Il y a actuellement 214 visiteurs
Lundi 28 Septembre 2020
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

[Réglé] virus (iastor.sys?)

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

[Réglé] virus (iastor.sys?)

Message le 04 Mai 2011 17:48

Bonjour,
Depuis quelques jours j'ai un problème sur mon petit pc portable (emachine) :
En mode normal, le total des processus n'est pas cohérent avec le processus affiché. Le CPU est constamment proche de 100%... jusqu'au crach : ce magnifique écran bleu que tout le monde déteste et qui est très bref. Cependant j'ai cru apercevoir un lien avec le fichier iastor.sys. L'ordi redémarre et rebelote.
En mode sans échec, processus et cpu restent élevés mais l'ordi ne plante pas pour autant : j'arrive à effectuer quelques actions.

Une dernière chose : quand j'éteins mon ordi normalement, un écran bleu apparaît avec cette fois : internal_power_error.

J'ai donc effectué (tant bien que mal) une analyse complète du pc : rien trouvé (mon antivirus est très certainement pourri...),
suivi d'un coup de ccleaner, puis spybotS&D qui a trouvé quelques trucs, et aussi un coup de malwarebyte qui m'a dégagé aussi plusieurs choses. Cependant le problème reste, même après restauration du système...
J'ai donc lancé HiJackThis et voici le rapport :

Code: Tout sélectionner
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 18:15:19, on 04/05/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\System32\WerFault.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&m=em350&r=27b51010n525l0464wwh5r4602r72s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&m=em350&r=27b51010n525l0464wwh5r4602r72s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=040c&m=em350&r=27b51010n525l0464wwh5r4602r72s
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\eMachines\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 22389 bytes



Si quelqu'un pouvait m'aider ça serait d'une incroyable gentillesse, j'utilise en effet énormement cette ordi pour travailler...
(en passant je suis pas très doué en info (mon prof d'algo le sait bien XD)

En vous remerciant d'avance,
cordialement,
max
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 


Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 04 Mai 2011 19:07

Bonsoir

fait ceci pour tes blues screen s.t.p


Télécharger whocrashedSetup

Ou <<ICI>>

Installer le logiciel et une fois installé cliquez sur Analyse Image

Laisse Internet connecté . Si tu as une anomalie mets-le rapport ici.
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12617
Inscription: 08 Déc 2009 19:51
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 04 Mai 2011 19:24

merci tout d'abord pour cette rapide réponse.

voici le rapport de whocrashed :
Code: Tout sélectionner
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.


On Wed 04/05/2011 16:10:56 GMT your computer crashed
crash dump file: C:\Windows\Minidump\050411-51839-01.dmp
This was probably caused by the following module: iastor.sys (iaStor+0x41B40)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFF87074B40, 0xFFFFFFFFB477F74C, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\Windows\system32\drivers\iastor.sys
product: Intel Matrix Storage Manager driver
company: Intel Corporation
description: Intel Matrix Storage Manager driver - ia32
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastor.sys (Intel Matrix Storage Manager driver - ia32, Intel Corporation).
Google query: iastor.sys Intel Corporation KERNEL_MODE_EXCEPTION_NOT_HANDLED_M




On Wed 04/05/2011 16:10:56 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: hal.sys (hal!KfLowerIrql+0x61)
Bugcheck code: 0x8E (0xFFFFFFFFC0000005, 0xFFFFFFFF87074B40, 0xFFFFFFFFB477F74C, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug check description: This bug check indicates that a kernel-mode application generated an exception that the error handler did not catch.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: hal.sys .
Google query: hal.sys KERNEL_MODE_EXCEPTION_NOT_HANDLED




On Wed 04/05/2011 15:32:30 GMT your computer crashed
crash dump file: C:\Windows\Minidump\050411-98545-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0xD2428)
Bugcheck code: 0xA0 (0x1, 0x6, 0xFFFFFFFF85161588, 0x0)
Error: INTERNAL_POWER_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the power policy manager experienced a fatal error.
This problem might be caused by a thermal issue.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 04 Mai 2011 19:45

bon il semble bien qu'un drivers soit en cause.

viens tu d'installer un nouveau matériels?

As tu essayer de faire une restauration une journée avant ton premier soucis?

Vérifies que tu n'as pas besoin de mettre à jour certains pilotes.

http://www.touslesdrivers.com/index.php?v_page=29

Ceci en plus s.t.p


Télécharges << ZHPDiag>> (de Nicolas Coolman)

dezzipes le fichier sur ton bureau...
Fais un clic-droit sur l'icône ZHPDiag .exe et choisis "exécuter en tant qu'administrateur".


L'installation va créer raccourcis (ZHPDiag et ZHPFix et MBRchek) sur ton bureau

Image


A la fin de l'installation ZHPDiag va se lancer....

Cliques sur l'icône "Options" (image du tournevis) et coches toutes les options.
Cliques sur "Lancer le diagnostique" (image de la loupe) et patiente...

A la fin du scan cliques sur l'icône "sauvegarder le fichier sous" (image de la disquette bleu) et enregistre le rapport sur ton bureau.

Mets le rapport ici car il prend bien de la place.

http://www.cijoint.fr/index.php
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12617
Inscription: 08 Déc 2009 19:51
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 04 Mai 2011 20:35

Bon, le scan est pour l'instant bloqué à 66%. un truc : sigcheck est apparu, ainsi qu' une fenêtre : l'appel a été interrompu par le filtre de message. j'ai fais ok, et la je sais sais pas si le scan continue...

Pour le test des drivers, je ne peux pas le faire en mode sans échec...
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 04 Mai 2011 20:42

le scan ralenti a environ 70% et 80% mais cela est normal, il faut le laisser faire.
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12617
Inscription: 08 Déc 2009 19:51
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 05 Mai 2011 22:01

Bon, je suis désolé pour le retard, après quelques galères j'ai enfin pu faire le scan, mais le site pour le dépôt de ficchier a un bug. dois-je le mettre ici?
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 06 Mai 2011 11:47

ok mets le ici en utilisant les balises adéquate.
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12617
Inscription: 08 Déc 2009 19:51
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 14 Mai 2011 14:49

Bon, je suis encore à la bourre sur mon problème... Exams :-S

Voici mon rapport :
Code: Tout sélectionner
Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011
Run by Maxime at 05/05/2011 22:50:48
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox v3.6.10 (fr) (Defaut)
GCIE: Google Chrome v11.0.696.60

---\\ System Information
Windows 7 Starter Edition, 32-bit  (Build 7600)
Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 1013 MB (39% free)
System Restore: Activé (Enable)
System drive C: has 155 GB (70%) free of 220 GB

---\\ Logged in mode
Computer Name: MAXIME-PC
User Name: Maxime
All Users Names: Maxime, Administrateur,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=
%LocalAppData%=
%StartMenu%=

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 155 Go of 220 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK



---\\ Recherche particulière de fichiers génériques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 06:33:07.) -- C:\Windows\Explorer.exe [2614784]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/02/2011 06:32:44.) -- C:\Windows\system32\wininet.dll [981504]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 07:17:59.) -- C:\Windows\system32\Winlogon.exe [285696]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.187002CE05693C306F43C873F821381F] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 06:44:01.) -- C:\Windows\system32\drivers\ntfs.sys [1210240]



---\\ Processus lancés
[MD5.A26898623D61508C2FA3F5672C11FA5D] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [910296]
[MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [644608]



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Maxime] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Maxime] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Maxime] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Maxime] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Maxime] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Maxime] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.4".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_23 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Maxime\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Maxime\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [ldjcbfljkplgifccngillicohclloidg] AT_KarimRashidV3 v.3 (Activé)



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com
R0 - HKUS\S-1-5-21-499926456-1812876857-2896141877-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-499926456-1812876857-2896141877-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll



---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll



---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [BitTorrent] . (.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-499926456-1812876857-2896141877-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-499926456-1812876857-2896141877-1000\..\Run: [BitTorrent] . (.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
O4 - HKUS\S-1-5-21-499926456-1812876857-2896141877-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk . (.McAfee, Inc..)  -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe



---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Maxime\Desktop\Command Prompt.lnk . (.Microsoft Corporation.)  -- C:\Windows\system32\cmd.exe
O4 - Global Startup: C:\Users\Maxime\Desktop\GeoGebra WebStart.lnk . (.Sun Microsystems, Inc..)  -- C:\Windows\System32\javaws.exe
O4 - Global Startup: C:\Users\Maxime\Desktop\ispLEVER Classic Project Navigator.lnk . (...)  -- C:\ispLEVER_Classic1_4\ispcpld\bin\projnav.exe
O4 - Global Startup: C:\Users\Maxime\Desktop\TeXworks.lnk . (.TeX Users Group.)  -- C:\Program Files\MiKTeX 2.8\miktex\bin\miktex-texworks.exe
O4 - Global Startup: C:\Users\Maxime\Desktop\WhoCrashed.lnk . (...)  -- C:\Program Files\WhoCrashed\whocrashed.exe
O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...)  -- C:\Windows\Installer\{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}\SafariIco.exe
O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk . (.BitTorrent, Inc..)  -- C:\Program Files\BitTorrent\BitTorrent.exe
O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: S&end to OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{06999562-2BBA-4253-A4EC-3847D86D43E1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{06999562-2BBA-4253-A4EC-3847D86D43E1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{06999562-2BBA-4253-A4EC-3847D86D43E1}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{06999562-2BBA-4253-A4EC-3847D86D43E1}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{06999562-2BBA-4253-A4EC-3847D86D43E1}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{06999562-2BBA-4253-A4EC-3847D86D43E1}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service:  (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service:  (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service:  (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service:  (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files\eMachines\Registration\GREGsvc.exe
O23 - Service:  (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service:  (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service:  (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service:  (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service:  (iPod Service) . (.Apple Inc. - iPodService Module (32-bit).) - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service:  (McComponentHostService) . (.McAfee, Inc. - Component Host Service.) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service:  (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service:  (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service:  (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499926456-1812876857-2896141877-1000Core.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-499926456-1812876857-2896141877-1000UA.job



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\System32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl3170449e) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4DC65063-D0C6-43F9-854F-82482E4B0A5F}\MpKsl3170449e.sys (.not file.)
O41 - Driver: (MpKsl704f7fc7) . (. - .) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F46D46B5-79C0-48FF-B481-063812CCDA7A}\MpKsl704f7fc7.sys (.not file.)
O41 - Driver: (MpKsl788e840d) . (. - .) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2D2030F-9628-424D-B6B9-AB5B91218A6D}\MpKsl788e840d.sys (.not file.)
O41 - Driver: (MpKsl8803f99e) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6BA0ED35-7A9C-4371-A6E9-8EE0F82163F4}\MpKsl8803f99e.sys (.not file.)
O41 - Driver: (MpKsl8facacf4) . (. - .) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A5F5793-2175-4866-9FE4-DEBC5F542730}\MpKsl8facacf4.sys (.not file.)
O41 - Driver: (MpKsl9cba49dd) . (. - .) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ED84E04-3873-4F07-88E4-CCE994E68D5F}\MpKsl9cba49dd.sys (.not file.)
O41 - Driver: (MpKslb1af87f1) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04BCE75F-14E2-4B33-B7E1-3FF711009948}\MpKslb1af87f1.sys (.not file.)
O41 - Driver: (MpKslc2c548d3) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B83B9059-0CDD-42B9-9284-27999458CB43}\MpKslc2c548d3.sys (.not file.)
O41 - Driver: (MpKsle598d43c) . (. - .) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7438DC36-03A9-4D15-9452-56C37CC16FCF}\MpKsle598d43c.sys (.not file.)
O41 - Driver: (MpKsle611db06) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A3AE20-345F-4C83-A98D-1F4879C88B19}\MpKsle611db06.sys (.not file.)
O41 - Driver: (MpKsle8304cf1) . (. - .) - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B29C3DB5-D9C5-4DF9-BCB2-2C4F844ADBCB}\MpKsle8304cf1.sys (.not file.)
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys



---\\ Logiciels installés (O42)
O42 - Logiciel:  Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel:  Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel:  Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel:  Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel:  Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.4.4 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {853A4763-6643-4604-8D64-28BDD8925F4C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: BitTorrent - (.Pas de propriétaire.) [HKLM] -- BitTorrent
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817-A060-341AB17C3F90}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: ENE USB Card Reader Driver - (.ENE.) [HKLM] -- F3C7F6463C419D1D216961B5B81E2FE534986562
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: GeoGebra WebStart - (.International GeoGebra Institute.) [HKCU] -- GeoGebra WebStart
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {BE06114F-559D-11E0-B5A1-001D0926B1BF}
O42 - Logiciel: Guitar Pro 5.0 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1
O42 - Logiciel: IZArc 4.1.2 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM] -- Identity Card
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020F0}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216021FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (.eMachines.) [HKLM] -- LManager
O42 - Logiciel: LimeWire 5.5.8 - (.Lime Wire, LLC.) [HKLM] -- LimeWire
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Maple 12 - (.Maplesoft.) [HKLM] -- Maple 12
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: MiKTeX 2.8 - (.MiKTeX.org.) [HKLM] -- MiKTeX 2.8
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}
O42 - Logiciel: Microsoft Expression Web - (.Microsoft Corporation.) [HKLM] -- WebDesigner
O42 - Logiciel: Microsoft Expression Web - (.Microsoft Corporation.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Expression Web MUI (English) - (.Microsoft Corporation.) [HKLM] -- {90120000-0026-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Expression Web Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français - (.Microsoft Corporation.) [HKLM] -- OMUI.fr-fr
O42 - Logiciel: Microsoft Office O MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Project 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}
O42 - Logiciel: Microsoft Office Project 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}
O42 - Logiciel: Microsoft Office Project MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00B4-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Project Professional 2007 - (.Microsoft Corporation.) [HKLM] -- PRJPRO
O42 - Logiciel: Microsoft Office Project Professional 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}
O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}
O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Visio 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}
O42 - Logiciel: Microsoft Office Visio 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}
O42 - Logiciel: Microsoft Office Visio MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0054-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Visio Professional 2007 - (.Microsoft Corporation.) [HKLM] -- VISPRO
O42 - Logiciel: Microsoft Office Visio Professional 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office X MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Mozilla Firefox (3.6.10) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.10)
O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {266517E6-D866-439D-919C-B8B1A52E6080}
O42 - Logiciel: OwnData2 - (.TS Support.) [HKLM] -- {BB729F7B-D12C-43B0-B211-4AC6C1290ACF}
O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM] -- PowerISO
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2464594) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E6B7C11E-21E9-4BA0-9677-29AD603B953C}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2464594) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E6B7C11E-21E9-4BA0-9677-29AD603B953C}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio 2007 (KB2434737) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{7536B936-80A0-4A60-8B8E-1053752D2DFE}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: TradeStation 8.6 (Build 2612) - (.TradeStation Technologies.) [HKLM] -- {DD7DAFE2-EC2C-4128-AC44-4FDE894540BA}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB963673) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}
O42 - Logiciel: Update for Microsoft Office Access 2007 Help (KB963663) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}
O42 - Logiciel: Update for Microsoft Office Infopath 2007 Help (KB963662) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB963670) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2412171) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}
O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}
O42 - Logiciel: Update for Microsoft Office Project 2007 Help (KB963668) - (.Microsoft.) [HKLM] -- {90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{1DF07773-4289-4998-BC2C-83539AD85C50}
O42 - Logiciel: Update for Microsoft Office Publisher 2007 Help (KB963667) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}
O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
O42 - Logiciel: Update for Microsoft Office Visio 2007 Help (KB963666) - (.Microsoft.) [HKLM] -- {90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{D2C4ACC9-12F5-4E1C-81A8-5DC878AC6278}
O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2522999) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CC8A81F7-5A36-4DE9-ABB3-5499132062C5}
O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Video Web Camera - (.liteon.) [HKLM] -- {51F026FA-5146-4232-A8BA-1364740BD053}
O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM] -- eMachines Welcome Center
O42 - Logiciel: WhoCrashed 3.01 - (.Resplendence Software Projects Sp..) [HKLM] -- WhoCrashed_is1
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM] -- {E0B19DF7-B1C7-4937-82C4-0E4B1E346965}
O42 - Logiciel: eMachines Power Management - (.Acer Incorporated.) [HKLM] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: eMachines Recovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: eMachines Registration - (.Acer Incorporated.) [HKLM] -- eMachines Registration
O42 - Logiciel: eMachines ScreenSaver - (.Acer Incorporated.) [HKLM] -- eMachines Screensaver
O42 - Logiciel: eMachines Updater - (.Acer Incorporated.) [HKLM] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {353FE16B-30FE-469A-BF55-B978F4218003}
O42 - Logiciel: ispLEVER Classic 1.4 - (.Lattice Semiconductor Corporation.) [HKLM] -- {2C96A9D3-1771-48F8-9F7C-8F34B16CD443}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Crystal Office]
[HKCU\Software\Dritek]
[HKCU\Software\FLEXlm License Manager]
[HKCU\Software\Geoplace]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\IZSoftware]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lattice Semiconductor Corporation]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\MiKTeX.org]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PowerISO]
[HKCU\Software\Realtek]
[HKCU\Software\Resplendence Sp]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Synario]
[HKCU\Software\Sysinternals]
[HKCU\Software\TS Support]
[HKCU\Software\TUG]
[HKCU\Software\TradeStation Technologies]
[HKCU\Software\Trend Micro]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eMachines]
[HKCU\Software\eMule]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Arobas Music]
[HKLM\Software\Atheros Communications Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\Digital River]
[HKLM\Software\Dritek]
[HKLM\Software\FLEXlm License Manager]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lattice Semiconductor Corporation]
[HKLM\Software\Macromedia]
[HKLM\Software\MiKTeX.org]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Symantec]
[HKLM\Software\TS Support]
[HKLM\Software\TradeStation Technologies]
[HKLM\Software\TrendMicro]
[HKLM\Software\VideoLAN]
[HKLM\Software\Waterloo Maple]
[HKLM\Software\Waves Audio]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mozilla.org]



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/04/2010 - 10:51:00 - [688367463] ----D- C:\Program Files\Adobe
O43 - CFD: 19/05/2010 - 22:12:08 - [12592999] ----D- C:\Program Files\Apoint2K
O43 - CFD: 05/10/2010 - 22:16:34 - [2306366] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 18/04/2011 - 15:32:38 - [400760] ----D- C:\Program Files\BitTorrent
O43 - CFD: 28/04/2011 - 17:49:00 - [621231] ----D- C:\Program Files\Bonjour
O43 - CFD: 06/02/2011 - 22:17:46 - [2865368] ----D- C:\Program Files\CCleaner
O43 - CFD: 06/02/2011 - 21:41:46 - [783770157] ----D- C:\Program Files\Common Files
O43 - CFD: 29/04/2010 - 10:24:04 - [795472] ----D- C:\Program Files\DIFX
O43 - CFD: 05/05/2011 - 03:56:36 - [4191414] ----D- C:\Program Files\DVD Maker
O43 - CFD: 19/05/2010 - 22:31:48 - [62650575] ----D- C:\Program Files\eMachines
O43 - CFD: 05/10/2010 - 19:55:08 - [250761] ----D- C:\Program Files\eMachines Accessory Store
O43 - CFD: 29/04/2011 - 17:28:32 - [214185] ----D- C:\Program Files\eMachines Games
O43 - CFD: 05/05/2011 - 03:55:36 - [10529692] ----D- C:\Program Files\eMule
O43 - CFD: 05/10/2010 - 19:54:32 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 29/04/2011 - 17:03:56 - [104702600] ----D- C:\Program Files\Google
O43 - CFD: 21/10/2010 - 19:57:46 - [378438832] ----D- C:\Program Files\Guitar Pro 5
O43 - CFD: 05/05/2011 - 03:55:30 - [0] ----D- C:\Program Files\Guitar Pro 6
O43 - CFD: 07/10/2010 - 21:53:56 - [47868734] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 29/04/2010 - 10:18:22 - [61805390] ----D- C:\Program Files\Intel
O43 - CFD: 05/05/2011 - 03:56:36 - [5722815] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 28/04/2011 - 17:58:18 - [1856627] ----D- C:\Program Files\iPod
O43 - CFD: 28/04/2011 - 17:59:40 - [128196056] ----D- C:\Program Files\iTunes
O43 - CFD: 21/10/2010 - 19:34:24 - [14314683] ----D- C:\Program Files\IZArc
O43 - CFD: 03/01/2011 - 18:12:26 - [180070004] ----D- C:\Program Files\Java
O43 - CFD: 07/10/2010 - 19:42:34 - [16295712] ----D- C:\Program Files\JRE
O43 - CFD: 19/05/2010 - 22:09:34 - [7194016] ----D- C:\Program Files\Launch Manager
O43 - CFD: 05/05/2011 - 03:55:36 - [47955881] ----D- C:\Program Files\LimeWire
O43 - CFD: 05/05/2011 - 03:55:30 - [770280] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 05/10/2010 - 22:02:20 - [7660083] ----D- C:\Program Files\Maple
O43 - CFD: 06/02/2011 - 22:03:06 - [729969312] ----D- C:\Program Files\Maple 12
O43 - CFD: 13/03/2011 - 23:45:42 - [9454922] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 29/04/2011 - 17:23:04 - [0] ----D- C:\Program Files\Microsoft
O43 - CFD: 08/11/2010 - 23:57:44 - [108012733] ----D- C:\Program Files\Microsoft Expression
O43 - CFD: 14/07/2009 - 06:52:32 - [46683959] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 08/11/2010 - 23:32:36 - [1129271711] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 29/04/2010 - 10:44:16 - [7791803] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 19/03/2011 - 23:15:16 - [18397928] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 23/04/2011 - 11:03:04 - [38388859] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 19/05/2010 - 22:20:32 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 08/11/2010 - 23:33:38 - [14904] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 19/05/2010 - 22:23:46 - [2319895] ----D- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 18/12/2010 - 16:28:52 - [146453974] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 08/10/2010 - 00:00:10 - [8167779] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 07/10/2010 - 23:01:44 - [304823454] ----D- C:\Program Files\MiKTeX 2.8
O43 - CFD: 05/05/2011 - 22:50:22 - [31345356] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 08/11/2010 - 23:34:34 - [26521] ----D- C:\Program Files\MSBuild
O43 - CFD: 07/10/2010 - 19:19:58 - [10617128] ----D- C:\Program Files\Notepad++
O43 - CFD: 05/10/2010 - 19:55:16 - [106432] ----D- C:\Program Files\OEM
O43 - CFD: 07/10/2010 - 19:42:32 - [386500926] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 08/11/2010 - 23:02:28 - [4022452] ----D- C:\Program Files\PowerISO
O43 - CFD: 29/04/2010 - 10:35:30 - [1825075] ----D- C:\Program Files\Preload
O43 - CFD: 05/01/2011 - 15:52:10 - [76322555] ----D- C:\Program Files\QuickTime
O43 - CFD: 29/04/2010 - 10:19:52 - [16118117] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:52:32 - [38597377] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 20/11/2010 - 22:00:56 - [42295319] ----D- C:\Program Files\Safari
O43 - CFD: 06/02/2011 - 22:20:28 - [50580038] ----D- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 29/04/2010 - 10:20:40 - [0] --H-D- C:\Program Files\Temp
O43 - CFD: 06/02/2011 - 22:58:34 - [135251714] ----D- C:\Program Files\TradeStation 8.6 (Build 2612)
O43 - CFD: 06/02/2011 - 22:18:42 - [410487] ----D- C:\Program Files\TrendMicro
O43 - CFD: 06/02/2011 - 21:49:06 - [51606774] ----D- C:\Program Files\TS Support
O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 19/05/2010 - 22:10:34 - [2941744] ----D- C:\Program Files\Video Web Camera
O43 - CFD: 07/10/2010 - 22:39:20 - [78880911] ----D- C:\Program Files\VideoLAN
O43 - CFD: 04/05/2011 - 20:21:10 - [5157775] ----D- C:\Program Files\WhoCrashed
O43 - CFD: 05/05/2011 - 03:56:36 - [3049984] ----D- C:\Program Files\Windows Defender
O43 - CFD: 30/03/2011 - 14:38:56 - [190363908] ----D- C:\Program Files\Windows Live
O43 - CFD: 05/05/2011 - 03:56:36 - [6180864] ----D- C:\Program Files\Windows Mail
O43 - CFD: 05/05/2011 - 03:56:36 - [6607787] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 05/10/2010 - 19:54:32 - [12197556] ----D- C:\Program Files\Windows NT
O43 - CFD: 05/05/2011 - 03:56:36 - [4417800] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 05/05/2011 - 03:55:30 - [0] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 05/05/2011 - 03:56:36 - [5994114] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 06/02/2011 - 22:01:54 - [2003] --H-D- C:\Program Files\Zero G Registry
O43 - CFD: 05/05/2011 - 22:51:00 - [3806158] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 05/10/2010 - 21:29:28 - [16460255] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 29/04/2010 - 10:50:50 - [31787256] ----D- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 28/04/2011 - 17:58:16 - [104132123] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 29/04/2010 - 10:38:12 - [92976] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 29/04/2010 - 10:19:46 - [3857470] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 05/10/2010 - 21:37:26 - [1243079] ----D- C:\Program Files\Common Files\Java
O43 - CFD: 05/05/2011 - 03:55:34 - [312026294] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 08/10/2010 - 20:42:38 - [44831332] ----D- C:\Program Files\Common Files\System
O43 - CFD: 06/02/2011 - 21:41:46 - [147269] ----D- C:\Program Files\Common Files\TradeStation Technologies
O43 - CFD: 19/05/2010 - 22:16:36 - [228085618] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 29/04/2010 - 10:35:30 - [160] ----D- C:\ProgramData\Acer
O43 - CFD: 10/03/2011 - 21:50:26 - [136894401] ----D- C:\ProgramData\Adobe
O43 - CFD: 05/10/2010 - 22:15:22 - [107547136] ----D- C:\ProgramData\Apple
O43 - CFD: 05/10/2010 - 22:19:42 - [84846603] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 01/05/2011 - 22:14:46 - [0] ----D- C:\ProgramData\boost_interprocess
O43 - CFD: 05/10/2010 - 19:54:32 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 29/04/2010 - 10:47:20 - [309505] ----D- C:\ProgramData\eMachines
O43 - CFD: 04/05/2011 - 16:53:16 - [0] ----D- C:\ProgramData\eMule
O43 - CFD: 05/10/2010 - 19:54:32 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 29/04/2010 - 10:48:38 - [522259] ----D- C:\ProgramData\Google
O43 - CFD: 01/05/2011 - 22:41:16 - [184] ----D- C:\ProgramData\Guitar Pro 6
O43 - CFD: 18/10/2010 - 12:19:38 - [200252] ----D- C:\ProgramData\InterAction studios
O43 - CFD: 03/05/2011 - 23:17:56 - [1428] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 10/03/2011 - 21:48:10 - [81420] ----D- C:\ProgramData\McAfee
O43 - CFD: 05/05/2011 - 03:55:36 - [851] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 05/10/2010 - 19:54:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 05/05/2011 - 03:45:36 - [662824169] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 17/04/2011 - 11:16:50 - [132176] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 07/10/2010 - 23:04:16 - [7392617] ----D- C:\ProgramData\MiKTeX
O43 - CFD: 05/10/2010 - 19:54:32 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 07/11/2010 - 18:44:14 - [15088] ----D- C:\ProgramData\Norton
O43 - CFD: 29/04/2010 - 10:51:16 - [5472987] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 05/10/2010 - 19:56:50 - [702] ----D- C:\ProgramData\OEM
O43 - CFD: 28/10/2010 - 12:16:54 - [1028] ----D- C:\ProgramData\Partner
O43 - CFD: 05/05/2011 - 03:55:36 - [2368] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 05/10/2010 - 21:37:28 - [224] ----D- C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 06/02/2011 - 21:33:10 - [28189899] ----D- C:\ProgramData\TS Support
O43 - CFD: 29/04/2011 - 17:28:28 - [17504] ----D- C:\ProgramData\WildTangent
O43 - CFD: 05/10/2010 - 21:26:00 - [2780999] ----D- C:\Users\Maxime\AppData\Roaming\Adobe
O43 - CFD: 26/10/2010 - 10:00:36 - [202177] ----D- C:\Users\Maxime\AppData\Roaming\Apple Computer
O43 - CFD: 04/05/2011 - 18:10:56 - [7801295] ----D- C:\Users\Maxime\AppData\Roaming\BitTorrent
O43 - CFD: 05/10/2010 - 20:45:30 - [0] ----D- C:\Users\Maxime\AppData\Roaming\Google
O43 - CFD: 01/05/2011 - 22:41:56 - [25723] ----D- C:\Users\Maxime\AppData\Roaming\Guitar Pro 6
O43 - CFD: 05/10/2010 - 19:56:18 - [0] ----D- C:\Users\Maxime\AppData\Roaming\Identities
O43 - CFD: 05/05/2011 - 03:55:48 - [18124053] ----D- C:\Users\Maxime\AppData\Roaming\LimeWire
O43 - CFD: 05/10/2010 - 19:56:54 - [1605] ----D- C:\Users\Maxime\AppData\Roaming\Macromedia
O43 - CFD: 03/05/2011 - 23:18:02 - [3639] ----D- C:\Users\Maxime\AppData\Roaming\Malwarebytes
O43 - CFD: 06/02/2011 - 22:09:16 - [3894] ----D- C:\Users\Maxime\AppData\Roaming\Maple
O43 - CFD: 05/05/2011 - 03:46:36 - [4155497] -S--D- C:\Users\Maxime\AppData\Roaming\Microsoft
O43 - CFD: 09/10/2010 - 16:38:36 - [12610665] ----D- C:\Users\Maxime\AppData\Roaming\Mozilla
O43 - CFD: 07/10/2010 - 19:21:28 - [209732] ----D- C:\Users\Maxime\AppData\Roaming\Notepad++
O43 - CFD: 07/10/2010 - 21:47:34 - [56634396] ----D- C:\Users\Maxime\AppData\Roaming\OpenOffice.org
O43 - CFD: 06/02/2011 - 21:34:44 - [5618794] ----D- C:\Users\Maxime\AppData\Roaming\TradeStation Technologies
O43 - CFD: 20/10/2010 - 22:20:14 - [1209024] ----D- C:\Users\Maxime\AppData\Roaming\vlc
O43 - CFD: 05/10/2010 - 21:28:18 - [400203] ----D- C:\Users\Maxime\Appdata\Local\Adobe
O43 - CFD: 05/10/2010 - 22:16:38 - [20383528] ----D- C:\Users\Maxime\Appdata\Local\Apple
O43 - CFD: 18/12/2010 - 16:09:02 - [2131770] ----D- C:\Users\Maxime\Appdata\Local\Apple Computer
O43 - CFD: 05/10/2010 - 19:54:48 - [0] -SH-D- C:\Users\Maxime\Appdata\Local\Application Data
O43 - CFD: 02/05/2011 - 11:01:08 - [11059286] ----D- C:\Users\Maxime\Appdata\Local\CrashDumps
O43 - CFD: 29/04/2011 - 12:22:20 - [553732] ----D- C:\Users\Maxime\Appdata\Local\Diagnostics
O43 - CFD: 05/05/2011 - 03:55:36 - [12317] ----D- C:\Users\Maxime\Appdata\Local\eMule
O43 - CFD: 08/11/2010 - 20:07:20 - [377509334] ----D- C:\Users\Maxime\Appdata\Local\Google
O43 - CFD: 05/10/2010 - 19:54:48 - [0] -SH-D- C:\Users\Maxime\Appdata\Local\Historique
O43 - CFD: 10/02/2011 - 22:04:18 - [145195976] ----D- C:\Users\Maxime\Appdata\Local\Microsoft
O43 - CFD: 18/10/2010 - 12:07:08 - [799800] ----D- C:\Users\Maxime\Appdata\Local\Microsoft Games
O43 - CFD: 12/02/2011 - 10:15:14 - [309888] ----D- C:\Users\Maxime\Appdata\Local\Microsoft Help
O43 - CFD: 07/10/2010 - 23:15:18 - [34571] ----D- C:\Users\Maxime\Appdata\Local\MiKTeX
O43 - CFD: 09/10/2010 - 16:38:16 - [65688501] ----D- C:\Users\Maxime\Appdata\Local\Mozilla
O43 - CFD: 05/05/2011 - 22:51:00 - [207239322] ----D- C:\Users\Maxime\Appdata\Local\Temp
O43 - CFD: 05/10/2010 - 19:54:48 - [0] -SH-D- C:\Users\Maxime\Appdata\Local\Temporary Internet Files
O43 - CFD: 06/02/2011 - 22:16:00 - [2348098] ----D- C:\Users\Maxime\Appdata\Local\TS Support
O43 - CFD: 05/05/2011 - 03:55:46 - [24233] ----D- C:\Users\Maxime\Appdata\Local\VirtualStore
O43 - CFD: 04/05/2011 - 18:05:18 - [61440] ----D- C:\Users\Maxime\Appdata\Local\Windows Live



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.207B35F1554E1D57923BA439039474CB] - 05/05/2011 - 21:48:48 ---A- . (...) -- C:\Windows\ntbtlog.txt   [580114]
O44 - LFC:[MD5.49DD7BD9A9331242F89C147BE9C34A76] - 05/05/2011 - 21:47:56 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.810138CA3144B7BE6213873906EB8667] - 05/05/2011 - 21:40:51 ---A- . (...) -- C:\Windows\MEMORY.DMP   [145764449]
O44 - LFC:[MD5.820AC7FCF6D91998AB7F073B6D67E279] - 04/05/2011 - 17:23:07 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1138279]
O44 - LFC:[MD5.13FA05CEACFE78FEA2A5459080227687] - 04/05/2011 - 17:17:12 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [723902]
O44 - LFC:[MD5.F92C80E9D1BB8D02272B00A472D829A4] - 04/05/2011 - 17:17:12 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [106314]
O44 - LFC:[MD5.C0E34BB8F05EBD0CD66543D637E28445] - 04/05/2011 - 17:17:12 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [4500]
O44 - LFC:[MD5.F3F966708110D3307F037124F1082F73] - 04/05/2011 - 17:17:12 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [613234]
O44 - LFC:[MD5.8BDDE4E9EF2EBC14FBA929553BC010CE] - 04/05/2011 - 17:17:12 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [14096]
O44 - LFC:[MD5.BFBA4EA77075D6E6493829E7EF38613C] - 04/05/2011 - 17:01:16 ---A- . (...) -- C:\Windows\setupact.log   [49732]
O44 - LFC:[MD5.8FD3DEFA55DEAF0A9526320623410E23] - 30/04/2011 - 13:00:16 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0   [9696]
O44 - LFC:[MD5.8FD3DEFA55DEAF0A9526320623410E23] - 30/04/2011 - 13:00:16 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0   [9696]
O44 - LFC:[MD5.4520B63899E867F354EE012D34E11536] - 27/04/2011 - 08:14:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [143744]
O44 - LFC:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 27/04/2011 - 08:14:33 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [117120]
O44 - LFC:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 27/04/2011 - 08:14:32 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [80256]
O44 - LFC:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 27/04/2011 - 08:14:32 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [22400]
O44 - LFC:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 27/04/2011 - 08:14:32 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys   [332160]
O44 - LFC:[MD5.89985C247B3F394A06713612EBFCA54D] - 20/04/2011 - 22:59:50 ---A- . (...) -- C:\Windows\PFRO.log   [219916]
O44 - LFC:[MD5.F452E51CFB1057F8512EC534A3EF58B6] - 17/04/2011 - 20:43:38 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [458536]
O44 - LFC:[MD5.D592AAA377748FC50E34D731F0D0D7B8] - 17/04/2011 - 10:13:41 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [34304]
O44 - LFC:[MD5.7D643BB2B21B22621D76BE185AE9F7F8] - 17/04/2011 - 10:13:41 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [294912]



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher  [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier  [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O53 - SMSR:HKLM\...\startupreg\BitTorrent  [Key] . (.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
O53 - SMSR:HKLM\...\startupreg\Google Update  [Key] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper  [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr  [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE  [Key] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task  [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\swg  [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys   [422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys   [297552]
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys   [146512]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys   [14400]
O58 - SDL:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 11/03/2011 - 06:43:46 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys   [80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys   [159312]
O58 - SDL:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 11/03/2011 - 06:43:46 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys   [22400]
O58 - SDL:[MD5.10B2C784163208693248AF6241C011FF] - 13/04/2010 - 07:16:50 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys   [252536]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys   [76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys   [86608]
O58 - SDL:[MD5.8D6E8178AB4379C932C34A109D27C5A9] - 07/04/2010 - 03:04:42 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys   [1792512]
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys   [229888]
O58 - SDL:[MD5.F4D388DC3FF004AEE886762D5CEC7783] - 01/04/2010 - 09:18:30 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL6.SYS   [2709056]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys   [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys   [5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys   [272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys   [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys   [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys   [11904]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys   [430080]
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys   [15952]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys   [70720]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys   [453712]
O58 - SDL:[MD5.D8E44D8DAF4DAC7DC6F8D14313EAC823] - 02/03/2010 - 07:23:36 ---A- . (.ENE Technology Inc. - ENE USB Memory Card Reader Driver.) -- C:\Windows\system32\drivers\EUCR6SK.sys   [82384]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys   [3100160]
O58 - SDL:[MD5.59D0E61FCBAF2D9BAFD82449EDF889FF] - 19/08/2004 - 16:14:00 ---A- . (.cypress semiconductor - ezusb.) -- C:\Windows\system32\drivers\ezusb.sys   [12307]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys   [26600]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys   [26624]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys   [67152]
O58 - SDL:[MD5.D483687EACE0C065EE772481A96E05F5] - 05/06/2009 - 02:43:16 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys   [330264]
O58 - SDL:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 11/03/2011 - 06:43:55 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys   [332160]
O58 - SDL:[MD5.BA41E1BBA410212CE6D30E0DAC47972B] - 25/10/2010 - 03:10:06 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys   [4807168]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys   [41040]
O58 - SDL:[MD5.4566FD5F4416E7FEF3600E4B30D086C3] - 04/03/2010 - 10:53:06 ---A- . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) -- C:\Windows\system32\drivers\L1C62x86.sys   [67624]
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys   [95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys   [89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys   [54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys   [96848]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys   [30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys   [235584]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys   [44624]
O58 - SDL:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 11/03/2011 - 06:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys   [117120]
O58 - SDL:[MD5.4520B63899E867F354EE012D34E11536] - 11/03/2011 - 06:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys   [143744]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys   [1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys   [106064]
O58 - SDL:[MD5.947318C01C648A054A05DBD1C7F73E3B] - 12/03/2010 - 22:45:36 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys   [3036832]
O58 - SDL:[MD5.20B2751CD4C8F3FD989739CA661B9F30] - 12/04/2010 - 09:44:34 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys   [59388]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys   [20480]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys   [40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys   [77888]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys   [21072]
O58 - SDL:[MD5.5C2BDC152BBAB34F36473DEAF7713F22] - 28/09/2010 - 15:44:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys   [41984]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys   [16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys   [141904]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS   [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys   [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS   [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS   [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS   [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS   [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS   [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS   [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS   [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS   [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS   [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS   [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS   [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS   [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS   [34672]



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep)  .(...) - LEGACY_BEEP
O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl)  .(...) - LEGACY_EECTRL
O64 - Services: CurCS - (.not file.) - EraserUtilDrv11010 (EraserUtilDrv11010)  .(...) - LEGACY_ERASERUTILDRV11010
O64 - Services: CurCS - (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv)  .(...) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat)  .(...) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec)  .(...) - LEGACY_FS_REC
O64 - Services: CurCS - (.not file.) - IDSVix86 (IDSVix86)  .(...) - LEGACY_IDSVIX86
O64 - Services: CurCS - (.not file.) - MpKsl00374e12 (MpKsl00374e12)  .(...) - LEGACY_MPKSL00374E12
O64 - Services: CurCS - (.not file.) - MpKsl0589e312 (MpKsl0589e312)  .(...) - LEGACY_MPKSL0589E312
O64 - Services: CurCS - (.not file.) - MpKsl08f3ff35 (MpKsl08f3ff35)  .(...) - LEGACY_MPKSL08F3FF35
O64 - Services: CurCS - (.not file.) - MpKsl0bded5a9 (MpKsl0bded5a9)  .(...) - LEGACY_MPKSL0BDED5A9
O64 - Services: CurCS - (.not file.) - MpKsl0d285403 (MpKsl0d285403)  .(...) - LEGACY_MPKSL0D285403
O64 - Services: CurCS - (.not file.) - MpKsl0f175de2 (MpKsl0f175de2)  .(...) - LEGACY_MPKSL0F175DE2
O64 - Services: CurCS - (.not file.) - MpKsl11ba989a (MpKsl11ba989a)  .(...) - LEGACY_MPKSL11BA989A
O64 - Services: CurCS - (.not file.) - MpKsl11d39b1b (MpKsl11d39b1b)  .(...) - LEGACY_MPKSL11D39B1B
O64 - Services: CurCS - (.not file.) - MpKsl17a5c828 (MpKsl17a5c828)  .(...) - LEGACY_MPKSL17A5C828
O64 - Services: CurCS - (.not file.) - MpKsl232c31d6 (MpKsl232c31d6)  .(...) - LEGACY_MPKSL232C31D6
O64 - Services: CurCS - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4DC65063-D0C6-43F9-854F-82482E4B0A5F}\MpKsl3170449e.sys (.not file.) - MpKsl3170449e (MpKsl3170449e)  .(...) - LEGACY_MPKSL3170449E
O64 - Services: CurCS - (.not file.) - MpKsl36376386 (MpKsl36376386)  .(...) - LEGACY_MPKSL36376386
O64 - Services: CurCS - (.not file.) - MpKsl36d7fe77 (MpKsl36d7fe77)  .(...) - LEGACY_MPKSL36D7FE77
O64 - Services: CurCS - (.not file.) - MpKsl48dc9fa8 (MpKsl48dc9fa8)  .(...) - LEGACY_MPKSL48DC9FA8
O64 - Services: CurCS - (.not file.) - MpKsl5162f27e (MpKsl5162f27e)  .(...) - LEGACY_MPKSL5162F27E
O64 - Services: CurCS - (.not file.) - MpKsl525f26c9 (MpKsl525f26c9)  .(...) - LEGACY_MPKSL525F26C9
O64 - Services: CurCS - (.not file.) - MpKsl596aa137 (MpKsl596aa137)  .(...) - LEGACY_MPKSL596AA137
O64 - Services: CurCS - (.not file.) - MpKsl59f3a3ee (MpKsl59f3a3ee)  .(...) - LEGACY_MPKSL59F3A3EE
O64 - Services: CurCS - (.not file.) - MpKsl672b5b08 (MpKsl672b5b08)  .(...) - LEGACY_MPKSL672B5B08
O64 - Services: CurCS - (.not file.) - MpKsl6a58cdf6 (MpKsl6a58cdf6)  .(...) - LEGACY_MPKSL6A58CDF6
O64 - Services: CurCS - (.not file.) - MpKsl6abe950f (MpKsl6abe950f)  .(...) - LEGACY_MPKSL6ABE950F
O64 - Services: CurCS - (.not file.) - MpKsl6bf51344 (MpKsl6bf51344)  .(...) - LEGACY_MPKSL6BF51344
O64 - Services: CurCS - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F46D46B5-79C0-48FF-B481-063812CCDA7A}\MpKsl704f7fc7.sys (.not file.) - MpKsl704f7fc7 (MpKsl704f7fc7)  .(...) - LEGACY_MPKSL704F7FC7
O64 - Services: CurCS - (.not file.) - MpKsl73662f50 (MpKsl73662f50)  .(...) - LEGACY_MPKSL73662F50
O64 - Services: CurCS - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2D2030F-9628-424D-B6B9-AB5B91218A6D}\MpKsl788e840d.sys (.not file.) - MpKsl788e840d (MpKsl788e840d)  .(...) - LEGACY_MPKSL788E840D
O64 - Services: CurCS - (.not file.) - MpKsl7b5b7c8b (MpKsl7b5b7c8b)  .(...) - LEGACY_MPKSL7B5B7C8B
O64 - Services: CurCS - (.not file.) - MpKsl7e6aad6a (MpKsl7e6aad6a)  .(...) - LEGACY_MPKSL7E6AAD6A
O64 - Services: CurCS - (.not file.) - MpKsl80b80326 (MpKsl80b80326)  .(...) - LEGACY_MPKSL80B80326
O64 - Services: CurCS - (.not file.) - MpKsl84bb8efb (MpKsl84bb8efb)  .(...) - LEGACY_MPKSL84BB8EFB
O64 - Services: CurCS - (.not file.) - MpKsl87add1b0 (MpKsl87add1b0)  .(...) - LEGACY_MPKSL87ADD1B0
O64 - Services: CurCS - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6BA0ED35-7A9C-4371-A6E9-8EE0F82163F4}\MpKsl8803f99e.sys (.not file.) - MpKsl8803f99e (MpKsl8803f99e)  .(...) - LEGACY_MPKSL8803F99E
O64 - Services: CurCS - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6A5F5793-2175-4866-9FE4-DEBC5F542730}\MpKsl8facacf4.sys (.not file.) - MpKsl8facacf4 (MpKsl8facacf4)  .(...) - LEGACY_MPKSL8FACACF4
O64 - Services: CurCS - (.not file.) - MpKsl9b65dcdc (MpKsl9b65dcdc)  .(...) - LEGACY_MPKSL9B65DCDC
O64 - Services: CurCS - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9ED84E04-3873-4F07-88E4-CCE994E68D5F}\MpKsl9cba49dd.sys (.not file.) - MpKsl9cba49dd (MpKsl9cba49dd)  .(...) - LEGACY_MPKSL9CBA49DD
O64 - Services: CurCS - (.not file.) - MpKsla172fb99 (MpKsla172fb99)  .(...) - LEGACY_MPKSLA172FB99
O64 - Services: CurCS - (.not file.) - MpKsla290d515 (MpKsla290d515)  .(...) - LEGACY_MPKSLA290D515
O64 - Services: CurCS - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04BCE75F-14E2-4B33-B7E1-3FF711009948}\MpKslb1af87f1.sys (.not file.) - MpKslb1af87f1 (MpKslb1af87f1)  .(...) - LEGACY_MPKSLB1AF87F1
O64 - Services: CurCS - (.not file.) - MpKslb3d204e0 (MpKslb3d204e0)  .(...) - LEGACY_MPKSLB3D204E0
O64 - Services: CurCS - (.not file.) - MpKslb6b3700b (MpKslb6b3700b)  .(...) - LEGACY_MPKSLB6B3700B
O64 - Services: CurCS - (.not file.) - MpKslb868a3c6 (MpKslb868a3c6)  .(...) - LEGACY_MPKSLB868A3C6
O64 - Services: CurCS - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B83B9059-0CDD-42B9-9284-27999458CB43}\MpKslc2c548d3.sys (.not file.) - MpKslc2c548d3 (MpKslc2c548d3)  .(...) - LEGACY_MPKSLC2C548D3
O64 - Services: CurCS - (.not file.) - MpKslc9679c8a (MpKslc9679c8a)  .(...) - LEGACY_MPKSLC9679C8A
O64 - Services: CurCS - (.not file.) - MpKsld8a85644 (MpKsld8a85644)  .(...) - LEGACY_MPKSLD8A85644
O64 - Services: CurCS - (.not file.) - MpKsle17e338e (MpKsle17e338e)  .(...) - LEGACY_MPKSLE17E338E
O64 - Services: CurCS - (.not file.) - MpKsle3e24c72 (MpKsle3e24c72)  .(...) - LEGACY_MPKSLE3E24C72
O64 - Services: CurCS - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7438DC36-03A9-4D15-9452-56C37CC16FCF}\MpKsle598d43c.sys (.not file.) - MpKsle598d43c (MpKsle598d43c)  .(...) - LEGACY_MPKSLE598D43C
O64 - Services: CurCS - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A3AE20-345F-4C83-A98D-1F4879C88B19}\MpKsle611db06.sys (.not file.) - MpKsle611db06 (MpKsle611db06)  .(...) - LEGACY_MPKSLE611DB06
O64 - Services: CurCS - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B29C3DB5-D9C5-4DF9-BCB2-2C4F844ADBCB}\MpKsle8304cf1.sys (.not file.) - MpKsle8304cf1 (MpKsle8304cf1)  .(...) - LEGACY_MPKSLE8304CF1
O64 - Services: CurCS - (.not file.) - MpKsle83d5ffb (MpKsle83d5ffb)  .(...) - LEGACY_MPKSLE83D5FFB
O64 - Services: CurCS - (.not file.) - MpKsle9e329be (MpKsle9e329be)  .(...) - LEGACY_MPKSLE9E329BE
O64 - Services: CurCS - (.not file.) - MpKsleaf872ca (MpKsleaf872ca)  .(...) - LEGACY_MPKSLEAF872CA
O64 - Services: CurCS - (.not file.) - MpKslf2ddf304 (MpKslf2ddf304)  .(...) - LEGACY_MPKSLF2DDF304
O64 - Services: CurCS - (.not file.) - MpKslf56c6b45 (MpKslf56c6b45)  .(...) - LEGACY_MPKSLF56C6B45
O64 - Services: CurCS - (.not file.) - MpKslfdc84e76 (MpKslfdc84e76)  .(...) - LEGACY_MPKSLFDC84E76
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs)  .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy)  .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs)  .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs)  .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null)  .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SCDEMU.sys - SCDEmu (SCDEmu)  .(...) - LEGACY_SCDEMU
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv)  .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr)  .(...) - LEGACY_SPLDR
O64 - Services: CurCS - (.not file.) - Symantec Data Store (SymDS)  .(...) - LEGACY_SYMDS
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA)  .(...) - LEGACY_SYMEFA
O64 - Services: CurCS - (.not file.) - Symantec Iron Driver (SymIRON)  .(...) - LEGACY_SYMIRON
O64 - Services: CurCS - (.not file.) - Symantec Vista Network Dispatch Driver (SYMTDIv)  .(...) - LEGACY_SYMTDIV



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.fr
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com



---\\ Internet Feature Controls (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.69AB88D72B3DB58AB792CED0F24D5173] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Maxime\AppData\Local\Temp\clean20.dll   [999506]
[MD5.2DA5A2636395C8CD35227C4C8F86B61E] [SPRF] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r85.) -- C:\Users\Maxime\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe   [2788816]
[MD5.C41AF57335F9B93A1551F369C6CCC359] [SPRF] (.Pas de propriétaire - instutil DLL.) -- C:\Users\Maxime\AppData\Local\Temp\instutil.dll   [24663]
[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [SPRF] (.Java(TM) Native Access (JNA) - JNA native library.) -- C:\Users\Maxime\AppData\Local\Temp\jna1883529901706315202.dll   [347258]
[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [SPRF] (.Java(TM) Native Access (JNA) - JNA native library.) -- C:\Users\Maxime\AppData\Local\Temp\jna538359429074889004.dll   [347258]
[MD5.676A86173A1FE2698C6F049D74DC6EB2] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Maxime\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe   [875296]
[MD5.34908E446D09432BD17830458D242BD2] [SPRF] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Maxime\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe   [884512]
[MD5.E7D91D008FE76423962B91C43C88E4EB] [SPRF] (.Microsoft Corporation - Microsoft® C Runtime Library.) -- C:\Users\Maxime\AppData\Local\Temp\msvcr90.dll   [655872]
[MD5.80C6002CF5E5A10CBF579AC5BD46C1BF] [SPRF] (.Jason York - The PC Decrapifier.) -- C:\Users\Maxime\AppData\Local\Temp\pc-decrapifier.exe   [1781248]
[MD5.D3E007FBC92173642415D33A0CD83D18] [SPRF] (.Google Inc. - GoogleToolbarNotifier.) -- C:\Users\Maxime\AppData\Local\Temp\SearchWithGoogleUpdate.exe   [426552]
[MD5.B2C46C7064C867F4722A0F51CF18FB62] [SPRF] (.McAfee, Inc. - McAfee Security Scan Plus Installer.) -- C:\Users\Maxime\AppData\Local\Temp\SecurityScan_Release.exe   [3598224]
[MD5.C0801DFF7FE8349B2150C9B9546D79FA] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Maxime\AppData\Local\Temp\sqlite3.dll   [536576]
[MD5.4EBB4AF22D1FB0E11DC477AD260AAECC] [SPRF] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\Maxime\AppData\Local\Temp\swt-awt-win32-3346.dll   [32768]
[MD5.81983DD67D02FCA583EBD1C0ECD08B99] [SPRF] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\Maxime\AppData\Local\Temp\swt-win32-3346.dll   [307200]
[MD5.9AEA0D35A03CA291702CB57EE52490CF] [SPRF] (.TradeStation - TSInstallCAUtils Custom Action Utilities DLL.) -- C:\Users\Maxime\AppData\Local\Temp\TSInstallCAUtils.dll   [58880]
[MD5.887173F53072CD2D238014F4199B35CF] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Maxime\AppData\Local\Temp\xmlUpdater.exe   [118784]



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "{49450761-A947-4BDF-8586-A4AD1230E899}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "{CB53EB3D-D284-4EA0-A663-1A459A395D5E}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
O87 - FAEL: "{111D0661-ED77-4B3B-B521-E7A2C25D5FDE}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
O87 - FAEL: "{58F29B67-19DD-4AC5-935D-8B1094386ACD}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files\Windows Live\Mesh\MOE.exe
O87 - FAEL: "TCP Query User{BE7BCF80-C80F-43CB-B338-E1E9686EA2CF}C:\program files\maple 12\jre\bin\maple.exe" | In - Private - P6 - TRUE | .(.Maplesoft - Maple 12.) -- C:\program files\maple 12\jre\bin\maple.exe
O87 - FAEL: "UDP Query User{CE11F8F0-894E-48E4-A690-94D10E2725DE}C:\program files\maple 12\jre\bin\maple.exe" | In - Private - P17 - TRUE | .(.Maplesoft - Maple 12.) -- C:\program files\maple 12\jre\bin\maple.exe
O87 - FAEL: "TCP Query User{829D584A-8827-4812-B845-A9D5D1A42B99}C:\program files\limewire\limewire.exe" | In - Private - P6 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "UDP Query User{AA6306E6-3F48-435F-8E46-EB185D6A625E}C:\program files\limewire\limewire.exe" | In - Private - P17 - TRUE | .(.Lime Wire, LLC - LimeWire.) -- C:\program files\limewire\limewire.exe
O87 - FAEL: "TCP Query User{AEC21FAA-8382-459E-9C64-9BE01D9EB768}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe
O87 - FAEL: "UDP Query User{26727D4D-6497-4DA0-ABF2-45D87BD7E371}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe
O87 - FAEL: "{B6D454FF-1E5C-48C3-8870-F6B5CB9C9255}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{BC81D9B1-E0F4-424F-BBCE-F4E8EB63C6D1}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{F58B6E71-D346-4728-BEC8-0004DC0FA099}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "TCP Query User{8E16D47F-FE43-4F7F-9CF2-6D6FBF5A323F}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{31FF6E9B-FD8A-4C69-8E78-5A4F4C8D3E00}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{15667BB0-1169-4B8E-8590-52334F720E2D}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe
O87 - FAEL: "UDP Query User{F757B604-1198-4B6A-9D5A-EAFF071F7EC5}C:\program files\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe



---\\ Scan Additionnel (O88)
Database Version : 6865 - (28/04/2011)
Number of Keys Founds (Clés trouvées) : 4
Number of Directories Founds  (Dossiers trouvés) : 0

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}]   =>Adware.CometSystems
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}]   =>Adware.CometSystems
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 18/02/2011 37664 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 06/04/2011 349472 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 08/04/2010 312400 |  (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files\Launch Manager\dsiwmis.exe
SS - | Auto 05/02/2010 735776 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
SS - | Auto 08/01/2010 23584 |  (GREGService) . (.Acer Incorporated.) - C:\Program Files\eMachines\Registration\GREGsvc.exe
SS - | Auto 05/10/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 05/10/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 29/04/2010 182768 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 05/06/2009 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SS - | Demand 14/04/2011 820520 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 15/01/2010 227232 |  (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SS - | Auto 26/01/2009 1153368 |  (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SS - | Auto 29/01/2010 243232 |  (Updater Service) . (.Acer Group.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
SS - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Maxime at 05/05/2011 22:54:52

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x8517D4F0]<<
1 nt!IofCallDriver[0x81C3CED0] -> \Device\Harddisk0\DR0[0x8515CAC8]
3 CLASSPNP[0x8769059E] -> nt!IofCallDriver[0x81C3CED0] -> [0x84772638]
5 ACPI[0x86E223B2] -> nt!IofCallDriver[0x81C3CED0] -> \IAAStorageDevice-0[0x83A1A028]
\Driver\iaStor[0x8515D950] -> IRP_MJ_CREATE -> 0x8517D4F0
error: Read  Un périphérique attaché au système ne fonctionne pas correctement.
kernel: MBR read successfully
user & kernel MBR OK



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Maxime at 05/05/2011 22:54:54

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin



End of the scan (1250 lines in 04mn 05s)(0)
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 14 Mai 2011 14:52

Désolé, je suis encore à la bourre sur mon problème... Exams :-S

Voici mon rapport :
http://www.cijoint.fr/cjlink.php?file=cj201105/cijwTe70ND.txt
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 14 Mai 2011 16:19

Pas de soucis il est normal de passer ses examens en premier.


* Copie le tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
FirewallRaz
EmptyFlash
Emptytemp


Puis Lance ZHPFix depuis le raccourci du bureau.

Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)
- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes
- Clique sur le bouton « GO » pour lancer le nettoyage,
- Copie/colle la totalité du rapport dans ta prochaine réponse

-> laisse travailler l'outil et ne touche à rien ...

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !



Puis::

Télécharge load_tdsskiller de Loup Blanc sur ton Bureau
http://fradesch.perso.cegetel.net/trans ... killer.exe
ou la:
http://support.kaspersky.com/downloads/ ... killer.zip

Cet outil est conçu pour automatiser différentes tâches proposées par TDSSKiller, un fix de Kaspersky.

Lance load_tdsskiller en double-cliquant dessus. Clic droit et exécuter en tant qu'administrateur avec Vista/Seven

A cette fenêtre lance le scan.

Image

Tu peux récupérer le rapport en validant Report

Si une détection est faite valide Cure puis

Image

redémarres le pc pour confirmer la suppression de celle-ci.

INFO::
http://support.kaspersky.com/viruses/so ... =208280684
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12617
Inscription: 08 Déc 2009 19:51
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 14 Mai 2011 16:42

rapport :
Code: Tout sélectionner
Rapport de ZHPFix 1.12.3279 par Nicolas Coolman, Update du 27/04/2011
Fichier d'export Registre : C:\ZHPExportRegistry-14-05-2011-17-40-32.txt
Run by Maxime at 14/05/2011 17:40:32
Windows 7 Starter Edition, 32-bit  (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

========== Clé(s) du Registre ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}  => Clé supprimée avec succès

========== Valeur(s) du Registre ==========
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe  => Valeur supprimée avec succès
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe  => Valeur absente
FirewallRaz : Aucune valeur présente dans la clé de registre "Standard Profile"
FirewallRaz : Aucune valeur présente dans la clé de registre "Domain Profile"
FirewallRaz (None) : {61DA0A45-93F5-4D28-9608-B338F2481156}  => Valeur supprimée avec succès

========== Dossier(s) ==========
Dossiers temporaires Windows supprimés: 163

========== Fichier(s) ==========
Fichiers temporaires Windows supprimés : 571


========== Récapitulatif ==========
1 : Clé(s) du Registre
5 : Valeur(s) du Registre
1 : Dossier(s)
1 : Fichier(s)


End of the scan
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 14 Mai 2011 17:39

je regarderais ta réponse pour "tdsskiller" demain car je dois partir.
Dis moi aussi comment ce comporte ton pc après de dernier outil?
Image
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12617
Inscription: 08 Déc 2009 19:51
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 14 Mai 2011 19:44

Voici le rapport :
Code: Tout sélectionner
2011/05/14 18:43:57.0434 1488    TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2011/05/14 18:43:57.0741 1488    ================================================================================
2011/05/14 18:43:57.0741 1488    SystemInfo:
2011/05/14 18:43:57.0741 1488   
2011/05/14 18:43:57.0741 1488    OS Version: 6.1.7600 ServicePack: 0.0
2011/05/14 18:43:57.0741 1488    Product type: Workstation
2011/05/14 18:43:57.0741 1488    ComputerName: MAXIME-PC
2011/05/14 18:43:57.0742 1488    UserName: Maxime
2011/05/14 18:43:57.0742 1488    Windows directory: C:\Windows
2011/05/14 18:43:57.0742 1488    System windows directory: C:\Windows
2011/05/14 18:43:57.0742 1488    Processor architecture: Intel x86
2011/05/14 18:43:57.0742 1488    Number of processors: 2
2011/05/14 18:43:57.0742 1488    Page size: 0x1000
2011/05/14 18:43:57.0742 1488    Boot type: Safe boot with network
2011/05/14 18:43:57.0742 1488    ================================================================================
2011/05/14 18:43:58.0218 1488    Initialize success
2011/05/14 18:44:00.0764 1888    ================================================================================
2011/05/14 18:44:00.0764 1888    Scan started
2011/05/14 18:44:00.0764 1888    Mode: Manual;
2011/05/14 18:44:00.0764 1888    ================================================================================
2011/05/14 18:44:01.0158 1888    1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/05/14 18:44:01.0324 1888    ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/05/14 18:44:01.0488 1888    AcpiPmi         (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/05/14 18:44:01.0711 1888    adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/14 18:44:01.0906 1888    adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/14 18:44:02.0108 1888    adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/14 18:44:02.0374 1888    AFD             (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/05/14 18:44:02.0428 1888    agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/05/14 18:44:02.0517 1888    aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/05/14 18:44:02.0716 1888    aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/05/14 18:44:02.0774 1888    amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/05/14 18:44:02.0855 1888    amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/05/14 18:44:03.0031 1888    AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/14 18:44:03.0093 1888    AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/14 18:44:03.0265 1888    amdsata         (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
2011/05/14 18:44:03.0395 1888    amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/14 18:44:03.0472 1888    amdxata         (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
2011/05/14 18:44:03.0615 1888    ApfiltrService  (10b2c784163208693248af6241c011ff) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/05/14 18:44:03.0743 1888    AppID           (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/05/14 18:44:03.0976 1888    arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/05/14 18:44:04.0028 1888    arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/14 18:44:04.0128 1888    AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/14 18:44:04.0284 1888    atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/05/14 18:44:04.0448 1888    athr            (8d6e8178ab4379c932c34a109d27c5a9) C:\Windows\system32\DRIVERS\athr.sys
2011/05/14 18:44:04.0783 1888    b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/05/14 18:44:04.0929 1888    b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/05/14 18:44:05.0195 1888    BCM43XX         (f4d388dc3ff004aee886762d5cec7783) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/05/14 18:44:05.0473 1888    Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/05/14 18:44:05.0652 1888    blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/14 18:44:05.0881 1888    bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/14 18:44:05.0956 1888    BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/14 18:44:06.0000 1888    BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/14 18:44:06.0224 1888    Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/05/14 18:44:06.0285 1888    BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/14 18:44:06.0400 1888    BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/14 18:44:06.0445 1888    BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/14 18:44:06.0500 1888    BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/14 18:44:06.0725 1888    cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/14 18:44:06.0917 1888    cdrom           (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/14 18:44:07.0039 1888    circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/14 18:44:07.0156 1888    CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/05/14 18:44:07.0417 1888    CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/14 18:44:07.0501 1888    cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/05/14 18:44:07.0578 1888    CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/05/14 18:44:07.0744 1888    Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/14 18:44:07.0862 1888    CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/05/14 18:44:07.0943 1888    crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/14 18:44:08.0115 1888    DfsC            (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/05/14 18:44:08.0205 1888    discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/05/14 18:44:08.0308 1888    Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/05/14 18:44:08.0485 1888    drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/05/14 18:44:08.0681 1888    DXGKrnl         (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/14 18:44:08.0992 1888    ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/05/14 18:44:09.0292 1888    elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/14 18:44:09.0504 1888    ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/05/14 18:44:09.0709 1888    EUCR            (d8e44d8daf4dac7dc6f8d14313eac823) C:\Windows\system32\DRIVERS\EUCR6SK.SYS
2011/05/14 18:44:09.0858 1888    exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/05/14 18:44:09.0901 1888    fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/05/14 18:44:10.0012 1888    fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/14 18:44:10.0097 1888    FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/05/14 18:44:10.0150 1888    Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/05/14 18:44:10.0214 1888    flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/14 18:44:10.0300 1888    FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/05/14 18:44:10.0388 1888    FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/05/14 18:44:10.0569 1888    fssfltr         (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/05/14 18:44:10.0739 1888    Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/14 18:44:10.0923 1888    fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/14 18:44:11.0019 1888    gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/14 18:44:11.0081 1888    GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/14 18:44:11.0326 1888    hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/14 18:44:11.0458 1888    HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/05/14 18:44:11.0602 1888    HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/14 18:44:11.0671 1888    HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/14 18:44:11.0720 1888    HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/14 18:44:11.0775 1888    HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/14 18:44:11.0965 1888    HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/14 18:44:12.0116 1888    HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/05/14 18:44:12.0249 1888    HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/05/14 18:44:12.0320 1888    hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/14 18:44:12.0447 1888    i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/14 18:44:12.0640 1888    iaStor          (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/14 18:44:12.0818 1888    iaStorV         (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
2011/05/14 18:44:13.0180 1888    igfx            (ba41e1bba410212ce6d30e0dac47972b) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/14 18:44:13.0465 1888    iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/14 18:44:13.0734 1888    IntcAzAudAddService (947318c01c648a054a05dbd1c7f73e3b) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/14 18:44:13.0965 1888    intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/05/14 18:44:14.0155 1888    intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/14 18:44:14.0245 1888    IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/14 18:44:14.0361 1888    IPMIDRV         (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/05/14 18:44:14.0437 1888    IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/05/14 18:44:14.0628 1888    IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/05/14 18:44:14.0693 1888    isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/05/14 18:44:14.0762 1888    iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/14 18:44:14.0843 1888    kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/14 18:44:14.0912 1888    kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/14 18:44:14.0996 1888    KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/14 18:44:15.0054 1888    KSecPkg         (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/14 18:44:15.0167 1888    L1C             (4566fd5f4416e7fef3600e4b30d086c3) C:\Windows\system32\DRIVERS\L1C62x86.sys
2011/05/14 18:44:15.0376 1888    lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/14 18:44:15.0577 1888    LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/14 18:44:15.0654 1888    LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/14 18:44:15.0713 1888    LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/14 18:44:15.0770 1888    LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/14 18:44:15.0967 1888    luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/05/14 18:44:16.0152 1888    megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/14 18:44:16.0294 1888    MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/14 18:44:16.0452 1888    Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/05/14 18:44:16.0599 1888    monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/14 18:44:16.0705 1888    mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/14 18:44:16.0797 1888    mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/14 18:44:16.0869 1888    mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/05/14 18:44:16.0982 1888    MpFilter        (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/05/14 18:44:17.0068 1888    mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/05/14 18:44:18.0453 1888    MpNWMon         (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/05/14 18:44:18.0548 1888    mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/14 18:44:18.0660 1888    MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/05/14 18:44:18.0724 1888    mrxsmb          (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/14 18:44:18.0795 1888    mrxsmb10        (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/14 18:44:18.0866 1888    mrxsmb20        (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/14 18:44:18.0929 1888    msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/05/14 18:44:18.0992 1888    msdsm           (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/05/14 18:44:19.0135 1888    Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/05/14 18:44:19.0197 1888    mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/14 18:44:19.0273 1888    msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/05/14 18:44:19.0492 1888    MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/14 18:44:19.0731 1888    MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/14 18:44:19.0792 1888    MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/05/14 18:44:19.0864 1888    MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/05/14 18:44:19.0963 1888    mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/14 18:44:20.0048 1888    MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/05/14 18:44:20.0115 1888    MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/14 18:44:20.0174 1888    Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/05/14 18:44:20.0374 1888    NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/14 18:44:20.0575 1888    NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/05/14 18:44:20.0690 1888    NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/14 18:44:20.0826 1888    NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/14 18:44:21.0001 1888    Ndisuio         (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/14 18:44:21.0074 1888    NdisWan         (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/14 18:44:21.0139 1888    NDProxy         (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/05/14 18:44:21.0299 1888    NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/14 18:44:21.0398 1888    NetBT           (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/14 18:44:21.0690 1888    nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/14 18:44:21.0776 1888    NisDrv          (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/05/14 18:44:21.0899 1888    Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/05/14 18:44:21.0967 1888    nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/14 18:44:22.0089 1888    Ntfs            (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
2011/05/14 18:44:22.0276 1888    Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/05/14 18:44:22.0371 1888    nvraid          (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
2011/05/14 18:44:22.0471 1888    nvstor          (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
2011/05/14 18:44:22.0552 1888    nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/05/14 18:44:22.0639 1888    ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/14 18:44:22.0798 1888    Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/05/14 18:44:22.0867 1888    partmgr         (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/05/14 18:44:22.0927 1888    Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/05/14 18:44:23.0016 1888    pci             (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/05/14 18:44:23.0075 1888    pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/05/14 18:44:23.0140 1888    pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/14 18:44:23.0204 1888    pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/05/14 18:44:23.0273 1888    PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/05/14 18:44:23.0624 1888    PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/14 18:44:23.0695 1888    Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/05/14 18:44:23.0944 1888    Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/14 18:44:24.0043 1888    ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/14 18:44:24.0234 1888    ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/14 18:44:24.0335 1888    QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/14 18:44:24.0381 1888    RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/14 18:44:24.0494 1888    RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/14 18:44:24.0563 1888    Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/14 18:44:24.0743 1888    RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/14 18:44:24.0805 1888    RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/14 18:44:24.0925 1888    rdbss           (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/14 18:44:24.0991 1888    rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/14 18:44:25.0068 1888    RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/14 18:44:25.0188 1888    RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/14 18:44:25.0249 1888    RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/14 18:44:25.0339 1888    RDPWD           (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/05/14 18:44:25.0440 1888    rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/05/14 18:44:25.0687 1888    rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/14 18:44:25.0817 1888    sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/05/14 18:44:26.0052 1888    SCDEmu          (20b2751cd4c8f3fd989739ca661b9f30) C:\Windows\system32\drivers\SCDEmu.sys
2011/05/14 18:44:26.0182 1888    scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/14 18:44:26.0316 1888    secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/14 18:44:26.0464 1888    Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/14 18:44:26.0533 1888    Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/05/14 18:44:26.0620 1888    sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/14 18:44:26.0820 1888    sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/14 18:44:26.0922 1888    sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/05/14 18:44:27.0021 1888    sffp_sd         (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/14 18:44:27.0136 1888    sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/14 18:44:27.0244 1888    sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/05/14 18:44:27.0349 1888    SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/14 18:44:27.0496 1888    SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/14 18:44:27.0620 1888    Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/05/14 18:44:27.0786 1888    spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/05/14 18:44:27.0918 1888    srv             (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
2011/05/14 18:44:27.0981 1888    srv2            (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/14 18:44:28.0048 1888    srvnet          (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/14 18:44:28.0162 1888    stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/14 18:44:28.0255 1888    swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/14 18:44:28.0451 1888    Tcpip           (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/05/14 18:44:28.0693 1888    TCPIP6          (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/14 18:44:28.0793 1888    tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/14 18:44:28.0923 1888    TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/05/14 18:44:28.0996 1888    TDTCP           (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/05/14 18:44:29.0052 1888    tdx             (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/14 18:44:29.0115 1888    TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/14 18:44:29.0386 1888    tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/14 18:44:29.0507 1888    tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/14 18:44:29.0585 1888    uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/14 18:44:29.0661 1888    udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/14 18:44:29.0800 1888    uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/05/14 18:44:29.0863 1888    umbus           (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/14 18:44:29.0938 1888    UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/14 18:44:30.0118 1888    USBAAPL         (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
2011/05/14 18:44:30.0200 1888    usbccgp         (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/14 18:44:30.0256 1888    usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/05/14 18:44:30.0316 1888    usbehci         (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/14 18:44:30.0409 1888    usbhub          (0db84eda895894ba222e27acf597c806) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/14 18:44:30.0488 1888    usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/14 18:44:30.0544 1888    usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/14 18:44:30.0638 1888    USBSTOR         (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS
2011/05/14 18:44:30.0695 1888    usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/14 18:44:30.0794 1888    usbvideo        (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
2011/05/14 18:44:30.0893 1888    vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/05/14 18:44:30.0972 1888    vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/14 18:44:31.0032 1888    VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/05/14 18:44:31.0098 1888    vhdmp           (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/05/14 18:44:31.0176 1888    viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/05/14 18:44:31.0223 1888    ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/05/14 18:44:31.0303 1888    viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/05/14 18:44:31.0366 1888    volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/05/14 18:44:31.0444 1888    volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/05/14 18:44:31.0523 1888    volsnap         (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/05/14 18:44:31.0625 1888    vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/14 18:44:31.0723 1888    vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/14 18:44:31.0803 1888    vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/14 18:44:31.0902 1888    WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/14 18:44:31.0991 1888    WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/14 18:44:32.0035 1888    Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/14 18:44:32.0196 1888    Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/05/14 18:44:32.0262 1888    Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/14 18:44:32.0441 1888    WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/14 18:44:32.0512 1888    WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/05/14 18:44:32.0791 1888    WinUsb          (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/05/14 18:44:33.0005 1888    WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/05/14 18:44:33.0199 1888    ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/14 18:44:33.0398 1888    WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/05/14 18:44:33.0578 1888    WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/14 18:44:33.0740 1888    \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/05/14 18:44:33.0763 1888    ================================================================================
2011/05/14 18:44:33.0763 1888    Scan finished
2011/05/14 18:44:33.0763 1888    ================================================================================
2011/05/14 18:44:33.0806 1136    Detected object count: 1
2011/05/14 20:36:32.0431 1136    \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/05/14 20:36:32.0433 1136    \HardDisk0 - ok
2011/05/14 20:36:32.0434 1136    Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure


De plus, après reboot, même problème systématique : écran bleu : INTERNAL_POWER_ERROR...
Comme d'hab il redémarre tout seul, je relance le mode sans échec prise en charge réseau, et me revoici !
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Re: virus qui augmente le processus et le cpu (iastor.sys?)

Message le 14 Mai 2011 23:11

Bon, me revoici, avec une très bonne nouvelle !!

L'ordi marche de nouveau parfaitement bien!
Après avoir fait le dernière manip, mon PC demande à rebooter, je lui dis alors : vas y mon grand !
Ecran bleu, comme d'hab, je redémarre en mode sans echec prise en charge reseau, je constate par ailleurs qu'il est un peu plus rapide.
Bref, peu après je le relance en mode normal : au redémarrage pas d'ecran bleu! rapide comme l'éclair!
J'en profite pour vérifier tout mes pilotes : 4 mises à jours, puis je vire quelques programmes, un petit coup de ccleaner, et voila hop ! le ménage est fait!

Je voudrais te remercier de m'avoir aidé, cet ordinateur m'est vraiment d'un grand secours dans mes études...
Donc, un grand merci, c'est vraiment très agréable de voir ce genre de site, avec des personnes prêtes à sacrifier de leur temps, avec autant de rigueur, de sérieux et d'assiduité, pour aider quelques âmes en peine!!
maxlamenace
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 11
Inscription: 04 Mai 2011 17:28
 

Suivante


Sujets similaires

Message comment voir si mon smartphone a un virus
Bonjour,Depuis 2 jours mon smartphone n'est plus comme avant il y a des choses bizarres qui s'ouvrent.Cdt
Réponses: 10

Message [Réglé] Suppression de programmes inutiles et louches
Bonjour, L'ordinateur d'un ami contient des programmes qui ne peuvent être désinstallé et qui semblent être inutile. Cependant, je ne sais pas comment effectuer cette démarche pour s'en débarrasser.De plus je ne suis pas capable de les identifier moi-même. Ils ralentissent l'ordinateur et gênent (dé ...
Réponses: 14

Message [réglé] ca veut pas y allé
bonjour depuis quelques jours je n'arrive plus a aller sur le site cdis... avec firefox ,si je prend l'autre navigateur edge ca fonctionne ..je comprend pas y a quelque chose qui bloque ? un probleme avec le navigateur? j'ai essayer de reparer firefox mais c'est pareil ,les autres sites fonctionnent ...
Réponses: 14

Message [Réglé] Edge: Impossible de changer moteur de recherche Bing
Bonjour J'ai un pc portable avec Windows 10. Lorsque il sort du mode veille, edge se lance automatiquement.. J'ai vu sur internet que certains ont réglé le problème en changeant le moteur de recherche Bing par un autre mais je n'arrive pas le changer. Par défaut Bing est sélectionné et les boutons s ...
Réponses: 10

Message [Réglé] Disque surchargé
Bonjour,Je viens d'acheter un ordinateur de bureau de marque Compaq tournant sous W 7.Problème, le disque C/ de 11 Go est presque plein tandis que D/ est quasiment vide (540 Go de libre).J'essaie donc d'installer Open Office sur D/ mais cela ne fonctionne pas, les dossiers se copient visiblement sur ...
Réponses: 7

Message [Réglé] VLC en Français
bonjourj'ai besoin de VLC pour couper un morceau d'une vidéo (si on peut avec VLC) mais pour ça il faut que ce soit en Français, je n'y arrive pas.comment faire?merci
Réponses: 6

Message [Réglé] impossible de visionner mes vidéos !
Bonjour,Depuis quelques temps, mon PC refuse de lire les vidéos ! ... et je me demande bien pourquoi, car je n'ai rien modifié et jusqu'à présent tout fonctionnait normalement!maintenant quand je veux lire le fichier vidéo d'une carte et bien je n'ai qu'un écran vert ou noir (cela dépend du logiciel ...
Réponses: 21


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 9 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.