Pub intempestive

Bonjour Marmar66,

voici le lien: https://pjjoint.malekal.com/files.php?id=3f49fba2b315116

Voici le rapport cleaner:
il me demande de redémarrer? pour l'heure je n'ai rien fait.
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 14:23:21 le 26/06/2011, Mode normal

Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
olivier@PC-DE-OLIVIER (Hewlett-Packard Compaq Presario CQ70 Notebook PC)

============== ACTION(S) ==============


Dossier supprimé: C:\Users\olivier\AppData\Roaming\Agence-Exclusive
Dossier supprimé: C:\Users\olivier\AppData\Local\Agence-Exclusive
Dossier supprimé: C:\Program Files\Agence-Exclusive
Dossier supprimé: C:\ProgramData\Viewpoint
Dossier supprimé: C:\Program Files\Viewpoint

(!) -- Fichiers temporaires supprimés.


Clé supprimée: HKLM\Software\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé supprimée: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtl.1
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
Clé supprimée: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Clé supprimée: HKLM\Software\MetaStream
Clé supprimée: HKLM\Software\Viewpoint
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Clé supprimée: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Clé supprimée: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP

Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0.1 (fr)] ****

HKLM_MozillaPlugins\Adobe Reader (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11} (BlueSoleil Extension)

-- C:\Users\olivier\AppData\Roaming\Mozilla\FireFox\Profiles\upomqsl6.default --
Prefs.js - browser.download.dir, C:\\Users\\olivier\\Downloads
Prefs.js - browser.download.lastDir, C:\\Users\\olivier\\Desktop
Prefs.js - browser.startup.homepage, hxxp://www.google.fr/
Prefs.js - browser.startup.homepage_override.buildID, 20110413222027
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

========================================

**** Google Chrome Version [12.0.742.100] ****


-- C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com/
Preferences - homepage_is_newtabpage: false
Plugin - Chrome NaCl (Activé: false) (C:\Users\olivier\AppData\Local\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll)
Plugin - "Silverlight" (Activé: true)
Plugin - "Chrome NaCl" (Activé: false)
Plugin - "MetaStream 3 Plugin" (Activé: true)

========================================

**** Internet Explorer Version [8.0.6001.19088] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{F351C884-9D0C-453F-B357-5E88B9FF8460} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKLM_SearchScopes\{F351C884-9D0C-453F-B357-5E88B9FF8460} - "Kelkoo" (hxxp://fr.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromfor...)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?)

========================================

C:\Program Files\Ad-Remover\Quarantine: 45 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 26/06/2011 14:23:41 (4646 Octet(s))

Fin à: 14:24:49, 26/06/2011

============== E.O.F ==============

voilà:
Rapport de ZHPFix 1.12.3327 par Nicolas Coolman, Update du 25/06/2011
Fichier d'export Registre :
Run by olivier at 26/06/2011 15:00:23
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
ABSENT Key: HKLM\Software\MozillaPlugins\@viewpoint.com/VMP
ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
ABSENT Key: HKLM\Software\Classes\axmetastream.metastreamctl
ABSENT Key: HKLM\Software\Classes\axmetastream.metastreamctl.1
ABSENT Key: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary
ABSENT Key: HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1
ABSENT Key: HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
ABSENT Key: HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{761f6a83-f007-49e4-8eac-cdb6808ef06f}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{97d69524-bb57-4185-9c7f-5f05593b771a}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}
ERREUR Key**: HKCU\Software\Agence-Exclusive
ABSENT Key: HKLM\Software\Agence-Exclusive
ABSENT Key: HKLM\Software\MetaStream
ABSENT Key: HKLM\Software\Viewpoint
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

========== Valeur(s) du Registre ==========
ABSENT [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:PCTuto
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :
SUPPRIME FirewallRaz (Public) : {C7F4A99E-CE19-4FCC-999F-64041AFD1558}
SUPPRIME FirewallRaz (Public) : {09D54CF8-940A-450B-B8C3-33E85CF8BCDF}

========== Dossier(s) ==========
SUPPRIME Temporaires Windows: : 95
SUPPRIME Flash Cookies: 20

========== Fichier(s) ==========
ABSENT Folder/File: c:\program files\agence-exclusive
ABSENT Folder/File: c:\program files\viewpoint
ABSENT Folder/File: c:\programdata\viewpoint
ABSENT Folder/File: c:\users\olivier\appdata\roaming\agence-exclusive
ABSENT Folder/File: c:\users\olivier\appdata\local\agence-exclusive
ABSENT Folder/File: c:\documents and settings\olivier\local settings\application data\agence-exclusive
SUPPRIME Temporaires Windows: : 152
SUPPRIME Flash Cookies: 6


========== Récapitulatif ==========
21 : Clé(s) du Registre
5 : Valeur(s) du Registre
2 : Dossier(s)
8 : Fichier(s)


========== Chemin du fichier rapport ==========
C:\Program Files\ZHPDiag\ZHPFixReport.txt


End of the scan

voici:
https://pjjoint.malekal.com/files.php?id=707dc26e0a14158

alors...comment ça se passe?

bon j'en ai profité pour mettre mon dd ext perso :)

############################## | UsbFix 7.048 | [Recherche]

Utilisateur: olivier (Administrateur) # PC-DE-OLIVIER [Hewlett-Packard Compaq Presario CQ70 Notebook PC]
Mis à jour le 11/06/2011 par TeamXscript
Lancé à 15:36:11 | 26/06/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
CPU 2: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.19088

Pare-feu Windows: Activé
RAM -> 3068 Mo
C:\ (%systemdrive%) -> Disque fixe # 140 Go (53 Go libre(s) - 38%) [] # NTFS
D:\ -> Disque fixe # 9 Go (2 Go libre(s) - 18%) [PRESARIO_RP] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 97%) [] # FAT32
G:\ -> CD-ROM
H:\ -> Disque fixe # 932 Go (692 Go libre(s) - 74%) [diname1to] # NTFS

################## | Éléments infectieux |


################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{c21ab8f5-c231-11dd-9948-001f1642d1a2}
Shell\AutoRun\Command = G:\SETUP.EXE
Shell\configure\Command = G:\SETUP.EXE
Shell\install\Command = G:\SETUP.EXE


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

voila le rapport:
je fais a suivre le mbam
############################## | UsbFix 7.048 | [Suppression]

Utilisateur: olivier (Administrateur) # PC-DE-OLIVIER [Hewlett-Packard Compaq Presario CQ70 Notebook PC]
Mis à jour le 11/06/2011 par TeamXscript
Lancé à 15:52:19 | 26/06/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
CPU 2: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.19088

Pare-feu Windows: Activé
RAM -> 3068 Mo
C:\ (%systemdrive%) -> Disque fixe # 140 Go (53 Go libre(s) - 38%) [] # NTFS
D:\ -> Disque fixe # 9 Go (2 Go libre(s) - 18%) [PRESARIO_RP] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 4 Go (4 Go libre(s) - 97%) [] # FAT32
G:\ -> CD-ROM
H:\ -> Disque fixe # 932 Go (692 Go libre(s) - 74%) [diname1to] # NTFS

################## | Éléments infectieux |

Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1297983447-3886254661-1514430782-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2325818523-2477059570-1511300744-1000
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2325818523-2477059570-1511300744-500
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2325818523-2477059570-1511300744-1000
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2325818523-2477059570-1511300744-500

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{c21ab8f5-c231-11dd-9948-001f1642d1a2}

################## | Listing |

D'accod :)

salut ;)

Bon ba pour l'heure ça scanne encore.
Qui a dit c'est bon quand c'est long? ^^, je repasse dès que ça se termine :)

Ok :)

me re voilà après 3h30 de scanne. conclusion...RAS:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Version de la base de données: 6954

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19088

26/06/2011 19:33:39
mbam-log-2011-06-26 (19-33-39).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Elément(s) analysé(s): 366158
Temps écoulé: 3 heure(s), 35 minute(s), 35 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

re, désolé l'appel du repas. Voilà le rapport:
Rapport de ZHPFix 1.12.3327 par Nicolas Coolman, Update du 25/06/2011
Fichier d'export Registre :
Run by olivier at 26/06/2011 21:46:51
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
ERREUR Key**: HKCU\Software\Agence-Exclusive

========== Elément(s) de donnée du Registre ==========
REMPLACE Value EnableLUA : Good (1) - Bad (0)


========== Récapitulatif ==========
1 : Clé(s) du Registre
1 : Elément(s) de donnée du Registre


========== Chemin du fichier rapport ==========
C:\Program Files\ZHPDiag\ZHPFixReport.txt


End of the scan

Question: pourquoi spybot inutile, c'est pour expliquer à mon collègue
Merci :)

Pas de problème...
Depuis x temps il était un peu efficace mais maintenant il est dépassé, il consomme des ressources sans résultat ! :)

ok, merci du tuyau (perso je suis sous nunux donc bon tout c'est programme... ;) )
sinon, c'est fini?

yop!
All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Agence-Exclusive\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: olivier
->Temp folder emptied: 190047 bytes
->Temporary Internet Files folder emptied: 7348232 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45593372 bytes
->Google Chrome cache emptied: 280858252 bytes
->Flash cache emptied: 1961812 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3386 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 82054 bytes
RecycleBin emptied: 571553 bytes

Total Files Cleaned = 321.00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 06262011_221839

Files moved on Reboot...

Registry entries deleted on Reboot...

Salut!
Arfff, désolé, j'ai eu un souci de connexion hier soir, du coup pas moyen de poster le rapport. Sinon le PC a l'air d'aller. Voici le link.

https://pjjoint.malekal.com/files.php?id=59e1eb903d131215

N'hésite pas à me tenir informer.
Je reprendrais les manips entre 12h et 14h.
Merci encore, bon réveil :)

salut toi! ;)
Désolé nôtre antivrus bloque la page et il demande un mdp pour le désactivé (antivrus d'entreprise).
Un problème? tu ne peux pas le lire?

Non plus. :(
Ecoute le PC est au taf à présent je ne peux pas naviguer aussi facilement que chez moi, je sais que c'est lourd mais je te copie colle le log ci-dessous.
Sorry.
Rapport de ZHPDiag v1.27.2348 par Nicolas Coolman, Update du 25/06/2011
Run by olivier at 26/06/2011 22:40:07
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19088
MFIE: Mozilla Firefox 5.0 v
GCIE: Google Chrome v12.0.742.100 (Defaut)

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3068.4 MB (60% free)
System Restore: Activé (Enable)
System drive C: has 54 GB (38%) free of 140 GB

---\\ Logged in mode
Computer Name: PC-DE-OLIVIER
User Name: olivier
All Users Names: olivier, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\olivier\AppData\Roaming
%LocalAppData%=C:\Users\olivier\AppData\Local
%StartMenu%=C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 54 Go of 140 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 9 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Free 4 Go of 4 Go)
G:\ CD-ROM drive (Not Inserted)
H:\ Hard drive, Flash drive, Thumb drive (Free 692 Go of 932 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/05/2011 07:08:58.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/27
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 2/36
~ Mes Documents (My Documents) : 6/112
~ Mon Bureau (My Desktop) : 100/19056
~ Menu demarrer (Programs) : 6/41
~ Dossier utilisateur (AppData) : 56/1235



---\\ Processus lancés
[MD5.DAF60E13E96ECB67F0EDAA89C6B01B8D] - (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\notepad.exe [151040]
[MD5.AE567D261D281B51BE55E53A786E8574] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896]
[MD5.4551FB332E320838724C38925BF46DC0] - (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe [468264]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.DCB36D4ED2950F3F675D27D422A6B365] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [54840]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752]
[MD5.9F3287A1CAF6E365ED2B39BB8D44B0EA] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [52168]
[MD5.8D7DED5B00BEDA5D60023E847CFE0B79] - (.Trend Micro Inc. - Trend Micro Client/Server Security Agent Mo.) -- C:\Program Files\Trend Micro\Client Server Security Agent\PccNTMon.exe [882048]
[MD5.8A9B2C3CE34BBEB01146BDE5A348EC70] - (.Trend Micro Inc. - Trend Micro Anti-Spam for OE monitor.) -- C:\Program Files\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.exe [492808]
[MD5.6CF023F0A798C56599B8EA9FF9F083A0] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376]
[MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE [316720]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propriétaire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360]
[MD5.A8AD97956A0F4408CB3AA03EDD2B8BC1] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720]
[MD5.4486AD32BB05628967695FCA1BADD46E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.40A96B1D80A02459FA82891B899622E2] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [661504]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\olivier\AppData\Roaming\Mozilla\Firefox\Profiles\upomqsl6.default\prefs.js
M3 - MFPP: Plugins - [olivier] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [olivier] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [olivier] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [olivier] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [olivier] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [olivier] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [olivier] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\olivier\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\olivier\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
M0 - MFSP: prefs.js [olivier - upomqsl6.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [olivier - upomqsl6.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [olivier - upomqsl6.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.3.8.20110620112826 (.Yahoo!.)



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLi
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [QPService] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] . (.Trend Micro Inc. - Trend Micro Client/Server Security Agent Mo.) -- C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
O4 - HKLM\..\Run: [OE] . (.Trend Micro Inc. - Trend Micro Anti-Spam for OE monitor.) -- C:\Program Files\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\olivier\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-2325818523-2477059570-1511300744-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\olivier\AppData\Local\Google\Update\GoogleUpdate.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\olivier\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\olivier\Desktop\Bâtiprix CD.lnk . (...) -- C:\Program Files\Batiprix CD\BatiPrix.exe
O4 - Global Startup: C:\Users\olivier\Desktop\Catalogue Métal.lnk . (...) -- C:\Users\olivier\AppData\Roaming\Microsoft\Installer\{41BB37E1-595D-4F9A-BB63-3C663DB8B68B}\IconDC39687E.ico
O4 - Global Startup: C:\Users\olivier\Desktop\DeltaLog TS.lnk . (.Soft Tech NZ Ltd.) -- C:\DELTA_TS\Bin\V632.exe
O4 - Global Startup: C:\Users\olivier\Desktop\Devis 2010 B.lnk . (...) -- Z:\Fabienne\Liste Devis et factures\Devis 2010 B.xls (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\Dossier devis.lnk . (...) -- \\NAS_JUIGNET\sauvegardes\Olivier\devis (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\Espace Pro Würth France.lnk - Clé orpheline
O4 - Global Startup: C:\Users\olivier\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\olivier\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\olivier\Desktop\Liste devis 2011.lnk . (...) -- Z:\Fabienne\Liste Devis et factures\Devis 2011.xls (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
O4 - Global Startup: C:\Users\olivier\Desktop\N° des dossiers.lnk . (...) -- Z:\N° DES DOSSIERS (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\olivier sauvegarde.lnk . (...) -- Z:\olivier (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\PLANNING POSE 2011.xls.lnk . (...) -- \\NAS_JUIGNET\sauvegardes\PLANNING GENERALE DE POSE\PLANNING POSE 2011.xls (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\Planning conducteur.lnk . (...) -- Z:\PLANNING DEPLACEMENT CONDUCTEUR DE TRAVAUX (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\Planning semaine.lnk . (...) -- Z:\PLANNING SEMAINE\2011 (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\sauvegardes (NAS_JUIGNET).lnk . (...) -- \\NAS_JUIGNET\sauvegardes (.not file.)
O4 - Global Startup: C:\Users\olivier\Desktop\Technal.lnk . (...) -- C:\Technal
O4 - Global Startup: C:\Users\olivier\Desktop\WinRAR.lnk . (...) -- C:\Program Files\WinRAR\WinRAR.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AIM 6.1.lnk . (.AOL LLC.) -- C:\Program Files\AIM6\aim6.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Character Map.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\charmap.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Users\olivier\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{718B675B-102B-4D6B-BBD9-22E612CB55DC}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3445EF3-979C-419E-B016-F1522F66B3FB}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{718B675B-102B-4D6B-BBD9-22E612CB55DC}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{D3445EF3-979C-419E-B016-F1522F66B3FB}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS3\Services\Tcpip\..\{718B675B-102B-4D6B-BBD9-22E612CB55DC}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{D3445EF3-979C-419E-B016-F1522F66B3FB}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{718B675B-102B-4D6B-BBD9-22E612CB55DC}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{718B675B-102B-4D6B-BBD9-22E612CB55DC}: DhcpDomain = lan
O17 - HKLM\System\CS3\Services\Tcpip\..\{718B675B-102B-4D6B-BBD9-22E612CB55DC}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: iPF Device Agent Service (iPFDeviceAgentService) . (.CANON INC. - Canon IOS Core Module.) - C:\Windows\system32\Cnwiolss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Scan en temps réel Trend Micro Client/Server Security Agent (ntrtscan) . (.Trend Micro Inc. - Trend Micro Common Client Real-time Scan Se.) - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 187.6.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire - STServices.) - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) . (.Trend Micro Inc. - Trend Micro Common Client Communication Ser.) - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2325818523-2477059570-1511300744-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2325818523-2477059570-1511300744-1000UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForolivier.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{7DC5C5E5-C226-490E-B245-E48D0ECC498F}.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2325818523-2477059570-1511300744-1000Core] (.Google Inc..) -- C:\Users\olivier\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2325818523-2477059570-1511300744-1000UA] (.Google Inc..) -- C:\Users\olivier\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.AE37F6508716D2DD6122744C46686BEC] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.BA6AE6BC66BEA0C1F3335AEE43C35385] [APT] [HPCeeScheduleForolivier] (.Hewlett-Packard.) -- C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\drivers\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: Trend Micro NDIS 6.0 Filter Driver (tmlwf) . (.Trend Micro Inc. - Trend Micro NDIS 6.0 Filter Driver (i386-fr.) - C:\Windows\System32\DRIVERS\tmlwf.sys
O41 - Driver: (tmtdi) . (.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) - C:\Windows\System32\DRIVERS\tmtdi.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: AIM 6 - (.Pas de propriétaire.) [HKLM] -- AIM_6
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Akamai NetSession Interface - (.Pas de propriétaire.) [HKLM] -- Akamai
O42 - Logiciel: Assistant de connexion Windows Live ID - (.Microsoft Corporation.) [HKLM] -- {0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: AutoCAD 2009 - Français - (.Autodesk.) [HKLM] -- AutoCAD 2009 - Français
O42 - Logiciel: BDE - (.Kawneer.) [HKLM] -- {C80403E3-D13D-49B2-9DDC-FD05ED981B1A}
O42 - Logiciel: Bâtiprix CD - (.Pas de propriétaire.) [HKLM] -- Batiprix CD
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalogue Métal Würth France - (.Wurth France SA.) [HKLM] -- {41BB37E1-595D-4F9A-BB63-3C663DB8B68B}
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {415B2719-AD3A-4944-B404-C472DB6085B3}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {83770D14-21B9-44B3-8689-F7B523F94560}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
O42 - Logiciel: Color Network ScanGear Ver.2.3 - (.Canon Inc.) [HKLM] -- InstallShield_{4241C028-A33A-4BC4-853C-628221202B34}
O42 - Logiciel: Complément Microsoft Enregistrer en tant que PDF pour programmes Microsoft Office 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B0-040C-0000-0000000FF1CE}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: DWG TrueView 2010 - (.Autodesk.) [HKLM] -- DWG TrueView 2010
O42 - Logiciel: Documalis Free Scanner 1.0 - (.Scanpoint Software.) [HKLM] -- Documalis Free Scanner 1.01.0
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français) - (.Microsoft Corporation.) [HKLM] -- {3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HClient 4.1.0 - (.INTERPANE Entwicklungs- und Beratungsgesellschaft mbH & Co.) [HKLM] -- HClient_is1
O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_HERMOSA_HSF
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}
O42 - Logiciel: HP DVD Play 3.7 - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F}
O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}
O42 - Logiciel: HP Help and Support - (.Hewlett-Packard.) [HKLM] -- {31216452-5540-4C96-B754-94890A63D5AB}
O42 - Logiciel: HP Quick Launch Buttons 6.40 F1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {f32502b5-5b64-4882-bf61-77f23edcac4f}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
O42 - Logiciel: HP User Guides 0118 - (.Hewlett-Packard.) [HKLM] -- {B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {340F521E-3576-4E1A-B75C-EB0ACF751379}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM] -- {228C6B46-64E2-404E-898A-EF0830603EF4}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Installation Deltalog TS Version 2.46.73 615.1-VTE3001 - (.Hydro Building Systems.) [HKLM] -- {E4EE5D6E-CA72-4938-8071-26D961B93397}
O42 - Logiciel: Java(TM) 6 Update 11 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 6 Update 5 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160050}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LightScribe System Software 1.12.33.2 - (.LightScribe.) [HKLM] -- {582287DA-0806-4AC0-BF19-C15E3A466034}
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended
O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft SQL Server 2005
O42 - Logiciel: Microsoft SQL Server 2005 Express Edition (DELTALOG) - (.Microsoft Corporation.) [HKLM] -- {480DBB60-F0B6-45F2-B26F-1A2E11197791}
O42 - Logiciel: Microsoft SQL Server 2005 Tools Express Edition - (.Microsoft Corporation.) [HKLM] -- {3F59A7E0-BC01-4435-9E93-C7D7015C21DA}
O42 - Logiciel: Microsoft SQL Server Management Studio Express - (.Microsoft Corporation.) [HKLM] -- {4180886D-723A-42E3-A5AC-55B7AFDD0342}
O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft Corporation.) [HKLM] -- {1E2DA2E2-ABCD-461E-AD01-3D85D61DE5F6}
O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft Corporation.) [HKLM] -- {E91E7BCC-C5CD-465A-BB29-AD1EA07F283D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)
O42 - Logiciel: Mozilla Thunderbird (2.0.0.24) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (2.0.0.24)
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NetWaiting - (.BVRP Software, Inc.) [HKLM] -- {3F92ABBB-6BBF-11D5-B229-002078017FBF}
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: QuickPlay SlingPlayer 0.4.6 - (.SlingMedia.) [HKLM] -- SlingMedia.QPSlingPlayer_is1
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D}
O42 - Logiciel: Revo Uninstaller 1.75 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: SchuDoc - (.Schüco.) [HKLM] -- {E2468B01-8A0D-11D4-B5FD-00D0B7729E46}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Trend Micro Client/Server Security Agent - (.Trend Micro.) [HKLM] -- OfficeScanNT
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2536413) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{95DF5260-331D-4FFD-A2D5-C64164751945}
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive
O42 - Logiciel: iPF710 Media Configuration Tool - (.Pas de propriétaire.) [HKLM] -- {6C1C10CB-10EE-46E4-B946-4CB662B9C660}
O42 - Logiciel: iPF710 Printer Driver Extra Kit - (.Pas de propriétaire.) [HKLM] -- {F0122B9E-649B-439C-96CF-BBBD2D325BD5}
O42 - Logiciel: iW Publishing Manager - (.Canon Inc..) [HKLM] -- {FD13E9BB-D9AA-415D-9EE1-C36CD937135E}
O42 - Logiciel: imagePROGRAF Status Monitor - (.Pas de propriétaire.) [HKLM] -- {66392B7C-C522-450D-97B7-B3E41E170C3B}
O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\America Online]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Autodesk]
[HKCU\Software\Borland]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Dream Company]
[HKCU\Software\Dynalog]
[HKCU\Software\EasyBits]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Electronic Arts]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\Hydro HBSF]
[HKCU\Software\IFrance]
[HKCU\Software\JavaSoft]
[HKCU\Software\KdM]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Redemption]
[HKCU\Software\RocketDock]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Softthinks]
[HKCU\Software\Synaptics]
[HKCU\Software\Trolltech]
[HKCU\Software\Usbfix]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\pidgin]
[HKLM\Software\AOL]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Com

suite:

[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Autodesk]
[HKLM\Software\BATIPRIX]
[HKLM\Software\BSProductManage]
[HKLM\Software\BVRP Software, Inc]
[HKLM\Software\Borland]
[HKLM\Software\C07ft5Y]
[HKLM\Software\CANON]
[HKLM\Software\CDDB]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc ]
[HKLM\Software\Conexant]
[HKLM\Software\CyberLink]
[HKLM\Software\Debug]
[HKLM\Software\EasyBits]
[HKLM\Software\Elaborate Bytes]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\KDM]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\Redemption]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schuco]
[HKLM\Software\Schüco]
[HKLM\Software\SoftTech]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TrendMicro]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WinRAR]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 08/07/2008 - 07:12:56 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 26/06/2011 - 14:23:22 - [151086979] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 11/10/2010 - 18:11:24 - [162903726] ----D- C:\Program Files\Adobe
O43 - CFD: 24/11/2008 - 11:04:54 - [25435615] ----D- C:\Program Files\AIM6
O43 - CFD: 14/10/2008 - 03:19:20 - [11287529] ----D- C:\Program Files\Atheros
O43 - CFD: 26/06/2009 - 13:41:50 - [716610721] ----D- C:\Program Files\AutoCAD 2009
O43 - CFD: 12/01/2009 - 19:03:34 - [80846396] ----D- C:\Program Files\Batiprix CD
O43 - CFD: 30/01/2009 - 13:43:10 - [125028994] ----D- C:\Program Files\Canon
O43 - CFD: 08/06/2010 - 15:04:54 - [2889944] ----D- C:\Program Files\CCleaner
O43 - CFD: 14/10/2008 - 03:18:00 - [3920423] ----D- C:\Program Files\Cisco
O43 - CFD: 05/04/2011 - 12:59:38 - [904226269] ----D- C:\Program Files\Common Files
O43 - CFD: 14/10/2008 - 03:26:52 - [11009879] ----D- C:\Program Files\CONEXANT
O43 - CFD: 14/10/2008 - 03:57:32 - [903980930] ----D- C:\Program Files\CyberLink
O43 - CFD: 05/05/2009 - 16:16:32 - [6608611] ----D- C:\Program Files\Documalis Free
O43 - CFD: 31/03/2009 - 07:55:32 - [278384760] ----D- C:\Program Files\DWG TrueView 2010
O43 - CFD: 08/07/2008 - 07:22:28 - [69636367] ----D- C:\Program Files\EasyBits For Kids
O43 - CFD: 04/12/2008 - 20:36:12 - [1955543] ----D- C:\Program Files\Elaborate Bytes
O43 - CFD: 24/11/2008 - 10:58:44 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 02/03/2010 - 17:32:26 - [17461718] ----D- C:\Program Files\Google
O43 - CFD: 24/02/2009 - 16:39:10 - [224786315] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 08/07/2008 - 07:31:04 - [201829764] ----D- C:\Program Files\HP
O43 - CFD: 24/03/2011 - 08:39:50 - [147839691] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 14/10/2008 - 03:19:56 - [64745] ----D- C:\Program Files\Intel
O43 - CFD: 17/06/2011 - 07:33:08 - [4566388] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 19/05/2010 - 12:14:04 - [9352230] ----D- C:\Program Files\Interpane
O43 - CFD: 16/12/2008 - 08:39:20 - [170654778] ----D- C:\Program Files\Java
O43 - CFD: 07/06/2011 - 07:31:38 - [7581026] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 24/03/2011 - 08:21:16 - [2565408] ----D- C:\Program Files\MarkAny
O43 - CFD: 30/09/2010 - 18:02:26 - [526291] ----D- C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 26/06/2009 - 13:35:42 - [583881200] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 17/06/2011 - 07:35:02 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 26/06/2011 - 10:44:50 - [632168975] ----D- C:\Program Files\Microsoft SQL Server
O43 - CFD: 04/12/2008 - 21:01:40 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 04/12/2008 - 20:58:38 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 16/12/2010 - 19:07:50 - [145421942] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 30/09/2010 - 17:52:14 - [9715969] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 24/08/2010 - 06:43:46 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 26/06/2011 - 15:54:52 - [34860368] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 19/05/2010 - 13:02:22 - [26847212] ----D- C:\Program Files\Mozilla Thunderbird
O43 - CFD: 04/12/2008 - 21:01:58 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 04/12/2008 - 21:04:00 - [1508239] ----D- C:\Program Files\MSECache
O43 - CFD: 25/11/2008 - 10:49:32 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 08/07/2008 - 06:58:08 - [155496768] ----D- C:\Program Files\muvee Technologies
O43 - CFD: 31/05/2011 - 15:31:24 - [0] ----D- C:\Program Files\Navilog1
O43 - CFD: 14/10/2008 - 03:25:34 - [5207814] ----D- C:\Program Files\NetWaiting
O43 - CFD: 24/11/2008 - 11:04:56 - [21929690] R---D- C:\Program Files\Online Services
O43 - CFD: 22/12/2008 - 14:57:02 - [19276939] ----D- C:\Program Files\PDFCreator
O43 - CFD: 26/06/2011 - 21:54:52 - [1067] ----D- C:\Program Files\Pidgin
O43 - CFD: 05/07/2009 - 19:27:00 - [23796] ----D- C:\Program Files\PlayLogic
O43 - CFD: 14/10/2008 - 03:24:26 - [1588785] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 17/12/2008 - 09:27:24 - [11615520] ----D- C:\Program Files\RocketDock
O43 - CFD: 24/03/2011 - 08:23:26 - [32400958] ----D- C:\Program Files\Samsung
O43 - CFD: 26/06/2011 - 21:41:58 - [2440368] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 14/10/2008 - 03:22:22 - [14672316] ----D- C:\Program Files\Synaptics
O43 - CFD: 31/05/2011 - 15:33:54 - [328624729] ----D- C:\Program Files\Trend Micro
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 24/11/2008 - 15:09:06 - [4500538] ----D- C:\Program Files\VS Revo Group
O43 - CFD: 22/09/2009 - 08:15:58 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 22/09/2009 - 08:15:58 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 22/09/2009 - 08:15:56 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 22/09/2009 - 08:15:58 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 22/03/2011 - 08:29:42 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 18/10/2010 - 06:55:48 - [4498121] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 24/11/2008 - 10:58:44 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 22/09/2009 - 08:15:56 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 07/12/2009 - 13:07:46 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 22/09/2009 - 08:15:58 - [6527558] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 07/12/2009 - 18:25:22 - [3921490] ----D- C:\Program Files\WinRAR
O43 - CFD: 08/09/2010 - 08:53:36 - [567960269] ----D- C:\Program Files\Wurth
O43 - CFD: 26/06/2011 - 22:41:06 - [4054017] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 11/10/2010 - 18:11:34 - [6247934] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 26/06/2011 - 22:21:16 - [134085856] ----D- C:\Program Files\Common Files\Akamai
O43 - CFD: 24/11/2008 - 11:04:18 - [1083943] ----D- C:\Program Files\Common Files\AOL
O43 - CFD: 09/05/2011 - 15:56:26 - [56255387] ----D- C:\Program Files\Common Files\Autodesk Shared
O43 - CFD: 28/11/2008 - 09:40:00 - [8783800] ----D- C:\Program Files\Common Files\Borland Shared
O43 - CFD: 26/06/2009 - 13:36:06 - [204864] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 08/07/2008 - 07:25:54 - [15074515] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 08/07/2008 - 07:31:38 - [37779094] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 14/10/2008 - 03:55:18 - [28980677] ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD: 30/09/2010 - 18:02:54 - [477774883] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 08/07/2008 - 06:58:08 - [51480570] ----D- C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 24/11/2008 - 18:04:18 - [498856] ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 22/09/2009 - 08:15:56 - [42800178] ----D- C:\Program Files\Common Files\System
O43 - CFD: 25/11/2008 - 09:45:12 - [2071275] ----D- C:\Program Files\Common Files\UDAC
O43 - CFD: 11/10/2010 - 18:11:32 - [763] ----D- C:\ProgramData\Adobe
O43 - CFD: 27/11/2008 - 18:44:30 - [6900] ----D- C:\ProgramData\AOL
O43 - CFD: 24/11/2008 - 18:20:40 - [12020] ----D- C:\ProgramData\AOL OCP
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 14/10/2008 - 03:17:54 - [10763] ----D- C:\ProgramData\Atheros
O43 - CFD: 24/09/2009 - 18:41:52 - [37004666] ----D- C:\ProgramData\Autodesk
O43 - CFD: 24/11/2008 - 10:58:44 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 15/01/2009 - 16:11:56 - [95] ----D- C:\ProgramData\Canon
O43 - CFD: 04/08/2009 - 22:06:36 - [9721] ----D- C:\ProgramData\CyberLink
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 24/11/2008 - 10:58:44 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 02/03/2010 - 17:32:42 - [539332] ----D- C:\ProgramData\Google
O43 - CFD: 06/01/2009 - 15:34:24 - [50908354] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 07/05/2011 - 09:13:30 - [16322755] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 18/11/2010 - 07:46:36 - [1638] ----D- C:\ProgramData\McAfee
O43 - CFD: 14/06/2009 - 09:59:00 - [711] ----D- C:\ProgramData\Media Center Programs
O43 - CFD: 24/11/2008 - 10:58:44 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 04/06/2010 - 10:03:20 - [493863823] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 17/06/2011 - 07:18:58 - [657184] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 24/11/2008 - 10:58:44 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 08/07/2008 - 06:58:02 - [0] ----D- C:\ProgramData\muvee Technologies
O43 - CFD: 01/03/2010 - 11:46:14 - [155] ----D- C:\ProgramData\Norton
O43 - CFD: 01/03/2010 - 11:11:58 - [181085] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 30/09/2010 - 18:00:32 - [252299] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 24/03/2011 - 08:39:38 - [247234] ----D- C:\ProgramData\Samsung
O43 - CFD: 25/11/2008 - 10:05:34 - [26592] ----D- C:\ProgramData\SPS
O43 - CFD: 26/06/2011 - 21:40:14 - [20161] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 01/03/2010 - 11:12:00 - [155] ----D- C:\ProgramData\Symantec
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 23/03/2009 - 10:52:18 - [1201836160] ----D- C:\ProgramData\Trend Micro
O43 - CFD: 24/11/2008 - 18:18:56 - [16579511] ----D- C:\ProgramData\WildTangent
O43 - CFD: 07/09/2009 - 16:32:36 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 08/07/2008 - 07:12:58 - [6904816] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 26/06/2011 - 21:38:30 - [103609] ----D- C:\Users\olivier\AppData\Roaming\.purple
O43 - CFD: 01/12/2008 - 11:36:06 - [2563637] ----D- C:\Users\olivier\AppData\Roaming\Adobe
O43 - CFD: 24/09/2009 - 18:41:58 - [12882198] ----D- C:\Users\olivier\AppData\Roaming\Autodesk
O43 - CFD: 04/08/2009 - 22:06:36 - [20] ----D- C:\Users\olivier\AppData\Roaming\CyberLink
O43 - CFD: 31/03/2009 - 07:48:44 - [66] ----D- C:\Users\olivier\AppData\Roaming\Download Manager
O43 - CFD: 03/03/2010 - 14:49:38 - [0] ----D- C:\Users\olivier\AppData\Roaming\Google
O43 - CFD: 06/01/2009 - 15:35:12 - [348332] ----D- C:\Users\olivier\AppData\Roaming\Hewlett-Packard
O43 - CFD: 19/03/2010 - 16:23:28 - [228] ----D- C:\Users\olivier\AppData\Roaming\HTML Executable
O43 - CFD: 24/11/2008 - 11:07:54 - [0] ----D- C:\Users\olivier\AppData\Roaming\Identities
O43 - CFD: 15/01/2009 - 16:11:10 - [0] ----D- C:\Users\olivier\AppData\Roaming\InstallShield
O43 - CFD: 24/11/2008 - 11:07:20 - [456] ----D- C:\Users\olivier\AppData\Roaming\Macromedia
O43 - CFD: 07/05/2011 - 09:13:52 - [243917] ----D- C:\Users\olivier\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\olivier\AppData\Roaming\Media Center Programs
O43 - CFD: 26/06/2011 - 10:52:00 - [25780247] -S--D- C:\Users\olivier\AppData\Roaming\Microsoft
O43 - CFD: 01/12/2008 - 10:01:34 - [15598992] ----D- C:\Users\olivier\AppData\Roaming\Mozilla
O43 - CFD: 01/12/2008 - 08:40:50 - [0] ----D- C:\Users\olivier\AppData\Roaming\PeerNetworking
O43 - CFD: 29/05/2009 - 18:04:42 - [6005] ----D- C:\Users\olivier\AppData\Roaming\Red Alert 3 Demo
O43 - CFD: 24/03/2011 - 08:39:50 - [0] ----D- C:\Users\olivier\AppData\Roaming\Samsung
O43 - CFD: 27/05/2009 - 20:31:58 - [6444] R-H-D- C:\Users\olivier\AppData\Roaming\SecuROM
O43 - CFD: 24/11/2008 - 11:08:26 - [0] ----D- C:\Users\olivier\AppData\Roaming\Symantec
O43 - CFD: 01/12/2008 - 10:01:34 - [52447742] ----D- C:\Users\olivier\AppData\Roaming\Thunderbird
O43 - CFD: 07/12/2009 - 18:26:12 - [12] ----D- C:\Users\olivier\AppData\Roaming\WinRAR
O43 - CFD: 18/01/2011 - 15:51:40 - [949274] ----D- C:\Users\olivier\Appdata\Local\Adobe
O43 - CFD: 24/11/2008 - 18:20:38 - [90142] ----D- C:\Users\olivier\Appdata\Local\AOL OCP
O43 - CFD: 24/11/2008 - 11:02:00 - [0] -SH-D- C:\Users\olivier\Appdata\Local\Application Data
O43 - CFD: 06/05/2009 - 10:44:02 - [1193400] ----D- C:\Users\olivier\Appdata\Local\Apps
O43 - CFD: 24/09/2009 - 18:41:56 - [6288881] ----D- C:\Users\olivier\Appdata\Local\Autodesk
O43 - CFD: 06/05/2009 - 10:44:16 - [0] ----D- C:\Users\olivier\Appdata\Local\Deployment
O43 - CFD: 24/03/2011 - 08:17:58 - [73411462] ----D- C:\Users\olivier\Appdata\Local\Downloaded Installations
O43 - CFD: 20/05/2011 - 11:13:06 - [277313691] ----D- C:\Users\olivier\Appdata\Local\Google
O43 - CFD: 24/11/2008 - 11:02:00 - [0] -SH-D- C:\Users\olivier\Appdata\Local\Historique
O43 - CFD: 26/06/2011 - 14:49:26 - [4537286870] ----D- C:\Users\olivier\Appdata\Local\Microsoft
O43 - CFD: 28/02/2011 - 14:33:14 - [850457] ----D- C:\Users\olivier\Appdata\Local\Microsoft Games
O43 - CFD: 28/11/2008 - 09:30:28 - [0] ----D- C:\Users\olivier\Appdata\Local\Microsoft Help
O43 - CFD: 01/12/2008 - 10:00:20 - [12488080] ----D- C:\Users\olivier\Appdata\Local\Mozilla
O43 - CFD: 24/03/2011 - 08:39:50 - [0] ----D- C:\Users\olivier\Appdata\Local\Samsung
O43 - CFD: 26/06/2011 - 22:41:32 - [1754] ----D- C:\Users\olivier\Appdata\Local\Temp
O43 - CFD: 24/11/2008 - 11:02:00 - [0] -SH-D- C:\Users\olivier\Appdata\Local\Temporary Internet Files
O43 - CFD: 01/12/2008 - 10:01:36 - [2250080] ----D- C:\Users\olivier\Appdata\Local\Thunderbird
O43 - CFD: 24/11/2008 - 11:08:18 - [0] ----D- C:\Users\olivier\Appdata\Local\VirtualStore
O43 - CFD: 21/01/2008 - 04:42:48 - [15197] R---D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 24/11/2008 - 11:08:02 - [174] R---D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 04/12/2008 - 20:52:38 - [3390] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 14/10/2008 - 03:56:48 - [4969] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
O43 - CFD: 14/10/2008 - 03:58:32 - [934] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
O43 - CFD: 05/05/2009 - 16:17:46 - [0] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documalis Free
O43 - CFD: 30/04/2011 - 12:54:26 - [4288] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 21/01/2008 - 04:42:48 - [548] R---D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 24/11/2008 - 15:09:08 - [4121] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 26/06/2011 - 14:56:44 - [0] R---D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 07/12/2009 - 18:25:22 - [2459] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 08/09/2010 - 08:57:32 - [5667] ----D- C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wurth



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.90EE1200FEFFFFFF57494E444F577E31] - 26/06/2011 - 21:26:11 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1251253]
O44 - LFC:[MD5.659C0F7A1F9A2AA3C59FDC99ECCE64E4] - 26/06/2011 - 21:23:20 ---A- . (...) -- C:\tmuninst.ini [31]
O44 - LFC:[MD5.A822D8CA477986C7DBE1C1E9232C53CA] - 26/06/2011 - 21:20:45 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A5F865B120EA07014D76A5B2DD283BDE] - 26/06/2011 - 21:20:36 ---A- . (...) -- C:\Windows\PFRO.log [1204]
O44 - LFC:[MD5.033DA2A43C52985D84A34AE076FB9531] - 26/06/2011 - 20:46:51 ---A- . (...) -- C:\ZHPExportRegistry-26-06-2011-21-46-51.txt [2446]
O44 - LFC:[MD5.27BE81B446D3192224ED8F4DA9F2B7AD] - 26/06/2011 - 14:53:30 ---A- . (...) -- C:\UsbFix.txt [7652]
O44 - LFC:[MD5.DBA9B9666B9037B2086DF3E896A4A263] - 26/06/2011 - 14:53:19 ---A- . (...) -- C:\UsbFix_Upload_Me_PC-DE-OLIVIER.zip [8757]
O44 - LFC:[MD5.AA259F62ED3D7607DFCB99A119D2C04B] - 26/06/2011 - 14:52:20 ---A- . (...) -- C:\Windows\TMFilter.log [1363]
O44 - LFC:[MD5.38EE63CDF4639BB6327DB6DB888C7BD6] - 26/06/2011 - 14:36:07 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1747408]
O44 - LFC:[MD5.1B4EE7F391E1B811CD8F90C5058CEF41] - 26/06/2011 - 14:36:07 ---A- . (...) -- C:\Windows\System32\perfc009.dat [135358]
O44 - LFC:[MD5.52A246DD83D98BF368A430701E1F147E] - 26/06/2011 - 14:36:07 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [166478]
O44 - LFC:[MD5.45ECC552D28BD26663B8DCE95D88A52B] - 26/06/2011 - 14:36:07 ---A- . (...) -- C:\Windows\System32\perfh009.dat [677780]
O44 - LFC:[MD5.75DE9B28C7D97D30E40B726DE75BFC3D] - 26/06/2011 - 14:36:07 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [772912]
O44 - LFC:[MD5.17622028354A9D69E607F958618F7AFE] - 26/06/2011 - 13:22:20 ---A- . (...) -- C:\Windows\setupact.log [1390]
O44 - LFC:[MD5.32DEE0CAE388979749DF1132F5CE20C5] - 24/06/2011 - 10:08:48 ---A- . (...) -- C:\Windows\cfgall.ini [13077]
O44 - LFC:[MD5.F37FAAABBDF912D28249CB0651CFA3B7] - 23/06/2011 - 06:23:26 ---A- . (...) -- C:\Windows\V6.INI [36]
O44 - LFC:[MD5.9104F9B3E9092AC343848D93D43D6C49] - 22/06/2011 - 14:29:58 ---A- . (...) -- C:\Windows\RBuilder.ini [2349]
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 21/06/2011 - 13:57:03 ---A- . (...) -- C:\Windows\System32\DOErrors.log [52]
O44 - LFC:[MD5.CE517C148FB9E1BD20663A4665E1C5D3] - 01/06/2011 - 04:26:46 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [39984]
O44 - LFC:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [22712]



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - WDF dynamique.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - WDF dynamique.) -- C:\Windows\System32\Drivers\Wdf01000.sys



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CnwiDeviceAgent [Key] . (.CANON INC. - imagePROGRAF Status Monitor.) -- C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.2846F5EE802889D500FCF5CC48B28381] - 05/09/2009 - 16:55:36 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [1183744]
O58 - SDL:[MD5.CF6A67C90951E3E763D2135DEDE44B85] - 02/11/2006 - 08:30:53 ---A- . (.Broadcom Corporation - BCM 802.11g Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS [464384]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.D3C277A51EF9E2EC972D6221F99C0B6D] - 07/12/2008 - 12:44:54 ---A- . (...) -- C:\Windows\system32\drivers\btnetBus.sys [30088]
O58 - SDL:[MD5.DDA0CB141150FEF87419926790CD26C8] - 03/10/2008 - 03:39:28 ---A- . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\CHDRT32.sys [222208]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.28CB0B64134AD62C2ACF77DB8501A619] - 21/07/2008 - 13:11:58 ---A- . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\system32\drivers\ElbyCDIO.sys [24392]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.35956140E686D53BF676CF0C778880FC] - 18/06/2007 - 16:12:04 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys [16768]
O58 - SDL:[MD5.A2882945CC4B6E3E4E9E825590438888] - 01/11/2007 - 02:47:54 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [208896]
O58 - SDL:[MD5.0ACD399F5DB3DF1B58903CF4949AB5A8] - 01/11/2007 - 02:47:08 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504]
O58 - SDL:[MD5.CC267848CB3508E72762BE65734E764D] - 01/11/2007 - 02:51:26 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [985600]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.566C5FD480FDBCE3BA5CF9FBCFFAEA9A] - 09/10/2008 - 15:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\system32\drivers\KMWDFILTER.sys [17408]
O58 - SDL:[MD5.5353218B3265E3B8190335059F697A11] - 26/05/2005 - 10:01:18 ---A- . (.LG Electronics Inc. - lgusbbus.sys.) -- C:\Windows\system32\drivers\lgusbbus.sys [21344]
O58 - SDL:[MD5.7DD3EEFC62A1EF44E5F940FA651ED9ED] - 26/05/2005 - 10:01:36 ---A- . (.LG Electronics Inc. - lgusbdiag.sys.) -- C:\Windows\system32\drivers\lgusbdiag.sys [38144]
O58 - SDL:[MD5.083031A78822ECCBD7510BCCD3E20D4C] - 24/06/2005 - 17:36:16 ---A- . (.LG Electronics Inc. - lgusbmodem.sys.) -- C:\Windows\system32\drivers\lgusbmodem.sys [39036]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712]
O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [39984]
O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 19/06/2006 - 23:26:58 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.11BE4B269549173CFF542591E4BE2C08] - 10/06/2008 - 23:23:00 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda32v.sys [43040]
O58 - SDL:[MD5.24000B817CC84AC1555F41929879AF5A] - 03/10/2009 - 05:02:06 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 187.66.) -- C:\Windows\system32\drivers\nvlddmkm.sys [9905096]
O58 - SDL:[MD5.1657F3FBD9061526C14FF37E79306F98] - 02/11/2006 - 08:30:56 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm60x32.sys [429056]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.125C504A34D0A2E152517E342E7E432C] - 10/06/2008 - 19:54:36 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [123904]
O58 - SDL:[MD5.B0538DEA03E088B80482CA939F4E8740] - 05/06/2008 - 18:01:50 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [62464]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.00B19F27858F56181EDB58B71A7C67A0] - 17/04/2008 - 19:05:16 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [199344]
O58 - SDL:[MD5.23A92FFA6A4938683DCBC9C66BDA1248] - 28/10/2008 - 12:11:50 ---A- . (.Trend Micro Inc. - TrendMicro Activity Monitor Module.) -- C:\Windows\system32\drivers\tmactmon.sys [50192]
O58 - SDL:[MD5.8762CB58A489B385FEEF2AEA7F7718F3] - 05/07/2010 - 14:19:50 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\system32\drivers\tmcomm.sys [154192]
O58 - SDL:[MD5.EBAB207A0779F3E50BDE267FAAAD696F] - 28/10/2008 - 12:11:44 ---A- . (.Trend Micro Inc. - TrendMicro Event Management Module.) -- C:\Windows\system32\drivers\tmevtmgr.sys [50192]
O58 - SDL:[MD5.1A28423418E3C5F66C1E4BDD071A154E] - 21/07/2008 - 18:51:00 ---A- . (.Trend Micro Inc. - Trend Micro NDIS 6.0 Filter Driver (i386-fre).) -- C:\Windows\system32\drivers\tmlwf.sys [145424]
O58 - SDL:[MD5.6C9F58DD778B05DF58839F1376BF4687] - 21/07/2008 - 18:50:28 ---A- . (.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) -- C:\Windows\system32\drivers\tmtdi.sys [80400]
O58 - SDL:[MD5.616DA082E416967C38551F6D651F9468] - 21/07/2008 - 18:51:12 ---A- . (.Trend Micro Inc. - Trend Micro WFP callout Driver (i386-fre).) -- C:\Windows\system32\drivers\tmwfp.sys [256528]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.9BF2EA54E5ED5ACDF96F1DEC84C117C4] - 24/09/2008 - 11:29:25 ---A- . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\system32\drivers\VClone.sys [29184]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704]
O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:23:23 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336]
O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648]
O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 18/10/2007 - 00:36:54 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: UsbFix By TeamXscript - (.TeamXscript.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: OTM - (.OldTimer.)
O63 - Logiciel: RSIT - (.random/random.)



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adp94xx.sys - adp94xx(adp94xx) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adpahci.sys - adpahci(adpahci) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adpu160m.sys - adpu160m(adpu160m) .(.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) - LEGACY_ADPU160M
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\adpu320.sys - adpu320(adpu320) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) - LEGACY_ADPU320
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\djsvs.sys - aic78xx(aic78xx) .(.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) - LEGACY_AIC78XX
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\aliide.sys - aliide(aliide) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\arc.sys - arc(arc) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\arcsas.sys - arcsas(arcsas) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\cmdide.sys - cmdide(cmdide) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE
O64 - Services: CurCS - 21/07/2008 - C:\Windows\System32\Drivers\ElbyCDIO.sys - ElbyCDIO Driver(ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) - LEGACY_ELBYCDIO
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\elxstor.sys - elxstor(elxstor) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\hpcisss.sys - HpCISSs(HpCISSs) .(.Hewlett-Packard Company - Smart Array Storport Driver.) - LEGACY_HPCISSS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\iastorv.sys - Intel RAID Controller Vista(iaStorV) .(.Intel Corporation - Intel Matrix Storage Manager driver (base).) - LEGACY_IASTORV
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\iirsp.sys - iirsp(iirsp) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\iteatapi.sys - ITEATAPI_Service_Install(iteatapi) .(.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) - LEGACY_ITEATAPI
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\iteraid.sys - ITERAID_Service_Install(iteraid) .(.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) - LEGACY_ITERAID
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\lsi_fc.sys - LSI_FC(LSI_FC) .(.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\lsi_sas.sys - LSI_SAS(LSI_SAS) .(.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\lsi_scsi.sys - LSI_SCSI(LSI_SCSI) .(.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI
O64 - Services: CurCS - 29/05/2011 - C:\Windows\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\megasas.sys - megasas(megasas) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\megasr.sys - MegaSR(MegaSR) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\mraid35x.sys - Mraid35x(Mraid35x) .(.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\nfrd960.sys - nfrd960(nfrd960) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nvraid.sys - NVIDIA nForce RAID Driver (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\nvstor.sys - nvstor(nvstor) .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\ql2300.sys - QLogic Fibre Channel Miniport Driver(ql2300) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\ql40xx.sys - QLogic iSCSI Miniport Driver(ql40xx) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\sisraid4.sys - SiSRaid4(SiSRaid4) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\symc8xx.sys - Symc8xx(Symc8xx) .(.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\sym_hi.sys - Sym_hi(Sym_hi) .(.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\sym_u3.sys - Sym_u3(Sym_u3) .(.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) - LEGACY_SYM_U3
O64 - Services: CurCS - 28/10/2008 - C:\Windows\System32\DRIVERS\tmactmon.sys - tmactmon(tmactmon) .(.Trend Micro Inc. - TrendMicro Activity Monitor Module.) - LEGACY_TMACTMON
O64 - Services: CurCS - 05/07/2010 - C:\Windows\System32\DRIVERS\tmcomm.sys - tmcomm(tmcomm) .(.Trend Micro Inc. - TrendMicro Common Module.) - LEGACY_TMCOMM
O64 - Services: CurCS - 28/10/2008 - C:\Windows\System32\DRIVERS\tmevtmgr.sys - tmevtmgr(tmevtmgr) .(.Trend Micro Inc. - TrendMicro Event Management Module.) - LEGACY_TMEVTMGR
O64 - Services: CurCS - 20/10/2010 - C:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys - Trend Micro Filter(TmFilter) .(.Trend Micro Inc. - Post Filter For XP.) - LEGACY_TMFILTER
O64 - Services: CurCS - 21/07/2008 - C:\Windows\System32\DRIVERS\tmlwf.sys - Trend Micro NDIS 6.0 Filter Driver(tmlwf) .(.Trend Micro Inc. - Trend Micro NDIS 6.0 Filter Driver (i386-fr.) - LEGACY_TMLWF
O64 - Services: CurCS - 20/10/2010 - C:\Program Files\Trend Micro\Client Server Security Agent\TmPreFlt.sys - Trend Micro PreFilter(TmPreFilter) .(.Trend Micro Inc. - Pre-Filter For XP.) - LEGACY_TMPREFILTER
O64 - Services: CurCS - 21/07/2008 - C:\Windows\System32\DRIVERS\tmtdi.sys - Trend Micro TDI Driver(tmtdi) .(.Trend Micro Inc. - Trend Micro TDI Driver (i386-fre).) - LEGACY_TMTDI
O64 - Services: CurCS - 21/07/2008 - C:\Windows\System32\DRIVERS\tmwfp.sys - Trend Micro WFP Callout Driver(tmwfp) .(.Trend Micro Inc. - Trend Micro WFP callout Driver (i386-fre).) - LEGACY_TMWFP
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\uliahci.sys - uliahci(uliahci) .(.ULi Electronics Inc. - ULi SATA Controller Driver.) - LEGACY_ULIAHCI
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\drivers\ulsata.sys - UlSata(UlSata) .(.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) - LEGACY_ULSATA
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\ulsata2.sys - ulsata2(ulsata2) .(.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) - LEGACY_ULSATA2
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\viaide.sys - viaide(viaide) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE
O64 - Services: CurCS - 20/10/2010 - C:\Program Files\Trend Micro\Client Server Security Agent\VSApiNt.sys - Trend Micro VSAPI NT(VSApiNt) .(.Trend Micro Inc. - VsapiNT.) - LEGACY_VSAPINT
O64 - Services: CurCS - 21/01/2008 - C:\Windows\System32\drivers\vsmraid.sys - vsmraid(vsmraid) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID
O64 - Services: CurCS - 18/10/2007 - C:\Windows\System32\DRIVERS\xaudio.sys - XAudio(XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\olivier\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\olivier\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0C809E13-E67B-49A0-8BD5-925A1BBF5F0B} - (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {F351C884-9D0C-453F-B357-5E88B9FF8460} - (Kelkoo) - http://fr.kelkoopartners.net



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.D1891B58FE5D1830436EF8811768300E] [SPRF] (.OldTimer Tools - Pas de description.) -- C:\Users\olivier\Desktop\OTM.exe [522752]
[MD5.FCAE0D2671F210ACFAEE2197F318AA59] [SPRF] (.TeamXscript.org - UsbFix.) -- C:\Users\olivier\Desktop\UsbFix.exe [1231967]



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l'autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "{E12AFA54-90AC-4BD3-B046-2A12B604B87D}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDPlay.) -- C:\Program Files\HP\QuickPlay\QP.exe
O87 - FAEL: "{27EAE061-E3DB-4F3E-A98F-7555A46D30C7}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe
O87 - FAEL: "{C1966DDC-6432-4D29-8166-44C114C926ED}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\Cyberlink\PowerDirector\PDR.exe
O87 - FAEL: "{C2967DB6-8EBF-49ED-B072-EA88C8999D34}" | In - Public - P6 - TRUE | .(.AOL LLC - AOL Loader.) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe
O87 - FAEL: "{843D9ECF-00B8-4B4E-BFEC-6E6E33D3C0D4}" | In - Public - P17 - TRUE | .(.AOL LLC - AOL Loader.) -- C:\Program Files\Common Files\AOL\Loader\aolload.exe
O87 - FAEL: "{E73DF873-B021-4129-ABB5-F24362F5D1B9}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "{231AE2E4-24B5-4377-92E2-003A13AC5570}" | In - Public - P6 - TRUE | .(.CANON INC. - imagePROGRAF Status Monitor.) -- C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O87 - FAEL: "{CDDE5E06-E703-4D22-B7F5-CD924002814A}" | In - Public - P17 - TRUE | .(.CANON INC. - imagePROGRAF Status Monitor.) -- C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
O87 - FAEL: "{C7A763F7-EA27-488F-BED5-8484FA244419}" | In - Public - P6 - TRUE | .(.CANON INC. - imagePROGRAF Status Monitor.) -- C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O87 - FAEL: "{30AC7BE0-7271-440C-9C33-079CD3A23DE3}" | In - Public - P17 - TRUE | .(.CANON INC. - imagePROGRAF Status Monitor.) -- C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
O87 - FAEL: "{FB7BA446-2842-440F-881B-8E5BF6AE8CC0}" | In - Public - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{11E60059-876B-4A38-A20D-24D0210E70F5}" | In - Public - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "TCP Query User{FFC76E78-EC6D-4648-AF94-710655A87FF1}C:\program files\pidgin\pidgin.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\pidgin\pidgin.exe (.not file.)
O87 - FAEL: "UDP Query User{5E625FB2-8DE5-403B-8CDE-695607D55E51}C:\program files\pidgin\pidgin.exe" |In - P

suite et fin:

O87 - FAEL: "UDP Query User{5E625FB2-8DE5-403B-8CDE-695607D55E51}C:\program files\pidgin\pidgin.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\pidgin\pidgin.exe (.not file.)



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 26/06/2009 85096 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SR - | Demand 03/04/2008 193840 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SS - | Auto 02/03/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/03/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/03/2010 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 09/10/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 01/05/2008 165192 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SR - | Auto 12/03/2007 161872 | (iPFDeviceAgentService) . (.CANON INC..) - C:\Windows\system32\Cnwiolss.exe
SR - | Auto 26/02/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - | Disabled 29/05/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 19/01/2009 918824 | (ntrtscan) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
SR - | Auto 03/10/2009 219752 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 26/04/2008 361808 | (Recovery Service for Windows) . (...) - C:\Windows\SMINST\BLService.exe
SR - | Auto 09/01/2007 272024 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SS - | Demand 23/12/2008 341256 | (TMBMServer) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
SR - | Auto 19/01/2009 1069688 | (tmlisten) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
SR - | Demand 26/12/2008 497008 | (TmPfw) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe
SR - | Demand 05/11/2008 677128 | (TmProxy) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
SR - | Auto 18/10/2007 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by olivier at 26/06/2011 22:45:29

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS
1 ntkrnlpa!IofCallDriver[0x8227D912] -> \Device\Harddisk0\DR0[0x86494718]
3 CLASSPNP[0x8A80E8B3] -> ntkrnlpa!IofCallDriver[0x8227D912] -> \Device\Ide\IdeDeviceP0T0L0-0[0x85198B98]
kernel: MBR read successfully
user & kernel MBR OK



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by olivier at 26/06/2011 22:45:31

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin



End of the scan (1235 lines in 05mn 23s)(0)

Vraiment navré, perso je trouve ça illisible, a part un copié coller sur le bloc note, je vois pas mieux.
Merci encore et bon courage :)

Rhooo! ^^

https://forums.commentcamarche.net/forum/affich-22469056-pub-intempestive?page=2#43