Virus ?

Rapport de ZHPDiag v1.27.193 par Nicolas Coolman, Update du 28/04/2011
Run by Abouelmal at 29/04/2011 11:07:00
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 4.0 v4.0 (Defaut)

---\\ System Information
Windows 7 Home Premium Edition, 64-bit  (Build 7600)
Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2814 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 68 GB (48%) free of 141 GB

---\\ Logged in mode
Computer Name: ABOUELMAL-PC
User Name: Abouelmal
All Users Names: Sabrina, maman, Administrateur, Abouelmal,
Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
%AppData%=
%LocalAppData%=
%StartMenu%=

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 68 Go of 141 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 141 Go of 142 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK


---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]
[MD5.214605C48AE416BC067C39D227CFCC57] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/02/2011 06:32:44.) -- C:\Windows\system32\wininet.dll [981504]


---\\ Processus lancés
[MD5.3DD25048297A24AB4B3BFC17ABA5D0DB] - (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe   [1242448]
[MD5.C55C90F4D013B00A4427760E6715484A] - (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\Abouelmal\AppData\Local\MediaGet2\mediaget.exe   [6053096]
[MD5.C367237368E72F3503121D4C808DF736] - (.Pas de propriétaire - Hercules WiFi Station N Utility.) -- C:\Program Files (x86)\Hercules\WiFi Station N\WiFiN.exe   [1222440]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe   [11322880]
[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [248552]
[MD5.B2B3FCBA37671C853879DF7DDE8A839A] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe   [365336]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin   [11314688]
[MD5.DB1A23EE7DD2E5E04E7DE071A6BEF699] - (.Sun Microsystems, Inc. - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe   [501480]
[MD5.7AAF26E5CEC48A364FAB61A3505668FB] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [924632]
[MD5.356A22A5871AC798035E4082C0508F76] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [16856]
[MD5.66841BB649297133162CD025D3DDB90A] - (...) -- C:\Users\Abouelmal\Pokemon Online\Pokemon-Online.exe   [1532928]
[MD5.59E2A529D9ABCFA2024153A05FE693A1] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [644608]


---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [Abouelmal] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Abouelmal] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Abouelmal] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Abouelmal] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Abouelmal] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Abouelmal] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Abouelmal] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml


---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com
R0 - HKUS\S-1-5-21-854732636-1748913193-327444572-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1


---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll


---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll


---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll


---\\ ---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [NvCplDaemon] C:\Windows\system32\NvCpl.dll (.not file.)
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\Abouelmal\AppData\Local\MediaGet2\mediaget.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-854732636-1748913193-327444572-1000\..\Run: [Steam] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe
O4 - HKUS\S-1-5-21-854732636-1748913193-327444572-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-854732636-1748913193-327444572-1000\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -- C:\Users\Abouelmal\AppData\Local\MediaGet2\mediaget.exe
O4 - HKUS\S-1-5-21-854732636-1748913193-327444572-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)
O4 - Global Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WiFi Station N.lnk . (...)  -- C:\Program Files (x86)\Hercules\WiFi Station N\WiFiN.exe
O4 - Global Startup: C:\Users\Abouelmal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk . (...)  -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe


---\\ ---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Abouelmal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Abouelmal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Abouelmal\Desktop\AD-R.lnk . (...)  -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Abouelmal\Desktop\Slt.lnk . (...)  -- C:\Users\Abouelmal
O4 - Global Startup: C:\Users\Abouelmal\Desktop\VVVVVV.lnk . (.Adobe Systems, Inc..)  -- C:\Program Files (x86)\VVVVVV\VVVVVV.exe
O4 - Global Startup: C:\Users\Abouelmal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Abouelmal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Pokemon Online.lnk . (...)  -- C:\Users\Abouelmal\Pokemon Online\Pokemon-Online.exe
O4 - Global Startup: C:\Users\Abouelmal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk . (.Uniblue Systems Limited.)  -- C:\Program Files (x86)\Uniblue\RegistryBooster\Launcher.exe


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Ajouter à l'Anti-bannière . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier &virtuel [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\kbrd.ico
O9 - Extra button: Clavier &virtuel [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\logo.ico


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll


---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F656DB2-12E9-43CF-BF39-F41EAF7E2C10}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1F656DB2-12E9-43CF-BF39-F41EAF7E2C10}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1F656DB2-12E9-43CF-BF39-F41EAF7E2C10}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: klogon . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\klogon.dll (.not file.)


---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Kaspersky Lab ZAO - Kaspersky OE plugin loader.) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service:  (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service:  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd. - Activation Licensing Service.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service:  (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service:  (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service:  (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service:  (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service:  (HerculesWiFi) . (.Guillemot Corporation - Hercules WiFi Station N Support Service.) - C:\Program Files (x86)\Hercules\WiFi Station N\HerculesWiFiService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service:  (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service:  (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 186.3.) - C:\Windows\system32\nvvsvc.exe
O23 - Service:  (Steam Client Service) . (.Valve Corporation - Steam Client Service (buildbot_winslave01_s.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service:  (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe


---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.33DA8C5CA219B4145EB1559DBE127422] [APT] [{29D70C92-85EF-457C-9D03-FEF689D22797}] (.Pas de propriétaire.) -- C:\VVVVVV 1.2\VVVVVV.exe
[MD5.7F59E4F51DA9C9C6B29B881D8DD92400] [APT] [Burn Notification] (.Acer.) -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl2.sys
O41 - Driver:  (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver:  (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys


---\\ Logiciels installés (O42)
O42 - Logiciel:  Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 7
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5511C07D-A83C-45AD-92B6-42DF99729A3C}
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CB6075D9-F912-40AE-BEA6-E590DA24F16B}
O42 - Logiciel: Adobe Reader 9.1 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
O42 - Logiciel: Camtasia Studio 7 - (.TechSmith Corporation.) [HKLM][64Bits] -- {49471DB8-7F3C-42DB-89C2-AC50FA0C5290}
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: FoxTab Music Converter (remove only) - (.Pas de propriétaire.) [HKLM][64Bits] -- Z0 - Music Converter
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Hercules WiFi Station N - (.Hercules.) [HKLM][64Bits] -- {D2BEEE2E-2252-497C-993A-5C159D808DE7}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}
O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}
O42 - Logiciel: Kaspersky Internet Security 2011 - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}
O42 - Logiciel: Kaspersky Internet Security 2011 - (.Kaspersky Lab.) [HKLM][64Bits] -- {66F1F013-008F-4875-B283-5A814B820347}
O42 - Logiciel: Killing Floor - (.Tripwire Interactive.) [HKLM][64Bits] -- Steam App 1250
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MediaGet2 version 2.1.494.0 - (.MediaGet LLC.) [HKLM][64Bits] -- {9193306E-5935-47E0-B458-2548778C1614}_is1
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Metaboli - (.Packard Bell.) [HKLM][64Bits] -- Metaboli
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français - (.Microsoft Corporation.) [HKLM][64Bits] -- OMUI.fr-fr
O42 - Logiciel: Microsoft Office O MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0100-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}
O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0017-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0116-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0115-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office X MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0101-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM][64Bits] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {EE936C7A-EA40-31D5-9B65-8E3E089C3828}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM][64Bits] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 4.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 4.0 (x86 fr)
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.Pas de propriétaire.) [HKLM][64Bits] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {DD1865F0-AD73-40FB-B23E-1822E02396FF}
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {8b705308-3381-4d69-8a72-b10e71861508}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {dba84796-8503-4ff0-af57-1747dd9a166d}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348b586-c9ae-46ce-936c-a68e9426e214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM][64Bits] -- {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM][64Bits] -- {05653DE1-6567-40C6-B930-39D399B64369}
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}
O42 - Logiciel: Packard Bell GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1
O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell InfoCentre
O42 - Logiciel: Packard Bell Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell Incorporated.) [HKLM][64Bits] -- Packard Bell Screensaver
O42 - Logiciel: Packard Bell Software Suite SE - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Software Suite SE
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Pokemon Online 1.0.21 - (.Dreambelievers.) [HKLM][64Bits] -- {2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1
O42 - Logiciel: Portal - (.Valve.) [HKLM][64Bits] -- Steam App 400
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: ScummVM 1.2.1 - (.Pas de propriétaire.) [HKLM][64Bits] -- ScummVM_is1
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2464594) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E6B7C11E-21E9-4BA0-9677-29AD603B953C}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: Super Meat Boy - (.Pas de propriétaire.) [HKLM][64Bits] -- Steam App 40800
O42 - Logiciel: Team Fortress 2 - (.Valve.) [HKLM][64Bits] -- Steam App 440
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM][64Bits] -- Uniblue RegistryBooster
O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM][64Bits] -- {09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228
O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB963673) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}
O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB963670) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}
O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}
O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}
O42 - Logiciel: VLC media player 1.1.8 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {B3B487E7-6171-4376-9074-B28082CEB504}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {76810709-A7D3-468D-9167-A1780C1E766C}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {AAF89271-2594-468D-B578-96B2E30C41C4}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\Acer]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Dreambelievers]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Consumer)]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Softonic]
[HKCU\Software\TechSmith]
[HKCU\Software\Trolltech]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Wow6432Node]
[HKCU\Software\kde.org]
[HKCU\Software\mIRC]
[HKLM\Software\<company>]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Audible]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Digital River]
[HKLM\Software\Google]
[HKLM\Software\Hercules Technologies]
[HKLM\Software\Hercules]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KasperskyLab]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MediaGet]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Oberon Media]
[HKLM\Software\OemSetup]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Packard Bell]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWlan]
[HKLM\Software\SRS Labs]
[HKLM\Software\SecureDigitalServices]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\TeamMeat]
[HKLM\Software\TechSmith]
[HKLM\Software\Telltale Games]
[HKLM\Software\Uniblue]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla.org]


---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/04/2011 - 13:11:34 - [72087198] ----D- C:\Program Files\Common Files
O43 - CFD: 21/03/2011 - 04:33:00 - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 20/03/2011 - 19:56:10 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 15/08/2009 - 16:04:46 - [974872] ----D- C:\Program Files\Google
O43 - CFD: 14/04/2011 - 07:23:50 - [5174813] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/07/2009 - 09:45:56 - [148930098] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 15/08/2009 - 15:53:52 - [1141694] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 15/08/2009 - 15:32:58 - [11160702] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 15/08/2009 - 16:16:12 - [17162038] ----D- C:\Program Files\Packard Bell
O43 - CFD: 20/03/2011 - 19:58:24 - [243741] ----D- C:\Program Files\PB Accessory Store
O43 - CFD: 15/08/2009 - 15:38:50 - [12164256] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 21/03/2011 - 04:33:00 - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 21/03/2011 - 04:33:00 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 24/03/2011 - 08:33:16 - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 24/03/2011 - 08:33:00 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 20/03/2011 - 19:56:10 - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 21/03/2011 - 04:33:00 - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 21/03/2011 - 04:33:00 - [7674370] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 13/04/2011 - 21:38:24 - [59465757] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/03/2011 - 04:33:00 - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 15/08/2009 - 16:11:56 - [772942513] ----D- C:\ProgramData\Adobe
O43 - CFD: 09/09/2010 - 17:39:36 - [7154625] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 29/12/2009 - 17:38:38 - [15977472] ----D- C:\ProgramData\Apple
O43 - CFD: 31/12/2009 - 04:53:20 - [28214272] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 19/12/2009 - 19:52:26 - [1017814] ----D- C:\ProgramData\Arcade Lab
O43 - CFD: 19/12/2009 - 16:22:36 - [71688] ----D- C:\ProgramData\AWEM
O43 - CFD: 05/12/2009 - 20:53:42 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 31/03/2010 - 22:06:50 - [21469292] --H-D- C:\ProgramData\CanonBJ
O43 - CFD: 08/05/2010 - 15:44:46 - [2180] --H-D- C:\ProgramData\CanonIJScan
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 05/05/2010 - 19:44:58 - [120020] ----D- C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 18/12/2009 - 22:34:02 - [28688] ----D- C:\ProgramData\FarmFrenzy2
O43 - CFD: 05/12/2009 - 20:53:42 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 18/12/2009 - 11:32:48 - [670] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 18/12/2009 - 23:12:58 - [2852] ----D- C:\ProgramData\Friends Games
O43 - CFD: 15/08/2009 - 16:04:48 - [3731632] ----D- C:\ProgramData\Google
O43 - CFD: 25/02/2010 - 16:37:02 - [102050] ----D- C:\ProgramData\InterAction studios
O43 - CFD: 29/04/2011 - 10:39:10 - [367717263] ----D- C:\ProgramData\Kaspersky Lab
O43 - CFD: 28/04/2011 - 14:18:16 - [121645309] ----D- C:\ProgramData\Kaspersky Lab Setup Files
O43 - CFD: 28/04/2011 - 18:27:00 - [6608547] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 04/04/2010 - 16:58:50 - [178084] ----D- C:\ProgramData\McAfee
O43 - CFD: 23/04/2011 - 23:39:00 - [772] ----D- C:\ProgramData\Media Get LLC
O43 - CFD: 05/12/2009 - 20:53:42 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 17/02/2010 - 16:07:26 - [1927391] ----D- C:\ProgramData\Messenger Plus!
O43 - CFD: 22/03/2011 - 22:00:58 - [164531353] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 13/04/2011 - 21:44:30 - [122008] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 05/12/2009 - 20:53:42 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 15/08/2009 - 16:06:52 - [11378166] ----D- C:\ProgramData\Nero
O43 - CFD: 28/04/2011 - 13:16:16 - [15234] ----D- C:\ProgramData\Norton
O43 - CFD: 15/08/2009 - 16:12:20 - [17395351] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 20/03/2011 - 20:01:00 - [234787] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 15/08/2009 - 16:15:44 - [144] ----D- C:\ProgramData\OEM
O43 - CFD: 15/08/2009 - 16:02:00 - [150063] ----D- C:\ProgramData\Packard Bell
O43 - CFD: 20/04/2011 - 11:49:52 - [1030] ----D- C:\ProgramData\Partner
O43 - CFD: 18/12/2009 - 23:27:50 - [0] ----D- C:\ProgramData\PlayFirst
O43 - CFD: 26/03/2010 - 10:28:34 - [1083578] ----D- C:\ProgramData\Real
O43 - CFD: 04/11/2010 - 16:09:28 - [8708593] ----D- C:\ProgramData\ReviverSoft
O43 - CFD: 18/12/2009 - 22:57:58 - [294957] ----D- C:\ProgramData\Sandlot Games
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 19/05/2010 - 14:09:12 - [154] ----D- C:\ProgramData\Sun
O43 - CFD: 28/04/2011 - 13:06:14 - [64] ----D- C:\ProgramData\Symantec
O43 - CFD: 23/04/2011 - 23:59:50 - [202604939] ----D- C:\ProgramData\TechSmith
O43 - CFD: 27/12/2009 - 19:48:46 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 11/09/2010 - 18:10:40 - [0] ----D- C:\ProgramData\WinZip
O43 - CFD: 25/02/2010 - 16:31:14 - [0] ----D- C:\ProgramData\Zylom
O43 - CFD: 22/03/2011 - 21:31:12 - [2272045] ----D- C:\Users\Abouelmal\AppData\Roaming\Adobe
O43 - CFD: 20/03/2011 - 20:09:14 - [210] ----D- C:\Users\Abouelmal\AppData\Roaming\Google
O43 - CFD: 20/03/2011 - 20:00:32 - [0] ----D- C:\Users\Abouelmal\AppData\Roaming\Identities
O43 - CFD: 22/03/2011 - 21:26:10 - [0] ----D- C:\Users\Abouelmal\AppData\Roaming\InstallShield
O43 - CFD: 20/03/2011 - 20:24:04 - [56337] ----D- C:\Users\Abouelmal\AppData\Roaming\Macromedia
O43 - CFD: 28/04/2011 - 18:27:20 - [4461] ----D- C:\Users\Abouelmal\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:40 - [0] ----D- C:\Users\Abouelmal\AppData\Roaming\Media Center Programs
O43 - CFD: 23/04/2011 - 23:38:48 - [1957] ----D- C:\Users\Abouelmal\AppData\Roaming\Media Get LLC
O43 - CFD: 06/04/2011 - 16:29:36 - [3090411] -S--D- C:\Users\Abouelmal\AppData\Roaming\Microsoft
O43 - CFD: 17/04/2011 - 21:50:44 - [32532] ----D- C:\Users\Abouelmal\AppData\Roaming\mIRC
O43 - CFD: 16/04/2011 - 11:40:26 - [596296] ----D- C:\Users\Abouelmal\AppData\Roaming\moovida-1
O43 - CFD: 22/03/2011 - 22:05:36 - [20699983] ----D- C:\Users\Abouelmal\AppData\Roaming\Mozilla
O43 - CFD: 24/04/2011 - 18:10:38 - [1499954] ----D- C:\Users\Abouelmal\AppData\Roaming\OpenOffice.org
O43 - CFD: 23/04/2011 - 19:15:56 - [0] ----D- C:\Users\Abouelmal\AppData\Roaming\ScummVM
O43 - CFD: 08/04/2011 - 23:13:44 - [138] ----D- C:\Users\Abouelmal\AppData\Roaming\Teeworlds
O43 - CFD: 28/04/2011 - 17:30:56 - [1556] ----D- C:\Users\Abouelmal\AppData\Roaming\Uniblue
O43 - CFD: 16/04/2011 - 13:16:42 - [83139] ----D- C:\Users\Abouelmal\AppData\Roaming\vlc
O43 - CFD: 22/03/2011 - 21:31:42 - [29760374] ----D- C:\Users\Abouelmal\Appdata\Local\Adobe
O43 - CFD: 20/03/2011 - 19:56:46 - [0] -SH-D- C:\Users\Abouelmal\Appdata\Local\Application Data
O43 - CFD: 20/03/2011 - 20:05:12 - [3607452] ----D- C:\Users\Abouelmal\Appdata\Local\Diagnostics
O43 - CFD: 24/03/2011 - 10:33:04 - [180225] ----D- C:\Users\Abouelmal\Appdata\Local\Google
O43 - CFD: 20/03/2011 - 19:56:46 - [0] -SH-D- C:\Users\Abouelmal\Appdata\Local\Historique
O43 - CFD: 23/04/2011 - 19:04:40 - [135] ----D- C:\Users\Abouelmal\Appdata\Local\Media Get LLC
O43 - CFD: 23/04/2011 - 19:04:46 - [21526055] ----D- C:\Users\Abouelmal\Appdata\Local\MediaGet2
O43 - CFD: 24/04/2011 - 00:00:34 - [215860289] ----D- C:\Users\Abouelmal\Appdata\Local\Microsoft
O43 - CFD: 20/03/2011 - 20:21:08 - [0] ----D- C:\Users\Abouelmal\Appdata\Local\Microsoft Help
O43 - CFD: 22/03/2011 - 22:05:12 - [208597096] ----D- C:\Users\Abouelmal\Appdata\Local\Mozilla
O43 - CFD: 28/04/2011 - 17:29:58 - [0] ----D- C:\Users\Abouelmal\Appdata\Local\PackageAware
O43 - CFD: 20/03/2011 - 20:01:46 - [15723] ----D- C:\Users\Abouelmal\Appdata\Local\Packard Bell
O43 - CFD: 24/04/2011 - 00:01:12 - [414334] ----D- C:\Users\Abouelmal\Appdata\Local\TechSmith
O43 - CFD: 29/04/2011 - 11:07:24 - [329407491] ----D- C:\Users\Abouelmal\Appdata\Local\Temp
O43 - CFD: 20/03/2011 - 19:56:46 - [0] -SH-D- C:\Users\Abouelmal\Appdata\Local\Temporary Internet Files
O43 - CFD: 22/03/2011 - 21:16:52 - [3228] ----D- C:\Users\Abouelmal\Appdata\Local\VirtualStore
O43 - CFD: 22/04/2011 - 20:45:26 - [3511045] ----D- C:\Program Files (x86)\7-Zip
O43 - CFD: 29/04/2011 - 08:16:14 - [78425080] ----D- C:\Program Files (x86)\Ad-Remover
O43 - CFD: 20/03/2011 - 20:08:14 - [1089773786] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 15/08/2009 - 15:31:44 - [123222710] ----D- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 23/04/2011 - 23:59:40 - [1012132354] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 16/04/2011 - 11:41:22 - [0] ----D- C:\Program Files (x86)\Fluendo
O43 - CFD: 23/03/2011 - 14:29:34 - [21164398] ----D- C:\Program Files (x86)\Google
O43 - CFD: 22/03/2011 - 21:27:08 - [6921266] ----D- C:\Program Files (x86)\Hercules
O43 - CFD: 22/03/2011 - 21:27:06 - [186703466] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 14/04/2011 - 07:23:50 - [4477212] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 23/04/2011 - 23:03:50 - [90682377] ----D- C:\Program Files (x86)\Java
O43 - CFD: 28/04/2011 - 14:23:28 - [75953122] ----D- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 28/04/2011 - 18:32:34 - [4937523] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 22/03/2011 - 22:41:38 - [226432] ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 20/03/2011 - 20:21:22 - [579280236] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 15/08/2009 - 15:59:32 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 21/04/2011 - 14:51:10 - [38388859] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 20/03/2011 - 20:14:08 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 20/03/2011 - 20:21:40 - [657681] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 23/03/2011 - 22:54:32 - [146453974] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 24/03/2011 - 08:41:28 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 22/03/2011 - 22:04:40 - [33255588] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 24/03/2011 - 09:25:36 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 15/08/2009 - 16:07:48 - [382291649] ----D- C:\Program Files (x86)\Nero
O43 - CFD: 20/03/2011 - 19:58:20 - [106432] ----D- C:\Program Files (x86)\OEM
O43 - CFD: 23/04/2011 - 23:05:02 - [370627138] ----D- C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 20/03/2011 - 20:24:02 - [67974651] ----D- C:\Program Files (x86)\Packard Bell
O43 - CFD: 15/04/2011 - 16:14:18 - [625976303] ----D- C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 23/04/2011 - 23:59:48 - [172032] ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 15/08/2009 - 15:38:42 - [3357289] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 29/04/2011 - 09:59:42 - [21902444526] ----D- C:\Program Files (x86)\Steam
O43 - CFD: 23/04/2011 - 23:59:40 - [106382839] ----D- C:\Program Files (x86)\TechSmith
O43 - CFD: 15/08/2009 - 15:38:54 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 28/04/2011 - 17:30:50 - [19015779] ----D- C:\Program Files (x86)\Uniblue
O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 19/04/2011 - 17:51:46 - [0] ----D- C:\Program Files (x86)\Valve
O43 - CFD: 16/04/2011 - 11:52:02 - [83109767] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 28/04/2011 - 19:32:56 - [42649182] ----D- C:\Program Files (x86)\VVVVVV
O43 - CFD: 21/03/2011 - 04:33:00 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 22/03/2011 - 22:44:18 - [133499297] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 20/03/2011 - 20:12:54 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 24/03/2011 - 08:33:16 - [6180864] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 23/04/2011 - 18:58:52 - [2796934] ----D- C:\Program Files (x86)\Windows Media Components
O43 - CFD: 24/03/2011 - 08:33:00 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 21/03/2011 - 04:33:02 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 21/03/2011 - 04:33:02 - [5994114] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 29/04/2011 - 11:07:14 - [3892183] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 20/03/2011 - 20:10:42 - [68019726] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 15/08/2009 - 16:11:56 - [31787256] ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 15/08/2009 - 15:55:00 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 15/08/2009 - 15:38:38 - [2106564] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 23/04/2011 - 23:04:30 - [1243079] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 20/03/2011 - 20:10:34 - [651983] ----D- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 20/03/2011 - 20:17:06 - [271317999] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 15/08/2009 - 16:09:20 - [121337560] ----D- C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 15/08/2009 - 15:45:16 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 20/03/2011 - 20:10:22 - [4226896] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 20/03/2011 - 20:10:22 - [339523] ----D- C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 27/04/2011 - 11:28:06 - [403240] ----D- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 23/03/2011 - 22:52:32 - [44780663] ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 23/04/2011 - 23:59:40 - [2625536] ----D- C:\Program Files (x86)\Common Files\TechSmith Shared
O43 - CFD: 20/03/2011 - 20:11:12 - [386882126] ----D- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 15/08/2009 - 15:31:34 - [34079232] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard


---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1C0000000000000000000000A8EF1800] - 29/04/2011 - 09:56:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1619091]
O44 - LFC:[MD5.41973A479E06E1161709CF48CDDBD8B1] - 29/04/2011 - 08:42:42 ---A- . (...) -- C:\Windows\setupact.log   [88768]
O44 - LFC:[MD5.471AE8A4439AD98E2B98BDBF0F663441] - 29/04/2011 - 07:35:47 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0   [9920]
O44 - LFC:[MD5.471AE8A4439AD98E2B98BDBF0F663441] - 29/04/2011 - 07:35:47 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0   [9920]
O44 - LFC:[MD5.60419A40F0D7659B33794D3E6E2E4C3A] - 29/04/2011 - 07:31:30 ---A- . (...) -- C:\Ad-Report-CLEAN[2].txt   [3176]
O44 - LFC:[MD5.ED2ADEF92764C8AEB405FEB6955FA114] - 29/04/2011 - 07:27:39 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.B84196EFF97EA0EA783F7EC149BFDBE6] - 29/04/2011 - 07:26:31 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt   [3929]
O44 - LFC:[MD5.A9A32F415208399A5841FBEFEABE3EC1] - 29/04/2011 - 07:19:58 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt   [4029]
O44 - LFC:[MD5.F95A237C9B490DFFB786CFFAE00E513E] - 29/04/2011 - 07:17:29 ---A- . (...) -- C:\Ad-Report-SCAN[1].txt   [3964]
O44 - LFC:[MD5.CEA4B9AF3544FF15AFA2CA92B358E235] - 28/04/2011 - 19:30:31 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.F4D6159AAD205368C59B41A9B83C89F7] - 28/04/2011 - 15:26:11 ---A- . (...) -- C:\Windows\PFRO.log   [326550]
O44 - LFC:[MD5.58450EA3F16BF5087CB7CB6DB70760D1] - 24/04/2011 - 09:59:31 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [368256]
O44 - LFC:[MD5.57738201451A95F1CE9F72747215F530] - 13/04/2011 - 20:34:44 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1570666]
O44 - LFC:[MD5.9AF7A694FA9AD49AA1C2F8653DB4582E] - 13/04/2011 - 20:34:44 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [106190]
O44 - LFC:[MD5.2EEC98DEA8D226D506D6BE072C39B213] - 13/04/2011 - 20:34:44 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [130548]
O44 - LFC:[MD5.E084C022C786DEA4540C95862DE139F3] - 13/04/2011 - 20:34:44 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [615810]
O44 - LFC:[MD5.354CFCF0F393F0923DFACBD941FE957A] - 13/04/2011 - 20:34:44 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [704242]
O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 13/04/2011 - 12:32:35 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll   [46080]
O44 - LFC:[MD5.8BD25A34DA5E53AE115977DD1E15AB3C] - 13/04/2011 - 12:32:35 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [34304]
O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 13/04/2011 - 12:32:35 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll   [367104]
O44 - LFC:[MD5.EFC5353E4F513DEF55ED7B7872363957] - 13/04/2011 - 12:32:35 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [294912]
O44 - LFC:[MD5.B1D397C6765EC302A627044088181AB0] - 06/04/2011 - 14:07:57 ---A- . (...) -- C:\Windows\DirectX.log   [63368]


---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{b24af6ef-5319-11e0-90a0-806e6f6e6963}\AutoRun\command. (.Macrovision Corporation - DemoShield Multi-CD Launch.) -- E:\Setup.exe


---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.tscc"="C:\Windows\SysWOW64\tsccvid64.dll" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"tsccvid64.dll"="TechSmith Screen Capture Codec (64-bit)" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\Windows\System32\tsccvid64.dll


---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll


---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0


---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "HideSCAHealth"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=28


---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys   [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys   [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys   [15440]
O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 11/03/2011 - 07:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys   [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys   [194128]
O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 11/03/2011 - 07:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys   [27008]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys   [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys   [97856]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys   [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys   [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys   [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys   [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys   [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys   [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys   [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys   [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys   [17488]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys   [3286016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys   [77888]
O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 11/03/2011 - 07:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys   [410496]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys   [44112]
O58 - SDL:[MD5.8D7120743A0973CEAB548B475C9D4289] - 09/06/2010 - 15:43:56 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl1.sys   [460888]
O58 - SDL:[MD5.CD146D8E525D6EEBDCAF24120A8AB9CE] - 09/06/2010 - 15:44:00 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl2.sys   [11864]
O58 - SDL:[MD5.C1786C2F8DE0F62E076F7EF8DEA4E87A] - 28/04/2011 - 13:23:04 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) -- C:\Windows\system32\drivers\klif.sys   [556120]
O58 - SDL:[MD5.2A64B3A9EED93A2E96537B67C079FC96] - 22/04/2010 - 17:07:36 ---A- . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\system32\drivers\klim6.sys   [27736]
O58 - SDL:[MD5.9468D07E91BA136D82415F5DFC1FE168] - 02/11/2009 - 18:27:10 ---A- . (.Kaspersky Lab - KLMOUFLT Mouse Device Filter [fre_wlh_AMD64].) -- C:\Windows\system32\drivers\klmouflt.sys   [22544]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys   [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys   [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys   [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys   [115776]
O58 - SDL:[MD5.3D3C4B63F11F63F50253E734F0ACE9F2] - 20/12/2010 - 17:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys   [24152]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys   [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys   [284736]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys   [51264]
O58 - SDL:[MD5.CB599955CE2CE9694721562F9481CD84] - 26/06/2009 - 08:55:10 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys   [83488]
O58 - SDL:[MD5.D7A2CD1D76E6CC996A0852D566AF2F73] - 14/07/2009 - 01:15:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 186.37.) -- C:\Windows\system32\drivers\nvlddmkm.sys   [11530144]
O58 - SDL:[MD5.A85B4F2EF3A7304A5399EF0526423040] - 10/06/2009 - 21:35:35 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm62x64.sys   [408960]
O58 - SDL:[MD5.956A1F47826514C1EA0C295FE13C7377] - 30/04/2009 - 06:06:58 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmf6264.sys   [339360]
O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys   [148352]
O58 - SDL:[MD5.AFDE3015BB8D76E26BEC3B287C5443A0] - 24/04/2009 - 20:07:36 ---A- . (.NVIDIA Corporation - NVIDIA nForce(TM) SMU Microcontroller Driver.) -- C:\Windows\system32\drivers\nvsmu.sys   [28704]
O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys   [166272]
O58 - SDL:[MD5.7C7EEF51979658CE15BBC04F96A77D56] - 29/04/2009 - 12:09:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor64.sys   [239136]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys   [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys   [128592]
O58 - SDL:[MD5.BC64B75E8E0A0B8982AB773483164E72] - 20/07/2009 - 11:52:38 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys   [1831968]
O58 - SDL:[MD5.12EE053D59A78089AC58BF804C10A8F1] - 07/05/2010 - 09:52:32 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8192C USB NDIS Driver.) -- C:\Windows\system32\drivers\RTL8192cu.sys   [642592]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys   [23040]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys   [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys   [80464]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys   [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys   [161872]
O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys   [38224]


---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM][64Bits] -- Ad-Remover
O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1


---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep)  .(...) - LEGACY_BEEP
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec)  .(...) - LEGACY_FS_REC
O64 - Services: CurCS - (.not file.) - IDSVia64 (IDSVia64)  .(...) - LEGACY_IDSVIA64
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\kl1.sys - kl1(KL1)  .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\kl2.sys - kl2(kl2)  .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL2
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\klif.sys - Kaspersky Lab Driver(KLIF)  .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - LEGACY_KLIF
O64 - Services: CurCS - 30/12/1899 - C:\Windows\System32\DRIVERS\klim6.sys - Kaspersky Anti-Virus NDIS 6 Filter(KLIM6)  .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs)  .(...) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy)  .(...) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs)  .(...) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs)  .(...) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null)  .(...) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv)  .(...) - LEGACY_SECDRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr)  .(...) - LEGACY_SPLDR
O64 - Services: CurCS - (.not file.) - Symantec Extended File Attributes (SymEFA)  .(...) - LEGACY_SYMEFA
O64 - Services: CurCS - (.not file.) - Symantec Network Filter Driver (SYMFW)  .(...) - LEGACY_SYMFW
O64 - Services: CurCS - (.not file.) - Symantec Network Filter Driver (SYMNDISV)  .(...) - LEGACY_SYMNDISV
O64 - Services: CurCS - (.not file.) - Symantec Network Dispatch Driver (SYMTDI)  .(...) - LEGACY_SYMTDI


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe


---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- firefox.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Explorer\iexplore.exe


---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com


---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.A4FD6DA0BD0EBCF0A66A7F38C4A34142] [SPRF] (.mIRC Co. Ltd. - mIRC.) -- C:\Users\Abouelmal\AppData\Local\Temp\mirc719.exe   [1855120]
[MD5.D7D9445362AEE97FAA2214CB21B28C2F] [SPRF] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Abouelmal\AppData\Local\Temp\msgB117.exe   [84621672]
[MD5.601D794324DC11453DEBC36D8C2965A3] [SPRF] (.Secure Digital Services Limited - OfferBox Browser setup.) -- C:\Users\Abouelmal\AppData\Local\Temp\OB.exe   [1269632]
[MD5.92B06DB4954CE9212C4C30B43DDA8888] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Abouelmal\AppData\Local\Temp\OfferBoxSetup.exe   [178832]
[MD5.D34601B2216793F0E253ED4C515DE708] [SPRF] (.mIRC Co. Ltd. - mIRC.) -- C:\Users\Abouelmal\AppData\Local\Temp\uninstall.exe   [28160]
[MD5.895F8B17435EEC25ADBBF4A079CF0365] [SPRF] (.Fluendo - Pas de description.) -- C:\Users\Abouelmal\AppData\Local\Temp\Update_off_moovidaImmersed-2.1.0.2-win32.exe   [39414936]
[MD5.5A8A0E8633E610709E1F1B16435C16F4] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Abouelmal\AppData\Local\Temp\vlc-1.1.8-install.exe   [645753]
[MD5.6B683517ABCDCDFCF5135D24AD0BC36C] [SPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Abouelmal\AppData\Local\Temp\vlc-1.1.8-win32.exe   [20586196]


---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)
O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{B1B88509-B693-4CDB-8EEC-B086B19B7263}" | In - Public - P6 - FALSE | .(.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{C37C5C01-8EC4-4305-9D51-0F9A94D3D04D}" | In - Public - P17 - FALSE | .(.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
O87 - FAEL: "{C23FEB35-FA2D-42BC-BCF9-10F546439D11}" | In - Public - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe
O87 - FAEL: "{E580DCAA-3285-4045-8396-02DEF27AF3CE}" | In - Public - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe
O87 - FAEL: "{CF43AABF-86C2-447A-94F6-9B61CABA5EE3}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O87 - FAEL: "TCP Query User{E73C414F-AD85-4965-9F05-428E46869720}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "UDP Query User{BC5F8FDE-BA2D-46A8-BF65-06503634F793}C:\program files (x86)\internet explorer\iexplore.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation.) -- C:\program files (x86)\internet explorer\iexplore.exe
O87 - FAEL: "TCP Query User{16E84C15-1D35-48ED-812F-021ECF5683BB}C:\program files (x86)\steam\steamapps\tainicpingouin\team fortress 2\hl2.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\steam\steamapps\tainicpingouin\team fortress 2\hl
O87 - FAEL: "UDP Query User{87D7F1E6-9B8B-49D7-81E0-72605F73A1D9}C:\program files (x86)\steam\steamapps\tainicpingouin\team fortress 2\hl2.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\steam\steamapps\tainicpingouin\team fortress 2\h
O87 - FAEL: "TCP Query User{2FDB8D9E-B289-4D69-9FFD-DC3C280D554C}C:\users\abouelmal\downloads\teeworlds-0.5.2-win32\teeworlds-0.5.2-win32\teeworlds_srv.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\abouelmal\downloads\teeworlds-0.5.2-win32\teeworlds
O87 - FAEL: "UDP Query User{2EB57B4A-48F3-4DB1-9C1B-B75BE8DC2D83}C:\users\abouelmal\downloads\teeworlds-0.5.2-win32\teeworlds-0.5.2-win32\teeworlds_srv.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\abouelmal\downloads\teeworlds-0.5.2-win32\teeworld
O87 - FAEL: "{1E329322-6ED7-4A39-BBD5-1518E8AFDECE}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Abouelmal\Downloads\MusicConverterSetup.exe (.not file.)
O87 - FAEL: "{7B3AEBC2-B7CB-4AE4-9A51-E464872555DD}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Abouelmal\Downloads\MusicConverterSetup.exe (.not file.)
O87 - FAEL: "{28081539-F203-448C-A606-64DB48075270}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\killingfloor\System\KillingFloor.exe
O87 - FAEL: "{7190DD16-D43C-448E-BBE0-267F269A7A85}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\killingfloor\System\KillingFloor.exe
O87 - FAEL: "TCP Query User{EF8D1685-7F4C-4994-9F59-1337EF6965D4}C:\users\abouelmal\appdata\local\mediaget2\mediaget.exe" | In - Public - P6 - TRUE | .(.MediaGet LLC.) -- C:\users\abouelmal\appdata\local\mediaget2\mediaget.exe
O87 - FAEL: "UDP Query User{1E385610-DBA3-45C8-8058-7E7DFD8C885D}C:\users\abouelmal\appdata\local\mediaget2\mediaget.exe" | In - Public - P17 - TRUE | .(.MediaGet LLC.) -- C:\users\abouelmal\appdata\local\mediaget2\mediaget.exe


---\\ Scan Additionnel (O88)
Database Version : 6502 - (28/04/2011)
Number of Keys Founds (Clés trouvées) : 2
Number of Directories Founds  (Dossiers trouvés) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO


---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 08/12/2008 169312 |  (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
SR - | Auto 02/11/2010 365336 |  (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
SS - | Demand 20/03/2011 651720 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 19/04/2009 625184 |  (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SR - | Auto 04/06/2009 1150496 |  (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
SS - | Auto 23/03/2011 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/08/2009 182768 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 26/05/2010 72488 |  (HerculesWiFi) . (.Guillemot Corporation.) - C:\Program Files (x86)\Hercules\WiFi Station N\HerculesWiFiService.exe
SS - | Demand 28/07/2009 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 19/04/2009 207904 |  (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SR - | Auto 19/04/2009 0 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 26/04/2011 403240 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 04/07/2009 240160 |  (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe


---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Abouelmal at 29/04/2011 11:08:39

device: opened successfully
user: error reading MBR

Disk trace:
error: Read  Descripteur non valide
kernel: error reading MBR


---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Abouelmal at 29/04/2011 11:08:41

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin


End of the scan (1048 lines in 01mn 40s)(0)