Analyse hijackthis

otacon59 Messages postés 14 Statut Membre -  
juju666 Messages postés 38404 Statut Contributeur sécurité -
Bonjour,
je sais pas si je suis dans le bon emplacement pour poster ceci,
je souhaiterais de l'aide pour comprendre pourquoi mon ordi a des ralentissement,
je vous met l'analyse hijackthis.
Merci a toute l'aide que vous pouvez me donner.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:11:38, on 16/06/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal

Running processes:
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10s_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\otacon\Documents\doc importé\eMule\emule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {a65e491f-a436-4952-b49a-b24ed99a0f67} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - c:\windows\system32\HidService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
A voir également:

22 réponses

  • 1
  • 2
Réponse 1 / 22
remousse Messages postés 299 Date d'inscription   Statut Membre Dernière intervention   6
 
poste ta trace Hijackthis sur ce site et tu verra ce qui ne va pas !!!

http://www.hijackthis.de/fr
0
Réponse 2 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
Hello,
@remousse: les analyseurs ne sont pas terrible...

@otacon :

Ton pc présente diverses infections Adwares.
CF : https://www.futura-sciences.com/tech/definitions/internet-adware-1857/

Télécharge de AD-Remover sur ton Bureau. (TeamXScript)

http://www.teamxscript.org/adremoverTelechargement.html ( Lien officiel )
OU
https://www.androidworld.fr/ ( Miroir )

/!\ Ferme toutes applications en cours /!\

▶ Double-clique sur l''icône Ad-remover située sur ton Bureau.
▶ Sur la page, clique sur le bouton « Scanner »
▶ Confirme lancement du scan
▶ Laisse travailler l''outil.
▶ Quand il a fini, un rapport s'ouvrira : ferme le.

♦ Pour me transmettre le rapport

clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier C:\Ad-Report-SCAN[1].txt

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.
0
Réponse 3 / 22
otacon59 Messages postés 14 Statut Membre
 
merci juju666,
voila le lien :


http://www.cijoint.fr/cjlink.php?file=cj201106/cijxgeDwik.txt
0
Réponse 4 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
nickel :)

▶ Relance AD-Remover, clique sur Nettoyer
▶ Laisse le pc redémarrer.
▶ Une fois revenu sur le bureau héberge le rapport comme précédemment

0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 22
otacon59 Messages postés 14 Statut Membre
 
ok voila le lien du nettoyage,


http://www.cijoint.fr/cjlink.php?file=cj201106/cij1DqScRd.txt


merci
0
Réponse 6 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
le rapport n est pas complet ?
relance le pour voir et poste CLEAN[2]
0
Réponse 7 / 22
otacon59 Messages postés 14 Statut Membre
 
désolé, voila :


http://www.cijoint.fr/cjlink.php?file=cj201106/cijwqZ80B3.txt
0
Réponse 8 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
Voilà :)

Relance AD-R, clique sur désinstaller ;)

===============================

Télécharge et installe ZHPDiag
Ouvre le (clic droit>exécuter en tant qu'admin sur vista/7) et clique sur la loupe
aux 100% tu le ferme
Héberge et colle ici le lien du rapport ZHPDiag.txt qui doit être sur ton bureau
0
Réponse 9 / 22
otacon59 Messages postés 14 Statut Membre
 
décidément, lol,


Rapport de ZHPDiag v1.27.231 par Nicolas Coolman, Update du 16/06/2011
Run by otacon at 16/06/2011 23:15:04
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19048
MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut)
GCIE: Google Chrome v12.0.742.100

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 580 GB (63%) free of 919 GB

---\\ Logged in mode
Computer Name: PC-DE-OTACON
User Name: otacon
All Users Names: otacon, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\otacon\AppData\Roaming
%LocalAppData%=C:\Users\otacon\AppData\Local
%StartMenu%=C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 580 Go of 919 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ Floppy drive, Flash card reader, USB Key (Free 2 Go of 4 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 23:27:38.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.047CDEFF94B63F0A4791372B47427B60] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2011 07:21:28.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 23:28:14.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 23:32:28.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 23:32:50.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]



---\\ Processus lancés
[MD5.22DDA36DC2521C4DD8E485C96406637B] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [1449368]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.7F309C30F2AB129B0DE176CA57D4D499] - (...) -- C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe [462848]
[MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]
[MD5.3B2CC09944488DB5ED5DFDC315C9AB57] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]
[MD5.60EC4BC29892A106942EC0122F5A39DE] - (.https://www.emule-project.net/home/perl/general.cgi?l=1 - eMule.) -- C:\Users\otacon\Documents\doc importé\eMule\emule.exe [5668864]
[MD5.386B07203DE6C06A56FEAC2133CA6819] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658944]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\otacon\AppData\Roaming\Mozilla\Firefox\Profiles\fyvrag5n.default\prefs.js
M3 - MFPP: Plugins - [otacon] -- C:\Users\otacon\AppData\Roaming\Mozilla\Firefox\Profiles\fyvrag5n.default\searchplugins\sweetim.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
M0 - MFSP: prefs.js [otacon - fyvrag5n.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [otacon - fyvrag5n.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-753519764-1881503075-668909052-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {a65e491f-a436-4952-b49a-b24ed99a0f67} . (...) (No version) -- (.not file.)



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (.Google Inc. - Fast Search.) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe
O4 - HKLM\..\Run: [BDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (.not file.)
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-753519764-1881503075-668909052-1000\..\Run: [RocketDock] . (...) -- C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-753519764-1881503075-668909052-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DeepBurner.lnk . (.Astonsoft.) -- C:\Program Files\Astonsoft\DeepBurner\DeepBurner.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS3\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Adobe LM Service) . (.Adobe Systems - System Level Service Utility.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: C:\Windows\system32\Alg.exe (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: (GenericHidService) . (.Packard Bell Services - HID Service Vista compliant.) - c:\windows\system32\HidService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe
O23 - Service: (Sony Ericsson PCCompanion) . (.Avanquest Software - Sony Ericsson PCCompanion Service.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: (Steam Client Service) . (.Valve Corporation - Steam Client Service (buildbot_winslave01_s.) - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: (Update Server) . (.BitDefender - Bitdefender Web Server.) - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: (Updatesrv) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (Bdfndisf) . (.BitDefender - BitDefender Firewall NDIS6 Filter Driver.) - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
O41 - Driver: (Bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: ALZip - (.ESTsoft Corp..) [HKLM] -- ALZip_is1
O42 - Logiciel: ATI AVIVO Codecs - (.ATI Technologies Inc..) [HKLM] -- {CDCA88C3-43AD-F31B-9D37-F4705C2504A4}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {26560FC9-61C7-DB95-50CA-ED92D8C3C742}
O42 - Logiciel: Adobe Bridge 1.0 - (.Adobe Systems.) [HKLM] -- {B74D4E10-6884-0000-0000-000000000101}
O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] -- {8EDBA74D-0686-4C99-BFDD-F894678E5101}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Help Center 1.0 - (.Adobe Systems.) [HKLM] -- {E9787678-119F-4D52-B551-6739B2B22101}
O42 - Logiciel: Adobe Illustrator CS2 - (.Adobe Systems Inc..) [HKLM] -- Adobe Illustrator CS2
O42 - Logiciel: Adobe InDesign CS2 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}
O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}
O42 - Logiciel: Adobe Photoshop Elements 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop Elements 6
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] -- {786C5747-0C40-4930-9AFE-113BCE553101}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: BitDefender Internet Security 2011 - (.BitDefender.) [HKLM] -- BitDefender
O42 - Logiciel: BitDefender Internet Security 2011 - (.BitDefender.) [HKLM] -- {CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: Call of Duty: Modern Warfare 2 - (.Infinity Ward.) [HKLM] -- Steam App 10180
O42 - Logiciel: Call of Duty: Modern Warfare 2 - Multiplayer - (.Infinity Ward.) [HKLM] -- Steam App 10190
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {19A492A0-888F-44A0-9B21-D91700763F62}
O42 - Logiciel: Creative WebCam NX Pro Driver (1.03.03.0326) - (.Pas de propriétaire.) [HKLM] -- Creative PD1130
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DeepBurner v1.9.0.228 - (.Pas de propriétaire.) [HKLM] -- {2ADE2157-7A5E-122C-B51D-EB8A01B15943}
O42 - Logiciel: DolbyFiles - (.Nero AG.) [HKLM] -- {B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8A8F8391-4C2C-4BE1-A984-CD4A5A546467}
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus SX200_SX400_TX200_TX400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus SX200_SX400_TX200_TX400 Guide d'utilisation
O42 - Logiciel: EPSON Stylus SX400 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Stylus SX400 Series
O42 - Logiciel: EasyBits Magic Desktop - (.Pas de propriétaire.) [HKLM] -- EasyBits Magic Desktop
O42 - Logiciel: EasyPHP 1.6 - (.Pas de propriétaire.) [HKLM] -- EasyPHP_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {C768790F-04FB-11E0-9B2C-001AA037B01E}
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1
O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM] -- {03496F77-5835-D529-1ED8-044FCD372E0F}
O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: MP3 et Musique Créateur 2 - (.Mystik Media.) [HKLM] -- MP3 et Musique Créateur 2
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Macromedia Dreamweaver 8 - (..) [HKLM] -- {5FD788ED-1A37-4496-9BDD-463F493B27FA}
O42 - Logiciel: Macromedia Extension Manager - (.Nom de votre société.) [HKLM] -- {3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
O42 - Logiciel: Macromedia Flash 8 - (.Macromedia.) [HKLM] -- {2BD5C305-1B27-4D41-B690-7A61172D2FEB}
O42 - Logiciel: Macromedia Flash 8 Video Encoder - (.Macromedia.) [HKLM] -- {8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
O42 - Logiciel: MetaBoli - (.Pas de propriétaire.) [HKLM] -- {709817E4-5439-4206-8738-796B34B623BD}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student - (.Pas de propriétaire.) [HKLM] -- Office2007
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Microsoft Works 9.0 SE - (.Pas de propriétaire.) [HKLM] -- Works9SE
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {C9FFC925-E27E-436E-A2DF-652324D51036}
O42 - Logiciel: Nero 9 Lite - (.Nero AG.) [HKLM] -- {992711b5-f96b-4675-a2e0-f14cf026361c}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- {F4EA67C9-6748-4C1E-9AFF-04149AC75D95}
O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- {CA786CFF-1D31-4804-B436-F3405B14357F}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Setup My PC - (.Pas de propriétaire.) [HKLM] -- {28518520-F25C-48C3-A224-861F331602F4}
O42 - Logiciel: Sniper Ghost Warrior - (.Pas de propriétaire.) [HKLM] -- Sniper Ghost Warrior_is1
O42 - Logiciel: Sony Ericsson PC Companion 2.01.149 - (.Sony Ericsson.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Sony Ericsson Update Engine - (.Sony Ericsson Mobile Communications AB.) [HKLM] -- Update Engine
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: Stellarium 0.10.4 - (.Pas de propriétaire.) [HKLM] -- Stellarium_is1
O42 - Logiciel: TomTom HOME 2.8.1.2218 - (.TomTom.) [HKLM] -- TomTom HOME
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VideoLAN VLC media player 0.8.5 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Zylom Games Player Plugin - (.Zylom Games.) [HKLM] -- Zylom Games Player Plugin
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\APN]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Astonsoft]
[HKCU\Software\Audacity]
[HKCU\Software\BVRP Software]
[HKCU\Software\BitDefender]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\EstSoft]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LowRegistry]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla]
[HKCU\Software\Mystik Media]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Packard Bell]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RocketDock]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Softonic]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\TomTom]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
[HKLM\Software\ABBYY]
[HKLM\Software\AMD]
[HKLM\Software\APN]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVC3]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Activision]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Arobas Music]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\EasyBits]
[HKLM\Software\EstSoft]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hauppauge]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MetaBoli]
[HKLM\Software\MicroQuill]
[HKLM\Software\MidasHeurScanner]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NeroDigital]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PACKARD BELL]
[HKLM\Software\Packard Bell ImageWriter]
[HKLM\Software\Packard Bell Updator]
[HKLM\Software\Panasonic]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Ericsson]
[HKLM\Software\Symantec]
[HKLM\Software\TomTom]
[HKLM\Software\TrendMicro]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/01/2011 - 12:07:30 - [124428627] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 21/05/2011 - 16:50:34 - [1588383811] ----D- C:\Program Files\Adobe
O43 - CFD: 29/05/2011 - 09:30:30 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 27/01/2011 - 20:11:14 - [7997198] ----D- C:\Program Files\Astonsoft
O43 - CFD: 06/01/2011 - 00:01:50 - [17342552] ----D- C:\Program Files\ATI
O43 - CFD: 09/04/2011 - 04:18:58 - [45242912] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 28/03/2011 - 04:24:16 - [8691126] ----D- C:\Program Files\Audacity
O43 - CFD: 13/01/2011 - 12:39:40 - [181551223] ----D- C:\Program Files\BitDefender
O43 - CFD: 29/05/2011 - 09:28:22 - [940615] ----D- C:\Program Files\Bonjour
O43 - CFD: 06/01/2011 - 15:52:14 - [5102377823] ----D- C:\Program Files\City Interactive
O43 - CFD: 29/05/2011 - 09:28:08 - [3049965075] ----D- C:\Program Files\Common Files
O43 - CFD: 06/04/2011 - 15:50:42 - [29011494] ----D- C:\Program Files\EasyBits For Kids
O43 - CFD: 10/04/2011 - 00:33:04 - [17866822] ----D- C:\Program Files\EasyPHP
O43 - CFD: 06/01/2011 - 12:07:44 - [94787902] ----D- C:\Program Files\epson
O43 - CFD: 07/01/2011 - 05:06:06 - [12323021] ----D- C:\Program Files\ESTsoft
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 04/02/2011 - 23:31:40 - [397385415] ----D- C:\Program Files\Google
O43 - CFD: 15/02/2011 - 19:52:24 - [48176611] ----D- C:\Program Files\Guitar Pro 5
O43 - CFD: 15/02/2011 - 15:11:34 - [4710307] ----D- C:\Program Files\HDReg
O43 - CFD: 12/05/2011 - 09:21:04 - [46378311] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 29/05/2011 - 09:32:32 - [5871878] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 29/05/2011 - 09:33:24 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 29/05/2011 - 09:34:30 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 11/03/2011 - 17:08:12 - [91548835] ----D- C:\Program Files\Java
O43 - CFD: 10/04/2011 - 00:20:44 - [350540549] ----D- C:\Program Files\Macromedia
O43 - CFD: 27/01/2011 - 02:52:10 - [11672618] ----D- C:\Program Files\Micro Application
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 13/11/2008 - 07:38:20 - [373457661] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 13/11/2008 - 07:36:56 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 22/04/2011 - 08:19:08 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 15/02/2011 - 15:11:34 - [146453974] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 07/01/2011 - 04:46:34 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 06/01/2011 - 17:46:48 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 30/04/2011 - 13:42:02 - [34532489] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 06/01/2011 - 11:13:50 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 26/02/2011 - 23:55:00 - [462922614] ----D- C:\Program Files\Nero
O43 - CFD: 03/05/2011 - 16:06:52 - [352657674] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 05/01/2011 - 23:05:22 - [1332474985] ----D- C:\Program Files\PACKARD BELL
O43 - CFD: 29/05/2011 - 09:32:32 - [81337083] ----D- C:\Program Files\QuickTime
O43 - CFD: 13/11/2008 - 07:29:56 - [22653975] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 06/01/2011 - 13:04:28 - [46191189] ----D- C:\Program Files\Sony Ericsson
O43 - CFD: 16/05/2011 - 08:02:08 - [12873821998] ----D- C:\Program Files\Steam
O43 - CFD: 04/02/2011 - 22:40:06 - [71359316] ----D- C:\Program Files\Stellarium
O43 - CFD: 09/02/2011 - 11:40:40 - [234038] ----D- C:\Program Files\SweetIM
O43 - CFD: 18/02/2011 - 15:29:48 - [0] ----D- C:\Program Files\TomTom DesktopSuite
O43 - CFD: 18/02/2011 - 15:30:18 - [50621857] ----D- C:\Program Files\TomTom HOME 2
O43 - CFD: 18/02/2011 - 15:30:30 - [22486] ----D- C:\Program Files\TomTom International B.V
O43 - CFD: 16/06/2011 - 10:09:12 - [404399] ----D- C:\Program Files\Trend Micro
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 07/01/2011 - 17:30:24 - [26936399] ----D- C:\Program Files\VideoLAN
O43 - CFD: 06/01/2011 - 17:46:48 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 06/01/2011 - 17:46:46 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 06/01/2011 - 17:46:36 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 06/01/2011 - 17:46:46 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 31/03/2011 - 00:10:14 - [60637628] ----D- C:\Program Files\Windows Live
O43 - CFD: 12/05/2011 - 01:19:26 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 06/01/2011 - 17:46:46 - [5394633] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/01/2011 - 22:54:48 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 06/01/2011 - 17:46:42 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 07/01/2011 - 04:39:10 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 06/01/2011 - 17:46:46 - [27362730] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 16/06/2011 - 23:15:14 - [3900351] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 26/01/2011 - 16:23:56 - [510480] ----D- C:\Program Files\Zylom Games
O43 - CFD: 21/05/2011 - 17:09:08 - [476549935] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 12/05/2011 - 09:43:48 - [72704] ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD: 29/05/2011 - 09:33:24 - [91350844] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 06/01/2011 - 00:05:46 - [2351104] ----D- C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 13/01/2011 - 12:39:40 - [1528817188] ----D- C:\Program Files\Common Files\BitDefender
O43 - CFD: 15/02/2011 - 15:11:30 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10/04/2011 - 00:11:40 - [5983349] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 11/03/2011 - 17:09:06 - [1247175] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 10/04/2011 - 00:20:16 - [1003644] ----D- C:\Program Files\Common Files\Macromedia
O43 - CFD: 13/11/2008 - 07:41:44 - [655111] ----D- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 07/01/2011 - 18:42:48 - [439835102] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 28/03/2011 - 04:17:54 - [191096264] ----D- C:\Program Files\Common Files\Nero
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 16/05/2011 - 08:02:22 - [403240] ----D- C:\Program Files\Common Files\Steam
O43 - CFD: 06/01/2011 - 17:46:42 - [42750094] ----D- C:\Program Files\Common Files\System
O43 - CFD: 06/01/2011 - 11:40:58 - [226550364] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 21/05/2011 - 17:13:38 - [536885541] ----D- C:\ProgramData\Adobe
O43 - CFD: 21/05/2011 - 17:12:26 - [5945] ----D- C:\ProgramData\Adobe Systems
O43 - CFD: 29/05/2011 - 09:28:08 - [32173568] ----D- C:\ProgramData\Apple
O43 - CFD: 29/05/2011 - 09:33:24 - [65309412] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 09/04/2011 - 04:19:14 - [188] ----D- C:\ProgramData\ATI
O43 - CFD: 25/01/2011 - 00:21:32 - [154] ----D- C:\ProgramData\bdch
O43 - CFD: 13/01/2011 - 14:18:24 - [12830906] ----D- C:\ProgramData\BitDefender
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 08/05/2011 - 01:06:20 - [0] ----D- C:\ProgramData\Dumps
O43 - CFD: 06/01/2011 - 12:03:06 - [6675504] ----D- C:\
0
Réponse 10 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
héberger


Hébergement de rapport sur pjjoint.malekal.com

▶ Rends toi sur pjjoint.malekal.com
▶ Clique sur le bouton Parcourir
▶ Sélectionne le fichier que tu veux heberger et clique sur Ouvrir
▶ Clique sur le bouton Envoyer
▶ Un message de confirmation s''affiche (L''upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015 Copie le lien dans ta prochaine réponse.
0
Réponse 11 / 22
otacon59 Messages postés 14 Statut Membre
 
y a pas l'air de tout afficher donc je met la suite,


O43 - CFD: 08/05/2011 - 01:06:20 - [0] ----D- C:\ProgramData\Dumps
O43 - CFD: 06/01/2011 - 12:03:06 - [6675504] ----D- C:\ProgramData\EPSON
O43 - CFD: 07/01/2011 - 05:06:20 - [17] ----D- C:\ProgramData\ESTsoft
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 06/01/2011 - 02:25:48 - [670] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 05/01/2011 - 23:16:08 - [12707] ----D- C:\ProgramData\Google
O43 - CFD: 10/04/2011 - 00:13:38 - [62425868] ----D- C:\ProgramData\Macromedia
O43 - CFD: 08/03/2011 - 08:48:40 - [1058] ----D- C:\ProgramData\McAfee
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 07/01/2011 - 18:43:06 - [1231386025] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 12/05/2011 - 01:19:08 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 26/02/2011 - 23:54:32 - [8898402] ----D- C:\ProgramData\Nero
O43 - CFD: 13/01/2011 - 12:22:34 - [14992] ----D- C:\ProgramData\Norton
O43 - CFD: 13/11/2008 - 07:52:00 - [7688772] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 13/11/2008 - 07:29:22 - [140694] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 06/01/2011 - 13:04:32 - [140509540] ----D- C:\ProgramData\Sony Ericsson
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 06/01/2011 - 13:04:22 - [154] ----D- C:\ProgramData\Sun
O43 - CFD: 09/02/2011 - 11:40:22 - [449074] ----D- C:\ProgramData\SweetIM
O43 - CFD: 05/01/2011 - 23:12:56 - [64] ----D- C:\ProgramData\Symantec
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 18/02/2011 - 15:30:56 - [135262] ----D- C:\ProgramData\TomTom
O43 - CFD: 06/01/2011 - 12:09:34 - [3184] ----D- C:\ProgramData\UDL
O43 - CFD: 06/01/2011 - 16:53:20 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 25/01/2011 - 12:20:24 - [12616021] ----D- C:\ProgramData\Zylom
O43 - CFD: 29/05/2011 - 09:34:30 - [542567] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 07/06/2011 - 08:44:08 - [18534218] ----D- C:\Users\otacon\AppData\Roaming\Adobe
O43 - CFD: 29/05/2011 - 09:35:28 - [198162] ----D- C:\Users\otacon\AppData\Roaming\Apple Computer
O43 - CFD: 06/01/2011 - 00:10:56 - [0] ----D- C:\Users\otacon\AppData\Roaming\ATI
O43 - CFD: 13/01/2011 - 12:40:00 - [57641] ----D- C:\Users\otacon\AppData\Roaming\BitDefender
O43 - CFD: 27/01/2011 - 20:33:52 - [9209] ----D- C:\Users\otacon\AppData\Roaming\DeepBurner
O43 - CFD: 13/05/2011 - 16:04:18 - [199] ----D- C:\Users\otacon\AppData\Roaming\dvdcss
O43 - CFD: 07/01/2011 - 05:06:42 - [212] ----D- C:\Users\otacon\AppData\Roaming\ESTsoft
O43 - CFD: 05/01/2011 - 23:18:38 - [30] ----D- C:\Users\otacon\AppData\Roaming\Google
O43 - CFD: 05/01/2011 - 23:01:40 - [0] ----D- C:\Users\otacon\AppData\Roaming\Identities
O43 - CFD: 06/01/2011 - 12:04:02 - [0] ----D- C:\Users\otacon\AppData\Roaming\InstallShield
O43 - CFD: 10/04/2011 - 19:22:00 - [7802300] ----D- C:\Users\otacon\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\otacon\AppData\Roaming\Media Center Programs
O43 - CFD: 11/05/2011 - 16:36:02 - [19215879] -S--D- C:\Users\otacon\AppData\Roaming\Microsoft
O43 - CFD: 13/02/2011 - 20:21:56 - [18090050] ----D- C:\Users\otacon\AppData\Roaming\Mozilla
O43 - CFD: 28/03/2011 - 04:28:16 - [247838] ----D- C:\Users\otacon\AppData\Roaming\Nero
O43 - CFD: 03/05/2011 - 16:09:24 - [1521379] ----D- C:\Users\otacon\AppData\Roaming\OpenOffice.org
O43 - CFD: 05/01/2011 - 23:08:36 - [15] ----D- C:\Users\otacon\AppData\Roaming\Packard Bell
O43 - CFD: 13/01/2011 - 12:11:26 - [0] ----D- C:\Users\otacon\AppData\Roaming\QuickScan
O43 - CFD: 04/02/2011 - 22:45:52 - [12841] ----D- C:\Users\otacon\AppData\Roaming\Stellarium
O43 - CFD: 18/02/2011 - 15:30:34 - [22662049] ----D- C:\Users\otacon\AppData\Roaming\TomTom
O43 - CFD: 07/01/2011 - 17:31:00 - [340590] ----D- C:\Users\otacon\AppData\Roaming\vlc
O43 - CFD: 21/05/2011 - 17:00:06 - [15467945] ----D- C:\Users\otacon\Appdata\Local\Adobe
O43 - CFD: 05/01/2011 - 23:15:36 - [138755159] ----D- C:\Users\otacon\Appdata\Local\Ahead
O43 - CFD: 29/05/2011 - 09:30:32 - [0] ----D- C:\Users\otacon\Appdata\Local\Apple
O43 - CFD: 29/05/2011 - 09:35:10 - [2238770] ----D- C:\Users\otacon\Appdata\Local\Apple Computer
O43 - CFD: 05/01/2011 - 22:57:26 - [0] -SH-D- C:\Users\otacon\Appdata\Local\Application Data
O43 - CFD: 06/01/2011 - 00:10:56 - [63485] ----D- C:\Users\otacon\Appdata\Local\ATI
O43 - CFD: 13/02/2011 - 20:00:06 - [282147630] ----D- C:\Users\otacon\Appdata\Local\Google
O43 - CFD: 05/01/2011 - 22:57:26 - [0] -SH-D- C:\Users\otacon\Appdata\Local\Historique
O43 - CFD: 10/04/2011 - 19:09:22 - [5650062] ----D- C:\Users\otacon\Appdata\Local\Macromedia
O43 - CFD: 21/04/2011 - 11:24:20 - [781210311] ----D- C:\Users\otacon\Appdata\Local\Microsoft
O43 - CFD: 07/01/2011 - 18:35:32 - [0] ----D- C:\Users\otacon\Appdata\Local\Microsoft Help
O43 - CFD: 06/01/2011 - 00:30:06 - [1023987122] ----D- C:\Users\otacon\Appdata\Local\Mozilla
O43 - CFD: 05/01/2011 - 23:08:36 - [105876] ----D- C:\Users\otacon\Appdata\Local\Packard Bell
O43 - CFD: 05/01/2011 - 23:06:02 - [622] ----D- C:\Users\otacon\Appdata\Local\Symantec
O43 - CFD: 16/06/2011 - 23:16:18 - [3801879035] ----D- C:\Users\otacon\Appdata\Local\Temp
O43 - CFD: 05/01/2011 - 22:57:26 - [0] -SH-D- C:\Users\otacon\Appdata\Local\Temporary Internet Files
O43 - CFD: 18/02/2011 - 15:30:34 - [1981491] ----D- C:\Users\otacon\Appdata\Local\TomTom
O43 - CFD: 08/01/2011 - 18:14:02 - [79574772] ----D- C:\Users\otacon\Appdata\Local\VirtualStore
O43 - CFD: 16/06/2011 - 08:57:26 - [53248] ----D- C:\Users\otacon\Appdata\Local\Windows Live
O43 - CFD: 05/04/2011 - 04:13:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{0001A8F4-33B7-4328-88B2-CC894994C9EF}
O43 - CFD: 10/04/2011 - 10:35:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{0020637B-1561-44D4-B905-6C72CD4D56C9}
O43 - CFD: 25/04/2011 - 10:42:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{00803D29-061C-4432-AEC1-3B41CFBE4309}
O43 - CFD: 24/04/2011 - 21:43:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{07533557-75F7-440C-AAD5-C75935A6F893}
O43 - CFD: 10/05/2011 - 07:25:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{09DA0756-0B1A-43A4-A9A4-08000DB43FDD}
O43 - CFD: 01/04/2011 - 09:08:24 - [0] ----D- C:\Users\otacon\Appdata\Local\{0A708355-69C3-4416-A687-9693C56D3BE9}
O43 - CFD: 01/06/2011 - 04:14:02 - [0] ----D- C:\Users\otacon\Appdata\Local\{0DF72894-641A-49B5-B6A8-48C137ABDD43}
O43 - CFD: 09/04/2011 - 10:34:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{11C17D20-F4C7-447E-993F-490E6E722EB7}
O43 - CFD: 27/04/2011 - 10:09:34 - [0] ----D- C:\Users\otacon\Appdata\Local\{129D6A1C-26A1-435E-BC59-BCC1CD96E0D6}
O43 - CFD: 08/04/2011 - 22:33:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{166E68A5-9273-4C3D-975B-A747001EF0E2}
O43 - CFD: 31/03/2011 - 21:07:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{1E36ADD9-C61B-4299-AF14-CE2733967DE6}
O43 - CFD: 17/04/2011 - 10:30:50 - [0] ----D- C:\Users\otacon\Appdata\Local\{1FB4BA55-92A9-4760-B30C-BD4C45EA0DD6}
O43 - CFD: 06/06/2011 - 04:11:06 - [0] ----D- C:\Users\otacon\Appdata\Local\{1FBA12EB-FB66-4093-91D8-F26DD1DA7A15}
O43 - CFD: 14/05/2011 - 08:15:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{20C9E140-732F-405D-8E7A-707C5F1AA008}
O43 - CFD: 13/05/2011 - 07:43:04 - [0] ----D- C:\Users\otacon\Appdata\Local\{299BC7DF-66FA-49F7-9EE0-2C5CA9AE4507}
O43 - CFD: 12/04/2011 - 16:18:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{3158E4A0-A57D-4D2D-89EB-8C1B3BB7160C}
O43 - CFD: 15/04/2011 - 20:02:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{33CAE7D8-80A4-4A50-B45A-FD525A999472}
O43 - CFD: 29/04/2011 - 08:53:36 - [0] ----D- C:\Users\otacon\Appdata\Local\{3402B779-98AF-4630-95AB-99C951C38A0F}
O43 - CFD: 04/06/2011 - 08:40:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{34EAD913-1EDF-4468-9F21-ADE3710990E3}
O43 - CFD: 06/04/2011 - 21:01:36 - [0] ----D- C:\Users\otacon\Appdata\Local\{3EB03493-6A42-4D8B-958A-DDDA3AEE1230}
O43 - CFD: 19/04/2011 - 20:22:04 - [0] ----D- C:\Users\otacon\Appdata\Local\{439546AF-A4F1-4C9E-9EE2-8E01B4EA8509}
O43 - CFD: 07/05/2011 - 09:35:32 - [0] ----D- C:\Users\otacon\Appdata\Local\{47468118-F14A-4E7E-BFF3-909D430F8A1B}
O43 - CFD: 13/04/2011 - 16:19:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{486897AB-CAC2-4A54-A705-F5140F54A2F3}
O43 - CFD: 08/06/2011 - 09:23:26 - [0] ----D- C:\Users\otacon\Appdata\Local\{4A0FE8A1-F2EA-42E9-ADE4-8B68EE0CE4AD}
O43 - CFD: 16/04/2011 - 10:29:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{5058CD31-AD33-4D49-B552-84DB5ABD6390}
O43 - CFD: 13/04/2011 - 04:19:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{633A38F8-E79B-4125-8E21-5EB559DD6F9F}
O43 - CFD: 03/05/2011 - 07:35:36 - [0] ----D- C:\Users\otacon\Appdata\Local\{637E1749-F83A-443F-BE92-6C31BFAA1A0C}
O43 - CFD: 11/04/2011 - 16:17:18 - [0] ----D- C:\Users\otacon\Appdata\Local\{6692E6EB-5C5C-4B9E-81F2-DE32DCC510BF}
O43 - CFD: 31/03/2011 - 09:07:02 - [0] ----D- C:\Users\otacon\Appdata\Local\{680E9CAB-D704-448C-A579-37933D6C851C}
O43 - CFD: 24/04/2011 - 09:43:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{6B73BA53-488E-485A-8800-2C896A59524D}
O43 - CFD: 01/04/2011 - 21:08:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{6E2C0779-C61E-49D7-B3F2-B87D01573283}
O43 - CFD: 07/06/2011 - 08:22:58 - [0] ----D- C:\Users\otacon\Appdata\Local\{6ED2C3BF-6017-4B0C-848C-B6AECDBD7C6F}
O43 - CFD: 22/04/2011 - 20:23:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{70F53906-C8B0-4D51-BA45-BE57ACAD91E3}
O43 - CFD: 19/04/2011 - 08:21:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{715F52FF-1CE1-488E-801E-B4A7810D5F78}
O43 - CFD: 21/04/2011 - 09:03:52 - [0] ----D- C:\Users\otacon\Appdata\Local\{74835CFA-6CDC-46A9-B521-A713DA53B648}
O43 - CFD: 01/05/2011 - 21:16:14 - [0] ----D- C:\Users\otacon\Appdata\Local\{74CF41B3-0A97-4098-853D-18EAB8D4D3B6}
O43 - CFD: 06/05/2011 - 19:35:58 - [0] ----D- C:\Users\otacon\Appdata\Local\{75BF777F-4368-45FB-8496-1750E1D3664D}
O43 - CFD: 02/05/2011 - 09:17:00 - [0] ----D- C:\Users\otacon\Appdata\Local\{765076DE-162C-4304-8524-682A1A6D37E8}
O43 - CFD: 07/04/2011 - 09:02:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{770C0EF8-02CB-420C-AD6F-F5E5AE48B4E5}
O43 - CFD: 02/06/2011 - 04:07:26 - [0] ----D- C:\Users\otacon\Appdata\Local\{781A160F-17D9-404C-997A-8E7EE1D54949}
O43 - CFD: 16/06/2011 - 08:57:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{792E9FC4-80F9-41B7-80D8-DA9AD0AC000D}
O43 - CFD: 28/05/2011 - 04:11:10 - [0] ----D- C:\Users\otacon\Appdata\Local\{79349C79-9DA4-41D8-ACD8-CE55EA1FC133}
O43 - CFD: 04/04/2011 - 16:12:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{7F1703C1-91BB-47A2-9557-AF791CBF2F26}
O43 - CFD: 11/05/2011 - 09:06:20 - [0] ----D- C:\Users\otacon\Appdata\Local\{8717A95D-9EB4-46F1-BF96-CBA95884234E}
O43 - CFD: 09/06/2011 - 03:51:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{8E5E053F-66AA-43F5-B548-8E3D1F0FC1A8}
O43 - CFD: 29/05/2011 - 21:18:10 - [0] ----D- C:\Users\otacon\Appdata\Local\{9414F131-400C-4FA3-A41F-843311A1F8AC}
O43 - CFD: 03/04/2011 - 15:37:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{985D210B-596B-45D3-9F33-5F2FABD4043F}
O43 - CFD: 24/05/2011 - 15:50:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{98871A4A-32FF-461F-A1A2-78D3A8C18C1E}
O43 - CFD: 09/05/2011 - 07:29:50 - [0] ----D- C:\Users\otacon\Appdata\Local\{9D0CEFB7-408C-455B-82E6-307223FB202C}
O43 - CFD: 17/04/2011 - 22:31:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{9D13D911-1792-4B56-A653-51DF8D984589}
O43 - CFD: 04/05/2011 - 07:37:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{A089D384-685F-4760-912A-A4D9A84D0A2E}
O43 - CFD: 04/05/2011 - 19:37:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{A289ECF8-DC42-4506-84AF-807F2AE19B15}
O43 - CFD: 30/04/2011 - 08:54:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{A921BE09-8F9D-4F6B-BCE2-12B38B498B6C}
O43 - CFD: 10/06/2011 - 04:09:58 - [0] ----D- C:\Users\otacon\Appdata\Local\{A9E8E0BA-4B07-4233-8B52-1504737C1C2B}
O43 - CFD: 23/04/2011 - 21:42:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{ABEE7D99-DE1E-43BA-B21F-68594CE70928}
O43 - CFD: 22/04/2011 - 08:22:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{ACCEA010-E73A-4F21-ADC4-8DCE7E5AE5FB}
O43 - CFD: 29/04/2011 - 20:54:10 - [0] ----D- C:\Users\otacon\Appdata\Local\{ADAABE87-7F55-464F-9ED0-ADD18F8F5A16}
O43 - CFD: 28/04/2011 - 08:47:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{AE5CB106-5999-4563-BE28-DEC01E51ACC8}
O43 - CFD: 03/06/2011 - 03:54:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{AF058BAD-5238-48F0-A78B-BA3E0E199022}
O43 - CFD: 09/04/2011 - 22:35:00 - [0] ----D- C:\Users\otacon\Appdata\Local\{AFE0C37E-8F23-4073-96F8-DACD463CC7B2}
O43 - CFD: 31/05/2011 - 16:11:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{B63A518B-61D1-4968-9847-56EB605B1431}
O43 - CFD: 30/04/2011 - 20:55:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{B84999CC-9D57-4041-A259-926DB3AA989B}
O43 - CFD: 05/06/2011 - 11:10:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{B9ADBD21-9053-4A56-A59F-34862851A511}
O43 - CFD: 15/06/2011 - 08:11:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{BBC31EE2-7197-4839-AC80-03EE4E4D4E0A}
O43 - CFD: 23/04/2011 - 09:41:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{BBE129E5-9B09-4276-90C5-35FDD42F2FBD}
O43 - CFD: 06/04/2011 - 09:01:12 - [0] ----D- C:\Users\otacon\Appdata\Local\{BD744B4D-AA57-4B27-844E-5E593B83BEA4}
O43 - CFD: 15/05/2011 - 18:26:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{BFF8E02C-4591-44B7-B0F9-39DC08114BA0}
O43 - CFD: 11/06/2011 - 04:04:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{C4ABED2A-B37A-4DAE-8A23-D692A66BDC53}
O43 - CFD: 02/04/2011 - 09:09:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{CA92E057-5E50-4E84-89C5-5DB4292B6CEE}
O43 - CFD: 12/06/2011 - 09:05:46 - [0] ----D- C:\Users\otacon\Appdata\Local\{CF4B97BC-D1F0-4A4A-8578-AA2CBEC845F7}
O43 - CFD: 04/04/2011 - 04:11:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{D09C9923-7717-413C-B9C2-DAD1BA1ADA1A}
O43 - CFD: 14/04/2011 - 13:37:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{D1CA9C40-30BC-45EB-AA2F-A103DFB4AC26}
O43 - CFD: 25/05/2011 - 16:13:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{D73B3F43-13F3-4566-B00D-81D73CB10268}
O43 - CFD: 02/04/2011 - 21:10:06 - [0] ----D- C:\Users\otacon\Appdata\Local\{DC871EB4-406D-4B19-98CF-732963A71F22}
O43 - CFD: 13/06/2011 - 09:10:00 - [0] ----D- C:\Users\otacon\Appdata\Local\{DFF7EBDF-A856-4208-ADB9-5C64DD6E3020}
O43 - CFD: 16/05/2011 - 08:02:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{E4A7ABD9-9A7C-4151-BE88-5DB5E6994259}
O43 - CFD: 11/04/2011 - 04:16:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{E688B69D-4474-4740-A80D-541F274BC3EC}
O43 - CFD: 08/05/2011 - 09:58:32 - [0] ----D- C:\Users\otacon\Appdata\Local\{EB2938FA-3BA5-4E8C-A60B-B1D6CEFE26EB}
O43 - CFD: 27/05/2011 - 04:14:26 - [0] ----D- C:\Users\otacon\Appdata\Local\{EB3D3AE3-A9F9-4C9D-94BC-E1FF53C63E8B}
O43 - CFD: 05/04/2011 - 16:13:50 - [0] ----D- C:\Users\otacon\Appdata\Local\{ECFC5C83-5CAC-46E2-9827-ED397D32AE0B}
O43 - CFD: 07/04/2011 - 21:02:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{F0E31ED4-421A-4649-8802-55FB200F91EB}
O43 - CFD: 26/05/2011 - 04:14:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{F17EA2D5-D280-426B-AF5D-ADFB2DFCAE59}
O43 - CFD: 03/05/2011 - 19:36:24 - [0] ----D- C:\Users\otacon\Appdata\Local\{F23E25FF-B701-48A7-9C10-4BD633A877EB}
O43 - CFD: 05/05/2011 - 07:38:40 - [0] ----D- C:\Users\otacon\Appdata\Local\{F27FD5E3-B75F-4250-A8B1-FEAB50C7431F}
O43 - CFD: 20/04/2011 - 21:03:06 - [0] ----D- C:\Users\otacon\Appdata\Local\{F99F4310-71EC-4504-8B0B-728B29967C99}
O43 - CFD: 12/05/2011 - 19:42:14 - [0] ----D- C:\Users\otacon\Appdata\Local\{FC95C72E-53C6-4980-B241-DCDFB9342EC5}
O43 - CFD: 26/04/2011 - 09:16:40 - [0] ----D- C:\Users\otacon\Appdata\Local\{FCBFA713-33EE-4123-A842-A741AD107E4F}
O43 - CFD: 16/04/2011 - 22:30:02 - [0] ----D- C:\Users\otacon\Appdata\Local\{FCFC07C8-1CCF-4DE1-9B4B-3A2E8B1D1C3E}
O43 - CFD: 08/04/2011 - 10:33:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{FE00A9B3-F1BD-4803-BB84-550EF19EA0D8}
O43 - CFD: 12/04/2011 - 04:18:04 - [0] ----D- C:\Users\otacon\Appdata\Local\{FE930E79-633F-42B0-A3E9-8BE2A0321511}
O43 - CFD: 21/01/2008 - 04:42:48 - [15239] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 05/01/2011 - 23:01:46 - [174] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/01/2008 - 04:42:48 - [548] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 27/01/2011 - 02:52:26 - [0] ----D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Micro Application
O43 - CFD: 21/05/2011 - 16:46:42 - [1346] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.98EE1200FEFFFFFF57494E444F577E31] - 16/06/2011 - 21:56:12 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2052922]
O44 - LFC:[MD5.96CF92A6381B1FB7C701DE99FF6AC746] - 16/06/2011 - 20:36:48 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.FDC3E333C0B4218934F868B87DC259BF] - 16/06/2011 - 20:36:48 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103872]
O44 - LFC:[MD5.8BF858F34DC9C162A79B8ACC21770D35] - 16/06/2011 - 20:36:48 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [126420]
O44 - LFC:[MD5.993BE41DA16CB6E2FB9EA595EC36E774] - 16/06/2011 - 20:36:48 ---A- . (...) -- C:\Windows\System32\perfh009.dat [595798]
O44 - LFC:[MD5.053BB91972863C57855AAE233129BBC6] - 16/06/2011 - 20:36:48 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [678804]
O44 - LFC:[MD5.A1A075B8353D49DA3A9647AC50B02F27] - 16/06/2011 - 16:43:35 ---A- . (...) -- C:\Windows\System32\cloud_stats.log [16957]
O44 - LFC:[MD5.98EE1200FEFFFFFF4C4F47434F4E7E31] - 16/06/2011 - 15:23:32 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.E8E9929F77420605AF25E796FAF84202] - 16/06/2011 - 15:23:08 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.E5EC84BB24BFE3D1075789CDB8A01544] - 16/06/2011 - 15:22:12 ---A- . (...) -- C:\bdlog.txt [151978]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 16/06/2011 - 13:17:08 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.865D660B619B5C517D3F64EBBAC0CD23] - 11/06/2011 - 03:09:02 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 29/05/2011 - 08:34:30 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26600]
O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 29/05/2011 - 08:34:30 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\Windows\System32\GEARAspi.dll [107368]
O44 - LFC:[MD5.FE90879F6D03D773F97DEF11F96E2057] - 28/05/2011 - 03:14:01 ---A- . (...) -- C:\Windows\IE9_main.log [5994]
O44 - LFC:[MD5.AE8D673788C2890910FEEC2964BEC761] - 22/05/2011 - 09:56:21 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [331544]



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{ab090c8b-1bda-11e0-a513-002197670584}\AutoRun\command. (...) -- E:\Startme.exe (.not file.)
O51 - MPSK:{b3a9cd10-1981-11e0-a23d-002197670584}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers\"MSVideo.PD1130VFW"="P1130Vfw.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.I420"="msh263.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\FujiKeyboard [Key] . (.Packard Bell BV - Activboard Application.) -- c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
O53 - SMSR:HKLM\...\startupreg\Google Desktop Search [Key] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O53 - SMSR:HKLM\...\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\NBKeyScan [Key] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O53 - SMSR:HKLM\...\startupreg\NvSvc [Key] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 163.9.) -- C:\Windows\system32\nvsvc.dll
O53 - SMSR:HKLM\...\startupreg\SmpcSys [Key] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O53 - SMSR:HKLM\...\startupreg\Sony Ericsson PC Companion [Key] . (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.0C3C2E9136397E1AAA9033DCAE25CED2] - 09/04/2011 - 03:13:16 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdLH3.sys [97296]
O58 - SDL:[MD5.5E1CBDA7D52289579E25283549E99425] - 09/03/2010 - 11:20:14 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [104464]
O58 - SDL:[MD5.AD77D5D46857CE0D9469E7E670EC4D34] - 09/04/2011 - 03:13:33 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [7723008]
O58 - SDL:[MD5.655053F7C0A3B551DA84DB7417A10E15] - 09/04/2011 - 03:13:29 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [239616]
O58 - SDL:[MD5.C6CF76384DFC739B0BE55ABB79AD4DC0] - 28/06/2010 - 12:55:36 ---A- . (.BitDefender - Active Virus Control filter driver.) -- C:\Windows\system32\drivers\avc3.sys [633424]
O58 - SDL:[MD5.B758A219E95C085405B1E356A8267610] - 28/06/2010 - 12:55:42 ---A- . (.BitDefender - Active Virus Control Kernel Filtering driver.) -- C:\Windows\system32\drivers\avckf.sys [970320]
O58 - SDL:[MD5.8D4EFC5C378BFFE34C298C92F37D3B14] - 13/05/2010 - 16:52:04 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Driver.) -- C:\Windows\system32\drivers\bdfm.sys [152528]
O58 - SDL:[MD5.817FC12BC93A70B0449EBEFAA4D6F4D2] - 13/01/2011 - 11:42:49 ---A- . (.BitDefender - BitDefender Firewall NDIS6 Filter Driver.) -- C:\Windows\system32\drivers\bdfndisf6.sys [72784]
O58 - SDL:[MD5.4C44D82E372A87B3CB439A7F14CFEF03] - 09/07/2010 - 15:08:14 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\Windows\system32\drivers\bdfsfltr(1697).sys [327368]
O58 - SDL:[MD5.4C44D82E372A87B3CB439A7F14CFEF03] - 09/07/2010 - 15:08:14 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\Windows\system32\drivers\bdfsfltr.sys [327368]
O58 - SDL:[MD5.0C0BF06FD1A7B1E6B960482DEFF0E723] - 07/03/2011 - 20:37:04 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\Windows\system32\drivers\bdhv.sys [106456]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.007AEA2E06E7CEF7372E40C277163959] - 06/01/2011 - 12:04:57 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver Filter.) -- C:\Windows\system32\drivers\ggflt.sys [13224]
O58 - SDL:[MD5.C73DE35960CA75C5AB4AE636B127C64E] - 06/01/2011 - 12:04:57 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver.) -- C:\Windows\system32\drivers\ggsemc.sys [25512]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 16/07/2008 - 13:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 16/07/2008 - 13:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.23C24FDBC46B61A828DB3779A808A68B] - 27/11/2007 - 20:26:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 163.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7629632]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.4876E7C3184BDF50EDE043FEF616B867] - 31/10/2007 - 04:23:20 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [115744]
O58 - SDL:[MD5.37D3E66567E5082A783BEA33CF69837C] - 04/05/2004 - 05:48:00 ---A- . (.Creative Technology Ltd. - Video streaming and Capture Device Driver.) -- C:\Windows\system32\drivers\P1130Vid.sys [90229]
O58 - SDL:[MD5.D86B4A68565E444D76457F14172C875A] - 13/11/2008 - 06:40:09 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\PxHelp20.sys [43528]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.219CA9A36D6DE2EC04F958C907673436] - 07/05/2008 - 12:22:50 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2134424]
O58 - SDL:[MD5.283392AF1860ECDB5E0F8EBD7F3D72DF] - 02/11/2006 - 08:30:56 ---A- . (.Realtek Corporation - Realtek 8101/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [44544]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.29C497FC09C655B7BAFCFAFB6E76B8EB] - 07/03/2011 - 20:37:12 ---A- . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\Windows\system32\drivers\trufos.sys [308152]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 18/02/2011 - 15:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 09/04/2011 - C:\Windows\System32\DRIVERS\atikmdag.sys - amdkmdag(amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 13/05/2010 - C:\Windows\System32\DRIVERS\bdfm.sys - BDFM(BDFM) .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM
O64 - Services: CurCS - 13/01/2011 - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys - BitDefender Firewall NDIS 6 Filter Driver(Bdfndisf) .(.BitDefender - BitDefender Firewall NDIS6 Filter Driver.) - LEGACY_BDFNDISF
O64 - Services: CurCS - 09/07/2010 - C:\Windows\System32\DRIVERS\bdfsfltr.sys - bdfsfltr(bdfsfltr) .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR
O64 - Services: CurCS - 13/01/2011 - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys - bdftdif(Bdftdif) .(.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - LEGACY_BDFTDIF
O64 - Services: CurCS - 18/03/2011 - C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys - bdselfpr(bdselfpr) .(.BitDefender LLC - BitDefender Self Protection Driver.) - LEGACY_BDSELFPR
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - EraserUtilDrvI10 (EraserUtilDrvI10) .(...) - LEGACY_ERASERUTILDRVI10
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - (.not file.) - IDSVix86 (IDSVix86) .(...) - LEGACY_IDSVIX86
O64 - Services: CurCS - 16/07/2008 - C:\Windows\system32\drivers\int15.sys - int15(int15) .(.Acer, Inc. - int15.) - LEGACY_INT15
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG
O64 - Services: CurCS - (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA
O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT
O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW
O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(...) - LEGACY_SYMNDISV
O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI
O64 - Services: CurCS - 07/03/2011 - C:\Windows\System32\DRIVERS\Trufos.sys - Trufos(Trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {64A4D7BC-882E-4072-8FD7-A7F56B9EF870} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=gkf9YuDv8zz_cprnLGuxy_nwiuM?q={searchTerms}



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l'autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "{01F2C003-5D72-491C-B020-015207D83F05}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{B4E16B59-0D86-43B0-93B4-6AD3E9DA1A66}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{86C63406-7EFD-4A16-A71A-2AF952586CBA}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
O87 - FAEL: "{CC278AC0-33F2-442B-8666-FBC75EE71E3B}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
O87 - FAEL: "{059E1B3D-C814-4301-ADFA-11DAE9226167}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O87 - FAEL: "{B42149AB-F3F3-4537-8103-CA0973D00B68}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O87 - FAEL: "{C2A7CB2C-0A0A-47E9-AF87-9DA6CE897778}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
O87 - FAEL: "{D1A0B19E-14E2-462A-AEB9-EE6EE431B47C}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
O87 - FAEL: "{43327B44-31A7-40F2-87D8-46D804D03247}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
O87 - FAEL: "{B9847A84-3DB0-4F5E-BE19-1DC55220EE6B}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
O87 - FAEL: "{8E27DA0B-099F-45E7-B9A9-CB936FED11C5}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{36A0B23D-8028-4A7D-86A6-0508207B8C54}" | In - Private - P6 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST(TM) Install Manager.) -- C:\Program Files\Steam\SteamApps\common\amd driver updater, vista and 7, 32 bit\Setup.exe
O87 - FAEL: "{D5EFEC5C-C48F-4A2C-A728-B7E3BFFEE1A4}" | In - Private - P17 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST(TM) Install Manager.) -- C:\Program Files\Steam\SteamApps\common\amd driver updater, vista and 7, 32 bit\Setup.exe
O87 - FAEL: "{495EA805-23BE-4D00-AA84-F82A7C95DE28}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{768ED830-5BED-4EB9-BBCB-C7912558F436}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{346CAF90-B8CE-41BC-872B-12E693206DC3}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe



---\\ Scan Additionnel (O88)
Database Version : 8410 - (16/06/2011)
Clés trouvées (Keys found) : 3
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 1

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Adware.AskSBar
C:\Program Files\SweetIM =>Toolbar.SweetIM
C:\ProgramData\SweetIM =>Toolbar.SweetIM
C:\Users\otacon\Appdata\LocalLow\SweetIM =>Toolbar.SweetIM
C:\Users\otacon\Appdata\Local\Temp\AskSearch =>Adware.AskBarDis
C:\Users\otacon\AppData\Roaming\Mozilla\Firefox\Profiles\fyvrag5n.default\SearchPlugins\sweetim.xml =>Toolbar.SweetIM



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/05/2011 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
SR - | Auto 09/04/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/10/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 16/07/2008 24576 | (ETService) . (...) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
SS - | Demand 13/11/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 18/09/2008 83264 | (GenericHidService) . (.Packard Bell Services.) - c:\windows\system32\HidService.exe
SS - | Demand 05/01/2011 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 04/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/01/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 07/03/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 02/12/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
SS - | Demand 25/03/2009 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SS - | Demand 10/02/2011 150528 | (Sony Ericsson PCCompanion) . (.Avanquest Software.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
SS - | Demand 14/05/2011 403240 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe
SR - | Auto 09/03/2011 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
SS - | Demand 07/03/2011 307544 | (Update Server) . (.BitDefender.) - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
SR - | Auto 07/03/2011 43936 | (Updatesrv) . (.BitDefender S.R.L..) - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
SR - | Auto 07/03/2011 2050864 | (VSSERV) . (.BitDefender S.R.L..) - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by otacon at 16/06/2011 23:18:44

device: opened successfully
user: MBR read successfully

Disk trace:
kernel: MBR read successfully
user & kernel MBR OK



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by otacon at 16/06/2011 23:18:46

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin



End of the scan (1235 lines in 03mn 41s)(0)
0
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
normal c est pour ça que je te demande de l héberger : https://forums.commentcamarche.net/forum/affich-22378676-analyse-hijackthis#12

!!!!
0
Réponse 12 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
▶ Télécharge UsbFix (TeamXScript) sur ton Bureau. Si ton antivirus affiche une alerte, ignore le et désactive le temporairement.

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir

Vista/Seven : Clic droit sur UsbFix > Exécuter en tant qu''administrateur, l''installation se fera automatiquement
XP : double clic sur UsbFix

▶ Clique sur "Recherche"

▶ Laisse travailler l''outil

▶ A la fin, le rapport va s''afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur)

▶ Aide en images : Tutoriel "Recherche"
0
Réponse 13 / 22
otacon59 Messages postés 14 Statut Membre
 
ok je ferais ça demain merci et bonne soirée
0
Réponse 14 / 22
otacon59 Messages postés 14 Statut Membre
 
bonsoir a tous,
je met le rapport usbfix juju666 :

############################## | UsbFix 7.048 | [Recherche]

Utilisateur: otacon (Administrateur) # PC-DE-OTACON [Packard Bell BV IMEDIA D5322 FR]
Mis à jour le 11/06/2011 par TeamXscript
Lancé à 21:22:12 | 17/06/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz
CPU 2: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.19048

Pare-feu Windows: Désactivé /!\
RAM -> 3326 Mo
C:\ (%systemdrive%) -> Disque fixe # 919 Go (558 Go libre(s) - 61%) [OS] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 962 Mo (266 Mo libre(s) - 28%) [FlashPen] # FAT
F:\ -> Disque amovible # 4 Go (1 Go libre(s) - 35%) [USB DISK] # FAT32
G:\ -> Disque amovible # 245 Mo (243 Mo libre(s) - 99%) [LOUPY] # FAT32

################## | Éléments infectieux |


################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{ab090c8b-1bda-11e0-a513-002197670584}
Shell\AutoRun\Command = E:\Startme.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b3a9cd10-1981-11e0-a23d-002197670584}
Shell\AutoRun\Command = F:\Startme.exe


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |
0
Réponse 15 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
Hello ;)

Relance USBFix, clique sur suppression
poste le rapport
0
Réponse 16 / 22
otacon59 Messages postés 14 Statut Membre
 
alors voila,

############################## | UsbFix 7.048 | [Suppression]

Utilisateur: otacon (Administrateur) # PC-DE-OTACON [Packard Bell BV IMEDIA D5322 FR]
Mis à jour le 11/06/2011 par TeamXscript
Lancé à 22:14:42 | 17/06/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz
CPU 2: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.19048

Pare-feu Windows: Désactivé /!\
RAM -> 3326 Mo
C:\ (%systemdrive%) -> Disque fixe # 919 Go (558 Go libre(s) - 61%) [OS] # NTFS
D:\ -> CD-ROM
E:\ -> Disque amovible # 962 Mo (266 Mo libre(s) - 28%) [FlashPen] # FAT
F:\ -> Disque amovible # 4 Go (1 Go libre(s) - 35%) [USB DISK] # FAT32
G:\ -> Disque amovible # 245 Mo (243 Mo libre(s) - 99%) [LOUPY] # FAT32

################## | Éléments infectieux |

Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1519845611-2888426927-2721905098-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-753519764-1881503075-668909052-1000

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ab090c8b-1bda-11e0-a513-002197670584}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b3a9cd10-1981-11e0-a23d-002197670584}

################## | Listing |

[17/06/2011 - 22:17:33 | SHD ] C:\$Recycle.Bin
[05/01/2011 - 23:07:44 | D ] C:\ACER
[18/09/2006 - 23:43:36 | N | 24] C:\autoexec.bat
[17/06/2011 - 01:21:28 | N | 152986] C:\bdlog.txt
[06/01/2011 - 17:53:15 | D ] C:\Boot
[11/04/2009 - 00:36:38 | RASH | 333257] C:\bootmgr
[13/11/2008 - 15:33:13 | N | 8192] C:\BOOTSECT.BAK
[18/09/2006 - 23:43:37 | N | 10] C:\config.sys
[02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings
[17/06/2011 - 07:48:12 | ASH | 3488784384] C:\hiberfil.sys
[13/11/2008 - 07:33:15 | RHD ] C:\MSOCache
[17/06/2011 - 07:48:09 | ASH | 3802476544] C:\pagefile.sys
[21/01/2008 - 04:32:31 | D ] C:\PerfLogs
[16/06/2011 - 23:18:45 | N | 0] C:\PhysicalDisk0_MBR.bin
[17/06/2011 - 09:41:41 | D ] C:\Program Files
[16/06/2011 - 16:08:37 | HD ] C:\ProgramData
[13/11/2008 - 07:30:51 | N | 426] C:\RHDSetup.log
[17/06/2011 - 19:33:44 | SHD ] C:\System Volume Information
[17/06/2011 - 22:17:33 | D ] C:\UsbFix
[17/06/2011 - 22:14:42 | A | 2405] C:\UsbFix.txt
[05/01/2011 - 22:57:15 | D ] C:\Users
[17/06/2011 - 09:41:56 | D ] C:\Windows
[06/01/2011 - 12:29:08 | D ] C:\{959282E3-55A9-49D8-B885-D27CF8A2FD82}
[28/03/2011 - 21:24:20 | N | 729593856] E:\JOHNNY S'EN VA-T-EN GUERRE (JOHNNY GOT HIS GUN).[emule-island.com].avi
[04/05/2010 - 08:11:58 | N | 731897856] F:\Wall-E.DVDRip.FR.DivX.7.By.Pleomax.(2009).VERSION.FR.NON.CANADIENNE.avi
[08/05/2010 - 07:14:14 | N | 731295744] F:\Planet.51.FRENCH.DVDRiP.XViD-SURViVAL.By.Hadopix.avi
[22/04/2010 - 17:42:26 | N | 731383808] F:\La.Belle.Et.La.Bete.-.Walt.Disney.Divx.Fr.par.[emule-island.com].avi
[16/01/2011 - 11:40:32 | D ] F:\OpenOffice.org 3
[10/02/2011 - 19:55:32 | N | 94489] F:\devoir dm de maths 2.jpg
[10/02/2011 - 20:12:56 | N | 147903] F:\dm de math.jpg
[29/04/2011 - 22:45:06 | N | 12692] F:\4.odt
[29/04/2011 - 22:41:52 | N | 13610] F:\1.odt
[29/04/2011 - 22:46:42 | N | 11595] F:\2.odt
[29/04/2011 - 22:45:34 | N | 10617] F:\3.odt
[29/04/2011 - 22:37:40 | N | 16563] F:\sommaire.odt
[17/01/2011 - 21:12:36 | N | 1911807] G:\devoir espagnol.odt

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
E:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
F:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)
G:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_PC-DE-OTACON.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.

################## | E.O.F |
0
Réponse 17 / 22
juju666 Messages postés 38404 Statut Contributeur sécurité 4 796
 
suite
on va virer sweetim qui est pas très clean

▶ Copie tout le texte présent dans la balise code ci-dessous ( tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C ) 

M3 - MFPP: Plugins - [otacon] -- C:\Users\otacon\AppData\Roaming\Mozilla\Firefox\Profiles\fyvrag5n.default\searchplugins\sweetim.xml    => SweetIM Toolbar
O43 - CFD: 09/02/2011 - 11:40:40 - [234038] ----D- C:\Program Files\SweetIM    => Toolbar.SweetIM
O43 - CFD: 09/02/2011 - 11:40:22 - [449074] ----D- C:\ProgramData\SweetIM    => Toolbar.SweetIM
C:\Program Files\SweetIM    => Toolbar.SweetIM
C:\ProgramData\SweetIM    => Toolbar.SweetIM
C:\Users\otacon\Appdata\LocalLow\SweetIM    => SweetIM Toolbar
C:\Users\otacon\AppData\Roaming\Mozilla\Firefox\Profiles\fyvrag5n.default\SearchPlugins\sweetim.xml    => SweetIM Toolbar
O4 - HKLM\..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (.not file.)    => Infection BT (Adware.AskBarDis)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]    => Infection BT (Spyware.BHO)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]    => Infection BT (Spyware.BHO)
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]    => Infection BT (Adware.AskSBar)
C:\Users\otacon\Appdata\Local\Temp\AskSearch    => Infection BT (Adware.AskTBar)
[HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]    =>


▶ Puis Lance ZHPFix depuis le raccourci du bureau .

▶ Une fois l''outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

▶ Dans l''encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

▶ Vérifie que toutes les lignes que je t''ai demandé de copier (et seulement elles) sont dans la fenêtre.

▶ Clique sur le bouton « GO » pour lancer le nettoyage

▶ Copie/Colle le rapport à l''écran dans ton prochain message

▶ (le rapport se trouve aussi dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport.txt)

▶ Redémarre ton ordinateur, refais une analyse avec ZHPDiag et héberge son rapport
0
Réponse 18 / 22
otacon59 Messages postés 14 Statut Membre
 
Rapport de ZHPFix 1.12.3316 par Nicolas Coolman, Update du 16/06/2011
Fichier d'export Registre : C:\ZHPExportRegistry-17-06-2011-23-43-23.txt
Run by otacon at 17/06/2011 23:43:23
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
SUPPRIME Key: HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
ABSENT Key: HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"

========== Valeur(s) du Registre ==========
SUPPRIME RunValue: ApnUpdater

========== Dossier(s) ==========
SUPPRIME Reboot C:\Program Files\SweetIM
SUPPRIME Reboot C:\ProgramData\SweetIM

========== Fichier(s) ==========
SUPPRIME c:\users\otacon\appdata\roaming\mozilla\firefox\profiles\fyvrag5n.default\searchplugins\sweetim.xml
SUPPRIME File: C:\ProgramData\SweetIM
SUPPRIME File: C:\Users\otacon\Appdata\LocalLow\SweetIM
ABSENT Folder/File: c:\users\otacon\appdata\roaming\mozilla\firefox\profiles\fyvrag5n.default\searchplugins\sweetim.xml
ABSENT File: c:\program files\ask.com
SUPPRIME File: C:\Users\otacon\Appdata\Local\Temp\AskSearch


========== Récapitulatif ==========
4 : Clé(s) du Registre
1 : Valeur(s) du Registre
2 : Dossier(s)
6 : Fichier(s)


========== Chemin du fichier rapport ==========
C:\Program Files\ZHPDiag\ZHPFixReport.txt


End of the scan
0
Réponse 19 / 22
otacon59 Messages postés 14 Statut Membre
 
salut voila le nouveau rapport apres le redemarage :


Rapport de ZHPDiag v1.27.231 par Nicolas Coolman, Update du 16/06/2011
Run by otacon at 18/06/2011 00:18:41
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19088
MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut)
GCIE: Google Chrome v12.0.742.100

---\\ System Information
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3326 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 559 GB (60%) free of 919 GB

---\\ Logged in mode
Computer Name: PC-DE-OTACON
User Name: otacon
All Users Names: otacon, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=C:\Users\otacon\AppData\Roaming
%LocalAppData%=C:\Users\otacon\AppData\Local
%StartMenu%=C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 559 Go of 919 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 23:27:38.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]
[MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/05/2011 07:08:58.) -- C:\Windows\system32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 23:28:14.) -- C:\Windows\system32\Winlogon.exe [314368]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 23:32:28.) -- C:\Windows\system32\drivers\atapi.sys [19944]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 23:32:50.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]



---\\ Processus lancés
[MD5.22DDA36DC2521C4DD8E485C96406637B] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [1449368]
[MD5.2723464509882A9CA0B94E6B3929FC13] - (.BitDefender S.R.L. - Pas de description.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe [64048]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184]
[MD5.0CFBE2D135A73CA98381FC8CC8BC5A03] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]
[MD5.7F309C30F2AB129B0DE176CA57D4D499] - (...) -- C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe [462848]
[MD5.386B07203DE6C06A56FEAC2133CA6819] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [658944]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\otacon\AppData\Roaming\Mozilla\Firefox\Profiles\fyvrag5n.default\prefs.js
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\googledesktop.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [otacon] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npzylomgamesplayer.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
M0 - MFSP: prefs.js [otacon - fyvrag5n.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [otacon - fyvrag5n.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-753519764-1881503075-668909052-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-753519764-1881503075-668909052-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll
R3 - URLSearchHook: (no name) - {a65e491f-a436-4952-b49a-b24ed99a0f67} . (...) (No version) -- (.not file.)



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (.Google Inc. - Fast Search.) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe
O4 - HKLM\..\Run: [BDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-753519764-1881503075-668909052-1000\..\Run: [RocketDock] . (...) -- C:\Users\otacon\Documents\doc importé\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-753519764-1881503075-668909052-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DeepBurner.lnk . (.Astonsoft.) -- C:\Program Files\Astonsoft\DeepBurner\DeepBurner.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\otacon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS3\Services\Tcpip\..\{D308F793-1FF9-4711-80E3-5EAA8B697351}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Adobe LM Service) . (.Adobe Systems - System Level Service Utility.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: C:\Windows\system32\Alg.exe (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: (GenericHidService) . (.Packard Bell Services - HID Service Vista compliant.) - c:\windows\system32\HidService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: (NMIndexingService) . (.Nero AG - Nero Home.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe
O23 - Service: (Sony Ericsson PCCompanion) . (.Avanquest Software - Sony Ericsson PCCompanion Service.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: (Steam Client Service) . (.Valve Corporation - Steam Client Service (buildbot_winslave01_s.) - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: (Update Server) . (.BitDefender - Bitdefender Web Server.) - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: (Updatesrv) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
O23 - Service: (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (Bdfndisf) . (.BitDefender - BitDefender Firewall NDIS6 Filter Driver.) - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
O41 - Driver: (Bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys



---\\ Logiciels installés (O42)
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
O42 - Logiciel: ALZip - (.ESTsoft Corp..) [HKLM] -- ALZip_is1
O42 - Logiciel: ATI AVIVO Codecs - (.ATI Technologies Inc..) [HKLM] -- {CDCA88C3-43AD-F31B-9D37-F4705C2504A4}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {26560FC9-61C7-DB95-50CA-ED92D8C3C742}
O42 - Logiciel: Adobe Bridge 1.0 - (.Adobe Systems.) [HKLM] -- {B74D4E10-6884-0000-0000-000000000101}
O42 - Logiciel: Adobe Common File Installer - (.Adobe System Incorporated.) [HKLM] -- {8EDBA74D-0686-4C99-BFDD-F894678E5101}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Help Center 1.0 - (.Adobe Systems.) [HKLM] -- {E9787678-119F-4D52-B551-6739B2B22101}
O42 - Logiciel: Adobe Illustrator CS2 - (.Adobe Systems Inc..) [HKLM] -- Adobe Illustrator CS2
O42 - Logiciel: Adobe InDesign CS2 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}
O42 - Logiciel: Adobe Photoshop CS2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}
O42 - Logiciel: Adobe Photoshop Elements 6.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop Elements 6
O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}
O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Adobe Stock Photos 1.0 - (.Adobe Systems.) [HKLM] -- {786C5747-0C40-4930-9AFE-113BCE553101}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1
O42 - Logiciel: Bink and Smacker - (.Pas de propriétaire.) [HKLM] -- Bink and Smacker
O42 - Logiciel: BitDefender Internet Security 2011 - (.BitDefender.) [HKLM] -- BitDefender
O42 - Logiciel: BitDefender Internet Security 2011 - (.BitDefender.) [HKLM] -- {CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {2A981294-F14C-4F0F-9627-D793270922F8}
O42 - Logiciel: Call of Duty: Modern Warfare 2 - (.Infinity Ward.) [HKLM] -- Steam App 10180
O42 - Logiciel: Call of Duty: Modern Warfare 2 - Multiplayer - (.Infinity Ward.) [HKLM] -- Steam App 10190
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {19A492A0-888F-44A0-9B21-D91700763F62}
O42 - Logiciel: Creative WebCam NX Pro Driver (1.03.03.0326) - (.Pas de propriétaire.) [HKLM] -- Creative PD1130
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DeepBurner v1.9.0.228 - (.Pas de propriétaire.) [HKLM] -- {2ADE2157-7A5E-122C-B51D-EB8A01B15943}
O42 - Logiciel: DolbyFiles - (.Nero AG.) [HKLM] -- {B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8A8F8391-4C2C-4BE1-A984-CD4A5A546467}
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPSON Stylus SX200_SX400_TX200_TX400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus SX200_SX400_TX200_TX400 Guide d'utilisation
O42 - Logiciel: EPSON Stylus SX400 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Stylus SX400 Series
O42 - Logiciel: EasyBits Magic Desktop - (.Pas de propriétaire.) [HKLM] -- EasyBits Magic Desktop
O42 - Logiciel: EasyPHP 1.6 - (.Pas de propriétaire.) [HKLM] -- EasyPHP_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {C768790F-04FB-11E0-9B2C-001AA037B01E}
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1
O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM] -- {03496F77-5835-D529-1ED8-044FCD372E0F}
O42 - Logiciel: Java(TM) 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: MP3 et Musique Créateur 2 - (.Mystik Media.) [HKLM] -- MP3 et Musique Créateur 2
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Macromedia Dreamweaver 8 - (..) [HKLM] -- {5FD788ED-1A37-4496-9BDD-463F493B27FA}
O42 - Logiciel: Macromedia Extension Manager - (.Nom de votre société.) [HKLM] -- {3C8C9FB3-5FDF-40B4-B314-EAD722728C76}
O42 - Logiciel: Macromedia Flash 8 - (.Macromedia.) [HKLM] -- {2BD5C305-1B27-4D41-B690-7A61172D2FEB}
O42 - Logiciel: Macromedia Flash 8 Video Encoder - (.Macromedia.) [HKLM] -- {8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
O42 - Logiciel: MetaBoli - (.Pas de propriétaire.) [HKLM] -- {709817E4-5439-4206-8738-796B34B623BD}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student - (.Pas de propriétaire.) [HKLM] -- Office2007
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Microsoft Works 9.0 SE - (.Pas de propriétaire.) [HKLM] -- Works9SE
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {C9FFC925-E27E-436E-A2DF-652324D51036}
O42 - Logiciel: Nero 9 Lite - (.Nero AG.) [HKLM] -- {992711b5-f96b-4675-a2e0-f14cf026361c}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- {F4EA67C9-6748-4C1E-9AFF-04149AC75D95}
O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- {CA786CFF-1D31-4804-B436-F3405B14357F}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Setup My PC - (.Pas de propriétaire.) [HKLM] -- {28518520-F25C-48C3-A224-861F331602F4}
O42 - Logiciel: Sniper Ghost Warrior - (.Pas de propriétaire.) [HKLM] -- Sniper Ghost Warrior_is1
O42 - Logiciel: Sony Ericsson PC Companion 2.01.149 - (.Sony Ericsson.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Sony Ericsson Update Engine - (.Sony Ericsson Mobile Communications AB.) [HKLM] -- Update Engine
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: Stellarium 0.10.4 - (.Pas de propriétaire.) [HKLM] -- Stellarium_is1
O42 - Logiciel: TomTom HOME 2.8.1.2218 - (.TomTom.) [HKLM] -- TomTom HOME
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: VideoLAN VLC media player 0.8.5 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Zylom Games Player Plugin - (.Zylom Games.) [HKLM] -- Zylom Games Player Plugin
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {2A697B53-0DE3-42DA-B41D-C3F804B1C538}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABBYY]
[HKCU\Software\APN]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Astonsoft]
[HKCU\Software\Audacity]
[HKCU\Software\BVRP Software]
[HKCU\Software\BitDefender]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\EPSON]
[HKCU\Software\EstSoft]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\LowRegistry]
[HKCU\Software\Macromedia]
[HKCU\Software\Mozilla]
[HKCU\Software\Mystik Media]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Packard Bell]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RocketDock]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Softonic]
[HKCU\Software\Sony Ericsson]
[HKCU\Software\TomTom]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Zylom]
[HKCU\Software\fAfvfSfP [fVf#f" fEfBfU [fh'Å ¶ ¬'³'ê'½f [fJf< fAfvfSfP [fVf#f"]
[HKLM\Software\ABBYY]
[HKLM\Software\AMD]
[HKLM\Software\APN]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVC3]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Activision]
[HKLM\Software\Adobe Systems]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Arobas Music]
[HKLM\Software\Audible]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Digital River]
[HKLM\Software\EPSON]
[HKLM\Software\EasyBits]
[HKLM\Software\EstSoft]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hauppauge]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LEAD Technologies, Inc.]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MetaBoli]
[HKLM\Software\MicroQuill]
[HKLM\Software\MidasHeurScanner]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NeroDigital]
[HKLM\Software\Nero]
[HKLM\Software\ODBC]
[HKLM\Software\OemSetup]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PACKARD BELL]
[HKLM\Software\Packard Bell ImageWriter]
[HKLM\Software\Packard Bell Updator]
[HKLM\Software\Panasonic]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Sony Ericsson]
[HKLM\Software\Symantec]
[HKLM\Software\TomTom]
[HKLM\Software\TrendMicro]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/01/2011 - 12:07:30 - [124428627] ----D- C:\Program Files\ABBYY FineReader 6.0 Sprint
O43 - CFD: 21/05/2011 - 16:50:34 - [1588383811] ----D- C:\Program Files\Adobe
O43 - CFD: 29/05/2011 - 09:30:30 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 27/01/2011 - 20:11:14 - [7997198] ----D- C:\Program Files\Astonsoft
O43 - CFD: 06/01/2011 - 00:01:50 - [17342552] ----D- C:\Program Files\ATI
O43 - CFD: 09/04/2011 - 04:18:58 - [45242912] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 28/03/2011 - 04:24:16 - [8691126] ----D- C:\Program Files\Audacity
O43 - CFD: 13/01/2011 - 12:39:40 - [183378279] ----D- C:\Program Files\BitDefender
O43 - CFD: 29/05/2011 - 09:28:22 - [940615] ----D- C:\Program Files\Bonjour
O43 - CFD: 06/01/2011 - 15:52:14 - [5102377823] ----D- C:\Program Files\City Interactive
O43 - CFD: 29/05/2011 - 09:28:08 - [3050466218] ----D- C:\Program Files\Common Files
O43 - CFD: 06/04/2011 - 15:50:42 - [29011494] ----D- C:\Program Files\EasyBits For Kids
O43 - CFD: 10/04/2011 - 00:33:04 - [17866822] ----D- C:\Program Files\EasyPHP
O43 - CFD: 06/01/2011 - 12:07:44 - [94787902] ----D- C:\Program Files\epson
O43 - CFD: 07/01/2011 - 05:06:06 - [12323021] ----D- C:\Program Files\ESTsoft
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 04/02/2011 - 23:31:40 - [397385415] ----D- C:\Program Files\Google
O43 - CFD: 15/02/2011 - 19:52:24 - [48176611] ----D- C:\Program Files\Guitar Pro 5
O43 - CFD: 15/02/2011 - 15:11:34 - [4710307] ----D- C:\Program Files\HDReg
O43 - CFD: 12/05/2011 - 09:21:04 - [46378311] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 18/06/2011 - 00:12:26 - [5871878] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 29/05/2011 - 09:33:24 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 29/05/2011 - 09:34:30 - [127660511] ----D- C:\Program Files\iTunes
O43 - CFD: 11/03/2011 - 17:08:12 - [91548835] ----D- C:\Program Files\Java
O43 - CFD: 10/04/2011 - 00:20:44 - [350540549] ----D- C:\Program Files\Macromedia
O43 - CFD: 27/01/2011 - 02:52:10 - [11672618] ----D- C:\Program Files\Micro Application
O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 13/11/2008 - 07:38:20 - [373461757] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 13/11/2008 - 07:36:56 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 17/06/2011 - 23:57:54 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 15/02/2011 - 15:11:34 - [146453974] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 07/01/2011 - 04:46:34 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 06/01/2011 - 17:46:48 - [99342446] ----D- C:\Program Files\Movie Maker
O43 - CFD: 30/04/2011 - 13:42:02 - [34532489] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 06/01/2011 - 11:13:50 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 26/02/2011 - 23:55:00 - [462923250] ----D- C:\Program Files\Nero
O43 - CFD: 03/05/2011 - 16:06:52 - [352657674] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 05/01/2011 - 23:05:22 - [1332474985] ----D- C:\Program Files\PACKARD BELL
O43 - CFD: 29/05/2011 - 09:32:32 - [81337083] ----D- C:\Program Files\QuickTime
O43 - CFD: 17/06/2011 - 09:41:56 - [1950397] ----D- C:\Program Files\RADVideo
O43 - CFD: 13/11/2008 - 07:29:56 - [22653975] ----D- C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 06/01/2011 - 13:04:28 - [46191189] ----D- C:\Program Files\Sony Ericsson
O43 - CFD: 16/05/2011 - 08:02:08 - [12873821998] ----D- C:\Program Files\Steam
O43 - CFD: 04/02/2011 - 22:40:06 - [71359316] ----D- C:\Program Files\Stellarium
O43 - CFD: 09/02/2011 - 11:40:40 - [234038] ---AD- C:\Program Files\SweetIM
O43 - CFD: 18/02/2011 - 15:29:48 - [0] ----D- C:\Program Files\TomTom DesktopSuite
O43 - CFD: 18/02/2011 - 15:30:18 - [50621857] ----D- C:\Program Files\TomTom HOME 2
O43 - CFD: 18/02/2011 - 15:30:30 - [22486] ----D- C:\Program Files\TomTom International B.V
O43 - CFD: 16/06/2011 - 10:09:12 - [404399] ----D- C:\Program Files\Trend Micro
O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 07/01/2011 - 17:30:24 - [26936399] ----D- C:\Program Files\VideoLAN
O43 - CFD: 06/01/2011 - 17:46:48 - [1016832] ----D- C:\Program Files\Windows Calendar
O43 - CFD: 06/01/2011 - 17:46:46 - [2737152] ----D- C:\Program Files\Windows Collaboration
O43 - CFD: 06/01/2011 - 17:46:36 - [4490624] ----D- C:\Program Files\Windows Defender
O43 - CFD: 06/01/2011 - 17:46:46 - [7084664] ----D- C:\Program Files\Windows Journal
O43 - CFD: 31/03/2011 - 00:10:14 - [60637628] ----D- C:\Program Files\Windows Live
O43 - CFD: 17/06/2011 - 23:55:34 - [9116344] ----D- C:\Program Files\Windows Mail
O43 - CFD: 06/01/2011 - 17:46:46 - [5394633] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/01/2011 - 22:54:48 - [7957544] ----D- C:\Program Files\Windows NT
O43 - CFD: 06/01/2011 - 17:46:42 - [13528738] ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD: 07/01/2011 - 04:39:10 - [134144] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 06/01/2011 - 17:46:46 - [27362730] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 18/06/2011 - 00:18:52 - [4944518] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 26/01/2011 - 16:23:56 - [510480] ----D- C:\Program Files\Zylom Games
O43 - CFD: 21/05/2011 - 17:09:08 - [476549935] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 12/05/2011 - 09:43:48 - [72704] ----D- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD: 29/05/2011 - 09:33:24 - [91350844] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 06/01/2011 - 00:05:46 - [2351104] ----D- C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 13/01/2011 - 12:39:40 - [1529318819] ----D- C:\Program Files\Common Files\BitDefender
O43 - CFD: 15/02/2011 - 15:11:30 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 10/04/2011 - 00:11:40 - [5983349] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 11/03/2011 - 17:09:06 - [1247175] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 10/04/2011 - 00:20:16 - [1003644] ----D- C:\Program Files\Common Files\Macromedia
O43 - CFD: 13/11/2008 - 07:41:44 - [655111] ----D- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 07/01/2011 - 18:42:48 - [439834614] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 28/03/2011 - 04:17:54 - [191096264] ----D- C:\Program Files\Common Files\Nero
O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 16/05/2011 - 08:02:22 - [403240] ----D- C:\Program Files\Common Files\Steam
O43 - CFD: 06/01/2011 - 17:46:42 - [42750094] ----D- C:\Program Files\Common Files\System
O43 - CFD: 06/01/2011 - 11:40:58 - [226550364] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 21/05/2011 - 17:13:38 - [536885541] ----D- C:\ProgramData\Adobe
O43 - CFD: 21/05/2011 - 17:12:26 - [5945] ----D- C:\Program
0
Réponse 20 / 22
otacon59 Messages postés 14 Statut Membre
 
suite du rapport :

O43 - CFD: 21/05/2011 - 17:13:38 - [536885541] ----D- C:\ProgramData\Adobe
O43 - CFD: 21/05/2011 - 17:12:26 - [5945] ----D- C:\ProgramData\Adobe Systems
O43 - CFD: 29/05/2011 - 09:28:08 - [32173568] ----D- C:\ProgramData\Apple
O43 - CFD: 29/05/2011 - 09:33:24 - [65309412] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 09/04/2011 - 04:19:14 - [188] ----D- C:\ProgramData\ATI
O43 - CFD: 25/01/2011 - 00:21:32 - [154] ----D- C:\ProgramData\bdch
O43 - CFD: 13/01/2011 - 14:18:24 - [13111004] ----D- C:\ProgramData\BitDefender
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 08/05/2011 - 01:06:20 - [0] ----D- C:\ProgramData\Dumps
O43 - CFD: 06/01/2011 - 12:03:06 - [6675504] ----D- C:\ProgramData\EPSON
O43 - CFD: 07/01/2011 - 05:06:20 - [17] ----D- C:\ProgramData\ESTsoft
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 06/01/2011 - 02:25:48 - [670] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 05/01/2011 - 23:16:08 - [12707] ----D- C:\ProgramData\Google
O43 - CFD: 10/04/2011 - 00:13:38 - [62425868] ----D- C:\ProgramData\Macromedia
O43 - CFD: 08/03/2011 - 08:48:40 - [1058] ----D- C:\ProgramData\McAfee
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 07/01/2011 - 18:43:06 - [1241452985] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 18/06/2011 - 00:03:34 - [57040] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 05/01/2011 - 22:54:48 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 26/02/2011 - 23:54:32 - [8899464] ----D- C:\ProgramData\Nero
O43 - CFD: 13/01/2011 - 12:22:34 - [14992] ----D- C:\ProgramData\Norton
O43 - CFD: 13/11/2008 - 07:52:00 - [7688772] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 13/11/2008 - 07:29:22 - [140694] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 06/01/2011 - 13:04:32 - [140509540] ----D- C:\ProgramData\Sony Ericsson
O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 06/01/2011 - 13:04:22 - [154] ----D- C:\ProgramData\Sun
O43 - CFD: 09/02/2011 - 11:40:22 - [444080] ---AD- C:\ProgramData\SweetIM
O43 - CFD: 05/01/2011 - 23:12:56 - [64] ----D- C:\ProgramData\Symantec
O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 18/02/2011 - 15:30:56 - [135262] ----D- C:\ProgramData\TomTom
O43 - CFD: 06/01/2011 - 12:09:34 - [3184] ----D- C:\ProgramData\UDL
O43 - CFD: 06/01/2011 - 16:53:20 - [0] ----D- C:\ProgramData\WindowsSearch
O43 - CFD: 25/01/2011 - 12:20:24 - [12616021] ----D- C:\ProgramData\Zylom
O43 - CFD: 29/05/2011 - 09:34:30 - [542567] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 07/06/2011 - 08:44:08 - [18534506] ----D- C:\Users\otacon\AppData\Roaming\Adobe
O43 - CFD: 29/05/2011 - 09:35:28 - [198162] ----D- C:\Users\otacon\AppData\Roaming\Apple Computer
O43 - CFD: 06/01/2011 - 00:10:56 - [0] ----D- C:\Users\otacon\AppData\Roaming\ATI
O43 - CFD: 13/01/2011 - 12:40:00 - [57641] ----D- C:\Users\otacon\AppData\Roaming\BitDefender
O43 - CFD: 27/01/2011 - 20:33:52 - [9209] ----D- C:\Users\otacon\AppData\Roaming\DeepBurner
O43 - CFD: 13/05/2011 - 16:04:18 - [199] ----D- C:\Users\otacon\AppData\Roaming\dvdcss
O43 - CFD: 07/01/2011 - 05:06:42 - [212] ----D- C:\Users\otacon\AppData\Roaming\ESTsoft
O43 - CFD: 05/01/2011 - 23:18:38 - [30] ----D- C:\Users\otacon\AppData\Roaming\Google
O43 - CFD: 05/01/2011 - 23:01:40 - [0] ----D- C:\Users\otacon\AppData\Roaming\Identities
O43 - CFD: 06/01/2011 - 12:04:02 - [0] ----D- C:\Users\otacon\AppData\Roaming\InstallShield
O43 - CFD: 10/04/2011 - 19:22:00 - [7801870] ----D- C:\Users\otacon\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\otacon\AppData\Roaming\Media Center Programs
O43 - CFD: 11/05/2011 - 16:36:02 - [19300219] -S--D- C:\Users\otacon\AppData\Roaming\Microsoft
O43 - CFD: 13/02/2011 - 20:21:56 - [17545634] ----D- C:\Users\otacon\AppData\Roaming\Mozilla
O43 - CFD: 28/03/2011 - 04:28:16 - [247838] ----D- C:\Users\otacon\AppData\Roaming\Nero
O43 - CFD: 03/05/2011 - 16:09:24 - [1521379] ----D- C:\Users\otacon\AppData\Roaming\OpenOffice.org
O43 - CFD: 05/01/2011 - 23:08:36 - [15] ----D- C:\Users\otacon\AppData\Roaming\Packard Bell
O43 - CFD: 13/01/2011 - 12:11:26 - [0] ----D- C:\Users\otacon\AppData\Roaming\QuickScan
O43 - CFD: 04/02/2011 - 22:45:52 - [12841] ----D- C:\Users\otacon\AppData\Roaming\Stellarium
O43 - CFD: 18/02/2011 - 15:30:34 - [22662049] ----D- C:\Users\otacon\AppData\Roaming\TomTom
O43 - CFD: 07/01/2011 - 17:31:00 - [340589] ----D- C:\Users\otacon\AppData\Roaming\vlc
O43 - CFD: 21/05/2011 - 17:00:06 - [15467945] ----D- C:\Users\otacon\Appdata\Local\Adobe
O43 - CFD: 05/01/2011 - 23:15:36 - [138755159] ----D- C:\Users\otacon\Appdata\Local\Ahead
O43 - CFD: 29/05/2011 - 09:30:32 - [0] ----D- C:\Users\otacon\Appdata\Local\Apple
O43 - CFD: 17/06/2011 - 09:51:10 - [2240950] ----D- C:\Users\otacon\Appdata\Local\Apple Computer
O43 - CFD: 05/01/2011 - 22:57:26 - [0] -SH-D- C:\Users\otacon\Appdata\Local\Application Data
O43 - CFD: 06/01/2011 - 00:10:56 - [63485] ----D- C:\Users\otacon\Appdata\Local\ATI
O43 - CFD: 13/02/2011 - 20:00:06 - [282147630] ----D- C:\Users\otacon\Appdata\Local\Google
O43 - CFD: 05/01/2011 - 22:57:26 - [0] -SH-D- C:\Users\otacon\Appdata\Local\Historique
O43 - CFD: 10/04/2011 - 19:09:22 - [5650062] ----D- C:\Users\otacon\Appdata\Local\Macromedia
O43 - CFD: 21/04/2011 - 11:24:20 - [750640392] ----D- C:\Users\otacon\Appdata\Local\Microsoft
O43 - CFD: 07/01/2011 - 18:35:32 - [0] ----D- C:\Users\otacon\Appdata\Local\Microsoft Help
O43 - CFD: 06/01/2011 - 00:30:06 - [55371101] ----D- C:\Users\otacon\Appdata\Local\Mozilla
O43 - CFD: 05/01/2011 - 23:08:36 - [105876] ----D- C:\Users\otacon\Appdata\Local\Packard Bell
O43 - CFD: 05/01/2011 - 23:06:02 - [622] ----D- C:\Users\otacon\Appdata\Local\Symantec
O43 - CFD: 18/06/2011 - 00:16:08 - [3804995797] ----D- C:\Users\otacon\Appdata\Local\Temp
O43 - CFD: 05/01/2011 - 22:57:26 - [0] -SH-D- C:\Users\otacon\Appdata\Local\Temporary Internet Files
O43 - CFD: 18/02/2011 - 15:30:34 - [1981491] ----D- C:\Users\otacon\Appdata\Local\TomTom
O43 - CFD: 08/01/2011 - 18:14:02 - [79575143] ----D- C:\Users\otacon\Appdata\Local\VirtualStore
O43 - CFD: 17/06/2011 - 19:51:16 - [49152] ----D- C:\Users\otacon\Appdata\Local\Windows Live
O43 - CFD: 05/04/2011 - 04:13:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{0001A8F4-33B7-4328-88B2-CC894994C9EF}
O43 - CFD: 10/04/2011 - 10:35:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{0020637B-1561-44D4-B905-6C72CD4D56C9}
O43 - CFD: 25/04/2011 - 10:42:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{00803D29-061C-4432-AEC1-3B41CFBE4309}
O43 - CFD: 24/04/2011 - 21:43:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{07533557-75F7-440C-AAD5-C75935A6F893}
O43 - CFD: 10/05/2011 - 07:25:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{09DA0756-0B1A-43A4-A9A4-08000DB43FDD}
O43 - CFD: 01/04/2011 - 09:08:24 - [0] ----D- C:\Users\otacon\Appdata\Local\{0A708355-69C3-4416-A687-9693C56D3BE9}
O43 - CFD: 01/06/2011 - 04:14:02 - [0] ----D- C:\Users\otacon\Appdata\Local\{0DF72894-641A-49B5-B6A8-48C137ABDD43}
O43 - CFD: 09/04/2011 - 10:34:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{11C17D20-F4C7-447E-993F-490E6E722EB7}
O43 - CFD: 27/04/2011 - 10:09:34 - [0] ----D- C:\Users\otacon\Appdata\Local\{129D6A1C-26A1-435E-BC59-BCC1CD96E0D6}
O43 - CFD: 08/04/2011 - 22:33:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{166E68A5-9273-4C3D-975B-A747001EF0E2}
O43 - CFD: 31/03/2011 - 21:07:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{1E36ADD9-C61B-4299-AF14-CE2733967DE6}
O43 - CFD: 17/04/2011 - 10:30:50 - [0] ----D- C:\Users\otacon\Appdata\Local\{1FB4BA55-92A9-4760-B30C-BD4C45EA0DD6}
O43 - CFD: 06/06/2011 - 04:11:06 - [0] ----D- C:\Users\otacon\Appdata\Local\{1FBA12EB-FB66-4093-91D8-F26DD1DA7A15}
O43 - CFD: 14/05/2011 - 08:15:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{20C9E140-732F-405D-8E7A-707C5F1AA008}
O43 - CFD: 13/05/2011 - 07:43:04 - [0] ----D- C:\Users\otacon\Appdata\Local\{299BC7DF-66FA-49F7-9EE0-2C5CA9AE4507}
O43 - CFD: 12/04/2011 - 16:18:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{3158E4A0-A57D-4D2D-89EB-8C1B3BB7160C}
O43 - CFD: 15/04/2011 - 20:02:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{33CAE7D8-80A4-4A50-B45A-FD525A999472}
O43 - CFD: 29/04/2011 - 08:53:36 - [0] ----D- C:\Users\otacon\Appdata\Local\{3402B779-98AF-4630-95AB-99C951C38A0F}
O43 - CFD: 04/06/2011 - 08:40:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{34EAD913-1EDF-4468-9F21-ADE3710990E3}
O43 - CFD: 06/04/2011 - 21:01:36 - [0] ----D- C:\Users\otacon\Appdata\Local\{3EB03493-6A42-4D8B-958A-DDDA3AEE1230}
O43 - CFD: 19/04/2011 - 20:22:04 - [0] ----D- C:\Users\otacon\Appdata\Local\{439546AF-A4F1-4C9E-9EE2-8E01B4EA8509}
O43 - CFD: 07/05/2011 - 09:35:32 - [0] ----D- C:\Users\otacon\Appdata\Local\{47468118-F14A-4E7E-BFF3-909D430F8A1B}
O43 - CFD: 13/04/2011 - 16:19:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{486897AB-CAC2-4A54-A705-F5140F54A2F3}
O43 - CFD: 08/06/2011 - 09:23:26 - [0] ----D- C:\Users\otacon\Appdata\Local\{4A0FE8A1-F2EA-42E9-ADE4-8B68EE0CE4AD}
O43 - CFD: 16/04/2011 - 10:29:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{5058CD31-AD33-4D49-B552-84DB5ABD6390}
O43 - CFD: 13/04/2011 - 04:19:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{633A38F8-E79B-4125-8E21-5EB559DD6F9F}
O43 - CFD: 03/05/2011 - 07:35:36 - [0] ----D- C:\Users\otacon\Appdata\Local\{637E1749-F83A-443F-BE92-6C31BFAA1A0C}
O43 - CFD: 11/04/2011 - 16:17:18 - [0] ----D- C:\Users\otacon\Appdata\Local\{6692E6EB-5C5C-4B9E-81F2-DE32DCC510BF}
O43 - CFD: 31/03/2011 - 09:07:02 - [0] ----D- C:\Users\otacon\Appdata\Local\{680E9CAB-D704-448C-A579-37933D6C851C}
O43 - CFD: 24/04/2011 - 09:43:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{6B73BA53-488E-485A-8800-2C896A59524D}
O43 - CFD: 01/04/2011 - 21:08:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{6E2C0779-C61E-49D7-B3F2-B87D01573283}
O43 - CFD: 07/06/2011 - 08:22:58 - [0] ----D- C:\Users\otacon\Appdata\Local\{6ED2C3BF-6017-4B0C-848C-B6AECDBD7C6F}
O43 - CFD: 22/04/2011 - 20:23:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{70F53906-C8B0-4D51-BA45-BE57ACAD91E3}
O43 - CFD: 19/04/2011 - 08:21:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{715F52FF-1CE1-488E-801E-B4A7810D5F78}
O43 - CFD: 21/04/2011 - 09:03:52 - [0] ----D- C:\Users\otacon\Appdata\Local\{74835CFA-6CDC-46A9-B521-A713DA53B648}
O43 - CFD: 01/05/2011 - 21:16:14 - [0] ----D- C:\Users\otacon\Appdata\Local\{74CF41B3-0A97-4098-853D-18EAB8D4D3B6}
O43 - CFD: 06/05/2011 - 19:35:58 - [0] ----D- C:\Users\otacon\Appdata\Local\{75BF777F-4368-45FB-8496-1750E1D3664D}
O43 - CFD: 02/05/2011 - 09:17:00 - [0] ----D- C:\Users\otacon\Appdata\Local\{765076DE-162C-4304-8524-682A1A6D37E8}
O43 - CFD: 07/04/2011 - 09:02:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{770C0EF8-02CB-420C-AD6F-F5E5AE48B4E5}
O43 - CFD: 02/06/2011 - 04:07:26 - [0] ----D- C:\Users\otacon\Appdata\Local\{781A160F-17D9-404C-997A-8E7EE1D54949}
O43 - CFD: 16/06/2011 - 08:57:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{792E9FC4-80F9-41B7-80D8-DA9AD0AC000D}
O43 - CFD: 28/05/2011 - 04:11:10 - [0] ----D- C:\Users\otacon\Appdata\Local\{79349C79-9DA4-41D8-ACD8-CE55EA1FC133}
O43 - CFD: 04/04/2011 - 16:12:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{7F1703C1-91BB-47A2-9557-AF791CBF2F26}
O43 - CFD: 11/05/2011 - 09:06:20 - [0] ----D- C:\Users\otacon\Appdata\Local\{8717A95D-9EB4-46F1-BF96-CBA95884234E}
O43 - CFD: 09/06/2011 - 03:51:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{8E5E053F-66AA-43F5-B548-8E3D1F0FC1A8}
O43 - CFD: 29/05/2011 - 21:18:10 - [0] ----D- C:\Users\otacon\Appdata\Local\{9414F131-400C-4FA3-A41F-843311A1F8AC}
O43 - CFD: 03/04/2011 - 15:37:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{985D210B-596B-45D3-9F33-5F2FABD4043F}
O43 - CFD: 24/05/2011 - 15:50:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{98871A4A-32FF-461F-A1A2-78D3A8C18C1E}
O43 - CFD: 09/05/2011 - 07:29:50 - [0] ----D- C:\Users\otacon\Appdata\Local\{9D0CEFB7-408C-455B-82E6-307223FB202C}
O43 - CFD: 17/04/2011 - 22:31:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{9D13D911-1792-4B56-A653-51DF8D984589}
O43 - CFD: 17/06/2011 - 19:51:04 - [0] ----D- C:\Users\otacon\Appdata\Local\{9E88BDA7-89B4-4ED6-97D4-FD7EA9E5BB56}
O43 - CFD: 04/05/2011 - 07:37:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{A089D384-685F-4760-912A-A4D9A84D0A2E}
O43 - CFD: 04/05/2011 - 19:37:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{A289ECF8-DC42-4506-84AF-807F2AE19B15}
O43 - CFD: 30/04/2011 - 08:54:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{A921BE09-8F9D-4F6B-BCE2-12B38B498B6C}
O43 - CFD: 10/06/2011 - 04:09:58 - [0] ----D- C:\Users\otacon\Appdata\Local\{A9E8E0BA-4B07-4233-8B52-1504737C1C2B}
O43 - CFD: 23/04/2011 - 21:42:22 - [0] ----D- C:\Users\otacon\Appdata\Local\{ABEE7D99-DE1E-43BA-B21F-68594CE70928}
O43 - CFD: 22/04/2011 - 08:22:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{ACCEA010-E73A-4F21-ADC4-8DCE7E5AE5FB}
O43 - CFD: 29/04/2011 - 20:54:10 - [0] ----D- C:\Users\otacon\Appdata\Local\{ADAABE87-7F55-464F-9ED0-ADD18F8F5A16}
O43 - CFD: 28/04/2011 - 08:47:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{AE5CB106-5999-4563-BE28-DEC01E51ACC8}
O43 - CFD: 03/06/2011 - 03:54:38 - [0] ----D- C:\Users\otacon\Appdata\Local\{AF058BAD-5238-48F0-A78B-BA3E0E199022}
O43 - CFD: 09/04/2011 - 22:35:00 - [0] ----D- C:\Users\otacon\Appdata\Local\{AFE0C37E-8F23-4073-96F8-DACD463CC7B2}
O43 - CFD: 31/05/2011 - 16:11:42 - [0] ----D- C:\Users\otacon\Appdata\Local\{B63A518B-61D1-4968-9847-56EB605B1431}
O43 - CFD: 30/04/2011 - 20:55:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{B84999CC-9D57-4041-A259-926DB3AA989B}
O43 - CFD: 05/06/2011 - 11:10:56 - [0] ----D- C:\Users\otacon\Appdata\Local\{B9ADBD21-9053-4A56-A59F-34862851A511}
O43 - CFD: 15/06/2011 - 08:11:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{BBC31EE2-7197-4839-AC80-03EE4E4D4E0A}
O43 - CFD: 23/04/2011 - 09:41:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{BBE129E5-9B09-4276-90C5-35FDD42F2FBD}
O43 - CFD: 06/04/2011 - 09:01:12 - [0] ----D- C:\Users\otacon\Appdata\Local\{BD744B4D-AA57-4B27-844E-5E593B83BEA4}
O43 - CFD: 15/05/2011 - 18:26:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{BFF8E02C-4591-44B7-B0F9-39DC08114BA0}
O43 - CFD: 11/06/2011 - 04:04:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{C4ABED2A-B37A-4DAE-8A23-D692A66BDC53}
O43 - CFD: 02/04/2011 - 09:09:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{CA92E057-5E50-4E84-89C5-5DB4292B6CEE}
O43 - CFD: 12/06/2011 - 09:05:46 - [0] ----D- C:\Users\otacon\Appdata\Local\{CF4B97BC-D1F0-4A4A-8578-AA2CBEC845F7}
O43 - CFD: 04/04/2011 - 04:11:44 - [0] ----D- C:\Users\otacon\Appdata\Local\{D09C9923-7717-413C-B9C2-DAD1BA1ADA1A}
O43 - CFD: 14/04/2011 - 13:37:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{D1CA9C40-30BC-45EB-AA2F-A103DFB4AC26}
O43 - CFD: 25/05/2011 - 16:13:30 - [0] ----D- C:\Users\otacon\Appdata\Local\{D73B3F43-13F3-4566-B00D-81D73CB10268}
O43 - CFD: 02/04/2011 - 21:10:06 - [0] ----D- C:\Users\otacon\Appdata\Local\{DC871EB4-406D-4B19-98CF-732963A71F22}
O43 - CFD: 13/06/2011 - 09:10:00 - [0] ----D- C:\Users\otacon\Appdata\Local\{DFF7EBDF-A856-4208-ADB9-5C64DD6E3020}
O43 - CFD: 16/05/2011 - 08:02:28 - [0] ----D- C:\Users\otacon\Appdata\Local\{E4A7ABD9-9A7C-4151-BE88-5DB5E6994259}
O43 - CFD: 11/04/2011 - 04:16:48 - [0] ----D- C:\Users\otacon\Appdata\Local\{E688B69D-4474-4740-A80D-541F274BC3EC}
O43 - CFD: 08/05/2011 - 09:58:32 - [0] ----D- C:\Users\otacon\Appdata\Local\{EB2938FA-3BA5-4E8C-A60B-B1D6CEFE26EB}
O43 - CFD: 27/05/2011 - 04:14:26 - [0] ----D- C:\Users\otacon\Appdata\Local\{EB3D3AE3-A9F9-4C9D-94BC-E1FF53C63E8B}
O43 - CFD: 05/04/2011 - 16:13:50 - [0] ----D- C:\Users\otacon\Appdata\Local\{ECFC5C83-5CAC-46E2-9827-ED397D32AE0B}
O43 - CFD: 07/04/2011 - 21:02:54 - [0] ----D- C:\Users\otacon\Appdata\Local\{F0E31ED4-421A-4649-8802-55FB200F91EB}
O43 - CFD: 26/05/2011 - 04:14:16 - [0] ----D- C:\Users\otacon\Appdata\Local\{F17EA2D5-D280-426B-AF5D-ADFB2DFCAE59}
O43 - CFD: 03/05/2011 - 19:36:24 - [0] ----D- C:\Users\otacon\Appdata\Local\{F23E25FF-B701-48A7-9C10-4BD633A877EB}
O43 - CFD: 05/05/2011 - 07:38:40 - [0] ----D- C:\Users\otacon\Appdata\Local\{F27FD5E3-B75F-4250-A8B1-FEAB50C7431F}
O43 - CFD: 20/04/2011 - 21:03:06 - [0] ----D- C:\Users\otacon\Appdata\Local\{F99F4310-71EC-4504-8B0B-728B29967C99}
O43 - CFD: 12/05/2011 - 19:42:14 - [0] ----D- C:\Users\otacon\Appdata\Local\{FC95C72E-53C6-4980-B241-DCDFB9342EC5}
O43 - CFD: 26/04/2011 - 09:16:40 - [0] ----D- C:\Users\otacon\Appdata\Local\{FCBFA713-33EE-4123-A842-A741AD107E4F}
O43 - CFD: 16/04/2011 - 22:30:02 - [0] ----D- C:\Users\otacon\Appdata\Local\{FCFC07C8-1CCF-4DE1-9B4B-3A2E8B1D1C3E}
O43 - CFD: 08/04/2011 - 10:33:08 - [0] ----D- C:\Users\otacon\Appdata\Local\{FE00A9B3-F1BD-4803-BB84-550EF19EA0D8}
O43 - CFD: 12/04/2011 - 04:18:04 - [0] ----D- C:\Users\otacon\Appdata\Local\{FE930E79-633F-42B0-A3E9-8BE2A0321511}
O43 - CFD: 21/01/2008 - 04:42:48 - [15239] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 05/01/2011 - 23:01:46 - [174] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 17/06/2011 - 09:41:46 - [0] ----D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bink and Smacker
O43 - CFD: 21/01/2008 - 04:42:48 - [548] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 27/01/2011 - 02:52:26 - [0] ----D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Micro Application
O43 - CFD: 17/06/2011 - 23:52:32 - [1172] R---D- C:\Users\otacon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.98EE1200FEFFFFFF4C4F47434F4E7E31] - 17/06/2011 - 23:14:20 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0]
O44 - LFC:[MD5.8C34600B185BD954F2E56E16A4237A8E] - 17/06/2011 - 23:14:02 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9685983F01171D9CC34F0C1B0096779F] - 17/06/2011 - 23:12:17 ---A- . (...) -- C:\Windows\PFRO.log [493388]
O44 - LFC:[MD5.794585056D122CFE9B4D6F14AE53BCF4] - 17/06/2011 - 23:04:06 ---A- . (...) -- C:\bdlog.txt [155025]
O44 - LFC:[MD5.98EE1200FEFFFFFF57494E444F577E31] - 17/06/2011 - 23:03:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1723999]
O44 - LFC:[MD5.32A58BD425B8AAA68579D0E610095545] - 17/06/2011 - 22:43:23 ---A- . (...) -- C:\ZHPExportRegistry-17-06-2011-23-43-23.txt [4634]
O44 - LFC:[MD5.F24449952F45B38B904A136A70A5FE6B] - 17/06/2011 - 21:24:58 ---A- . (...) -- C:\Windows\System32\cloud_stats.log [17089]
O44 - LFC:[MD5.83EEB82E9ED7098EBC0C083C6BFD3116] - 17/06/2011 - 21:19:07 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [404640]
O44 - LFC:[MD5.B0734A0E313AE14AB2FE2A6787074C77] - 17/06/2011 - 21:18:56 ---A- . (...) -- C:\UsbFix.txt [3997]
O44 - LFC:[MD5.7AA4B89A81AF4AD547A5B59015F10987] - 17/06/2011 - 21:18:45 ---A- . (...) -- C:\UsbFix_Upload_Me_PC-DE-OTACON.zip [185724877]
O44 - LFC:[MD5.76E33B6DB2234568AAF8EA491FE04B70] - 17/06/2011 - 21:17:27 ---A- . (...) -- C:\Windows\System32\spsys.log [296]
O44 - LFC:[MD5.96CF92A6381B1FB7C701DE99FF6AC746] - 17/06/2011 - 20:23:50 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.FDC3E333C0B4218934F868B87DC259BF] - 17/06/2011 - 20:23:50 ---A- . (...) -- C:\Windows\System32\perfc009.dat [103872]
O44 - LFC:[MD5.8BF858F34DC9C162A79B8ACC21770D35] - 17/06/2011 - 20:23:50 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [126420]
O44 - LFC:[MD5.993BE41DA16CB6E2FB9EA595EC36E774] - 17/06/2011 - 20:23:50 ---A- . (...) -- C:\Windows\System32\perfh009.dat [595798]
O44 - LFC:[MD5.053BB91972863C57855AAE233129BBC6] - 17/06/2011 - 20:23:50 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [678804]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 17/06/2011 - 14:19:21 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 29/05/2011 - 08:34:30 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26600]
O44 - LFC:[MD5.005EE82BABF1D2D32188A75BEDF500A4] - 29/05/2011 - 08:34:30 ---A- . (.GEAR Software Inc. - GEARAspi (x86).) -- C:\Windows\System32\GEARAspi.dll [107368]
O44 - LFC:[MD5.FE90879F6D03D773F97DEF11F96E2057] - 28/05/2011 - 03:14:01 ---A- . (...) -- C:\Windows\IE9_main.log [5994]
O44 - LFC:[MD5.AE8D673788C2890910FEEC2964BEC761] - 22/05/2011 - 09:56:21 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [331544]



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers\"MSVideo.PD1130VFW"="P1130Vfw.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"VIDC.I420"="msh263.drv" . (...) -- (.not file.)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\FujiKeyboard [Key] . (.Packard Bell BV - Activboard Application.) -- c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
O53 - SMSR:HKLM\...\startupreg\Google Desktop Search [Key] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O53 - SMSR:HKLM\...\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\NBKeyScan [Key] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O53 - SMSR:HKLM\...\startupreg\NvCplDaemon [Key] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll
O53 - SMSR:HKLM\...\startupreg\NvMediaCenter [Key] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll
O53 - SMSR:HKLM\...\startupreg\NvSvc [Key] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 163.9.) -- C:\Windows\system32\nvsvc.dll
O53 - SMSR:HKLM\...\startupreg\SmpcSys [Key] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O53 - SMSR:HKLM\...\startupreg\Sony Ericsson PC Companion [Key] . (.Sony Ericsson - Sony Ericsson PC Companion.) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]
O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]
O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]
O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]
O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]
O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]
O58 - SDL:[MD5.0C3C2E9136397E1AAA9033DCAE25CED2] - 09/04/2011 - 03:13:16 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdLH3.sys [97296]
O58 - SDL:[MD5.5E1CBDA7D52289579E25283549E99425] - 09/03/2010 - 11:20:14 ---A- . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [104464]
O58 - SDL:[MD5.AD77D5D46857CE0D9469E7E670EC4D34] - 09/04/2011 - 03:13:33 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [7723008]
O58 - SDL:[MD5.655053F7C0A3B551DA84DB7417A10E15] - 09/04/2011 - 03:13:29 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [239616]
O58 - SDL:[MD5.C6CF76384DFC739B0BE55ABB79AD4DC0] - 28/06/2010 - 12:55:36 ---A- . (.BitDefender - Active Virus Control filter driver.) -- C:\Windows\system32\drivers\avc3.sys [633424]
O58 - SDL:[MD5.B758A219E95C085405B1E356A8267610] - 28/06/2010 - 12:55:42 ---A- . (.BitDefender - Active Virus Control Kernel Filtering driver.) -- C:\Windows\system32\drivers\avckf.sys [970320]
O58 - SDL:[MD5.8D4EFC5C378BFFE34C298C92F37D3B14] - 13/05/2010 - 16:52:04 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Driver.) -- C:\Windows\system32\drivers\bdfm.sys [152528]
O58 - SDL:[MD5.817FC12BC93A70B0449EBEFAA4D6F4D2] - 13/01/2011 - 11:42:49 ---A- . (.BitDefender - BitDefender Firewall NDIS6 Filter Driver.) -- C:\Windows\system32\drivers\bdfndisf6.sys [72784]
O58 - SDL:[MD5.4C44D82E372A87B3CB439A7F14CFEF03] - 09/07/2010 - 15:08:14 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\Windows\system32\drivers\bdfsfltr(1697).sys [327368]
O58 - SDL:[MD5.4C44D82E372A87B3CB439A7F14CFEF03] - 09/07/2010 - 15:08:14 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\Windows\system32\drivers\bdfsfltr.sys [327368]
O58 - SDL:[MD5.0C0BF06FD1A7B1E6B960482DEFF0E723] - 07/03/2011 - 20:37:04 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\Windows\system32\drivers\bdhv.sys [106456]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]
O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]
O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.007AEA2E06E7CEF7372E40C277163959] - 06/01/2011 - 12:04:57 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver Filter.) -- C:\Windows\system32\drivers\ggflt.sys [13224]
O58 - SDL:[MD5.C73DE35960CA75C5AB4AE636B127C64E] - 06/01/2011 - 12:04:57 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver.) -- C:\Windows\system32\drivers\ggsemc.sys [25512]
O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]
O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]
O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 16/07/2008 - 13:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 16/07/2008 - 13:56:06 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]
O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]
O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]
O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]
O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]
O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]
O58 - SDL:[MD5.23C24FDBC46B61A828DB3779A808A68B] - 27/11/2007 - 20:26:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 163.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7629632]
O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]
O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]
O58 - SDL:[MD5.4876E7C3184BDF50EDE043FEF616B867] - 31/10/2007 - 04:23:20 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [115744]
O58 - SDL:[MD5.37D3E66567E5082A783BEA33CF69837C] - 04/05/2004 - 05:48:00 ---A- . (.Creative Technology Ltd. - Video streaming and Capture Device Driver.) -- C:\Windows\system32\drivers\P1130Vid.sys [90229]
O58 - SDL:[MD5.D86B4A68565E444D76457F14172C875A] - 13/11/2008 - 06:40:09 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\PxHelp20.sys [43528]
O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]
O58 - SDL:[MD5.219CA9A36D6DE2EC04F958C907673436] - 07/05/2008 - 12:22:50 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2134424]
O58 - SDL:[MD5.283392AF1860ECDB5E0F8EBD7F3D72DF] - 02/11/2006 - 08:30:56 ---A- . (.Realtek Corporation - Realtek 8101/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [44544]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]
O58 - SDL:[MD5.29C497FC09C655B7BAFCFAFB6E76B8EB] - 07/03/2011 - 20:37:12 ---A- . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\Windows\system32\drivers\trufos.sys [308152]
O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 18/02/2011 - 15:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984]
O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]
O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: UsbFix By TeamXscript - (.TeamXscript.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 09/04/2011 - C:\Windows\System32\DRIVERS\atikmdag.sys - amdkmdag(amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 13/05/2010 - C:\Windows\System32\DRIVERS\bdfm.sys - BDFM(BDFM) .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM
O64 - Services: CurCS - 13/01/2011 - c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys - BitDefender Firewall NDIS 6 Filter Driver(Bdfndisf) .(.BitDefender - BitDefender Firewall NDIS6 Filter Driver.) - LEGACY_BDFNDISF
O64 - Services: CurCS - 09/07/2010 - C:\Windows\System32\DRIVERS\bdfsfltr.sys - bdfsfltr(bdfsfltr) .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR
O64 - Services: CurCS - 13/01/2011 - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys - bdftdif(Bdftdif) .(.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - LEGACY_BDFTDIF
O64 - Services: CurCS - 18/03/2011 - C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys - bdselfpr(bdselfpr) .(.BitDefender LLC - BitDefender Self Protection Driver.) - LEGACY_BDSELFPR
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\Users\otacon\AppData\Local\Temp\catchme.sys (.not file.) - catchme (catchme) .(...) - LEGACY_CATCHME
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - EraserUtilDrvI10 (EraserUtilDrvI10) .(...) - LEGACY_ERASERUTILDRVI10
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC
O64 - Services: CurCS - (.not file.) - IDSVix86 (IDSVix86) .(...) - LEGACY_IDSVIX86
O64 - Services: CurCS - 16/07/2008 - C:\Windows\system32\drivers\int15.sys - int15(int15) .(.Acer, Inc. - int15.) - LEGACY_INT15
O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS
O64 - Services: CurCS - (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG
O64 - Services: CurCS - (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR
O64 - Services: CurCS - (.not file.) - SYMDNS (SYMDNS) .(...) - LEGACY_SYMDNS
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA) .(...) - LEGACY_SYMEFA
O64 - Services: CurCS - (.not file.) - SymEvent (SymEvent) .(...) - LEGACY_SYMEVENT
O64 - Services: CurCS - (.not file.) - SYMFW (SYMFW) .(...) - LEGACY_SYMFW
O64 - Services: CurCS - (.not file.) - SYMNDISV (SYMNDISV) .(...) - LEGACY_SYMNDISV
O64 - Services: CurCS - (.not file.) - SYMREDRV (SYMREDRV) .(...) - LEGACY_SYMREDRV
O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(...) - LEGACY_SYMTDI
O64 - Services: CurCS - 07/03/2011 - C:\Windows\System32\DRIVERS\Trufos.sys - Trufos(Trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {64A4D7BC-882E-4072-8FD7-A7F56B9EF870} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {70D46D94-BF1E-45ED-B567-48701376298E} - (Google Desktop) - http://127.0.0.1:4664/search&s=gkf9YuDv8zz_cprnLGuxy_nwiuM?q={searchTerms}



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l'autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "{01F2C003-5D72-491C-B020-015207D83F05}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{B4E16B59-0D86-43B0-93B4-6AD3E9DA1A66}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{86C63406-7EFD-4A16-A71A-2AF952586CBA}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
O87 - FAEL: "{CC278AC0-33F2-442B-8666-FBC75EE71E3B}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
O87 - FAEL: "{059E1B3D-C814-4301-ADFA-11DAE9226167}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O87 - FAEL: "{B42149AB-F3F3-4537-8103-CA0973D00B68}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O87 - FAEL: "{C2A7CB2C-0A0A-47E9-AF87-9DA6CE897778}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
O87 - FAEL: "{D1A0B19E-14E2-462A-AEB9-EE6EE431B47C}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
O87 - FAEL: "{43327B44-31A7-40F2-87D8-46D804D03247}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
O87 - FAEL: "{B9847A84-3DB0-4F5E-BE19-1DC55220EE6B}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
O87 - FAEL: "{8E27DA0B-099F-45E7-B9A9-CB936FED11C5}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{36A0B23D-8028-4A7D-86A6-0508207B8C54}" | In - Private - P6 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST(TM) Install Manager.) -- C:\Program Files\Steam\SteamApps\common\amd driver updater, vista and 7, 32 bit\Setup.exe
O87 - FAEL: "{D5EFEC5C-C48F-4A2C-A728-B7E3BFFEE1A4}" | In - Private - P17 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST(TM) Install Manager.) -- C:\Program Files\Steam\SteamApps\common\amd driver updater, vista and 7, 32 bit\Setup.exe
O87 - FAEL: "{495EA805-23BE-4D00-AA84-F82A7C95DE28}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{768ED830-5BED-4EB9-BBCB-C7912558F436}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{346CAF90-B8CE-41BC-872B-12E693206DC3}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe



---\\ Scan Additionnel (O88)
Database Version : 8410 - (16/06/2011)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 0

C:\Program Files\SweetIM =>Toolbar.SweetIM
C:\ProgramData\SweetIM =>Toolbar.SweetIM
C:\Users\otacon\Appdata\LocalLow\SweetIM =>Toolbar.SweetIM
C:\Users\otacon\Appdata\Local\Temp\AskSearch =>Adware.AskBarDis



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/05/2011 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
SR - | Auto 09/04/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
SR - | Auto 18/02/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/10/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 16/07/2008 24576 | (ETService) . (...) - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
SS - | Demand 13/11/2008 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 18/09/2008 83264 | (GenericHidService) . (.Packard Bell Services.) - c:\windows\system32\HidService.exe
SS - | Demand 05/01/2011 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 04/02/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/02/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/01/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 07/03/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 02/12/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
SS - | Demand 25/03/2009 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SS - | Demand 10/02/2011 150528 | (Sony Ericsson PCCompanion) . (.Avanquest Software.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
SS - | Demand 14/05/2011 403240 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe
SR - | Auto 09/03/2011 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
SS - | Demand 07/03/2011 307544 | (Update Server) . (.BitDefender.) - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
SR - | Auto 07/03/2011 43936 | (Updatesrv) . (.BitDefender S.R.L..) - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
SR - | Auto 07
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse
Nouveau tag ajouté - Utilité
Eerfers -
madmyke -

1 réponse
Page qui s’ouvre toute seule
Dolphie -
Manon -

5 réponses