Besoin d aide pour mon rapport

Résolu/Fermé
jpl-52 Messages postés 21 Date d'inscription lundi 24 décembre 2007 Statut Membre Dernière intervention 26 janvier 2012 - 5 janv. 2012 à 13:47
cabrier Messages postés 5591 Date d'inscription dimanche 7 août 2011 Statut Contributeur sécurité Dernière intervention 27 octobre 2020 - 5 janv. 2012 à 14:12
Bonjour, a tous

mon pc est tres tres lent je pense a un virus

pourriez-vous m aider a lire mon rapport svp


Rapport de ZHPDiag v1.28.305 par Nicolas Coolman, Update du 01/01/2012
Run by jpl-52 at 05/01/2012 13:30:38
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ System Information
~ Processor: x86 Family 15 Model 4 Stepping 9, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 446.5 MB (13% free)
System Restore: Activé (Enable)
System drive G: has 251 GB (84%) free of 298 GB

---\\ Logged in mode
~ Computer Name: LAPLAIGE-47430C
~ User Name: jpl-52
~ All Users Names: SUPPORT_388945a0, jpl-52, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : G:\
~ %AppData% : G:\Documents and Settings\jpl-52\Application Data\
~ %Desktop% : G:\Documents and Settings\jpl-52\Bureau\
~ %Favorites% : G:\Documents and Settings\jpl-52\Favoris\
~ %LocalAppData% : G:\Documents and Settings\jpl-52\Local Settings\Application Data\
~ %StartMenu% : G:\Documents and Settings\jpl-52\Menu Démarrer\
~ %Windir% : G:\WINDOWS\
~ %System% : G:\WINDOWS\system32\

---\\ DOS/Devices
C:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Hard drive, Flash drive, Thumb drive (Free 251 Go of 298 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.B45DA298E42C7A44BA96AED93B1D7359] - (.Microsoft Corporation - Explorateur Windows.) (.05/01/2012 - 19:34:04.) -- G:\WINDOWS\Explorer.exe [1544704]
[MD5.670558300C4116766363F843C2ABD37F] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) (.05/01/2012 - 19:34:22.) -- G:\WINDOWS\system32\rundll32.exe [35328]
[MD5.B0DF02C2326381D64149F3EEFAE5E09D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.05/01/2012 - 20:13:29.) -- G:\WINDOWS\system32\wininet.dll [916992]
[MD5.917C64008889003E6EA19CF0793CBD72] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.05/01/2012 - 19:34:30.) -- G:\WINDOWS\system32\Winlogon.exe [551424]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.05/01/2012 - 14:49:54.) -- G:\WINDOWS\system32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.05/01/2012 - 11:40:32.) -- G:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.05/01/2012 - 12:14:22.) -- G:\WINDOWS\system32\drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.05/01/2012 - 11:40:48.) -- G:\WINDOWS\system32\drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.05/01/2012 - 18:57:40.) -- G:\WINDOWS\system32\drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.05/01/2012 - 17:36:05.) -- G:\WINDOWS\system32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.05/01/2012 - 19:00:54.) -- G:\WINDOWS\system32\drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.05/01/2012 - 11:41:00.) -- G:\WINDOWS\system32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.05/01/2012 - 11:57:16.) -- G:\WINDOWS\system32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.05/01/2012 - 12:19:44.) -- G:\WINDOWS\system32\drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.05/01/2012 - 14:29:31.) -- G:\WINDOWS\system32\drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.05/01/2012 - 12:21:02.) -- G:\WINDOWS\system32\drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.05/01/2012 - 12:15:54.) -- G:\WINDOWS\system32\drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.05/01/2012 - 19:09:42.) -- G:\WINDOWS\system32\drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.05/01/2012 - 12:19:44.) -- G:\WINDOWS\system32\drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.05/01/2012 - 11:32:52.) -- G:\WINDOWS\system32\drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.05/01/2012 - 18:57:36.) -- G:\WINDOWS\system32\drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.05/01/2012 - 18:56:06.) -- G:\WINDOWS\system32\drivers\volsnap.sys [53376]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/351
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 4/225
~ Mes Documents (My Documents) : 13/887
~ Mon Bureau (My Desktop) : 0/20
~ Menu demarrer (Programs) : 6/43
~ Scan Hidden Files in 00mn 04s



---\\ Processus lancés
[MD5.1D8D19A29E695BDC07F1D4E7C90D1CAC] - (.IObit - Advanced SystemCare Service.) -- G:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [494424] [PID.]
[MD5.BB4C900FD6BF91422FC44A9CB640AE01] - (.Check Point Software Technologies LTD - TrueVector Service.) -- G:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2420616] [PID.]
[MD5.5B2CCEF06F96DFB22893AB8F0B3F891D] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- G:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [497280] [PID.]
[MD5.996E6D052438E8D8DFD501F31560B2E0] - (.AVAST Software - avast! Service.) -- G:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768] [PID.]
[MD5.5B590ED157BAAAD76F71A148741E8E9C] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- G:\Program Files\CheckPoint\ZAForceField\ForceField.exe [738944] [PID.684]
[MD5.C0393EB99A6C72C6BEF9BFC4A72B33A6] - (.SUPERAntiSpyware.com - Core Service.) -- G:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608] [PID.]
[MD5.2C41AE09BB51EA074069135F183DAA9C] - (.Acronis - Acronis Scheduler 2.) -- G:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [660576] [PID.]
[MD5.71489FA2C4A238F178E30AE6E4449013] - (.B.H.A Corporation - B's Recorder GOLD Service Library.) -- G:\WINDOWS\system32\bgsvcgen.exe [86016] [PID.]
[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- G:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.]
[MD5.AB973644B5CD45173915715782BBA273] - (.S3 Graphics, Inc. - Pas de description.) -- G:\WINDOWS\system32\VTTimer.exe [53248] [PID.788]
[MD5.573D909950CE7E46CFB3A1707AA57089] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- G:\WINDOWS\system32\VTtrayp.exe [200704] [PID.804]
[MD5.F7226AA410954185160067D5FA82F3F2] - (.AVAST Software - avast! Antivirus.) -- G:\Program Files\Alwil Software\Avast5\avastUI.exe [3744552] [PID.832]
[MD5.80FD4D46B0E9B620CF757A9A5C789329] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- G:\WINDOWS\SOUNDMAN.EXE [577536] [PID.1276]
[MD5.449D2363BD2C2AAD83FDB6E082B8C112] - (.Check Point Software Technologies LTD - ZoneAlarm.) -- G:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73360] [PID.]
[MD5.3D4D22B3360BF51EA620DE25A85C5023] - (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- G:\Program Files\DAP\DAP.EXE [2819584] [PID.2148]
[MD5.0450EC2579CF6CFD962D49878E0A9378] - (.Logitech Inc. - Logitech SetPoint Event Manager (UNICODE).) -- G:\Program Files\Logitech\SetPoint\SetPoint.exe [688128] [PID.2488]
[MD5.F6D01B49CEFE36286A1FD8BAE8F2D6A3] - (.Logitech Inc. - Logitech KHAL Main Process.) -- G:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE [56080] [PID.2592]
[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- G:\Program Files\Internet Explorer\IEXPLORE.EXE [638816] [PID.]
[MD5.753BC2E2E52FA2DC77A5193BA70263F3] - (.Nicolas Coolman - Diagnostic Tool.) -- G:\Program Files\ZHPDiag\ZHPDiag.exe [712704] [PID.3004]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- G:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Pas de propriétaire - npFFApi.) -- G:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\npFFApi.dll
P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- G:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKLM] [@exent.com/npExentCtl,version=7.0.0.0] - (...) -- G:\Program Files\Free Ride Games\npExentCtl.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- G:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@pack.google.com/Google Updater;version=14] - (.Google - Google Updater plugin<br><a href="http://pack.google.com/">http://pack.) -- G:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- G:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- G:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- G:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- G:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19165 (longhorn_ie8_gdr.111021-1715)) -- G:\WINDOWS\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=G:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- G:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- G:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- G:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- G:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} Clé orpheline
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} . (.SpeedBit Ltd. - Download Accelerator Plus (DAP) MSIE Loader.) -- G:\Program Files\DAP\dapieloader.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- G:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- (.not file.)
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- G:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- G:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] . (.Logitech Inc. - Logitech KHAL Main Process.) -- G:\WINDOWS\KHALMNPR.exe
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - Pas de description.) -- G:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- G:\WINDOWS\system32\VTTrayp.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- G:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- G:\WINDOWS\soundman.exe
O4 - HKLM\..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) -- G:\Program Files\CheckPoint\ZAForceField\ForceField.exe
O4 - HKLM\..\Run: [ZoneAlarm] . (.Check Point Software Technologies LTD - ZoneAlarm.) -- G:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] Clé orpheline
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- G:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- G:\Program Files\DAP\DAP.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- G:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Exetender] G:\Program Files\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- G:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Exetender] G:\Program Files\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-21-1060284298-1708537768-682003330-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- G:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1060284298-1708537768-682003330-1004\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- G:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1060284298-1708537768-682003330-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- G:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-1060284298-1708537768-682003330-1004\..\Run: [DownloadAccelerator] . (.SpeedBit Ltd. - Download Accelerator Plus (DAP).) -- G:\Program Files\DAP\DAP.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\123 Free Solitaire.lnk . (...) -- G:\Program Files\123 Free Solitaire\123FreeSolitaire.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- G:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\Paint.NET.lnk . (.dotPDN LLC.) -- G:\Program Files\Paint.NET\PaintDotNet.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- G:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- G:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- G:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- G:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- G:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- G:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\123 Free Solitaire.lnk . (...) -- G:\Program Files\123 Free Solitaire\123FreeSolitaire.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\CDBurnerXP.lnk . (.Canneverbe Limited.) -- G:\Program Files\CDBurnerXP\cdbxpp.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\Paint.NET.lnk . (.dotPDN LLC.) -- G:\Program Files\Paint.NET\PaintDotNet.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- G:\Program Files\Messenger\msmsgs.exe
O4 - Global Startup: G:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- G:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- G:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- G:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.) -- G:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: G:\Documents And Settings\jpl-52\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- G:\Program Files\Outlook Express\msimn.exe
~ Scan Global Startup in 00mn 01s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: &Clean Traces . (...) -- G:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP . (...) -- G:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP . (...) -- G:\Program Files\DAP\dapextie2.htm
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} . (...) -- G:\WINDOWS\bdoscandel.exe
O9 - Extra button: Uninstall BitDefender Online Scanner v8 - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} . (...) -- G:\WINDOWS\bdoscandel.exe
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- G:\WINDOWS\bdoscandel.exe
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- G:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- G:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- G:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- G:\WINDOWS\system32\mswsock.dll
~ Scan Winsock in 00mn 00s



---\\ Onglet supplémentaire dans les options avancées d'Internet Explorer (O11)
O11 - Options group: [java_sun] Java (Sun). (...) - G:\Program Files\Java\jre7\bin\deploy.dll
~ Scan IE Plugins in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Détection de dispositifs) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/dcode/activex/msdcode.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.zebulon.fr/outils/antivirus/kavwebscan_unicode.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} () - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1321630916609
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} () - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_2_1_0.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} () - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DA1C2E7-F77A-42F0-AF45-FF8BE367A59D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DA1C2E7-F77A-42F0-AF45-FF8BE367A59D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{8DA1C2E7-F77A-42F0-AF45-FF8BE367A59D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{8DA1C2E7-F77A-42F0-AF45-FF8BE367A59D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{8DA1C2E7-F77A-42F0-AF45-FF8BE367A59D}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS3\Services\Tcpip\..\{8DA1C2E7-F77A-42F0-AF45-FF8BE367A59D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS3\Services\Tcpip\..\{8DA1C2E7-F77A-42F0-AF45-FF8BE367A59D}: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- G:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- G:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- G:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- G:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- G:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- G:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- G:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- G:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- G:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- G:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- G:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- G:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- G:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- G:\WINDOWS\system32\wiascr.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- G:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- G:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- G:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- G:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- G:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- G:\WINDOWS\system32\shell32.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- G:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- G:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- G:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- G:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- G:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- G:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- G:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- G:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- G:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- G:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- G:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - G:\WINDOWS\system32\guard32.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- G:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- G:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- G:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- G:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- G:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- G:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - G:\Program Files\SUPERAntiSpyware\SASCore.exe
O23 - Service: Service Planificateur2 Acronis (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - G:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) . (.IObit - Advanced SystemCare Service.) - G:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - G:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) . (.B.H.A Corporation - B's Recorder GOLD Service Library.) - G:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - G:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - G:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
O23 - Service: NMSAccess (NMSAccess) . (...) - G:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - G:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autoche) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - G:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - G:\WINDOWS\Tasks\GlaryInitialize.job
O39 - APT:Automatic Planified Task - G:\WINDOWS\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - G:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - G:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - G:\WINDOWS\Tasks\SBWUpdateTask_Logon_0000000000-0000-0000-0000-00000000001617299DC6.job
O39 - APT:Automatic Planified Task - G:\WINDOWS\Tasks\SBWUpdateTask_Time_0000000000-0000-0000-0000-00000000001617299DC6.job
~ Scan Scheduled Task in 00mn 01s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Mise à jour de la version d'Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- G:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- G:\WINDOWS\INF\unregmp2.exe
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- G:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- G:\WINDOWS\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (...) -- G:\Program Files\Java\jre7\bin\deploy.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- G:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- G:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- G:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- G:\WINDOWS\INF\msmsgs.inf
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- G:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- G:\WINDOWS\INF\wmp.inf
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- G:\WINDOWS\system32\ie4uinit.exe.mui
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- G:\WINDOWS\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.2 r159.) -- G:\WINDOWS\system32\Macromed\Flash\Flash10p.ocx
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (8605253drv) . (.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) - G:\WINDOWS\system32\DRIVERS\8605253drv.sys
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - G:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - G:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - G:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - G:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - G:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - G:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - G:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - G:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - G:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - G:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - G:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - G:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - G:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - G:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - G:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - G:\Program Files\SUPERAntiSpyware\SASDIFSV.sys
O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL.SYS.) - G:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - G:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - G:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - G:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - G:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - G:\WINDOWS\system32\vsdatant.sys
~ Scan Drivers in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: 123 Free Solitaire 2009 v7.2 - (.TreeCardGames.com.) [HKLM] -- 123 Free Solitaire_is1
O42 - Logiciel: 3DRT Dominos Shareware (Désinstaller) - (.Pas de propriétaire.) [HKLM] -- 3DRT Dominos Shareware
O42 - Logiciel: Advanced SystemCare 5 - (.IObit.) [HKLM] -- Advanced SystemCare 5_is1
O42 - Logiciel: Alien Eggs 1.22 - (.Pas de propriétaire.) [HKLM] -- AlienEggs
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: CDDRV_Installer - (.Logitech Inc..) [HKLM] -- {8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
O42 - Logiciel: Download Accelerator Plus (DAP) - (.Speedbit Ltd..) [HKLM] -- Download Accelerator Plus (DAP)
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner
O42 - Logiciel: ESDX4000_4050_CX3900 - (.Pas de propriétaire.) [HKLM] -- ESDX4000_4050_CX3900
O42 - Logiciel: FinePix Studio - (.Pas de propriétaire.) [HKLM] -- {E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}
O42 - Logiciel: FinePixViewer Resource - (.FUJIFILM Corporation.) [HKLM] -- {B44529FF-501E-47CD-A06D-223C161BE058}
O42 - Logiciel: Generic USB CardReader 2.0 - (.Pas de propriétaire.) [HKLM] -- {EA1CB7AC-E221-4822-A789-0ADB051DC498}
O42 - Logiciel: Glary Utilities 2.40.0.1326 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: IZArc 4.1.6 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Internet Explorer (Enable DEP) - (.Pas de propriétaire.) [HKLM] -- {a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb
O42 - Logiciel: Internet Explorer - (.Microsoft Corporation.) [HKLM] -- {4E414048-A9DD-4F60-AA1D-018E716C88C9}
O42 - Logiciel: Kaspersky On-line Scanner - (.Kaspersky Lab.) [HKLM] -- Kaspersky On-line Scanner
O42 - Logiciel: KhalSetup - (.Logitech.) [HKLM] -- {C89C8D86-4423-4A58-AA40-DD259ACE07C1}
O42 - Logiciel: Kyodai Mahjongg 2006 v1.42 - (.Rene-Gilles Deberdt.) [HKLM] -- Kyodai Mahjongg 2006_is1
O42 - Logiciel: Logitech SetPoint - (.Logitech.) [HKLM] -- {2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (FRA) - (.Microsoft.) [HKLM] -- {30F71986-F2F2-33C8-89AA-99E566B04FD2}
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {3F7924B9-D148-3141-87B1-68F36043A940}
O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
O42 - Logiciel: Microsoft .NET Framework 3.0 Client Profile - Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] -- {0089CA27-3E85-3E64-9814-A7B1A1756CE3}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] -- {511DF669-2930-30C0-8EB6-552887E29EC8}
O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
O42 - Logiciel: Microsoft .NET Framework 3.5 Client Profile - Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] -- {25EDB0C9-A32C-35AB-9AA3-6D74BBE16813}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack - fra - (.Microsoft Corporation.) [HKLM] -- {5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft .NET Framework Client Profile - (.Pas de propriétaire.) [HKLM] -- Microsoft.Net.Client.3.5
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Mineraloids - (.FreeGamePick.com.) [HKLM] -- Mineraloids_is1
O42 - Logiciel: Module linguistique Microsoft .NET Framework Client Profile - FRA - (.Pas de propriétaire.) [HKLM] -- Microsoft.Net.Client.3.5.LangPack.fra
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: PDF-Viewer - (.Tracker Software Products Ltd.) [HKLM] -- {A278382D-4F1B-4D47-9885-8523F7261E8D}_is1
O42 - Logiciel: Paint.NET v3.5.10 - (.dotPDN LLC.) [HKLM] -- {529125EF-E3AC-4B74-97E6-F688A7C0F1BF}
O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] -- QuickPar
O42 - Logiciel: Quicksys RegDefrag 2.9 - (.Pas de propriétaire.) [HKLM] -- {5D26BF7B-BEF6-477D-8FC1-0C1C159B6364}_is1
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Santa Claus in Trouble - (.Pas de propriétaire.) [HKLM] -- Santa Claus in Trouble
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: VC 9.0 Runtime - (.Check Point Software Technologies Ltd.) [HKLM] -- {02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
O42 - Logiciel: VIA/S3G Display Driver 6.14.10.0367 - (.Pas de propriétaire.) [HKLM] -- VIA/S3G UniChrome Family Win2K/XP/Server2003 Display
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: ZoneAlarm Firewall - (.Check Point Software Technologies Ltd..) [HKLM] -- {A386CC19-1E79-4D4C-A54B-C8747871E4AD}
O42 - Logiciel: ZoneAlarm Free - (.Check Point.) [HKLM] -- ZoneAlarm Free
O42 - Logiciel: ZoneAlarm Security - (.Check Point Software Technologies Ltd..) [HKLM] -- {2B120B1D-1908-4FB3-8C9D-72128A74E80A}
O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\2VG]
[HKCU\Software\3DRT Dominos Shareware]
[HKCU\Software\ABBYY]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ASCII]
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\Altaruine]
[HKCU\Software\Amic Tools]
[HKCU\Software\Antanda]
[HKCU\Software\AppDataLow\AskToolbarInfo]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow\Software\Exent]
[HKCU\Software\AppDataLow\Software\Megamedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Search Settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ask.com]
[HKCU\Software\Auslogics]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\CheckPoint]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ComodoGroup]
[HKCU\Software\Comodo]
[HKCU\Software\CoreAAC]
[HKCU\Software\Datamngr]
[HKCU\Software\DevNet]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\ESTsoft]
[HKCU\Software\EmpArch]
[HKCU\Software\Exent]
[HKCU\Software\FUJIFILM]
[HKCU\Software\Fighters]
[HKCU\Software\Flock]
[HKCU\Software\FreshDevices]
[HKCU\Software\GlarySoft]
[HKCU\Software\Goodsol]
[HKCU\Software\Google]
[HKCU\Software\Headlight]
[HKCU\Software\HookNetwork]
[HKCU\Software\Hugx]
[HKCU\Software\IDAVLab]
[HKCU\Software\IDETool]
[HKCU\Software\IM Providers]
[HKCU\Software\INCAInternet]
[HKCU\Software\IObit]
[HKCU\Software\IZSoftware]
[HKCU\Software\Iminent]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Jsoft.fr]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Lavalys]
[HKCU\Software\Licenses]
[HKCU\Software\Logitech]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Media Research Group]
[HKCU\Software\Micro Application]
[HKCU\Software\MicroWorld]
[HKCU\Software\MooSoft Development]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Namida]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Orient Lab]
[HKCU\Software\PC SOFT]
[HKCU\Software\Paint.NET]
[HKCU\Software\ParetoLogic]
[HKCU\Software\Phoenix Technologies]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Prodiff]
[HKCU\Software\QuickPar]
[HKCU\Software\SUPERAntiSpyware.com]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Siber Systems]
[HKCU\Software\Softonic]
[HKCU\Software\SpeedBit]
[HKCU\Software\Spointer]
[HKCU\Software\Sysinternals]
[HKCU\Software\Tracker Software]
[HKCU\Software\Trolltech]
[HKCU\Software\Ufasoft]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Valve]
[HKCU\Software\VirusSecureLab]
[HKCU\Software\Webroot]
[HKCU\Software\WideStream]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zone Labs]
[HKCU\Software\dskMetrics]
[HKCU\Software\ej-technologies]
[HKCU\Software\freezefrogsa]
[HKCU\Software\freshney.org]
[HKCU\Software\g3n-h@ckm@n]
[HKCU\S

2 réponses

cabrier Messages postés 5591 Date d'inscription dimanche 7 août 2011 Statut Contributeur sécurité Dernière intervention 27 octobre 2020 702
Modifié par cabrier le 5/01/2012 à 14:07
OK je regarde cela et te tiens au courant !

mais pour ce que j'en ai vu, oui tu es infecté !


Heureux ceux qui peuvent donner sans s'en souvenir et prendre sans oublier !
0
cabrier Messages postés 5591 Date d'inscription dimanche 7 août 2011 Statut Contributeur sécurité Dernière intervention 27 octobre 2020 702
Modifié par cabrier le 5/01/2012 à 13:59
Ton rapport n'est pas complet.

héberge le sur

cijoint ou pjoint

- Tu cliques sur Ouvrir puis sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme: https://www.cjoint.com/index.php?file=cjge368/cijSKAP5fU.txt
sera ajouté dans la page.
- C'est ce lien que tu as à me transmettre.




A+
0
cabrier Messages postés 5591 Date d'inscription dimanche 7 août 2011 Statut Contributeur sécurité Dernière intervention 27 octobre 2020 702
5 janv. 2012 à 14:12
jlp,

Une fois le lien de ton rapport posté :


Utilise cet outil de désinfection spécifique aux logiciels publicitaires :

* Télécharge AdwCleaner (de Xplode) sur ton Bureau.
* Lance le, clique sur Suppression puis patiente le temps du scan.
* Une fois le scan terminé, un rapport s'ouvrira : poste le dans ta prochaine réponse (toujours avec cjoint ou pjoint).

@+

0