Perte de connexion Internet • page 2

[bernard53]

ok ceci alors.

Aller ici et télécharger, sur le Bureau, la dernière version de CAT ("Crisis Aversion Tool" par teamrocketops).
Double-cliquer sur (Vista/W7, cliquer-droit dessus => "Exécuter en tant qu'administrateur") pour lancer le programme.



Cliquer sur le menu Fixes et cocher les cases devant les lignes suivantes:

[*]Flush DNS Resolver Cache
[*]Repair Internet Explorer
[*]Reset Default Services Start States

Fermer toutes les fenêtres et applications ouvertes sauf CAT puis presser le bouton "Apply Checked Fixes". Fermer le programme et Redémarrer le PC.
A noter que le programme crée un dossier nommé "CAT-Logs" à la racine de la partition système (généralement C:\CAT-Logs). Penser à supprimer ce dossier à la fin du nettoyage.

[popineye]

Ok c'est fait, mais j'ai eu deux fois l'erreur concernant le chargement de la librairie C++ (R6034).

Après reboot, toujours les mêmes symptomes malheureusement...

[oxmosys]

Et bien je viens de découvrir un truc... l'IRQ15 correspond au power management ACPI. Sauf que chez moi, impossible de le désactiver par le BIOS. ça...

Oui, sur Ubuntu j'ai déjà relevé des cas isolés rencontrant des erreurs similaires avec l'ACPI qui disparaissent avec les nouvelles versions de Linux. Il y a toujours un moyen de contourner le problème, l'ennui c'est que c'est souvent très casse-pied de trouver la commande de démarrage exacte qui passera dans ce genre de situation. Le LiveCD de Kaspersky fonctionne sur Gentoo qui n'est pas aussi documenté.. C'est déjà formidable que vous ayez fait des recherches aussi poussées, j'ignorais moi-même comment modifier la commande de démarrage sous gentoo.

Mais je me dis que tant qu'entre se donner le mal de chercher une info aussi précise et brancher le disque dur sur un autre PC, la première solution risque d'être plus casse-pied, même si la seconde l'est aussi.

[popineye]

Au cas où, j'ai fais une mise à jour de ZHP puisque en mode sans echec, j'ai accès au Web.
Voici le nouveau rapport:

La première moitié:

Code: Tout sélectionner

Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by martins at 12/09/2011 20:56:59
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
OBIE: AvantBrowser
MFIE: Mozilla Firefox 6.0.2 v6.0.2

---\\ Windows Product Information
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ System Information
~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 2047 MB (86% free)
System Restore: Désactivé (Disabled)
System drive C: has 58 GB (19%) free of 298 GB

---\\ Logged in mode
~ Computer Name: XPSP2-335683F4D
~ User Name: martins
~ All Users Names: SUPPORT_388945a0, martins, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\
~ %Desktop% : C:\Documents and Settings\martins.XPSP2-335683F4D\Bureau\
~ %Favorites% : C:\Documents and Settings\martins.XPSP2-335683F4D\Favoris\
~ %LocalAppData% : C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\martins.XPSP2-335683F4D\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 58 Go of 298 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Free 2 Go of 2 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.14/04/2008 - 03:34:20.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.29/08/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 7/247
~ Mes musiques (My Musics) : 270/1231
~ Mes Videos (My Videos) : 1/202
~ Mes Favoris (My Favorites) : 2/56
~ Mes Documents (My Documents) : 286/2098
~ Mon Bureau (My Desktop) : 48/1576
~ Menu demarrer (Programs) : 5/44
~ Scan Hidden Files in 00mn 25s



---\\ Processus lancés
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [669696] [PID.1620]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchTheWeb.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [martins] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R0 - HKUS\S-1-5-21-1801674531-884357618-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMCTray.dll
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition binary.) -- C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Launcher.) -- C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
O4 - HKCU\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Magentic] . (.Pas de propriétaire - Magentic Application.) -- C:\PROGRA~1\Magentic\bin\Magentic.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.exe2; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) -http:\\www.funlabo.com\moto\course-de-moto.htm (.no
O4 - HKUS\S-1-5-21-1801674531-884357618-725345543-1003\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Launcher.) -- C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe
O4 - HKUS\S-1-5-21-1801674531-884357618-725345543-1003\..\Run: [IncrediMail] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O4 - HKUS\S-1-5-21-1801674531-884357618-725345543-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1801674531-884357618-725345543-1003\..\Run: [Magentic] . (.Pas de propriétaire - Magentic Application.) -- C:\PROGRA~1\Magentic\bin\Magentic.exe
O4 - HKUS\S-1-5-21-1801674531-884357618-725345543-1003\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] . (...) -- C:\WINDOWS\system32\run.cmd
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] . (...) -- C:\WINDOWS\system32\run.cmd
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] . (...) -- C:\WINDOWS\system32\run.cmd
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] . (...) -- C:\WINDOWS\system32\run.cmd
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe
O4 - HKUS\S-1-5-21-1801674531-884357618-725345543-1003\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.exe2; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) -http:\
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\martins\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.)  -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\martins\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\IEXPLORE.EXE
O4 - Global Startup: C:\Documents And Settings\martins\Menu Démarrer\Programmes\Lecteur Windows Media.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Documents And Settings\martins\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Outlook Express\msimn.exe
~ Scan Global Startup in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Service client pour le fournisseur NetWare et DLL d'authentification.) -- C:\WINDOWS\system32\nwprovau.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{182643F9-ACC5-4557-B482-215D61E23BE4}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{182643F9-ACC5-4557-B482-215D61E23BE4}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{D61C1005-CF6C-4684-B490-48B5125B567D}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7F045D54-5C01-46CA-AC48-E974793712BF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{EA55975E-EAF0-43E1-BAAD-90D2F402F0FD}: DhcpNameServer = 10.0.1.7 10.0.1.49
O17 - HKLM\System\CS2\Services\Tcpip\..\{EA55975E-EAF0-43E1-BAAD-90D2F402F0FD}: DhcpDomain = rosmco.prv
O17 - HKLM\System\CS3\Services\Tcpip\..\{182643F9-ACC5-4557-B482-215D61E23BE4}: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.31.) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Contrôle Parental SFR (OPTENET_FILTER) . (.SFR - Contrôle Parental.) - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) . (.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\User_Feed_Synchronization-{A1D88420-3446-4D99-B390-A31043C9B1A4}.job
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\WGASetup.job
~ Scan Scheduled Task in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver:  (AmdK8) . (.Advanced Micro Devices - AMD Processor Driver.) - C:\WINDOWS\system32\DRIVERS\AmdK8.sys
O41 - Driver:  (asusgsb) . (. - .) - C:\WINDOWS\system32\drivers\asusgsb32.sys (.not file.)
O41 - Driver:  (asuskbnt) . (.ASUSTeK COMPUTER INC. - ASUS Help driver For Keyboard Service..) - C:\WINDOWS\system32\drivers\atkkbnt.sys
O41 - Driver:  (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver:  (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver:  (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver:  (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver:  (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver:  (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver:  (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver:  (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver:  (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver:  (Processor) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\processr.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver:  (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver:  (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys
O41 - Driver:  (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver:  (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver:  (Tcpip6) . (.Microsoft Corporation - IPv6 driver.) - C:\WINDOWS\system32\DRIVERS\tcpip6.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ASUS Enhanced Display Driver - (.ASUSTeK COMPUTER INC..) [HKLM] -- {315ACD04-BCEB-478B-9B1D-5431D0E6CB11}
O42 - Logiciel: ASUS Utilities - (.ASUSTeK Computer Inc..) [HKLM] -- InstallShield_{43C67D92-F56E-4729-8673-9A2D5A6036F8}
O42 - Logiciel: ASUS VideoSecurity Online - (.ASUSTeK Computer Inc..) [HKLM] -- InstallShield_{7A529246-912F-4C40-A82A-E608DB702FD7}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Aladdin - (.GameFabrique.) [HKLM] -- Aladdin_is1
O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Avant Browser (remove only) - (.Pas de propriétaire.) [HKLM] -- AvantBrowser
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Barbie(TM) dans Coeur de Princesse - (.Pas de propriétaire.) [HKLM] -- Barbie(TM) dans Coeur de Princesse
O42 - Logiciel: Belkin Connect Wireless USB Adapter - (.Belkin.) [HKLM] -- InstallShield_{08B73C99-D071-488F-8861-5DDA897C510D}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Cake Mania - (.Pas de propriétaire.) [HKLM] -- BFG-Cake Mania
O42 - Logiciel: Cake Mania - Lights, Camera, Action! Deluxe - (.Zylom Games.) [HKLM] -- Cake Mania - Lights, Camera, Action! Deluxe
O42 - Logiciel: Cake Shop 2 - (.MyPlayCity, Inc..) [HKLM] -- Cake Shop 2_is1
O42 - Logiciel: CakeMania Lights Camera Action - (.Boonty.) [HKLM] -- CakeMania Lights Camera Action_is1
O42 - Logiciel: CakeMania Mainstreet fr - (.Boonty.) [HKLM] -- CakeMania Mainstreet_is1
O42 - Logiciel: Contrôle Parental SFR - (.Pas de propriétaire.) [HKLM] -- {542077EB-36C8-4981-893B-3AD98F3BA12A}
O42 - Logiciel: Cooking Dash - (.Pas de propriétaire.) [HKLM] -- Cooking Dash
O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1
O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}
O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}
O42 - Logiciel: EPSON Easy Photo Print - (.Pas de propriétaire.) [HKLM] -- {BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}
O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {E86BC406-944E-41F6-ADE6-2C136734C96B}
O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}
O42 - Logiciel: EPSON Web-To-Page - (.Pas de propriétaire.) [HKLM] -- {7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}
O42 - Logiciel: ESDX4000_4050_CX3900 - (.Pas de propriétaire.) [HKLM] -- ESDX4000_4050_CX3900
O42 - Logiciel: FIFA 2004 - (.Pas de propriétaire.) [HKLM] -- {782DDB70-3DF4-4366-00BF-E3767BCD173B}
O42 - Logiciel: GrabIt 1.7.1 Beta (build 960) - (.Ilan Shemes.) [HKLM] -- GrabIt_is1
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: K-Lite Codec Pack 4.3.1 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: LimeWire 4.12.11 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: Magentic - (.IncrediMail Ltd..) [HKLM] -- Magentic
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Nero 6 Ultra Edition - (.Pas de propriétaire.) [HKLM] -- Nero - Burning Rom!UninstallKey
O42 - Logiciel: PIF DESIGNER - (.Pas de propriétaire.) [HKLM] -- {B90450DF-E781-46FD-B1F1-0C86DA40E443}
O42 - Logiciel: QuickPar 0.9 - (.Peter B. Clements.) [HKLM] -- QuickPar
O42 - Logiciel: Realtek AC'97 Audio - (.Pas de propriétaire.) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: SDK - (.Portrait Displays, Inc..) [HKLM] -- {0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}
O42 - Logiciel: SLD Codec Pack - (.Pas de propriétaire.) [HKLM] -- SLD Codec Pack
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2487367) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Speccy - (.Piriform.) [HKLM] -- Speccy
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2586924) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3B65DCBC-61EC-4578-9DF2-40D3B3829CD8}
O42 - Logiciel: VideoLAN VLC media player 0.8.6d - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service
O42 - Logiciel: XviD MPEG-4 Video Codec - (.XviD Development Team.) [HKLM] -- xvid
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: ubCore - (.Unibrain.) [HKLM] -- InstallShield_{4321CFD4-27B9-4955-BCD9-A4920090CFFF}


[popineye]

Et la suite:

Code: Tout sélectionner


---\\ HKCU & HKLM Software Keys
[HKCU\Software\ ]
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\ABBYY]
[HKCU\Software\AC3filter]
[HKCU\Software\ASUS]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Alawar]
[HKCU\Software\Alcohol Soft]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Avance]
[HKCU\Software\Avant Browser]
[HKCU\Software\Avira]
[HKCU\Software\Belkin]
[HKCU\Software\Binary Noise]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreVorbis]
[HKCU\Software\Cyberlink]
[HKCU\Software\DT Soft]
[HKCU\Software\DVD Shrink]
[HKCU\Software\Delphree]
[HKCU\Software\DiskSoftware]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EPSON]
[HKCU\Software\Elecard]
[HKCU\Software\Electronic Arts]
[HKCU\Software\F-Secure]
[HKCU\Software\Fugazo]
[HKCU\Software\GNU]
[HKCU\Software\GSpot Appliance Corp]
[HKCU\Software\Gabest]
[HKCU\Software\GameHouse]
[HKCU\Software\Gameface]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavalys]
[HKCU\Software\MDO]
[HKCU\Software\Macromedia]
[HKCU\Software\Magentic]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaInfo]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\NVIDIA nvCpl Container]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\OXXOgames]
[HKCU\Software\Patchou]
[HKCU\Software\PegasusImaging]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Portrait Displays]
[HKCU\Software\PuzzleLab]
[HKCU\Software\QuickPar]
[HKCU\Software\Realtek]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Sandlot Games]
[HKCU\Software\SecuROM]
[HKCU\Software\Shemes]
[HKCU\Software\Siber Systems]
[HKCU\Software\Sony Corporation]
[HKCU\Software\Terravirtual]
[HKCU\Software\Trend Micro]
[HKCU\Software\Trolltech]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Zylom]
[HKCU\Software\cybelsoft]
[HKCU\Software\eMule]
[HKLM\Software\8ec]
[HKLM\Software\ABBYY]
[HKLM\Software\ASUSTeK COMPUTER INC.]
[HKLM\Software\ASUS]
[HKLM\Software\AceGain]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\Alawar]
[HKLM\Software\Alcohol Soft]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Audible]
[HKLM\Software\Avira]
[HKLM\Software\Belkin]
[HKLM\Software\Big Fish Games]
[HKLM\Software\Blizzard Entertainment]
[HKLM\Software\Boonty]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Codec Tweak Tool]
[HKLM\Software\Cyberlink]
[HKLM\Software\DT Soft]
[HKLM\Software\Data Fellows]
[HKLM\Software\DiskSoftware]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA SPORTS]
[HKLM\Software\EPSON]
[HKLM\Software\Electronic Arts]
[HKLM\Software\EliaShim]
[HKLM\Software\GNU]
[HKLM\Software\Gabest]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\ImInstaller]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\KLCodecPack]
[HKLM\Software\Licenses]
[HKLM\Software\MSI]
[HKLM\Software\Macromedia]
[HKLM\Software\Magnet]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MicroQuill]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OPTENET]
[HKLM\Software\Patchou]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Portrait Displays, Inc.]
[HKLM\Software\Portrait Displays]
[HKLM\Software\PortraitDisplays]
[HKLM\Software\Program Groups]
[HKLM\Software\Realtek]
[HKLM\Software\ReflexiveArcade]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roadkil]
[HKLM\Software\RtWLan]
[HKLM\Software\S3R521]
[HKLM\Software\SFR]
[HKLM\Software\SLD]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\Sony Corporation]
[HKLM\Software\SymNRT]
[HKLM\Software\TerraVirtual]
[HKLM\Software\Trad-FR]
[HKLM\Software\TrendMicro]
[HKLM\Software\Unibrain]
[HKLM\Software\VideoLAN]
[HKLM\Software\Vivendi Universal Games]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\X-AVCSD]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/01/2011 - 20:48:18 - [124487825] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 21/07/2011 - 19:41:08 - [323574951] ----D- C:\Program Files\Adobe
O43 - CFD: 03/02/2009 - 20:44:00 - [89919814] ----D- C:\Program Files\Ahead
O43 - CFD: 04/07/2011 - 20:07:50 - [3168045] ----D- C:\Program Files\Aladdin
O43 - CFD: 04/07/2011 - 20:07:46 - [4532671] ----D- C:\Program Files\Alawar
O43 - CFD: 22/11/2008 - 15:54:10 - [8866209] ----D- C:\Program Files\Alcohol Soft
O43 - CFD: 23/11/2008 - 17:34:18 - [41877227] ----D- C:\Program Files\ASUS
O43 - CFD: 29/09/2010 - 17:11:30 - [0] ----D- C:\Program Files\Atari
O43 - CFD: 09/09/2011 - 15:43:28 - [4049997] ----D- C:\Program Files\Avant Browser
O43 - CFD: 11/09/2011 - 16:07:24 - [144511437] ----D- C:\Program Files\Avira
O43 - CFD: 28/04/2010 - 10:52:22 - [156341668] ----D- C:\Program Files\Barbie(TM)
O43 - CFD: 06/07/2011 - 18:58:18 - [619652] ----D- C:\Program Files\Belkin
O43 - CFD: 14/02/2011 - 12:28:54 - [14003379] ----D- C:\Program Files\Big Fish Games
O43 - CFD: 29/12/2010 - 15:38:20 - [116584132] ----D- C:\Program Files\bigup16 & Pheonix RG
O43 - CFD: 20/01/2011 - 16:24:40 - [2414690] ----D- C:\Program Files\Boonty
O43 - CFD: 04/07/2011 - 17:35:22 - [469301621] ----D- C:\Program Files\BoontyGames
O43 - CFD: 04/07/2011 - 17:35:22 - [26326355] ----D- C:\Program Files\Burger Shop 2
O43 - CFD: 21/07/2011 - 19:51:44 - [3557199] ----D- C:\Program Files\Cake Mania
O43 - CFD: 21/07/2011 - 19:51:18 - [16692486] ----D- C:\Program Files\Cake Mania(2)
O43 - CFD: 11/09/2011 - 14:05:30 - [3901432] ----D- C:\Program Files\CCleaner
O43 - CFD: 17/11/2008 - 10:34:02 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 23/11/2008 - 18:06:04 - [888522] ----D- C:\Program Files\DVD Shrink
O43 - CFD: 23/01/2011 - 18:12:02 - [1024808906] ----D- C:\Program Files\EA SPORTS
O43 - CFD: 13/04/2011 - 19:28:08 - [5845639459] ----D- C:\Program Files\Electronic Arts
O43 - CFD: 21/01/2010 - 11:54:46 - [61808318705] ----D- C:\Program Files\eMule
O43 - CFD: 23/11/2008 - 10:27:04 - [143600069] ----D- C:\Program Files\epson
O43 - CFD: 20/01/2011 - 16:36:26 - [790953862] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 23/11/2008 - 17:25:52 - [65] ----D- C:\Program Files\GameFace Messenger
O43 - CFD: 30/09/2010 - 18:57:02 - [0] ----D- C:\Program Files\Google
O43 - CFD: 02/05/2009 - 19:19:50 - [5446771] ----D- C:\Program Files\GrabIt
O43 - CFD: 11/09/2011 - 18:48:02 - [398038] ----D- C:\Program Files\hijack
O43 - CFD: 28/03/2011 - 17:13:12 - [34928040] ----D- C:\Program Files\IncrediMail
O43 - CFD: 12/09/2011 - 20:16:08 - [0] ----D- C:\Program Files\IncrediMail_MediaBar_2
O43 - CFD: 21/07/2011 - 18:42:18 - [32369025] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 30/08/2011 - 03:00:58 - [5654756] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 13/11/2010 - 10:33:24 - [138642312] ----D- C:\Program Files\Java
O43 - CFD: 21/07/2011 - 19:51:16 - [294453538] ----D- C:\Program Files\Jewel Quest Mysteries 2 - Trail of Midnight Heart
O43 - CFD: 23/11/2008 - 13:03:56 - [37126087] ----D- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 23/11/2008 - 17:42:10 - [23647990] ----D- C:\Program Files\LimeWire
O43 - CFD: 19/04/2009 - 23:42:16 - [3968680] ----D- C:\Program Files\ma-config.com
O43 - CFD: 01/04/2009 - 11:27:18 - [14870404] ----D- C:\Program Files\Magentic
O43 - CFD: 11/09/2011 - 18:46:18 - [6953823] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 23/04/2009 - 03:04:36 - [2147758] ----D- C:\Program Files\Messenger
O43 - CFD: 29/12/2009 - 17:27:38 - [13262244] ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD: 21/05/2009 - 12:57:00 - [0] ----D- C:\Program Files\Micro Application
O43 - CFD: 21/12/2008 - 11:46:02 - [1544075] ----D- C:\Program Files\Microsoft
O43 - CFD: 17/11/2008 - 10:37:04 - [0] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 21/07/2011 - 19:52:10 - [569773400] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 21/12/2009 - 10:54:56 - [1540212] ----D- C:\Program Files\Microsoft Office Outlook Connector
O43 - CFD: 15/06/2011 - 13:57:48 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 14/03/2010 - 14:31:54 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 14/03/2010 - 14:32:34 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 22/11/2008 - 16:14:12 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 29/12/2009 - 04:03:50 - [3726168] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 02/03/2010 - 20:25:42 - [979309] ----D- C:\Program Files\Microsoft WSE
O43 - CFD: 13/04/2011 - 18:57:46 - [23935] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 03/09/2010 - 16:05:20 - [10374874] ----D- C:\Program Files\Movie Maker
O43 - CFD: 11/09/2011 - 16:18:28 - [35683608] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 22/11/2008 - 16:14:18 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 20/04/2009 - 01:09:50 - [19278399] ----D- C:\Program Files\msn
O43 - CFD: 19/11/2008 - 03:42:48 - [0] ----D- C:\Program Files\msn gaming zone
O43 - CFD: 23/07/2011 - 07:06:24 - [154033] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 23/11/2008 - 13:21:46 - [0] ----D- C:\Program Files\My Company Name
O43 - CFD: 22/06/2011 - 13:08:36 - [215285916] ----D- C:\Program Files\MyPlayCity.com
O43 - CFD: 04/07/2011 - 17:35:18 - [64599766] ----D- C:\Program Files\Mystic Emporium
O43 - CFD: 17/11/2008 - 10:37:04 - [0] ----D- C:\Program Files\netmeeting
O43 - CFD: 18/06/2009 - 19:32:50 - [5013254] ----D- C:\Program Files\Neuf
O43 - CFD: 17/01/2011 - 04:00:54 - [4379321] ----D- C:\Program Files\Outlook Express
O43 - CFD: 28/01/2011 - 17:02:54 - [2757956] ----D- C:\Program Files\Photo Notifier and Animation Creator
O43 - CFD: 03/09/2010 - 16:06:16 - [1873554] ----D- C:\Program Files\PhotoMail Maker
O43 - CFD: 01/02/2009 - 12:44:20 - [10890697] ----D- C:\Program Files\Portrait Displays
O43 - CFD: 23/11/2008 - 16:59:26 - [941108] ----D- C:\Program Files\QuickPar
O43 - CFD: 22/11/2008 - 17:20:42 - [72399970] ----D- C:\Program Files\QuickTime
O43 - CFD: 28/11/2009 - 04:09:42 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 22/12/2009 - 20:40:54 - [20077] ----D- C:\Program Files\ReflexiveArcade
O43 - CFD: 29/11/2008 - 14:35:48 - [101619625] ----D- C:\Program Files\SDLL
O43 - CFD: 17/11/2008 - 10:35:36 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 30/09/2010 - 18:51:08 - [370700511] ----D- C:\Program Files\SFR
O43 - CFD: 22/11/2008 - 17:24:44 - [4605376] ----D- C:\Program Files\SLD Codec Pack
O43 - CFD: 23/07/2011 - 07:04:34 - [297773692] ----D- C:\Program Files\Sony
O43 - CFD: 11/09/2011 - 15:19:30 - [4557848] ----D- C:\Program Files\Speccy
O43 - CFD: 20/04/2009 - 00:22:10 - [2519999] ----D- C:\Program Files\Unibrain
O43 - CFD: 17/11/2008 - 10:42:30 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 22/11/2008 - 16:50:56 - [33438420] ----D- C:\Program Files\VideoLAN
O43 - CFD: 22/11/2008 - 18:16:30 - [0] ----D- C:\Program Files\Western Digital
O43 - CFD: 25/01/2011 - 20:56:52 - [102211638] ----D- C:\Program Files\Windows Live
O43 - CFD: 21/12/2008 - 11:39:14 - [245112] ----D- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 20/04/2009 - 01:04:16 - [9091821] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 17/11/2008 - 10:37:04 - [783360] ----D- C:\Program Files\Windows NT
O43 - CFD: 17/11/2008 - 10:35:40 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 22/11/2008 - 16:00:44 - [4890547] ----D- C:\Program Files\WinRAR
O43 - CFD: 17/11/2008 - 10:37:04 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/01/2011 - 09:55:18 - [54559] ----D- C:\Program Files\Yahoo!
O43 - CFD: 28/12/2010 - 18:04:38 - [117134204] ----D- C:\Program Files\Yahoo! Jeux
O43 - CFD: 12/09/2011 - 20:57:34 - [4014913] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 21/07/2011 - 19:48:02 - [21432212] ----D- C:\Program Files\Zylom Games
O43 - CFD: 21/07/2011 - 19:41:10 - [32883142] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 03/02/2009 - 20:43:58 - [27023807] ----D- C:\Program Files\Fichiers Communs\Ahead
O43 - CFD: 23/11/2008 - 21:58:20 - [0] ----D- C:\Program Files\Fichiers Communs\Blizzard Entertainment
O43 - CFD: 20/01/2011 - 16:36:26 - [0] ----D- C:\Program Files\Fichiers Communs\BOONTY Shared
O43 - CFD: 22/11/2008 - 16:14:12 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER
O43 - CFD: 23/11/2008 - 10:30:00 - [14656451] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 13/11/2010 - 10:34:48 - [28920898] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 02/03/2010 - 20:25:32 - [222338993] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 17/11/2008 - 10:34:58 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 03/02/2009 - 20:03:42 - [177025] ----D- C:\Program Files\Fichiers Communs\Nero
O43 - CFD: 17/11/2008 - 11:30:34 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 01/02/2009 - 12:44:10 - [11625660] ----D- C:\Program Files\Fichiers Communs\Portrait Displays
O43 - CFD: 19/11/2008 - 03:41:02 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 17/11/2008 - 11:30:30 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 09/09/2009 - 07:19:06 - [51187829] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 28/04/2010 - 10:52:18 - [1325848] ----D- C:\Program Files\Fichiers Communs\Vivendi Universal Games
O43 - CFD: 28/04/2010 - 14:54:04 - [1193390] ----D- C:\Program Files\Fichiers Communs\VUG
O43 - CFD: 20/12/2008 - 12:06:52 - [376277410] ----D- C:\Program Files\Fichiers Communs\Windows Live
O43 - CFD: 23/11/2008 - 13:09:08 - [19170938] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD: 02/03/2010 - 20:27:26 - [0] ----D- C:\ProgramData\Electronic Arts
O43 - CFD: 18/02/2009 - 15:23:44 - [6436995] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Adobe
O43 - CFD: 22/11/2008 - 17:32:42 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Apple Computer
O43 - CFD: 29/11/2008 - 21:36:34 - [9898] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Avant Browser
O43 - CFD: 08/09/2011 - 18:15:02 - [1256] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Avant Downloader
O43 - CFD: 08/09/2011 - 18:15:00 - [206937] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Avant Profiles
O43 - CFD: 11/09/2011 - 16:24:18 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Avira
O43 - CFD: 22/06/2011 - 15:59:42 - [518081] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Boomzap
O43 - CFD: 11/09/2011 - 14:10:38 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\DAEMON Tools Lite
O43 - CFD: 07/05/2009 - 12:48:46 - [199] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\dvdcss
O43 - CFD: 22/06/2011 - 13:12:04 - [7211] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\EleFun Games
O43 - CFD: 14/09/2009 - 18:12:20 - [3602456] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\F-Secure
O43 - CFD: 22/11/2008 - 10:24:00 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Google
O43 - CFD: 21/06/2011 - 20:27:22 - [2237960] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\GrabIt
O43 - CFD: 29/11/2008 - 19:38:22 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Help
O43 - CFD: 23/09/2010 - 09:50:56 - [1162] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Identities
O43 - CFD: 25/12/2008 - 17:10:42 - [5892895] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Kptic
O43 - CFD: 08/01/2010 - 15:29:16 - [1314644] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\LimeWire
O43 - CFD: 06/07/2011 - 10:44:24 - [448] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Macromedia
O43 - CFD: 11/09/2011 - 18:46:22 - [2160] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Malwarebytes
O43 - CFD: 11/09/2011 - 14:10:38 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Media Player Classic
O43 - CFD: 21/07/2011 - 19:51:36 - [5340067] -S--D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Microsoft
O43 - CFD: 11/09/2011 - 16:18:42 - [14073142] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Mozilla
O43 - CFD: 22/11/2008 - 16:56:38 - [192678] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Nero
O43 - CFD: 13/07/2011 - 16:13:52 - [140122] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\PlayFirst
O43 - CFD: 23/07/2011 - 07:09:26 - [2893784] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Sony Corporation
O43 - CFD: 28/08/2009 - 08:23:32 - [6900021] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Sun
O43 - CFD: 16/01/2011 - 09:54:06 - [110592] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\U3
O43 - CFD: 22/06/2011 - 14:09:40 - [6936] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\uTorrent
O43 - CFD: 22/11/2008 - 17:40:42 - [371019] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\vlc
O43 - CFD: 22/11/2008 - 16:01:10 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\WinRAR
O43 - CFD: 23/09/2010 - 09:50:56 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Application Data\Zylom
O43 - CFD: 21/07/2011 - 19:41:10 - [468078] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Adobe
O43 - CFD: 03/02/2009 - 20:59:14 - [9188568] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Ahead
O43 - CFD: 29/11/2008 - 13:27:08 - [9408] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Apple Computer
O43 - CFD: 03/07/2011 - 11:09:46 - [7168] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\AskToolbar(3)
O43 - CFD: 04/07/2011 - 18:58:54 - [7168] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\AskToolbar(4)
O43 - CFD: 29/09/2010 - 17:14:36 - [38278138] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Google
O43 - CFD: 29/11/2008 - 19:38:22 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Help
O43 - CFD: 22/11/2008 - 11:40:02 - [538960] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Identities
O43 - CFD: 03/09/2010 - 19:35:22 - [423062067] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\IM
O43 - CFD: 02/04/2009 - 18:22:02 - [82816405] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Magentic
O43 - CFD: 02/02/2011 - 16:21:40 - [1091875855] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Microsoft
O43 - CFD: 22/11/2008 - 16:11:50 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Microsoft Help
O43 - CFD: 11/09/2011 - 16:18:34 - [33941887] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Mozilla
O43 - CFD: 22/11/2008 - 17:12:32 - [63488] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Nero
O43 - CFD: 22/06/2011 - 11:54:00 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\PackageAware
O43 - CFD: 30/08/2011 - 18:25:42 - [19289969] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\QuickPar
O43 - CFD: 28/01/2011 - 17:02:54 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\Temp
O43 - CFD: 03/02/2009 - 20:44:30 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\The Weather Channel
O43 - CFD: 02/05/2009 - 20:04:30 - [0] ----D- C:\Documents and Settings\martins.XPSP2-335683F4D\Local Settings\Application Data\WMTools Downloaded Files
~ Scan Program Folder in 00mn 55s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 12/09/2011 - 19:56:12 ---A- . (...) -- C:\WINDOWS\0.log   [0]
O44 - LFC:[MD5.58FCE489FD259B0CBCCC35E11CC96D15] - 12/09/2011 - 19:55:53 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt   [354718]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 12/09/2011 - 19:55:40 -S-A- . (...) -- C:\WINDOWS\bootstat.dat   [2048]
O44 - LFC:[MD5.5606053B7E97BF21B9AD5FE9D394F085] - 12/09/2011 - 19:54:44 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log   [86572]
O44 - LFC:[MD5.D6986AFC1A3D2D00A5049046333088CE] - 12/09/2011 - 19:54:32 ---A- . (...) -- C:\WINDOWS\resetlog.txt   [2520]
O44 - LFC:[MD5.C95E1A24014361F61028D5CE95220474] - 12/09/2011 - 19:49:57 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt   [31908]
O44 - LFC:[MD5.DF2AC259F1E359D97C072F30D95D02D0] - 12/09/2011 - 19:45:03 ---A- . (...) -- C:\error.log   [8778]
O44 - LFC:[MD5.F31E4FB56F4C1884914565677A7FB8CD] - 12/09/2011 - 19:44:48 ---A- . (...) -- C:\WINDOWS\system32\nvapps.xml   [63804]
O44 - LFC:[MD5.8B80EA07FDBFBB52CBC1A8858FDAA7B5] - 12/09/2011 - 19:39:12 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [216]
O44 - LFC:[MD5.5DAE171BF19D7D4DB1BB3DE5233E1BA6] - 12/09/2011 - 19:39:12 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.105AD11E0C6ED1DFAF8CE6C94075736B] - 12/09/2011 - 19:24:15 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.A31246180E61140AD7FF9DD7EDF1F6A1] - 11/09/2011 - 18:49:36 ---A- . (.Trend Micro Inc. - TrendMicro Common Module NoTrap Build.) -- C:\WINDOWS\system32\drivers\tmcomm.sys   [200976]
O44 - LFC:[MD5.F1E82E0007A164593FF91F1A59ED8575] - 11/09/2011 - 18:35:27 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log   [5899]
O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 11/09/2011 - 17:46:16 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys   [41272]
O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 11/09/2011 - 17:46:12 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys   [22712]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 11/09/2011 - 17:45:14 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log   [0]
O44 - LFC:[MD5.B3AFBC5F87138F792B6D3BFF0039AECD] - 11/09/2011 - 15:20:41 ---A- . (...) -- C:\asusdisp.log   [65536]
O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/09/2011 - 15:07:24 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys   [28520]
O44 - LFC:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 11/09/2011 - 15:07:23 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys   [22360]
O44 - LFC:[MD5.5B44C214F9CD9F590BE9125347610380] - 11/09/2011 - 15:07:23 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys   [45416]
O44 - LFC:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 11/09/2011 - 15:07:23 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys   [138192]
O44 - LFC:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 11/09/2011 - 15:07:23 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys   [66616]
O44 - LFC:[MD5.45BA4E719EFEA925671A82C175A2FAAD] - 11/09/2011 - 12:30:27 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl   [2206]
O44 - LFC:[MD5.254FFD9FE6CACC8E9D9EC8547973C924] - 10/09/2011 - 10:19:04 ---A- . (...) -- C:\WINDOWS\system.ini   [246]
O44 - LFC:[MD5.0175A56484086AE0E6107840C14BE382] - 10/09/2011 - 10:19:04 ---A- . (...) -- C:\WINDOWS\win.ini   [634]
O44 - LFC:[MD5.2C214354E77FB8D6EE56174D30DD59C1] - 10/09/2011 - 10:19:04 -SH-- . (...) -- C:\boot.ini   [320]
O44 - LFC:[MD5.272AB4432E61B203F10C1BC81FE90014] - 03/09/2011 - 13:56:21 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI   [1414478]
O44 - LFC:[MD5.A839B0967FFCBDA26FCF4FD54D419F6E] - 03/09/2011 - 13:56:21 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat   [104938]
O44 - LFC:[MD5.17E0CE65FBD7C0320F7A70EE1DA32A90] - 03/09/2011 - 13:56:21 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat   [126384]
O44 - LFC:[MD5.DF01F7730C98EAF4531C088DF2637C54] - 03/09/2011 - 13:56:21 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat   [544068]
O44 - LFC:[MD5.B1EF1BA2EE1A725989E47A8F25794228] - 03/09/2011 - 13:56:21 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat   [623304]
O44 - LFC:[MD5.E00ABA81929BA0069175A32D9F56CC4B] - 03/09/2011 - 13:44:10 ---A- . (...) -- C:\WINDOWS\ModemLog_Câble de communication entre deux ordinateurs.txt   [2520]
O44 - LFC:[MD5.93CAEC06D6F156AA28DE23465FB156FC] - 30/08/2011 - 15:48:13 ---A- . (.Realtek Semiconductor Corp. - ALCFDRTM.) -- C:\WINDOWS\ALCFDRTM.VER   [60416]
O44 - LFC:[MD5.45E43E321D470BAC39956F857D287FD7] - 30/08/2011 - 12:40:48 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log   [462288]
~ Scan Files in 00mn 06s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\IncMail.exe" [Enabled] .(.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Magentic\bin\Magentic.exe" [Enabled] .(.Pas de propriétaire - Magentic Application.) -- C:\Program Files\Magentic\bin\Magentic.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Magentic\bin\MgApp.exe" [Enabled] .(.Pas de propriétaire - Magentic Application.) -- C:\Program Files\Magentic\bin\MgApp.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImApp.exe" [Enabled] .(.IncrediMail, Ltd. - IncrediMail Tray Application.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys . (...) -- C:\WINDOWS\system32\Drivers\nm.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{417cbdd1-d46b-11df-8f37-0019db277102}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="Ir32_32.dll" . (...) -- C:\WINDOWS\system32\Ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="Ir32_32.dll" . (...) -- C:\WINDOWS\system32\Ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\system32\l3codecp.acm
O52 - TDSD: \Drivers32\"vidc.VP60"="C:\WINDOWS\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.VP61"="C:\WINDOWS\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.VP62"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp6vfw.dll
O52 - TDSD: \Drivers32\"vidc.xvid"="xvidvfw.dll" . (...) -- C:\WINDOWS\system32\xvidvfw.dll
O52 - TDSD: \Drivers32\"vidc.iv40"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\divx.dll
O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\system32\yv12vfw.dll
O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\system32\ac3acm.acm
O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\system32\lameACM.acm
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\WINDOWS\system32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.asv2"="asusasv2.dll" . (.ASUSTeK COMPTER INC. - ASUS ASV2 Video CODEC.) -- C:\WINDOWS\system32\asusasv2.dll
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\system32\l3codecp.acm
O52 - TDSD: \drivers.desc\"iac25_32.ax"="Indeo® Audio Software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (...) -- C:\WINDOWS\system32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo 4.5 codec" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"msg711.acm"="Microsoft CCITT G.711 Audio CODEC" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"msgsm32.acm"="Microsoft GSM 6.10  Audio CODEC" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"tssoft32.acm"="DSP Group TrueSpeech(TM) Audio CODEC" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \drivers.desc\"iccvid.dll"="Cinepak Codec by Radius Inc." . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"Ir32_32.dll"="Indeo codec by Intel" . (...) -- C:\WINDOWS\system32\Ir32_32.dll
O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\WINDOWS\system32\vp6vfw.dll
O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.5" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98" . (...) -- (.not file.)
O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\system32\ac3acm.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\system32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"asusasv2.dll"="ASUS ASV2 CODEC" . (.ASUSTeK COMPTER INC. - ASUS ASV2 Video CODEC.) -- C:\WINDOWS\system32\asusasv2.dll
O52 - TDSD: \drivers.desc\"yv12vfw.dll"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\system32\yv12vfw.dll
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon  [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\OPTENET_GUI  [Key] . (.SFR - Contrôle Parental.) -- C:\PROGRA~1\SFR\CONTRO~1\bin\OPTGui.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartBanner"=
O56 - MWPE:[HKCU\...\policies\Explorer] - "MemCheckBoxInRunDlg"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMBalloonTip"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWelcomeScreen"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.5003D2E3F6B220ED3B0F1AC2816C2A18] - 23/11/2008 - 08:44:52 R--A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS   [3965056]
O58 - SDL:[MD5.59301936898AE62245A6F09C0ABA9475] - 23/11/2008 - 07:53:00 R--A- . (.Advanced Micro Devices - AMD Processor Driver.) -- C:\WINDOWS\system32\drivers\AmdK8.sys   [36352]
O58 - SDL:[MD5.F5C2CCDB273A546E9C3A15250F1D9165] - 23/11/2008 - 15:01:38 ---A- . (.ASUSTeK COMPUTER INC. - ASUS Help driver For Keyboard Service..) -- C:\WINDOWS\system32\drivers\atkkbnt.sys   [11008]
O58 - SDL:[MD5.5B44C214F9CD9F590BE9125347610380] - 11/09/2011 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver.) -- C:\WINDOWS\system32\drivers\avgntdd.sys   [45416]
O58 - SDL:[MD5.1E4114685DE1FFA9675E09C6A1FB3F4B] - 11/09/2011 - 11:22:40 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\WINDOWS\system32\drivers\avgntflt.sys   [66616]
O58 - SDL:[MD5.87451AA7CC6B6A590EBCEA05E755075A] - 11/09/2011 - 14:28:03 ---A- . (.Avira GmbH - Avira AntiVir File Filter Driver Manager.) -- C:\WINDOWS\system32\drivers\avgntmgr.sys   [22360]
O58 - SDL:[MD5.0F78D3DAE6DEDD99AE54C9491C62ADF2] - 11/09/2011 - 11:22:41 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\WINDOWS\system32\drivers\avipbb.sys   [138192]
O58 - SDL:[MD5.3D310890B59372FB1AF466D9FC04B275] - 23/11/2008 - 15:48:36 ---A- . (.ASMT - Kernel-Mode Dll.) -- C:\WINDOWS\system32\drivers\Bravo_a.sys   [992896]
O58 - SDL:[MD5.F4B6A1D3176003FFC917EF313242803B] - 23/11/2008 - 15:45:32 ---A- . (.ASMT - Kernel-Mode Dll.) -- C:\WINDOWS\system32\drivers\Bravo_n.sys   [992896]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 19/11/2008 - 10:36:35 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys   [262528]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 19/11/2008 - 10:36:35 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys   [11776]
O58 - SDL:[MD5.0DAF3544804650526751C478AECCCE63] - 23/11/2008 - 06:56:00 R--A- . (.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) -- C:\WINDOWS\system32\drivers\EIO.sys   [12288]
O58 - SDL:[MD5.BF59ED37F8F555E8CE35D62DE9794CAC] - 23/11/2008 - 13:45:18 ---A- . (.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) -- C:\WINDOWS\system32\drivers\EIO64.sys   [15360]
O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 11/09/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys   [22712]
O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 11/09/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys   [41272]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 19/11/2008 - 10:36:35 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys   [12032]
O58 - SDL:[MD5.2282AD3B19B00967C6E48531C25BFE01] - 23/11/2008 - 10:22:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 91.31.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys   [3925920]
O58 - SDL:[MD5.0344AA9113DC16EEC379F4652020849D] - 23/11/2008 - 10:52:06 R--A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) IDE Performance Driver.) -- C:\WINDOWS\system32\drivers\nvata.sys   [93568]
O58 - SDL:[MD5.7D275ECDA4628318912F6C945D5CF963] - 20/04/2009 - 09:36:20 ---A- . (.NVIDIA Corporation - NVIDIA Networking Function Driver..) -- C:\WINDOWS\system32\drivers\NVENETFD.sys   [54784]
O58 - SDL:[MD5.75E2E77C5497F34E60491D27BF03F1CB] - 20/04/2009 - 15:58:38 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\system32\drivers\nvgts.sys   [145952]
O58 - SDL:[MD5.B64AACEFAD2BE5BFF5353FE681253C67] - 20/04/2009 - 09:36:26 ---A- . (.NVIDIA Corporation - NVIDIA Networking Bus Driver..) -- C:\WINDOWS\system32\drivers\nvnetbus.sys   [22016]
O58 - SDL:[MD5.C5A2952901DC5E1CC33014E809296D30] - 20/04/2009 - 09:35:58 ---A- . (.NVIDIA Corporation - NVIDIA Network Resource Manager..) -- C:\WINDOWS\system32\drivers\nvnrm.sys   [955520]
O58 - SDL:[MD5.07C02C892E8E1A72D6BF35004F0E9C5E] - 23/11/2008 - 02:13:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\drivers\PCASp50.sys   [20096]
O58 - SDL:[MD5.18ED1D71FEF6F71D38C24263500BBD01] - 01/02/2009 - 17:20:48 ---A- . (.Portrait Displays, Inc. - PdiPorts Device Driver.) -- C:\WINDOWS\system32\drivers\PdiPorts.sys   [15920]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 19/11/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys   [17792]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 19/11/2008 - 10:36:35 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys   [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 19/11/2008 - 10:36:35 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys   [12032]
O58 - SDL:[MD5.B29EEB1EA7971BD83069EB2E2258D224] - 06/07/2011 - 16:21:00 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8192S USB NDIS Driver.) -- C:\WINDOWS\system32\drivers\RTL8192su.sys   [594048]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/01/2009 - 11:25:54 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys   [20480]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/11/2008 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys   [685816]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/09/2011 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\WINDOWS\system32\drivers\ssmdrv.sys   [28520]
O58 - SDL:[MD5.A31246180E61140AD7FF9DD7EDF1F6A1] - 11/09/2011 - 05:09:00 ---A- . (.Trend Micro Inc. - TrendMicro Common Module NoTrap Build.) -- C:\WINDOWS\system32\drivers\tmcomm.sys   [200976]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 19/11/2008 - 10:36:35 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys   [21376]
O58 - SDL:[MD5.02670CED9116ABBB68DDEE78D6B9830F] - 20/04/2009 - 11:47:02 ---A- . (.Unibrain S.A. - UBSBP2 Driver (2000 / XP).) -- C:\WINDOWS\system32\drivers\ubsbp2.sys   [32768]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 19/11/2008 - 10:36:35 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys   [58112]
O58 - SDL:[MD5.FB0F61F574F7E72121411C5FB0E5C91D] - 23/11/2008 - 16:37:46 ---A- . (.ZyDAS Technology Corporation - ZD1211 802.11b+g USB LAN Driver.) -- C:\WINDOWS\system32\drivers\WlanUZXP.sys   [260608]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
O58 - SDL:[MD5.D320732BCF5FF856120BD06855C66867] - 23/11/2008 - 16:25:58 ---A- . (.ASUSTeK Computer Inc. - ASUS Virtual Video Capture Device Driver.) -- C:\WINDOWS\system32\asusgsb32.sys   [12416]
O58 - SDL:[MD5.E1DC1A4AAD0C676EBEFD499E20427B49] - 23/11/2008 - 16:26:02 ---A- . (.ASUSTeK Computer Inc. - ASUS Virtual Video Capture Device Driver.) -- C:\WINDOWS\system32\asusgsb64.sys   [18048]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys   [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys   [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys   [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 19/11/2008 - 22:46:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys   [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys   [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys   [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys   [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys   [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 19/11/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys   [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 19/11/2008 - 22:45:26 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys   [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 19/11/2008 - 22:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys   [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 19/11/2008 - 22:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys   [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 19/11/2008 - 22:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys   [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 19/11/2008 - 22:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys   [34560]
O58 - SDL:[MD5.40484CEA66407ADDEB396776F526EB39] - 23/11/2008 - 10:02:22 ---A- . (.ASUSTeK COMPUTER INC. - ASUS Video3D driver.) -- C:\WINDOWS\system32\Video3D32.sys   [16000]
O58 - SDL:[MD5.F7EA6EC7584460EBABFFAD29D75BE0F0] - 23/11/2008 - 10:02:42 ---A- . (.ASUSTeK COMPUTER INC. - ASUS Video3D driver.) -- C:\WINDOWS\system32\Video3D64.sys   [19968]
~ Scan Drivers in 00mn 03s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 21/04/2011 - C:\Program Files\Avira\AntiVir Desktop\sched.exe - Avira AntiVir Planificateur(AntiVirSchedulerService)  .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE
O64 - Services: CurCS - 21/07/2011 - C:\Program Files\Avira\AntiVir Desktop\avguard.exe - Avira AntiVir Guard(AntiVirService)  .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE
O64 - Services: CurCS - 10/04/2006 - C:\WINDOWS\ATKKBService.exe - ATK Keyboard Service(ATKKeyboardService)  .(.ASUSTeK COMPUTER INC. - ASUS Keyboard Service.) - LEGACY_ATKKEYBOARDSERVICE
O64 - Services: CurCS - 17/06/2010 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys - avgio(avgio)  .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO
O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys - avgntflt(avgntflt)  .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\system32\DRIVERS\avipbb.sys - avipbb(avipbb)  .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot)  .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT
O64 - Services: CurCS - 24/08/2001 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload)  .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 15/03/2009 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2)  .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2
O64 - Services: CurCS - 14/06/2006 - C:\WINDOWS\system32\drivers\EIO.sys - EIO(EIO)  .(.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) - LEGACY_EIO
O64 - Services: CurCS - ??/??/???? - D:\INSTALL\GMSIPCI.sys (.not file.) - GMSIPCI (GMSIPCI)  .(...) - LEGACY_GMSIPCI
O64 - Services: CurCS - 04/04/2005 - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT)  .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT
O64 - Services: CurCS - 15/03/2009 - C:\Program Files\ma-config.com\maconfservice.exe - Ma-Config Service(maconfservice)  .(.CybelSoft - Service de détection matériel.) - LEGACY_MACONFSERVICE
O64 - Services: CurCS - ??/??/???? - D:\NTACCESS.sys (.not file.) - NTACCESS (NTACCESS)  .(...) - LEGACY_NTACCESS
O64 - Services: CurCS - 18/08/2005 - C:\WINDOWS\system32\DRIVERS\nvata.sys - nvata(nvata)  .(.NVIDIA Corporation - NVIDIA® nForce(TM) IDE Performance Driver.) - LEGACY_NVATA
O64 - Services: CurCS - 01/06/2006 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc)  .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 91.31.) - LEGACY_NVSVC
O64 - Services: CurCS - 28/01/2010 - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe - Contrôle Parental SFR(OPTENET_FILTER)  .(.SFR - Contrôle Parental.) - LEGACY_OPTENET_FILTER
O64 - Services: CurCS - 19/11/2005 - C:\WINDOWS\system32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver(PCASp50)  .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50
O64 - Services: CurCS - 26/11/2010 - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe - PMBDeviceInfoProvider(PMBDeviceInfoProvider)  .(.Sony Corporation - Device Information Provider.) - LEGACY_PMBDEVICEINFOPROVIDER
O64 - Services: CurCS - 13/11/2007 - C:\WINDOWS\system32\DRIVERS\secdrv.sys - Secdrv(Secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - ??/??/???? - D:\NTGLM7X.sys (.not file.) - SetupNTGLM7X (SetupNTGLM7X)  .(...) - LEGACY_SETUPNTGLM7X
O64 - Services: CurCS - ??/??/???? - C:\WINDOWS\system32\Drivers\sptd.sys - sptd (sptd)  .(...) - LEGACY_SPTD
O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv)  .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - 28/05/2007 - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe - StarWind AE Service(StarWindServiceAE)  .(.Rocket Division Software - StarWind iSCSI Target (Alcohol Edition).) - LEGACY_STARWINDSERVICEAE
~ Scan Services in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Avant.Browser> <Avant Browser>[HKLM\..\Shell\open\Command] (.Avant Force - Avant Browser.) -- C:\Program Files\Avant Browser\avant.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0CD14B73-1A1C-4DC1-9799-B540238694DD} - (Google) - http://www.google.fr
O69 - SBI: SearchScopes [HKCU] {0F7FC54D-1FB6-425D-BE2C-E16D151D58E4} - (01net) - http://www.01net.com
O69 - SBI: SearchScopes [HKCU] {5F970FDE-702B-4ef9-920C-5F2848A5AF26} - (Astroburn Search) - http://www.astroburn-search.com
O69 - SBI: SearchScopes [HKCU] {9CBECF0B-CFA6-469E-B598-D61B1BF35798} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Rechercher) - http://mystart.incredimail.com
~ Scan Keys in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.7C0D8D8C3D8C77EB22691AFF92704A5B] [SPRF][12/09/2011] (.Pas de propriétaire - For all the quirky problems that windows has.) -- C:\Documents and Settings\martins.XPSP2-335683F4D\Bureau\CAT.exe   [1242562]
[MD5.D90AD11ED04C92268F04EB2D614A9BC0] [SPRF][11/09/2011] (.Option^Explicit Software Solutions - Pas de description.) -- C:\Documents and Settings\martins.XPSP2-335683F4D\Bureau\WinsockxpFix.exe   [1445888]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll   [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe   [196608]
[MD5.29CFE9ED23C55E55838A789EB1182A9B] [SPRF][04/10/2008] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe   [1887080]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll   [381960]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll   [172032]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll   [304544]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\WINDOWS\Downloaded Program Files\msgrchkr.dll   [131472]
~ Scan Files in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : 8621 - (29/08/2011)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 0

C:\Program Files\IncrediMail_MediaBar_2   =>Toolbar.Conduit
~ Scan Additionnel in 00mn 06s



---\\ Recherche détournement de DNS routeur (O89)
Serveur :  dns2.proxad.net
Address:  212.27.40.241
Nom :    www.l.google.com
Addresses:  209.85.148.147, 209.85.148.104, 209.85.148.105, 209.85.148.99
     209.85.148.106, 209.85.148.103
Aliases:  www.google.fr, www.google.com
~ Scan DNS in 00mn 02s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 11/09/2011 136360 |  (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SS - | Auto 11/09/2011 269480 |  (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SS - | Disabled 23/11/2008 241664 |  (ATKKeyboardService) . (.ASUSTeK COMPUTER INC..) - C:\WINDOWS\ATKKBService.exe
SS - | Demand 14/04/2008 225280 |  (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe
SS - | Demand 23/11/2008 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 19/04/2009 216232 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Auto 23/11/2008 155715 |  (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Auto 30/09/2010 618808 |  (OPTENET_FILTER) . (.SFR.) - C:\Program Files\SFR\Controle Parental\bin\optproxy.exe
SS - | Auto 23/07/2011 398176 |  (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SS - | Auto 22/11/2008 275968 |  (StarWindServiceAE) . (.Rocket Division Software.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
~ Scan Services in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by martins at 12/09/2011 20:59:05

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A35B1E8]<<
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x8A2E3400]
3 CLASSPNP[0xF7637FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\0000007a[0x8A291990]
5 ACPI[0xF74AB620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Scsi\nvgts1Port2Path0Target0Lun0[0x8A2E4A38]
\Driver\nvgts[0x8A2C8A80] -> IRP_MJ_CREATE -> 0x8A35B1E8
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 04s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by martins at 12/09/2011 20:59:07

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 06s


End of the scan (1231 lines in 02mn 08s)(0)


[bernard53]

Relance ZHPfix et mets juste cette ligne.

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified

PS: je pense que tu as ceci aussi.

[popineye]

C'est fait, clé modifiée. Windows me prévient que mon Antivirus doit être mis à jour. Mais pas d'amélioration...

Oui, j'ai bien ces propriétés de connexion sur le PC en question, mais je les ai egalement sur le PC à partir duquel j'écris ce post, et pas de soucis...

___

Message non lu le 12 Sep 2011 21:47
Ouuuuuffff.... j'ai trouvé... En regardant les logs Hijack et ZHP, j'ai vu un soft de controle parental qui trainait dans les services windows.
J'ai désactivé le service et renommé le dossier contenant les exécutables, un coup de CAT et WinsockXPFix et le PC se connecte enfin au web !!!!

Ce sont de vrai virus ces Soft de Controle Parental...

Merci pour votre aide, ca m'a permis de me faire avancer, et CAT le soft de recovery va directement dans ma trousse à outils. Merci Bernard.

P.S. Comment faire pour cloturer le sujet ?

[Ask to Old Man]

Bonsoir,

P.S. Comment faire pour clôturer le sujet ?

Dans ce forum particulier Sécurité & Virus, on attend le "feu vert" du helper.

[bernard53]

ok bien vu pour le contrôle parentale.
Content que tout aille.

Un modo va pouvoir valider ton post en résolu .
Bonne journée

[popineye]

Merci à vous tous, bonne fin de semaine.