 24/05/2011 - 13:39:42 - [414] ----D- C:\Documents and Settings\H\Application Data\Leadertech
O43 - CFD: 16/08/2011 - 22:20:38 - [23586180] ----D- C:\Documents and Settings\H\Application Data\LimeWire
O43 - CFD: 05/09/2010 - 17:21:16 - [3115061] ----D- C:\Documents and Settings\H\Application Data\Macromedia
O43 - CFD: 26/03/2011 - 00:59:48 - [7243730] -S--D- C:\Documents and Settings\H\Application Data\Microsoft
O43 - CFD: 03/10/2010 - 12:39:00 - [0] ----D- C:\Documents and Settings\H\Application Data\Microsoft Web Folders
O43 - CFD: 05/09/2010 - 16:52:24 - [27705531] ----D- C:\Documents and Settings\H\Application Data\Mozilla
O43 - CFD: 23/11/2010 - 00:14:46 - [196197] ----D- C:\Documents and Settings\H\Application Data\Nokia
O43 - CFD: 23/11/2010 - 00:14:50 - [32804] ----D- C:\Documents and Settings\H\Application Data\Nokia Ovi Suite
O43 - CFD: 28/03/2011 - 21:52:24 - [19988325] ----D- C:\Documents and Settings\H\Application Data\PC Suite
O43 - CFD: 05/01/2011 - 18:41:34 - [606] ----D- C:\Documents and Settings\H\Application Data\PhotoFiltre
O43 - CFD: 29/01/2011 - 15:37:50 - [41796] ----D- C:\Documents and Settings\H\Application Data\PhotoScape
O43 - CFD: 23/03/2011 - 22:26:28 - [218737] ----D- C:\Documents and Settings\H\Application Data\Red Kawa
O43 - CFD: 19/09/2010 - 07:28:30 - [0] ----D- C:\Documents and Settings\H\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 23/03/2011 - 22:18:38 - [688] ----D- C:\Documents and Settings\H\Application Data\Regensoft
O43 - CFD: 01/04/2011 - 17:57:04 - [9872] R-H-D- C:\Documents and Settings\H\Application Data\SecuROM
O43 - CFD: 20/07/2011 - 22:42:36 - [18122096] ----D- C:\Documents and Settings\H\Application Data\Skype
O43 - CFD: 20/06/2011 - 20:28:38 - [28736] ----D- C:\Documents and Settings\H\Application Data\skypePM
O43 - CFD: 11/09/2010 - 22:56:00 - [12980907] ----D- C:\Documents and Settings\H\Application Data\Sun
O43 - CFD: 23/10/2010 - 09:36:24 - [28030] ----D- C:\Documents and Settings\H\Application Data\TeamViewer
O43 - CFD: 20/07/2011 - 10:18:28 - [2262714] ----D- C:\Documents and Settings\H\Application Data\uTorrent
O43 - CFD: 23/03/2011 - 22:23:44 - [1012699] ----D- C:\Documents and Settings\H\Application Data\vlc
O43 - CFD: 09/10/2010 - 10:24:32 - [161329624] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Adobe
O43 - CFD: 04/12/2010 - 23:01:02 - [1950597] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Ahead
O43 - CFD: 11/09/2010 - 23:05:08 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple
O43 - CFD: 11/09/2010 - 23:07:30 - [59543610] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Apple Computer
O43 - CFD: 20/03/2011 - 16:59:42 - [265] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ArcSoft
O43 - CFD: 07/01/2011 - 18:42:22 - [291402] ----D- C:\Documents and Settings\H\Local Settings\Application Data\assembly
O43 - CFD: 24/10/2010 - 11:20:50 - [69792] ----D- C:\Documents and Settings\H\Local Settings\Application Data\ATI
O43 - CFD: 24/10/2010 - 11:30:18 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Bump Technologies, Inc
O43 - CFD: 23/03/2011 - 22:18:38 - [1754977] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Geckofx
O43 - CFD: 02/05/2011 - 20:41:02 - [2021204387] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Google
O43 - CFD: 21/09/2010 - 22:28:52 - [379896] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Identities
O43 - CFD: 18/07/2011 - 12:09:32 - [200151856] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft
O43 - CFD: 23/10/2010 - 10:02:48 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Microsoft Help
O43 - CFD: 05/09/2010 - 16:52:16 - [43939273] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Mozilla
O43 - CFD: 23/11/2010 - 00:14:34 - [870131] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Nokia
O43 - CFD: 23/11/2010 - 00:14:18 - [269] ----D- C:\Documents and Settings\H\Local Settings\Application Data\NokiaAccount
O43 - CFD: 02/05/2011 - 20:36:36 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\Temp
O43 - CFD: 06/04/2011 - 13:39:44 - [0] ----D- C:\Documents and Settings\H\Local Settings\Application Data\WMTools Downloaded Files
~ Scan Program Folder in 00mn 39s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.DD871EF63406B8C5AD3FEB2C96171F50] - 16/08/2011 - 21:20:15 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1881064]
O44 - LFC:[MD5.F0B3CDC7C060CCBA8C2FE2850FE20103] - 16/08/2011 - 21:20:04 ---A- . (...) -- C:\WINDOWS\setupapi.log [565412]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/08/2011 - 21:19:25 ---A- . (...) -- C:\WINDOWS\0.log [0]
O44 - LFC:[MD5.B5EF86FA82BA12544A0099ADCCD3338C] - 16/08/2011 - 21:19:24 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.EE28A4D953B04AB47C195DFC492E12DA] - 16/08/2011 - 21:19:22 ---A- . (...) -- C:\WINDOWS\wiaservc.log [0]
O44 - LFC:[MD5.F558A2C42795FC6FDBA74B2EB41C8913] - 16/08/2011 - 21:18:55 ---A- . (...) -- C:\WINDOWS\system32\ativvaxx.cap [167952]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 16/08/2011 - 21:18:55 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]
O44 - LFC:[MD5.1EF633EA3E7239B06BE01C5C916434B2] - 16/08/2011 - 19:55:03 ---A- . (...) -- C:\AdwCleaner[S1].txt [1738]
O44 - LFC:[MD5.76B6F05D6CF731914698F3BA2C63621B] - 16/08/2011 - 12:50:28 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32410]
O44 - LFC:[MD5.2B72AE98DEE6841EC1CD2C95D7648D85] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [4836]
O44 - LFC:[MD5.03E3CD966892A20A9CBA8D6FC3D6943A] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [110592]
O44 - LFC:[MD5.0E3D5A9D7CE251A2C323DC26FCCF4154] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [135424]
O44 - LFC:[MD5.7A908657C4429DDF9EBA23D9F3F8DA99] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [540658]
O44 - LFC:[MD5.ABF40657E935C0E86857498058C045A5] - 16/08/2011 - 12:49:57 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [624646]
O44 - LFC:[MD5.237E7A60055B5FEAF6D6F79CC7DF7333] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1500363]
O44 - LFC:[MD5.4000B5284DD2590F8FF0B68542CC1928] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15470]
O44 - LFC:[MD5.8D7FA191D83E7D5EE08B4EB6C5804021] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\comsetup.log [394562]
O44 - LFC:[MD5.F40451D403542BBE00CA0CBE1391907E] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\iis6.log [236040]
O44 - LFC:[MD5.82E1FB8E2E92BFE87D9E7B0963E0D009] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.FC98035FA1F5192FF4D8E65E15EB1FCC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75011]
O44 - LFC:[MD5.FEF3E617FB8E79F0627AEE04103B34CC] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [237503]
O44 - LFC:[MD5.D2964A2EE566280AE55FA7D2105F07F9] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocgen.log [732369]
O44 - LFC:[MD5.478233628C64FEAE91DFE07E6B06B51D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\ocmsn.log [63833]
O44 - LFC:[MD5.BBC6B38E91BF8433175AF527E396345D] - 16/08/2011 - 12:47:10 ---A- . (...) -- C:\WINDOWS\tsoc.log [577493]
O44 - LFC:[MD5.C75C2BCBDF0FA26D6E1A7317DE8716C9] - 16/08/2011 - 12:47:09 ---A- . (...) -- C:\WINDOWS\updspapi.log [218906]
O44 - LFC:[MD5.BC7962B2EF211D2EA4522D100D90FB42] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11047]
O44 - LFC:[MD5.E0BE60BBD6AF8B21BFA79402777F9EB3] - 16/08/2011 - 12:46:10 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.F0EF3465232490351513C8927C925106] - 16/08/2011 - 12:45:56 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10938]
O44 - LFC:[MD5.F1B5C4D4A2892EE11B6FE9E058053B4B] - 16/08/2011 - 12:40:33 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14858]
O44 - LFC:[MD5.865A2DCE61ADE1F9A3285E3D0DB28DFD] - 16/08/2011 - 12:39:59 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6883]
O44 - LFC:[MD5.AD6F726CFE4CA22C58CDBAD49E093DA3] - 16/08/2011 - 12:39:46 ---A- . (...) -- C:\WINDOWS\KB2562937.log [6212]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 16/08/2011 - 12:37:26 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [69]
O44 - LFC:[MD5.A8D4C05C1BD108F2C98FD2A96398BD22] - 16/08/2011 - 12:15:07 ---A- . (...) -- C:\AdwCleaner[R1].txt [1640]
O44 - LFC:[MD5.45038E3AE2BAA9C47E9AC3AE266D8A1A] - 16/08/2011 - 07:16:09 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.E8C00D32037549BB9538181B7FD0704B] - 15/08/2011 - 22:57:34 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [5781]
O44 - LFC:[MD5.D926D44123AE8B852FB6459879D8A5E8] - 15/08/2011 - 15:37:49 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [13646]
~ Scan Files in 00mn 26s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(...) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe (.not file.)
O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O47 - AAKE:Key Export SP - "C:\Program Files\iTunes\iTunes.exe" [Enabled] .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O47 - AAKE:Key Export SP - "C:\Program Files\LimeWire\LimeWire.exe" [Enabled] .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files\LimeWire\LimeWire.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\microtorrent_torrent_2.0.4_build_22967_anglais_18245.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ZoneLabs\vsmon.exe" [Enabled] .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeCam.exe" [Enabled] .(.Microsoft Corporation - LifeCam.exe.) -- C:\Program Files\Microsoft LifeCam\LifeCam.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" [Enabled] .(.Microsoft Corporation - LifeEnC2.exe.) -- C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeExp.exe" [Enabled] .(.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files\Microsoft LifeCam\LifeExp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft LifeCam\LifeTray.exe" [Enabled] .(.Microsoft Corporation - LifeTray.exe.) -- C:\Program Files\Microsoft LifeCam\LifeTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe
O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Kernel Mode Driver Framework Runtime.) -- C:\WINDOWS\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ Scan IFEO in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{ae740f7a-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\Install_Nokia_Ovi_Suite.exe (.not file.)
O51 - MPSK:{ae740fc0-f67b-11df-b67b-0019660fdbdb}\AutoRun\command. (...) -- F:\NokiaPCIA_Autorun.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.dll" . (.Intel Corporation - Intel Indeo(R) Video Interactive 32-bit Driver.) -- C:\WINDOWS\system32\ir41_32.dll
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ir41_32.dll"="Intel Indeo (R) Video Interactive 32-bit Driver R4.1" . (...) -- (.not file.)
~ Scan Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.DFCDD5936CAD0138775D5A105D4C7716] - 16/08/2011 - 12:32:13 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\WINDOWS\system32\drivers\aavmker4.sys [30808]
O58 - SDL:[MD5.FE3EA6E9AFC1A78E6EDCA121E006AFB7] - 16/08/2011 - 15:05:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\WINDOWS\system32\drivers\afc.sys [18688]
O58 - SDL:[MD5.DE91D0D73C3E61E6826D98FAC2FAC729] - 16/08/2011 - 15:17:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS [5824]
O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 16/08/2011 - 12:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys [19544]
O58 - SDL:[MD5.4FAE55469A56AA2B423E5E26FD1449D1] - 16/08/2011 - 12:35:09 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows NT/2000.) -- C:\WINDOWS\system32\drivers\aswmon.sys [96344]
O58 - SDL:[MD5.7857E0B4C817F69FF463EEA2C63E56F9] - 16/08/2011 - 12:35:12 ---A- . (.AVAST Software - avast! File System Filter Driver for Windows XP.) -- C:\WINDOWS\system32\drivers\aswmon2.sys [102616]
O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 16/08/2011 - 12:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\WINDOWS\system32\drivers\aswRdr.sys [25432]
O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 16/08/2011 - 12:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\drivers\aswSnx.sys [441176]
O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 16/08/2011 - 12:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\drivers\aswSP.sys [309848]
O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 16/08/2011 - 12:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\drivers\aswTdi.sys [43608]
O58 - SDL:[MD5.8E54C76DB5D88BF8B4E82B37E1322671] - 16/08/2011 - 04:30:44 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [3643904]
O58 - SDL:[MD5.1E82F05CFF41316BCAA513909D99A004] - 16/08/2011 - 12:28:32 R--A- . (.ATI Research Inc. - Ati High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys [93184]
O58 - SDL:[MD5.C3963D85B721A7F80D8A55F4E2867A3A] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmb.sys [18176]
O58 - SDL:[MD5.3859C69A77793180548802DAC9F34A38] - 16/08/2011 - 14:32:44 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys [22528]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 16/08/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 16/08/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.9F1D80908658EB7F1BF70809E0B51470] - 16/08/2011 - 06:52:26 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [51120]
O58 - SDL:[MD5.F7E3E9D50F9CD3DE28085A8FDAA0A1C3] - 16/08/2011 - 06:52:27 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]
O58 - SDL:[MD5.CF1B7951B4EC8D13F3C93B74BB2B461B] - 16/08/2011 - 06:52:28 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21744]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]
O58 - SDL:[MD5.338F83EE9CB9E15EEACF0CBB90218CBF] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys [137344]
O58 - SDL:[MD5.D15BAC979144FB69ED28F97B2DD84D48] - 16/08/2011 - 14:21:22 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [8320]
O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 16/08/2011 - 10:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]
O58 - SDL:[MD5.4A410C7AEA51123519C20D43A20BCE96] - 16/08/2011 - 13:17:26 ---A- . (.PixArt Imaging Inc. - PFC027.) -- C:\WINDOWS\system32\drivers\PFC027.SYS [618112]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 16/08/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 16/08/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]
O58 - SDL:[MD5.D6E1B1BD04FAD422AF17FC4B810CB9AF] - 16/08/2011 - 09:08:16 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [78976]
O58 - SDL:[MD5.3000E98F519CF6FDA669BAE8E47F7B4F] - 16/08/2011 - 05:09:26 R---- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys [4284928]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 16/08/2011 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 16/08/2011 - 11:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80272]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [11877]
O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [11877]
O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [10864]
O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 16/08/2011 - 11:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [137884]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [11188]
O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 16/08/2011 - 11:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [11188]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 16/08/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]
O58 - SDL:[MD5.4B8A9C16B6D9258ED99C512AECB8C555] - 16/08/2011 - 19:47:42 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.0CCADC7391021376EDBB8AA649D04E68] - 16/08/2011 - 14:32:46 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys [8192]
O58 - SDL:[MD5.68B4F83CCCF70A2FF32EE142C234332A] - 16/08/2011 - 14:32:58 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys [8192]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 16/08/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 16/08/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
O58 - SDL:[MD5.050C38EBB22512122E54B47DC278BCCD] - 16/08/2011 - 10:02:32 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\WINDOWS\system32\vsdatant.sys [532224]
~ Scan Drivers in 00mn 04s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 18/03/2010 - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe - ArcSoft Connect Daemon(ACDaemon) .(.ArcSoft Inc. - ArcSoft Connect Service.) - LEGACY_ACDAEMON
O64 - Services: CurCS - ??/??/???? - C:\DOCUME~1\H\LOCALS~1\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 02/03/2006 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 18/10/2010 - C:\Program Files\Google\Update\GoogleUpdate.exe - Service Google Update (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE
O64 - Services: CurCS - 08/07/2005 - C:\Program Files\Ahead\InCD\InCDsrv.exe - InCD Helper(InCDsrv) .(.Nero AG - incdsrv.) - LEGACY_INCDSRV
O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys - ZoneAlarm Toolbar ISWKL(ISWKL) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWKL
O64 - Services: CurCS - 15/02/2011 - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe - ZoneAlarm Toolbar IswSvc(IswSvc) .(.Check Point Software Technologies - ZoneAlarm Browser Security.) - LEGACY_ISWSVC
O64 - Services: CurCS - 04/05/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv(Secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/06/2010 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER
O64 - Services: CurCS - 13/05/2010 - C:\WINDOWS\system32\vsdatant.sys - vsdatant(vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT
O64 - Services: CurCS - 18/02/2011 - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - TrueVector Internet Monitor(vsmon) .(.Check Point Software Technologies LTD - TrueVector Service.) - LEGACY_VSMON
~ Scan Services in 00mn 03s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {E8CB2B75-1CCB-483D-9C94-644501916F96} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.37802DC23540941D3D5FFC0CFB97D9F0] [SPRF][15/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AD-R.exe [1563105]
[MD5.DF903EF91F74AF913888FCA7C3066ED9] [SPRF][16/08/2011] (...) -- C:\Documents and Settings\H\Bureau\AdwCleaner.exe [450808]
[MD5.C1AD5FE74BD19EDAB96B84123BDE9BD7] [SPRF][16/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\H\Bureau\ZHPDiag2.exe [2575661]
[MD5.BB8DEAA5685FDE0FB12328ABBAB57D0D] [SPRF][13/03/2011] (.Microsoft Corporation - Installation_WLMessenger2009.) -- C:\Program Files\Installation_WLMessenger2009.exe [1794920]
[MD5.34224D0544EB516DA2452BBC41CECC17] [SPRF][18/03/2011] (...) -- C:\Program Files\SoftonicDownloader_pour_age-of-empires-ii.exe [287056]
~ Scan Files in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : 8611 - (14/08/2011)
Clés trouvées (Keys found) : 10
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Installer] =>Adware.InstallPedia
~ Scan Additionnel in 00mn 08s



---\\ Recherche détournement de DNS routeur (O89)
Serveur : Livebox-AA40
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.148.106, 209.85.148.105, 209.85.148.147, 209.85.148.103
209.85.148.99, 209.85.148.104
Aliases: www.google.fr, www.google.com
~ Scan DNS in 00mn 02s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 16/08/2011 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 16/08/2011 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/08/2011 602112 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe
SS - | Auto 593920 | (ATI Smart) . (...) - C:\WINDOWS\system32\ati2sgag.exe
SR - | Auto 16/08/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 16/08/2011 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 16/08/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Auto 16/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 16/08/2011 871424 | C:\Program Files\Ahead\InCD\InCDsrv.exe (InCDsrv) . (.Nero AG.) - C:\Program Files\Ahead\InCD\InCDsrv.exe
SR - | Demand 16/08/2011 820008 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 16/08/2011 488952 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
SR - | Auto 16/08/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 16/08/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SR - | Demand 16/08/2011 615936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 16/08/2011 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
~ Scan Services in 00mn 03s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by H at 16/08/2011 22:24:29

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86D46AB8]
3 CLASSPNP[0xF765CFD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000072[0x86D8AF18]
5 ACPI[0xF74F2620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP2T0L0-7[0x86D28940]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 05s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by H at 16/08/2011 22:24:31

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s



End of the scan (1226 lines in 01mn 52s)(0)

2/
Rapport Tdsskiller
2011/08/17 00:34:02.0890 0780 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/17 00:34:03.0078 0780 ================================================================================
2011/08/17 00:34:03.0078 0780 SystemInfo:
2011/08/17 00:34:03.0078 0780
2011/08/17 00:34:03.0078 0780 OS Version: 5.1.2600 ServicePack: 3.0
2011/08/17 00:34:03.0078 0780 Product type: Workstation
2011/08/17 00:34:03.0078 0780 ComputerName: LUTECE
2011/08/17 00:34:03.0078 0780 UserName: H
2011/08/17 00:34:03.0078 0780 Windows directory: C:\WINDOWS
2011/08/17 00:34:03.0078 0780 System windows directory: C:\WINDOWS
2011/08/17 00:34:03.0078 0780 Processor architecture: Intel x86
2011/08/17 00:34:03.0078 0780 Number of processors: 2
2011/08/17 00:34:03.0078 0780 Page size: 0x1000
2011/08/17 00:34:03.0078 0780 Boot type: Normal boot
2011/08/17 00:34:03.0078 0780 ================================================================================
2011/08/17 00:34:04.0390 0780 Initialize success
2011/08/17 00:34:09.0406 0476 ================================================================================
2011/08/17 00:34:09.0406 0476 Scan started
2011/08/17 00:34:09.0406 0476 Mode: Manual;
2011/08/17 00:34:09.0406 0476 ================================================================================
2011/08/17 00:34:10.0343 0476 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/08/17 00:34:10.0500 0476 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/17 00:34:10.0562 0476 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/17 00:34:10.0640 0476 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/08/17 00:34:10.0687 0476 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
2011/08/17 00:34:10.0796 0476 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/08/17 00:34:11.0140 0476 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/08/17 00:34:11.0203 0476 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/08/17 00:34:11.0250 0476 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/08/17 00:34:11.0312 0476 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/08/17 00:34:11.0359 0476 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/08/17 00:34:11.0406 0476 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/08/17 00:34:11.0468 0476 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/17 00:34:11.0546 0476 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/17 00:34:11.0812 0476 ati2mtag (8e54c76db5d88bf8b4e82b37e1322671) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/08/17 00:34:11.0906 0476 AtiHdmiService (1e82f05cff41316bcaa513909d99a004) C:\WINDOWS\system32\drivers\AtiHdmi.sys
2011/08/17 00:34:11.0937 0476 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/17 00:34:12.0000 0476 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/17 00:34:12.0046 0476 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/17 00:34:12.0203 0476 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/17 00:34:12.0281 0476 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/17 00:34:12.0343 0476 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/17 00:34:12.0390 0476 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/17 00:34:12.0421 0476 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/17 00:34:12.0765 0476 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/17 00:34:12.0828 0476 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/17 00:34:12.0906 0476 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/17 00:34:12.0953 0476 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/17 00:34:13.0000 0476 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/17 00:34:13.0093 0476 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/17 00:34:13.0156 0476 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/17 00:34:13.0250 0476 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/17 00:34:13.0296 0476 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/17 00:34:13.0328 0476 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/08/17 00:34:13.0375 0476 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/08/17 00:34:13.0421 0476 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/17 00:34:13.0468 0476 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/17 00:34:13.0500 0476 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/08/17 00:34:13.0562 0476 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/08/17 00:34:13.0625 0476 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/17 00:34:13.0671 0476 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/08/17 00:34:13.0890 0476 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/08/17 00:34:14.0140 0476 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/08/17 00:34:14.0203 0476 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
201

et suite et fin de rapport Tdsskiller egalement coupé (??):

2011/08/17 00:34:14.0281 0476 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/17 00:34:14.0406 0476 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/17 00:34:14.0437 0476 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/17 00:34:14.0500 0476 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/08/17 00:34:14.0562 0476 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/08/17 00:34:14.0609 0476 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/08/17 00:34:14.0656 0476 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
2011/08/17 00:34:14.0875 0476 IntcAzAudAddService (3000e98f519cf6fda669bae8e47f7b4f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/08/17 00:34:15.0031 0476 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/08/17 00:34:15.0109 0476 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/17 00:34:15.0171 0476 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/17 00:34:15.0218 0476 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/17 00:34:15.0265 0476 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/17 00:34:15.0328 0476 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/17 00:34:15.0390 0476 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/17 00:34:15.0453 0476 ISWKL (eb8594268cf50baaecbe82d70c833533) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
2011/08/17 00:34:15.0500 0476 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/17 00:34:15.0562 0476 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/17 00:34:15.0609 0476 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/17 00:34:15.0796 0476 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/17 00:34:15.0859 0476 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/17 00:34:15.0890 0476 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/17 00:34:15.0937 0476 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/17 00:34:16.0015 0476 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/17 00:34:16.0093 0476 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/17 00:34:16.0187 0476 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/17 00:34:16.0234 0476 MSHUSBVideo (066f26efe273125b352e35405d258e85) C:\WINDOWS\system32\Drivers\nx6000.sys
2011/08/17 00:34:16.0296 0476 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/17 00:34:16.0359 0476 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/17 00:34:16.0406 0476 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/17 00:34:16.0437 0476 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/17 00:34:16.0500 0476 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/17 00:34:16.0593 0476 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/17 00:34:16.0656 0476 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/17 00:34:16.0750 0476 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/17 00:34:16.0796 0476 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/17 00:34:16.0859 0476 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/17 00:34:16.0937 0476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/17 00:34:16.0984 0476 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/17 00:34:17.0031 0476 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/17 00:34:17.0078 0476 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/17 00:34:17.0140 0476 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/17 00:34:17.0234 0476 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/08/17 00:34:17.0296 0476 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/08/17 00:34:17.0375 0476 nmwcdnsu (338f83ee9cb9e15eeacf0cbb90218cbf) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011/08/17 00:34:17.0437 0476 nmwcdnsuc (d15bac979144fb69ed28f97b2dd84d48) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011/08/17 00:34:17.0500 0476 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/17 00:34:17.0578 0476 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/17 00:34:17.0625 0476 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/17 00:34:17.0812 0476 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/17 00:34:17.0843 0476 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/17 00:34:17.0937 0476 PAC207 (4a410c7aea51123519c20d43a20bce96) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
2011/08/17 00:34:17.0984 0476 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/17 00:34:18.0031 0476 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/17 00:34:18.0062 0476 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/17 00:34:18.0140 0476 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/08/17 00:34:18.0171 0476 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/17 00:34:18.0250 0476 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/17 00:34:18.0296 0476 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/17 00:34:18.0531 0476 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/17 00:34:18.0546 0476 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/08/17 00:34:18.0593 0476 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/17 00:34:18.0609 0476 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/17 00:34:18.0859 0476 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/17 00:34:18.0921 0476 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/17 00:34:18.0984 0476 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/17 00:34:19.0031 0476 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/17 00:34:19.0062 0476 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/17 00:34:19.0093 0476 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/17 00:34:19.0156 0476 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/17 00:34:19.0203 0476 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/17 00:34:19.0281 0476 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/08/17 00:34:19.0359 0476 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/17 00:34:19.0406 0476 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/17 00:34:19.0437 0476 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/17 00:34:19.0484 0476 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/17 00:34:19.0546 0476 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/17 00:34:19.0625 0476 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/17 00:34:19.0703 0476 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/17 00:34:19.0781 0476 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/17 00:34:19.0859 0476 sscdbus (2d4027c46b4c6e45875e3c4ba3f67492) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
2011/08/17 00:34:19.0921 0476 sscdmdfl (f548f1eba107bc19e91189e6a460bd0e) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
2011/08/17 00:34:19.0968 0476 sscdmdm (71d348d53597379dfe1de255d70af13c) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
2011/08/17 00:34:20.0000 0476 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/17 00:34:20.0031 0476 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/17 00:34:20.0109 0476 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/17 00:34:20.0250 0476 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/17 00:34:20.0312 0476 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/17 00:34:20.0375 0476 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/17 00:34:20.0437 0476 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/17 00:34:20.0468 0476 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/17 00:34:20.0578 0476 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/17 00:34:20.0656 0476 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/17 00:34:20.0718 0476 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/08/17 00:34:20.0781 0476 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/08/17 00:34:20.0843 0476 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/17 00:34:20.0890 0476 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/17 00:34:20.0937 0476 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/17 00:34:20.0968 0476 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/17 00:34:21.0015 0476 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/17 00:34:21.0062 0476 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/17 00:34:21.0109 0476 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/08/17 00:34:21.0125 0476 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/08/17 00:34:21.0156 0476 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/17 00:34:21.0187 0476 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/17 00:34:21.0250 0476 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/08/17 00:34:21.0281 0476 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/08/17 00:34:21.0328 0476 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/17 00:34:21.0343 0476 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/17 00:34:21.0406 0476 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
2011/08/17 00:34:21.0484 0476 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/17 00:34:21.0562 0476 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/08/17 00:34:21.0640 0476 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/17 00:34:21.0796 0476 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/08/17 00:34:21.0843 0476 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/17 00:34:21.0937 0476 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/17 00:34:21.0984 0476 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/17 00:34:22.0031 0476 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
2011/08/17 00:34:22.0140 0476 Boot (0x1200) (bcaebc573050d80499b9754a83cc4505) \Device\Harddisk0\DR0\Partition0
2011/08/17 00:34:22.0171 0476 Boot (0x1200) (064a9544e856a831ba9837544b1e5511) \Device\Harddisk0\DR0\Partition1
2011/08/17 00:34:22.0171 0476 ================================================================================
2011/08/17 00:34:22.0171 0476 Scan finished
2011/08/17 00:34:22.0171 0476 ================================================================================
2011/08/17 00:34:22.0187 0460 Detected object count: 0
2011/08/17 00:34:22.0187 0460 Actual detected object count: 0

Désolé pour cette transmission en morceaux, je ne comprends pas pourquoi
a plus

Fish,
désolé, j'ai zappé la marque "Résolu" en te postant un message de fin. Il me faut une reponse desormais a nouveau pour me permettre de le faire ??

C'est pas un problème

Bon surf...