~ Rapport de ZHPDiag v2013.12.26.23 - Nicolas Coolman  (26/12/2013)
~ Lancé par Pascal (29/01/2014 19:15:55)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v7.0.6000.16546 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit  (Build 6000)
Windows Server License Manager Script : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Norton Internet Security v15.0.0.60
Norton AntiVirus Help v15.0
Norton Protection Center v3.1.0.98

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player ActiveX
Adobe Reader 8.1.0 - Français

---\\ Informations sur le système
~ Processor: x86 Family 16 Model 2 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 3325 MB (89% free)
System Restore: Activé (Enable)
System drive C: has 441 GB (96%) free of 455 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-PASCAL
~ User Name: Pascal
~ All Users Names: Pascal, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Pascal\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Pascal\AppData\Roaming\
~ %Desktop% : C:\Users\Pascal\Desktop\
~ %Favorites% : C:\Users\Pascal\Favorites\
~ %LocalAppData% : C:\Users\Pascal\AppData\Local\
~ %StartMenu% : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 441 Go of 455 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go)
E: Hard drive, Flash drive, Thumb drive (Free 466 Go of 466 Go)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 37 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.FD8C53FB002217F6F888BCF6F5D7084D] - (.Microsoft Corporation - Explorateur Windows.) (.02/11/2006 - 10:45:07.) -- C:\WINDOWS\Explorer.exe [2923520]
[MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - (.Microsoft Corporation - Application de démarrage de Windows.) (.02/11/2006 - 10:45:57.) -- C:\WINDOWS\System32\Wininit.exe [95744]
[MD5.5AED372CFC645834DA3DD287CEF21473] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.04/01/2007 - 01:54:09.) -- C:\WINDOWS\System32\wininet.dll [824832]
[MD5.9F75392B9128A91ABAFB044EA350BAAD] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.02/11/2006 - 10:45:57.) -- C:\WINDOWS\System32\Winlogon.exe [308224]
[MD5.5D24CAF8EFD924A875698FF28384DB8B] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.02/11/2006 - 09:58:43.) -- C:\WINDOWS\system32\Drivers\AFD.sys [270336]
[MD5.4F4FCB8B6EA06784FB6D475B7EC7300F] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.02/11/2006 - 10:49:36.) -- C:\WINDOWS\system32\Drivers\atapi.sys [19048]
[MD5.6C3A437FC873C6F6A4FC620B6888CB86] - (.Microsoft Corporation - CD-ROM File System Driver.) (.02/11/2006 - 09:30:50.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [70144]
[MD5.8D1866E61AF096AE8B582454F5E4D303] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.02/11/2006 - 09:51:44.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [67072]
[MD5.A7179DE59AE269AB70345527894CCD7C] - (.Microsoft Corporation - DFS Client MUP Surrogate Driver.) (.02/11/2006 - 09:31:04.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [74752]
[MD5.0DB613A7E427B5663563677796FD5258] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.04/01/2007 - 01:39:39.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [53760]
[MD5.1060F1377F395A242E27719440ECE602] - (.Microsoft Corporation - Pilote de port i8042.) (.02/11/2006 - 09:51:13.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54784]
[MD5.10077C35845101548037DF04FD1A420B] - (.Microsoft Corporation - IP Network Address Translator.) (.02/11/2006 - 09:58:09.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [99840]
[MD5.FCA7563D87F71C6DB0182CA67CC19AA7] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.02/11/2006 - 09:31:21.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [101888]
[MD5.E3A168912E7EEFC3BD3B814720D68B41] - (.Microsoft Corporation - MBT Transport driver.) (.02/11/2006 - 09:57:20.) -- C:\WINDOWS\system32\Drivers\netBT.sys [184320]
[MD5.3F379380A4A2637F559444E338CF1B51] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/11/2006 - 10:51:47.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1056360]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\WINDOWS\system32\Drivers\Parport.sys [79360]
[MD5.68B0019FEE429EC49D29017AF937E482] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.04/01/2007 - 01:26:32.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [74752]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [242688]
[MD5.AC0D90738ADB51A6FD12FF00874A2162] - (.Microsoft Corporation - SMB Transport driver.) (.02/11/2006 - 09:57:10.) -- C:\WINDOWS\system32\Drivers\smb.sys [66048]
[MD5.AB4FDE8AF4A0270A46A001C08CBCE1C2] - (.Microsoft Corporation - TDI Translation Driver.) (.02/11/2006 - 09:57:35.) -- C:\WINDOWS\system32\Drivers\tdx.sys [68096]
[MD5.11EF6C1CAEF76B685233450A126125D6] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.02/11/2006 - 10:51:18.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [208488]
~ Generic Processes:  Scanned in 00mn 10s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 0/0
~ Mes musiques (My Musics) : 0/0
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 0/3
~ Mes Documents (My Documents) : 0/0
~ Mon Bureau (My Desktop) : 0/3
~ Menu demarrer (Programs) : 0/15
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.870DF389D7676EDBB635141336A867C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8302080] [PID.1872]
~ Processes Running:  Scanned in 00mn 10s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Interpréteur de commandes Windows.) (No version) -- (.not file.)  =>.Microsoft Corporation
~ IE Browser: 10 Scanned in 00mn 02s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
~ BHO: 8 Scanned in 00mn 04s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Show Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Aide et support.lnk - Clé orpheline
O4 - GS\Desktop [Public]: Boutique Accessoires HP.lnk . (...)  -- C:\Program Files\Services en ligne\onlinesvs\WizLink.exe
O4 - GS\Desktop [Public]: Développement de photos online.lnk - Clé orpheline
O4 - GS\Desktop [Public]: eBay.lnk . (...)  -- C:\Program Files\Services en ligne\eBay\WizLink.exe =>Toolbar.eBay
O4 - GS\Desktop [Public]: Essayez Microsoft Office 2007 pendant 60 jours.lnk . (...)  -- C:\hp\bin\msoffice\trial.hta 
O4 - GS\Desktop [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.)  -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 
O4 - GS\Desktop [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Desktop [Public]: Les offres internet Orange.lnk . (...)  -- C:\Program Files\Services en ligne\OrangeFR\Orange.exe
O4 - GS\Desktop [Public]: My HP Games.lnk . (...)  -- C:\Program Files\HP Games\onplay\onplay.exe
O4 - GS\Desktop [Public]: Norton Internet Security.lnk . (.Symantec Corporation - Norton Protection Center UI Stub.)  -- C:\Program Files\Common Files\Symantec Shared\NPC\2.0\uiStub2.exe 
O4 - GS\Desktop [Public]: Offres ADSL Neuf.lnk . (.Macromedia, Inc. - Macromedia Flash Player 8.0  r22.)  -- C:\Program Files\Services en ligne\Neuf\n9uf.exe 
O4 - GS\Desktop [Public]: Pour les enfants.lnk . (.EasyBits Software Corp. - Pas de description.)  -- C:\Program Files\EasyBits\KidsReady\ezKidsReady.exe 
O4 - GS\Desktop [Public]: Services simples pour Internet.lnk . (.Hewlett-Packard - HP SDP Application Module.)  -- C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe 
O4 - GS\Desktop [Public]: Windows Media Center.lnk . (.Microsoft Corporation - Media Center.)  -- C:\WINDOWS\ehome\ehshell.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Adobe Reader 8.lnk . (...)  -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe
O4 - GS\Program [Public]: DVD Play BD & HD DVD.lnk . (.CyberLink Corp. - HP DVDPlay.)  -- C:\Program Files\HP\DVDPlay\DVDPlay.exe 
O4 - GS\Program [Public]: eBay.lnk . (...)  -- C:\Program Files\Services en ligne\eBay\WizLink.exe =>Toolbar.eBay
O4 - GS\Program [Public]: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.)  -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe 
O4 - GS\Program [Public]: Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation - Microsoft® Works.)  -- C:\Program Files\Microsoft Works\MSWorks.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Media Center.)  -- C:\WINDOWS\ehome\ehshell.exe 
O4 - GS\Program [Public]: Visionneuse Microsoft Office PowerPoint 2007.lnk . (...)  -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Calendrier Windows.)  -- C:\Program Files\Windows Calendar\WinCal.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Collaboration.lnk . (.Microsoft Corporation - Windows Meeting Space.)  -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.)  -- C:\Program Files\Windows Mail\wab.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.)  -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.)  -- C:\Program Files\Movie Maker\DVDMaker.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live.lnk - Clé orpheline
O4 - GS\Program [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.)  -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.)  -- C:\Program Files\Movie Maker\MOVIEMK.exe  =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.)  -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.)  -- C:\WINDOWS\System32\calc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.)  -- C:\WINDOWS\System32\mblctr.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.)  -- C:\WINDOWS\System32\NetProj.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\WINDOWS\System32\mspaint.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.)  -- C:\WINDOWS\System32\mstsc.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Volet Windows.)  -- C:\Program Files\Windows Sidebar\sidebar.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.)  -- C:\WINDOWS\System32\SnippingTool.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.)  -- C:\WINDOWS\System32\SoundRecorder.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.)  -- C:\WINDOWS\System32\mobsync.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.)  -- C:\WINDOWS\System32\control.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.)  -- C:\Program Files\Windows NT\Accessories\wordpad.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Sauvegarde Microsoft® Windows.)  -- C:\Windows\System32\sdclt.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.)  -- C:\WINDOWS\System32\charmap.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.)  -- C:\WINDOWS\System32\dfrgui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.)  -- C:\WINDOWS\System32\cleanmgr.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Transfert de fichiers et paramètres Windows.)  -- C:\WINDOWS\System32\migwiz\migwiz.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.)  -- C:\WINDOWS\System32\msinfo32.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.)  -- C:\WINDOWS\System32\rstrui.exe  =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...)  -- C:\WINDOWS\System32\taskschd.msc
O4 - GS\QuickLaunch [Pascal]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Accessories [Pascal]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.)  -- C:\WINDOWS\System32\cmd.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Pascal]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.)  -- C:\WINDOWS\System32\notepad.exe  =>.Microsoft Corporation
O4 - GS\Accessories [Pascal]: Run.lnk - Clé orpheline
O4 - GS\Accessories [Pascal]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\WINDOWS\explorer.exe  =>.Microsoft Corporation
O4 - GS\Desktop [Pascal]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files\ZHPDiag\ZHPhep.exe  =>.Nicolas Coolman
O4 - GS\Desktop [Pascal]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.)  -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe  =>.Nicolas Coolman
~ Global Startup: 56 Scanned in 00mn 20s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe 
O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe 
O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe 
O4 - HKLM\..\Run: [NvSvc] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 162.3.) -- C:\Windows\system32\nvsvc.dll 
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll  =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\WINDOWS\RtHDVCpl.exe  =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [HP Health Check Scheduler] Clé orpheline 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [SunJavaUpdateReg] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\jureg.exe 
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files\HP\HP Software Update\HPWuSchd2.exe  =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- c:\Program Files\Common Files\Symantec Shared\ccApp.exe 
O4 - HKLM\..\Run: [isCfgWiz] . (.Symantec Corporation - SymCUW.) -- c:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe 
O4 - HKLM\..\RunOnce: [PCDrProfiler] Clé orpheline 
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKCU\..\Run: [BTBFirstRun] . (.Hewlett-Packard Company - HPRun.) -- C:\Program Files\Hewlett-Packard\SDP\hprun.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline 
O4 - HKUS\S-1-5-21-1003403311-3205928056-1717459790-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1003403311-3205928056-1717459790-1000\..\Run: [BTBFirstRun] . (.Hewlett-Packard Company - HPRun.) -- C:\Program Files\Hewlett-Packard\SDP\hprun.exe 
~ Application:  Scanned in 00mn 08s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
~ Winsock: 6 Scanned in 00mn 01s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{40A63D1B-2053-4553-B063-D48C12E5D1BD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{40A63D1B-2053-4553-B063-D48C12E5D1BD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{40A63D1B-2053-4553-B063-D48C12E5D1BD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 01s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Protocole Additionnel:  Scanned in 00mn 01s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice (LiveUpdate Notice) . (.Symantec Corporation - Symantec Service Framework.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: {22D78859-9CE9-4B77-BF18-AC83E81A9263} ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp. - FCL Driver.) - C:\Program Files\HP\DVDPlay\000.fcl
~ Services: 8 Scanned in 02mn 41s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_01\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0  r45.) -- C:\Windows\system32\Macromed\Flash\Flash9c.ocx
~ Active Setup: 13 Scanned in 00mn 05s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver:  (DfsC) . (.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys
O41 - Driver: C:\WINDOWS\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\WINDOWS\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\drivers\rdpencdd.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\WINDOWS\System32\DRIVERS\smb.sys
O41 - Driver:  (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\WINDOWS\System32\Drivers\SRTSPX.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\WINDOWS\System32\drivers\tcpip.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\WINDOWS\System32\DRIVERS\wanarp.sys
~ Drivers: 63 Scanned in 00mn 17s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader 8.1.0 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81000000003}
O42 - Logiciel: AppCore - (.Symantec Corporation.) [HKLM] -- {EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
O42 - Logiciel: Component Framework - (.Symantec Corporation.) [HKLM] -- {31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
O42 - Logiciel: DVD Play BD & HD DVD - (.Hewlett-Packard.) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC}
O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {9885A11E-60E4-417C-B58B-8B31B21C0B8A}
O42 - Logiciel: HP On-Screen Cap/Num/Scroll Lock Indicator - (.Hewlett-Packard.) [HKLM] -- OsdMaestro
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {e96b3d28-47d6-43cc-98fd-7069eeab6b11}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {11B83AD3-7A46-4C2E-A568-9505981D4C6F}
O42 - Logiciel: Hauppauge MCE XP/Vista Software Encoder (2.0.25180) - (.Hauppauge Computer Works, Inc..) [HKLM] -- Hauppauge MCE2005 Software Encoder
O42 - Logiciel: Hewlett-Packard Active Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Hewlett-Packard Asset Agent for Health Check - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: LightScribe System Software  1.10.16.1 - (.Nom de votre société.) [HKLM] -- {E6CFBFB5-9232-410C-B353-AF6E614B2681}
O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec.) [HKLM] -- PsuedoLiveUpdate
O42 - Logiciel: LiveUpdate (Symantec Corporation) - (.Symantec.) [HKLM] -- {E80F62FF-5D3C-4A19-8409-9721F2928206}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall
O42 - Logiciel: NVIDIA Drivers - (...) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Norton AntiVirus - (.Symantec Corporation.) [HKLM] -- {77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
O42 - Logiciel: Norton AntiVirus Help - (.Symantec Corporation.) [HKLM] -- {E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
O42 - Logiciel: Norton Confidential Core - (.Symantec Corporation.) [HKLM] -- {55A6283C-638A-4EE0-B491-51118554BDA2}
O42 - Logiciel: Norton Internet Security (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {3672B097-EA69-4BFE-B92F-29AE6D9D2B34}
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {C1C185CA-C531-49F5-A6FA-B838405A049D}
O42 - Logiciel: Norton Protection Center - (.Symantec Corporation.) [HKLM] -- {62120008-8E1E-4807-860D-A8B48F8552DB}
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SPBBC 32bit - (.Symantec Corporation.) [HKLM] -- {77772678-817F-4401-9301-ED1D01A8DA56}
O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD
O42 - Logiciel: SymNet - (.Symantec Corporation.) [HKLM] -- {2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
O42 - Logiciel: Symantec Real Time Storage Protection Component - (.Symantec Corporation.) [HKLM] -- {D6E6FA4A-5445-4850-8365-CF216C1CBB7A}
O42 - Logiciel: ccCommon - (.Symantec.) [HKLM] -- {B24E05CC-46FF-4787-BBB8-5CD516AFB118}
~ Logic: 55 Scanned in 00mn 12s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AOL]
[HKCU\Software\AppDataLow]
[HKCU\Software\Classes]
[HKCU\Software\Policies]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\Adobe]
[HKLM\Software\America Online]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Debug]
[HKLM\Software\HP]
[HKLM\Software\Hauppauge]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\LightScribe]
[HKLM\Software\Macromedia]
[HKLM\Software\MainConceptMCE]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec Technical Support]
[HKLM\Software\Symantec]
[HKLM\Software\WildTangent]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\muvee Technologies]
~ Key Software: 128 Scanned in 00mn 16s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/01/2007 - 17:41:10 - [191,087] ----D C:\Program Files\Adobe
O43 - CFD: 29/01/2014 - 17:02:55 - [658,294] ----D C:\Program Files\Common Files
O43 - CFD: 29/01/2014 - 16:39:28 - [452,491] ----D C:\Program Files\CyberLink
O43 - CFD: 04/01/2007 - 01:10:01 - [49,120] ----D C:\Program Files\EasyBits
O43 - CFD: 29/01/2014 - 10:40:16 - [0] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 03/01/2007 - 17:47:29 - [133,924] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 03/01/2007 - 17:42:11 - [150,423] ----D C:\Program Files\HP
O43 - CFD: 03/01/2007 - 17:50:50 - [158,531] ----D C:\Program Files\HP Games
O43 - CFD: 29/01/2014 - 18:30:01 - [31,348] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 04/01/2007 - 01:55:08 - [1,449] ----D C:\Program Files\Internet Explorer
O43 - CFD: 03/01/2007 - 17:42:02 - [78,679] ----D C:\Program Files\Java
O43 - CFD: 02/11/2006 - 13:37:34 - [88,505] ----D C:\Program Files\Microsoft Games
O43 - CFD: 03/01/2007 - 17:43:18 - [48,337] ----D C:\Program Files\Microsoft Office
O43 - CFD: 03/01/2007 - 17:43:09 - [137,993] ----D C:\Program Files\Microsoft Works
O43 - CFD: 04/01/2007 - 01:22:52 - [94,560] ----D C:\Program Files\Movie Maker
O43 - CFD: 02/11/2006 - 13:37:34 - [0,012] ----D C:\Program Files\MSBuild
O43 - CFD: 02/11/2006 - 13:37:34 - [3,121] ----D C:\Program Files\MSN
O43 - CFD: 03/01/2007 - 17:55:43 - [86,841] ----D C:\Program Files\Norton Internet Security
O43 - CFD: 03/01/2007 - 18:00:18 - [131,994] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 03/01/2007 - 17:28:59 - [14,859] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:34 - [24,553] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 03/01/2007 - 17:52:03 - [6,381] ----D C:\Program Files\Services en ligne
O43 - CFD: 03/01/2007 - 17:55:35 - [22,490] ----D C:\Program Files\Symantec
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 04/01/2007 - 01:48:30 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 04/01/2007 - 01:22:52 - [2,633] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 04/01/2007 - 01:30:45 - [4,279] ----D C:\Program Files\Windows Defender
O43 - CFD: 04/01/2007 - 01:22:52 - [6,750] ----D C:\Program Files\Windows Journal
O43 - CFD: 04/01/2007 - 01:35:37 - [8,653] ----D C:\Program Files\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 04/01/2007 - 01:57:25 - [4,284] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 29/01/2014 - 10:40:16 - [7,572] ----D C:\Program Files\Windows NT
O43 - CFD: 04/01/2007 - 01:22:52 - [12,840] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/01/2007 - 01:22:52 - [6,292] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 03/01/2007 - 17:28:07 - [0,146] ----D C:\Program Files\WinTV
O43 - CFD: 29/01/2014 - 19:14:33 - [23,770] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 03/01/2007 - 17:41:17 - [10,315] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 03/01/2007 - 17:32:04 - [3,841] ----D C:\Program Files\Common Files\HP
O43 - CFD: 03/01/2007 - 17:57:33 - [7,757] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 03/01/2007 - 17:41:52 - [32,334] ----D C:\Program Files\Common Files\Java
O43 - CFD: 03/01/2007 - 17:39:49 - [26,868] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 03/01/2007 - 17:39:34 - [0,054] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 03/01/2007 - 17:43:19 - [245,822] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 12:18:33 - [39,197] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 03/01/2007 - 17:59:12 - [283,818] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 04/01/2007 - 01:35:37 - [8,286] ----D C:\Program Files\Common Files\System
O43 - CFD: 03/01/2007 - 17:41:28 - [0,001] ----D C:\ProgramData\Adobe
O43 - CFD: 29/01/2014 - 10:40:15 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 29/01/2014 - 10:40:15 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 03/01/2007 - 17:32:55 - [0,002] ----D C:\ProgramData\CyberLink
O43 - CFD: 29/01/2014 - 10:40:15 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 29/01/2014 - 10:40:15 - [0] -SH-D C:\ProgramData\Favoris
O43 - CFD: 29/01/2014 - 12:32:17 - [0,312] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 03/01/2007 - 17:32:04 - [3,276] ----D C:\ProgramData\HP
O43 - CFD: 29/01/2014 - 10:40:15 - [0] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 29/01/2014 - 16:25:33 - [98,457] -S--D C:\ProgramData\Microsoft
O43 - CFD: 29/01/2014 - 10:40:15 - [0] -SH-D C:\ProgramData\Modèles
O43 - CFD: 03/01/2007 - 17:40:09 - [0] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 03/01/2007 - 18:01:12 - [0,122] ----D C:\ProgramData\NVIDIA
O43 - CFD: 03/01/2007 - 17:45:54 - [0,001] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 03/01/2007 - 17:56:10 - [162,240] ----D C:\ProgramData\Symantec
O43 - CFD: 03/01/2007 - 17:50:50 - [799,923] ----D C:\ProgramData\WildTangent
O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Pascal\AppData\Roaming\Media Center Programs
O43 - CFD: 29/01/2014 - 16:32:10 - [0,051] -S--D C:\Users\Pascal\AppData\Roaming\Microsoft
O43 - CFD: 29/01/2014 - 19:20:29 - [0,016] ----D C:\Users\Pascal\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 29/01/2014 - 11:47:45 - [0] -SH-D C:\Users\Pascal\AppData\Local\Application Data
O43 - CFD: 29/01/2014 - 11:47:45 - [0] -SH-D C:\Users\Pascal\AppData\Local\Historique
O43 - CFD: 29/01/2014 - 17:06:01 - [3,036] ----D C:\Users\Pascal\AppData\Local\Microsoft
O43 - CFD: 29/01/2014 - 19:14:56 - [2,830] ----D C:\Users\Pascal\AppData\Local\Temp
O43 - CFD: 29/01/2014 - 11:47:46 - [0] -SH-D C:\Users\Pascal\AppData\Local\Temporary Internet Files
O43 - CFD: 29/01/2014 - 12:01:52 - [0] ----D C:\Users\Pascal\AppData\Local\VirtualStore
O43 - CFD: 02/11/2006 - 13:54:36 - [0,013] R---D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 02/11/2006 - 13:50:41 - [0,001] R---D C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
~ Program Folder: 73 Scanned in 01mn 50s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.19D0412BF1C0FBD6EFB101ECC37B3B0E] - 29/01/2014 - 10:12:16 ---A- . (...) -- C:\WINDOWS\setupact.log   [17664]
O44 - LFC:[MD5.738AC9FC7A9BE3F35AA3A09128F84630] - 29/01/2014 - 12:45:13 RSHA- . (...) -- C:\WINDOWS\System32\Drivers\103C_HP_CPC_KB020AA-ABF m9180.fr_YC_0Pavi_QCZX801_E81FRv3PrA1_49_INettle3_SECS_V2.1_B5.14_T080325_WUH0_L40C_M3326_J500_7AMD_8Phenom 9500 Quad-Core_92.2_#140129_N10DE03EF_Z_G10DE0402.MRK   [1875]
O44 - LFC:[MD5.D7D51FC9496A3C88782D59FFF99C1B93] - 29/01/2014 - 18:37:26 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT   [283872]
O44 - LFC:[MD5.AA52B2758D18E402C32049A56D54EEE2] - 29/01/2014 - 18:37:45 ---A- . (...) -- C:\WINDOWS\MEMORY.DMP   [177972571]
O44 - LFC:[MD5.D333F8A1348092E73528749C48C664F0] - 29/01/2014 - 18:44:10 --HA- . (...) -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0   [3472]
O44 - LFC:[MD5.D333F8A1348092E73528749C48C664F0] - 29/01/2014 - 18:44:10 --HA- . (...) -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0   [3472]
O44 - LFC:[MD5.9C54AB65D6D95C58E96083F37196E4E7] - 29/01/2014 - 18:54:31 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log   [6154]
O44 - LFC:[MD5.6CBACA685A4221B59F8D4B519FAF3FD8] - 29/01/2014 - 18:57:12 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI   [1512256]
O44 - LFC:[MD5.1C773418098558124319E3BA69157104] - 29/01/2014 - 18:57:15 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat   [103726]
O44 - LFC:[MD5.E71897A4804A24F35C313C119BEC7255] - 29/01/2014 - 18:57:15 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat   [609944]
O44 - LFC:[MD5.8D9B1E2EDF3D6467A2E49D31118B9732] - 29/01/2014 - 18:57:16 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat   [117366]
O44 - LFC:[MD5.9BED4FBE9B20C801C5B9D273E0C2CD37] - 29/01/2014 - 18:57:16 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat   [690594]
O44 - LFC:[MD5.FD85024EFB4AA254E33D51137E96A245] - 29/01/2014 - 19:08:22 -S-A- . (...) -- C:\WINDOWS\bootstat.dat   [67584]
O44 - LFC:[MD5.5E2E451846D4DA5BCC1C55EC6D7B8C2F] - 29/01/2014 - 19:12:52 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt   [128406]
~ Files: 14 Scanned in 02mn 41s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.F8041ECF23FC8F39442EF773E58CD0CD] - 29/01/2014 - 10:11:09 ---A- - C:\WINDOWS\Prefetch\LSASS.EXE-8DBFE3B9.pf
O45 - LFCP:[MD5.CC313EB42520467AA869C6A16DD94F29] - 29/01/2014 - 10:12:01 ---A- - C:\WINDOWS\Prefetch\WUDFHOST.EXE-81420B07.pf
O45 - LFCP:[MD5.2B7F6763154BA1A0DC2F192E53A7CA1F] - 29/01/2014 - 10:27:43 ---A- - C:\WINDOWS\Prefetch\SSAUTORN.EXE-90C5868F.pf
O45 - LFCP:[MD5.6C8228DED97BFF3F88DEEC6C324CEFDF] - 29/01/2014 - 10:32:01 ---A- - C:\WINDOWS\Prefetch\SYMLCSV1.EXE-F2B46FF9.pf
O45 - LFCP:[MD5.C281D7AE33F5383236EC66D4BB300CCC] - 29/01/2014 - 10:32:05 ---A- - C:\WINDOWS\Prefetch\SYMLCSVC.EXE-469BF8ED.pf
O45 - LFCP:[MD5.28D0219330EF27FE9F7945BD48F9F4B1] - 29/01/2014 - 10:37:34 ---A- - C:\WINDOWS\Prefetch\LPREMOVE.EXE-F992050D.pf
O45 - LFCP:[MD5.AE82572C066EFC5463AA36BC74F5F677] - 29/01/2014 - 10:39:45 ---A- - C:\WINDOWS\Prefetch\MCBUILDER.EXE-8ED4E266.pf
O45 - LFCP:[MD5.E38A0016DEF19622029381707B6EEBF8] - 29/01/2014 - 10:41:50 ---A- - C:\WINDOWS\Prefetch\WINSAT.EXE-F927CE81.pf
O45 - LFCP:[MD5.7FFC09B0A383E0E6F89CA94F464CA911] - 29/01/2014 - 11:00:05 ---A- - C:\WINDOWS\Prefetch\WSQMCONS.EXE-E2CE6542.pf
O45 - LFCP:[MD5.0BC8BF0C4F7E0756BAA40EE832F338C3] - 29/01/2014 - 11:46:08 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-1BEE4A84.pf
O45 - LFCP:[MD5.86A3213FBD506967C60345CB015BAD0A] - 29/01/2014 - 11:49:07 ---A- - C:\WINDOWS\Prefetch\USERINIT.EXE-F39AB672.pf
O45 - LFCP:[MD5.CE3429097FA8705363901F60F0DE3924] - 29/01/2014 - 11:49:23 ---A- - C:\WINDOWS\Prefetch\DWM.EXE-AEABE78B.pf
O45 - LFCP:[MD5.83E4E00AB816EAB303694BDE6013E92F] - 29/01/2014 - 11:49:23 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-7A3328DA.pf
O45 - LFCP:[MD5.98CCC20C8AEE324A4DAF65A2BCD7274A] - 29/01/2014 - 11:49:52 ---A- - C:\WINDOWS\Prefetch\DLLHOST.EXE-893DDF55.pf
O45 - LFCP:[MD5.3B806EDF586953AC80469376CB276BC8] - 29/01/2014 - 11:50:11 ---A- - C:\WINDOWS\Prefetch\RUNONCE.EXE-E33ED995.pf
O45 - LFCP:[MD5.E915FCD1F7F1457E886271A94C236CA7] - 29/01/2014 - 11:50:21 ---A- - C:\WINDOWS\Prefetch\RUNPROFILER.EXE-312FB6F3.pf
O45 - LFCP:[MD5.24D1DDC2C670DEA8ED8F8D0B53F95375] - 29/01/2014 - 11:51:49 ---A- - C:\WINDOWS\Prefetch\LAUNCHER.EXE-9A451F51.pf
O45 - LFCP:[MD5.E4976199724858B9C099D57BE82704C3] - 29/01/2014 - 11:51:50 ---A- - C:\WINDOWS\Prefetch\REMIND.EXE-058BA002.pf
O45 - LFCP:[MD5.73DE260C1AC66DEACB5A281D49108020] - 29/01/2014 - 11:52:05 ---A- - C:\WINDOWS\Prefetch\CONIME.EXE-B273009A.pf
O45 - LFCP:[MD5.56F611BC3702E7CD07C1AB3FF9D120B7] - 29/01/2014 - 11:53:42 ---A- - C:\WINDOWS\Prefetch\REMIND_XP.DLL-30BF0B17.pf
O45 - LFCP:[MD5.8A1AACBD57F6484AA3B0E5CAA73E8E1B] - 29/01/2014 - 12:19:23 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5AB52A90.pf
O45 - LFCP:[MD5.241E815E0A1EEC5118D09CEF10F10D68] - 29/01/2014 - 12:19:40 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-AB80A195.pf
O45 - LFCP:[MD5.44DFFAAC2FF9F019210E708D70378646] - 29/01/2014 - 12:29:19 ---A- - C:\WINDOWS\Prefetch\TOOLBAR.EXE-037EF3B2.pf
O45 - LFCP:[MD5.C9FC97C6A470117B8E0637A578ED5C1B] - 29/01/2014 - 12:30:44 ---A- - C:\WINDOWS\Prefetch\AOLTBSERVER.EXE-2F1E4D28.pf
O45 - LFCP:[MD5.21DCA1D073D48E9DC4D6A99AEF19D1B2] - 29/01/2014 - 12:31:06 ---A- - C:\WINDOWS\Prefetch\CPC_RDMI.EXE-7F0579DC.pf
O45 - LFCP:[MD5.18D7536B588296085653FB696259C146] - 29/01/2014 - 12:31:58 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-4D95F5A7.pf
O45 - LFCP:[MD5.6BF72545224D908C363D4EC2ED60FCED] - 29/01/2014 - 12:32:13 ---A- - C:\WINDOWS\Prefetch\REGEDIT.EXE-4748FE01.pf
O45 - LFCP:[MD5.08EFD6038EE9B2385CC1E309ED2D1BD0] - 29/01/2014 - 12:33:09 ---A- - C:\WINDOWS\Prefetch\RUBIKICONDROP.EXE-847A772C.pf
O45 - LFCP:[MD5.21A40FD15F50390596F573FA51449538] - 29/01/2014 - 12:33:27 ---A- - C:\WINDOWS\Prefetch\OOBEVCWMERGE.EXE-1BA44A2E.pf
O45 - LFCP:[MD5.7F32BD3363EC9149D84AC4D6FC1C13CA] - 29/01/2014 - 12:35:07 ---A- - C:\WINDOWS\Prefetch\TOTALMEMORY.EXE-CB253FCF.pf
O45 - LFCP:[MD5.755708DF9D1549F7E150E14A99E45AB7] - 29/01/2014 - 12:35:50 ---A- - C:\WINDOWS\Prefetch\PRIMER.EXE-746A36F9.pf
O45 - LFCP:[MD5.783CDCCD929B5AB3ED146F99345D9121] - 29/01/2014 - 12:39:33 ---A- - C:\WINDOWS\Prefetch\PYTHON.EXE-396609D7.pf
O45 - LFCP:[MD5.105400FAEABCC468756F4055C978F0C1] - 29/01/2014 - 12:40:07 ---A- - C:\WINDOWS\Prefetch\WIZINSTALLER.EXE-3FE127C7.pf
O45 - LFCP:[MD5.4071C7F571BBD655906F10E9BC6CE485] - 29/01/2014 - 12:40:15 ---A- - C:\WINDOWS\Prefetch\UINI.EXE-F9C0E600.pf
O45 - LFCP:[MD5.3748E41C5C07486A545331351D0CEB01] - 29/01/2014 - 12:40:29 ---A- - C:\WINDOWS\Prefetch\COMMANDS.EXE-80CDD531.pf
O45 - LFCP:[MD5.103412A3D6957779C23DB39152455778] - 29/01/2014 - 12:41:38 ---A- - C:\WINDOWS\Prefetch\WSCRIPT.EXE-65A9658F.pf
O45 - LFCP:[MD5.085C5C2D4EAF0AE11C500199B840D8F6] - 29/01/2014 - 12:41:45 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-89305D47.pf
O45 - LFCP:[MD5.E51E5C6AED495AD66D842F0448271033] - 29/01/2014 - 12:41:56 ---A- - C:\WINDOWS\Prefetch\XCOPY.EXE-8E0707F2.pf
O45 - LFCP:[MD5.8032CAE5CE4B0DEE3D8CE32D0E4DB89D] - 29/01/2014 - 12:42:30 ---A- - C:\WINDOWS\Prefetch\ISWOW64.EXE-7CAE2B49.pf
O45 - LFCP:[MD5.88FB89AE79930B330E7EB788EF9ACABA] - 29/01/2014 - 12:45:19 ---A- - C:\WINDOWS\Prefetch\AgGlUAD_S-1-5-21-1003403311-3205928056-1717459790-1000.db
O45 - LFCP:[MD5.8FDF82E2817C9784B4CFE7327598B519] - 29/01/2014 - 12:45:21 ---A- - C:\WINDOWS\Prefetch\AgGlUAD_P_S-1-5-21-1003403311-3205928056-1717459790-1000.db
O45 - LFCP:[MD5.F1CFE9857C138D39A58A36A4350FD358] - 29/01/2014 - 12:45:25 ---A- - C:\WINDOWS\Prefetch\CSCRIPT.EXE-E4C98DEB.pf
O45 - LFCP:[MD5.9E3C26518E009CC4912919D87C9A8EBA] - 29/01/2014 - 12:45:35 ---A- - C:\WINDOWS\Prefetch\DLLHOST.EXE-C5C55E89.pf
O45 - LFCP:[MD5.3552A19E6E96952CA5E2311C3E1EF6EA] - 29/01/2014 - 12:45:43 ---A- - C:\WINDOWS\Prefetch\VSSVC.EXE-04D079CC.pf
O45 - LFCP:[MD5.1BD0D5AFE378313D51E9FE5B6D9D6D70] - 29/01/2014 - 12:53:34 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-8FD92526.pf
O45 - LFCP:[MD5.C40D6378B1AB182FFA017896627EEB68] - 29/01/2014 - 12:58:50 ---A- - C:\WINDOWS\Prefetch\DRVINST.EXE-5F8E77CD.pf
O45 - LFCP:[MD5.3B9C3F01D72AB50C4D1BB50795B5C8EC] - 29/01/2014 - 13:01:36 ---A- - C:\WINDOWS\Prefetch\REG.EXE-26976709.pf
O45 - LFCP:[MD5.33A9940C420C91109DB836922922AD6A] - 29/01/2014 - 13:01:48 ---A- - C:\WINDOWS\Prefetch\HPUTILCK.EXE-79A02A8B.pf
O45 - LFCP:[MD5.D5922A4B47FA68508DA6DB0AAF90B3B7] - 29/01/2014 - 13:01:51 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-77C92FD3.pf
O45 - LFCP:[MD5.CD30E013C38DB597C33BAAB8BED08815] - 29/01/2014 - 13:02:06 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-0331A0B4.pf
O45 - LFCP:[MD5.F3FFCCF57FB2756ABF9974D76FF19BC9] - 29/01/2014 - 13:06:05 ---A- - C:\WINDOWS\Prefetch\AgRobust.db
O45 - LFCP:[MD5.7E795FDB126CE528E128F4DD85DC23CA] - 29/01/2014 - 13:06:09 ---A- - C:\WINDOWS\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.F9FC569287EB48E596F65F8BC643436C] - 29/01/2014 - 13:06:17 ---A- - C:\WINDOWS\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.F79B8814CE9E743D2262AA8CDE66A5FA] - 29/01/2014 - 13:06:18 ---A- - C:\WINDOWS\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.E9512AE1FBA73A240890C7CEAEBDBE1C] - 29/01/2014 - 18:50:08 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.0F2CBDE0377338486AE185C92E38C2C5] - 29/01/2014 - 18:50:50 ---A- - C:\WINDOWS\Prefetch\SMSS.EXE-1DCD0EB1.pf
O45 - LFCP:[MD5.18D49FFD31E9AFA2EE9B2281F4CB365C] - 29/01/2014 - 18:50:53 ---A- - C:\WINDOWS\Prefetch\CSRSS.EXE-8C04D631.pf
O45 - LFCP:[MD5.8D8A4D832D35B37350422F0E7E0212D0] - 29/01/2014 - 18:50:59 ---A- - C:\WINDOWS\Prefetch\WININIT.EXE-65FCAECD.pf
O45 - LFCP:[MD5.35CE7D688A88824AFF752641E3073A5C] - 29/01/2014 - 18:51:09 ---A- - C:\WINDOWS\Prefetch\SERVICES.EXE-2260497F.pf
O45 - LFCP:[MD5.65337192CBF2F706582AF6D601A89FAE] - 29/01/2014 - 18:51:10 ---A- - C:\WINDOWS\Prefetch\WERFAULT.EXE-B7E27BE5.pf
O45 - LFCP:[MD5.A10E8B6D9539AC51842A23AFA97993CC] - 29/01/2014 - 18:51:12 ---A- - C:\WINDOWS\Prefetch\PCDR5CUIW32.EXE-467000B2.pf
O45 - LFCP:[MD5.6A395FFFBF6AFCB30BB2DB0E0950FFB0] - 29/01/2014 - 18:51:16 ---A- - C:\WINDOWS\Prefetch\WMIADAP.EXE-369DF1CD.pf
O45 - LFCP:[MD5.6496563D8834F16456D1DA3FB926F614] - 29/01/2014 - 18:51:17 ---A- - C:\WINDOWS\Prefetch\HPHC_SERVICE.EXE-B8B935C8.pf
O45 - LFCP:[MD5.00D0A99E5815FE69A104CDD313D3474D] - 29/01/2014 - 18:53:07 ---A- - C:\WINDOWS\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
O45 - LFCP:[MD5.38F682C4F33F898B8AD2567877EF646D] - 29/01/2014 - 18:55:53 ---A- - C:\WINDOWS\Prefetch\WERMGR.EXE-2A1BCBC7.pf
O45 - LFCP:[MD5.7D02729E6B4E70503317366551990414] - 29/01/2014 - 18:55:55 ---A- - C:\WINDOWS\Prefetch\TASKENG.EXE-5BAF290C.pf
O45 - LFCP:[MD5.09C0AB8BEB38DEE3A0A8BF64D3C051F7] - 29/01/2014 - 18:55:59 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-43972D0F.pf
O45 - LFCP:[MD5.992A84173AD0ED68856031111D78A143] - 29/01/2014 - 18:59:16 ---A- - C:\WINDOWS\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf
O45 - LFCP:[MD5.90E0E7E809D425511B29A47396ACE6F7] - 29/01/2014 - 18:59:17 ---A- - C:\WINDOWS\Prefetch\LOGON.SCR-7C80CA1C.pf
O45 - LFCP:[MD5.C8CE333A183820D9E69FBC4FACAB02B2] - 29/01/2014 - 18:59:55 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-830BCC14.pf
O45 - LFCP:[MD5.7C5F6818F0258D740A3F2A4A218D0C66] - 30/12/2013 - 01:45:07 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-DF20BDBB.pf
O45 - LFCP:[MD5.36FB0BDF9B5CAB3BB37A75EB9F0BAFC8] - 30/12/2013 - 01:45:17 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1761189F.pf
O45 - LFCP:[MD5.A6E2F53926DB37A053AA2C5D38FA8F0C] - 30/12/2013 - 01:45:17 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3DFFFCF0.pf
O45 - LFCP:[MD5.ED70C74BE0ABCF24E361ACD9BE2838ED] - 30/12/2013 - 01:45:27 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-FED1BEC2.pf
O45 - LFCP:[MD5.B4BBCB9DB6E9BB6B11170CDD57859565] - 30/12/2013 - 01:45:28 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-46BE27F4.pf
O45 - LFCP:[MD5.AC63DF0823DF6E67BED9B9C707DEA3E2] - 30/12/2013 - 01:45:37 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-BCF22307.pf
O45 - LFCP:[MD5.EACFBF79C22BF95139A88399A1104320] - 30/12/2013 - 01:45:41 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-C114A0C0.pf
O45 - LFCP:[MD5.0482154B7418B49B10E83012D74F779F] - 30/12/2013 - 02:08:31 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-B2C10A71.pf
O45 - LFCP:[MD5.71CD0C76E32B2C55CD0DE81714C8A55F] - 30/12/2013 - 02:29:47 ---A- - C:\WINDOWS\Prefetch\SETUPUGC.EXE-B507AEB3.pf
O45 - LFCP:[MD5.2A3F16BB3C7E7A7A5C4648859E525B2F] - 30/12/2013 - 02:30:08 ---A- - C:\WINDOWS\Prefetch\VDSLDR.EXE-85F9A1C6.pf
O45 - LFCP:[MD5.4BCC340FE67A3C5A7C4958F4B6A683AD] - 30/12/2013 - 02:30:19 ---A- - C:\WINDOWS\Prefetch\VDS.EXE-AD27F0DC.pf
O45 - LFCP:[MD5.939D98F36FC4580E8F1DE33701DF77E1] - 30/12/2013 - 02:34:27 ---A- - C:\WINDOWS\Prefetch\PfSvPerfStats.bin
~ Prefetcher: 82 Scanned in 00mn 25s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\WINDOWS\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 02s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 06s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\WINDOWS\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 4 Scanned in 00mn 05s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 15 Scanned in 00mn 02s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adp94xx.sys   [420968]
O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adpahci.sys   [297576]
O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\WINDOWS\System32\Drivers\adpu160m.sys   [98408]
O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\WINDOWS\System32\Drivers\adpu320.sys   [147048]
O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\System32\Drivers\aliide.sys   [14952]
O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\WINDOWS\System32\Drivers\arc.sys   [67688]
O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\Drivers\arcsas.sys   [67688]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltLo.sys   [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\WINDOWS\System32\Drivers\BrFiltUp.sys   [5248]
O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\WINDOWS\System32\Drivers\BrSerId.sys   [71808]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\WINDOWS\System32\Drivers\BrSerWdm.sys   [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbMdm.sys   [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\WINDOWS\System32\Drivers\BrUsbSer.sys   [11904]
O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\cmdide.sys   [16488]
O58 - SDL:[MD5.7D0AB84D95F18F6FC04C5FAF0B9B0509] - 29/05/2007 - 07:55:00 ---A- . (.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,2,3).) -- C:\WINDOWS\System32\Drivers\COH_Mon.sys   [22112]
O58 - SDL:[MD5.73F5D6835BFA66019C03E316D99649DA] - 08/08/2007 - 10:39:00 ---A- . (.Symantec Corporation - Behavior Blocker v2007.1 WDM driver (2007.1.1.99).) -- C:\WINDOWS\System32\Drivers\CO_Mon.sys   [36056]
O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\WINDOWS\System32\Drivers\djsvs.sys   [71272]
O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\WINDOWS\System32\Drivers\E1G60I32.sys   [117760]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\WINDOWS\System32\Drivers\elxstor.sys   [316520]
O58 - SDL:[MD5.0E44DBF63BB0169D57446AEC21881FF2] - 01/10/2007 - 10:21:08 ---A- . (.Hauppauge Computer Works - CX23885 BDA driver.) -- C:\WINDOWS\System32\Drivers\HCW85BDA.sys   [1129344]
O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\WINDOWS\System32\Drivers\HpCISSs.sys   [37480]
O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\WINDOWS\System32\Drivers\iaStorV.sys   [232040]
O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\WINDOWS\System32\Drivers\iirsp.sys   [41576]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\WINDOWS\System32\Drivers\iteatapi.sys   [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\WINDOWS\System32\Drivers\iteraid.sys   [35944]
O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_fc.sys   [65640]
O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_sas.sys   [65640]
O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\WINDOWS\System32\Drivers\lsi_scsi.sys   [65640]
O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\WINDOWS\System32\Drivers\megasas.sys   [28776]
O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\WINDOWS\System32\Drivers\Mraid35x.sys   [33384]
O58 - SDL:[MD5.847B64E9069946556BCFCDCE638566D8] - 24/09/2007 - 12:09:10 ---A- . (.Ralink Technology, Corp. - Ralink 802.11 USB Wireless Adapter Driver.) -- C:\WINDOWS\System32\Drivers\netr73.sys   [464384]
O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\WINDOWS\System32\Drivers\nfrd960.sys   [45160]
O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\WINDOWS\System32\Drivers\ntrigdigi.sys   [20608]
O58 - SDL:[MD5.11F99482DAFFEDF622A4A3F4B0C81487] - 27/08/2007 - 19:59:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 162.) -- C:\WINDOWS\System32\Drivers\nvlddmkm.sys   [7574976]
O58 - SDL:[MD5.B896FB556B4DC1E1D2943559EA79C5C5] - 10/09/2007 - 21:17:40 ---A- . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\WINDOWS\System32\Drivers\nvmfdx32.sys   [1035168]
O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\Drivers\nvraid.sys   [88680]
O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\Drivers\nvstor.sys   [40040]
O58 - SDL:[MD5.63B7838E9C272BAAA7B33A0CA4EBB748] - 26/10/2007 - 12:51:22 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\Drivers\nvstor32.sys   [110624]
O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql2300.sys   [900712]
O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\WINDOWS\System32\Drivers\ql40xx.sys   [106088]
O58 - SDL:[MD5.AE3DF3265781543B616E0A8830F6774B] - 25/10/2007 - 15:26:10 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\WINDOWS\System32\Drivers\RTKVHDA.sys   [2015192]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\Drivers\secdrv.sys   [20480]
O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid2.sys   [38504]
O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sisraid4.sys   [71784]
O58 - SDL:[MD5.F908190F7FBA8ACF1FB021F8A81DAD13] - 30/07/2007 - 17:43:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\WINDOWS\System32\Drivers\srtsp.sys   [278576]
O58 - SDL:[MD5.C90BE8B6AC2CBCB459B824DBB1D235B7] - 30/07/2007 - 17:43:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\WINDOWS\System32\Drivers\srtspl.sys   [317616]
O58 - SDL:[MD5.EC2E76D6470103AD303667F6ED3886BD] - 30/07/2007 - 17:43:00 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\WINDOWS\System32\Drivers\srtspx.sys   [43696]
O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\WINDOWS\System32\Drivers\symc8xx.sys   [35944]
O58 - SDL:[MD5.6F6610322BE2EFAE9873CD87003E2155] - 13/08/2007 - 07:50:00 ---A- . (.Symantec Corporation - DNS Filter Driver.) -- C:\WINDOWS\System32\Drivers\symdns.sys   [13616]
O58 - SDL:[MD5.043EA08FA1DD7CAFA41ABFCCBBD1D996] - 03/01/2007 - 17:55:34 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\System32\Drivers\SYMEVENT.SYS   [123952]
O58 - SDL:[MD5.30ACFBA79A3C8998BE8AAE5146C9BCA5] - 13/08/2007 - 07:50:00 ---A- . (.Symantec Corporation - Firewall Filter Driver.) -- C:\WINDOWS\System32\Drivers\symfw.sys   [96432]
O58 - SDL:[MD5.6F2E025F2827A079AE099439876EAEE2] - 13/08/2007 - 07:50:00 ---A- . (.Symantec Corporation - IDS Filter Driver.) -- C:\WINDOWS\System32\Drivers\symids.sys   [38576]
O58 - SDL:[MD5.36C15C5F64E6DA17BA42DB833C813AF9] - 09/08/2007 - 11:27:00 ---A- . (.Symantec Corporation - NDIS Intermediate Driver.) -- C:\WINDOWS\System32\Drivers\SymIM.sys   [31280]
O58 - SDL:[MD5.5BDC40CE9F4C88F4BFA0A931D69F4117] - 13/08/2007 - 07:50:00 ---A- . (.Symantec Corporation - NDIS Filter Driver.) -- C:\WINDOWS\System32\Drivers\symndisv.sys   [41008]
O58 - SDL:[MD5.5BE4647E971783FF1F83A1A4317C721B] - 13/08/2007 - 07:50:00 ---A- . (.Symantec Corporation - Redirector Filter Driver.) -- C:\WINDOWS\System32\Drivers\symredrv.sys   [22320]
O58 - SDL:[MD5.E0237C3748CDD19ACF6606EEDA74F715] - 13/08/2007 - 07:50:00 ---A- . (.Symantec Corporation - Network Dispatch Driver.) -- C:\WINDOWS\System32\Drivers\symtdi.sys   [188464]
O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sym_hi.sys   [31848]
O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\WINDOWS\System32\Drivers\sym_u3.sys   [34920]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\WINDOWS\System32\Drivers\uliahci.sys   [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\WINDOWS\System32\Drivers\ulsata.sys   [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\WINDOWS\System32\Drivers\ulsata2.sys   [115816]
O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\Drivers\viaide.sys   [17512]
O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\WINDOWS\System32\Drivers\vsmraid.sys   [112232]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\WINDOWS\System32\ANSI.SYS   [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\WINDOWS\System32\country.sys   [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\WINDOWS\System32\HIMEM.SYS   [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\WINDOWS\System32\KEY01.SYS   [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\WINDOWS\System32\KEYBOARD.SYS   [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\WINDOWS\System32\NTDOS.SYS   [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\WINDOWS\System32\NTDOS404.SYS   [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\WINDOWS\System32\NTDOS411.SYS   [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\WINDOWS\System32\NTDOS412.SYS   [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\WINDOWS\System32\NTDOS804.SYS   [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\WINDOWS\System32\NTIO.SYS   [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\WINDOWS\System32\NTIO404.SYS   [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\WINDOWS\System32\NTIO411.SYS   [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\WINDOWS\System32\NTIO412.SYS   [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\WINDOWS\System32\NTIO804.SYS   [34672]
~ Drivers: 15 Scanned in 00mn 53s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 29/01/2014 - 19:30:58 ---A- . (...) -- C:\Users\Pascal\AppData\Local\Temp\Pascal.bmp   [31832]
O61 - LFC: 29/01/2014 - 19:30:58 ---A- . (...) -- C:\Users\Pascal\AppData\Local\Temp\nswE8C6.tmp\System.dll   [9728]
O61 - LFC: 29/01/2014 - 19:30:58 ---A- . (...) -- C:\Users\Pascal\AppData\Local\Temp\{8471F155-B83C-4F22-937E-C9C3C42CC2E7}\setup.isn   [52715]
O61 - LFC: 29/01/2014 - 19:30:58 -SHA- . (...) -- C:\Users\Pascal\AppData\Roaming\Microsoft\Protect\CREDHIST   [24]
O61 - LFC: 29/01/2014 - 19:30:58 -SHA- . (...) -- C:\Users\Pascal\AppData\Roaming\Microsoft\Protect\S-1-5-21-1003403311-3205928056-1717459790-1000\85a4b5ed-df03-446a-b99f-2f13653c9f21   [388]
O61 - LFC: 29/01/2014 - 19:30:59 -SHA- . (...) -- C:\Users\Pascal\AppData\Roaming\Microsoft\Protect\S-1-5-21-1003403311-3205928056-1717459790-1000\Preferred   [24]
O61 - LFC: 29/01/2014 - 19:31:00 ---A- . (...) -- C:\Users\Pascal\AppData\Roaming\ZHP\Log.txt   [17106]  =>.Nicolas Coolman
O61 - LFC: 29/01/2014 - 19:31:00 ---A- . (...) -- C:\Users\Pascal\AppData\Roaming\ZHP\TestsZHPDiag.txt   [2755]  =>.Nicolas Coolman
O61 - LFC: 29/01/2014 - 19:31:00 ---A- . (...) -- C:\Users\Pascal\AppData\Roaming\ZHP\ZHPADSReport.txt   [351]  =>.Nicolas Coolman
~ 3 Fichiers temporaires (Temporary files)
~ Files: 9 Scanned in 00mn 06s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\Beep.sys (Beep)  .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\bowser.sys (bowser)  .(.Microsoft Corporation - NT Lan Manager Datagram Receiver Driver.) - LEGACY_BOWSER
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\cdfs.sys (cdfs)  .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\CLFS.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\crcdisk.sys (crcdisk)  .(.Microsoft Corporation - Disk Block Verification Filter Driver.) - LEGACY_CRCDISK
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\dfsc.sys (DfsC)  .(.Microsoft Corporation - DFS Client MUP Surrogate Driver.) - LEGACY_DFSC
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\ecache.sys (Ecache)  .(.Microsoft Corporation - Special Memory Device Cache.) - LEGACY_ECACHE
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\fileinfo.sys (FileInfo)  .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\fltmgr.sys (FltMgr)  .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\ksecdd.sys (KSecDD)  .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\mountmgr.sys (MountMgr)  .(.Microsoft Corporation - Mount Point Manager.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - 04/01/2007 - C:\WINDOWS\system32\FirewallAPI.dll (mpsdrv)  .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys (mrxsmb)  .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys (mrxsmb10)  .(.Microsoft Corporation - Longhorn SMB Downlevel SubRdr.) - LEGACY_MRXSMB10
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys (mrxsmb20)  .(.Microsoft Corporation - Longhorn SMB 2.0 Redirector.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\msisadrv.sys (msisadrv)  .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\nwifi.sys (NativeWifiP)  .(.Microsoft Corporation - NativeWiFi Miniport Driver.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - NDIS 6.0 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\ndisuio.sys (Ndisuio)  .(.Microsoft Corporation - NDIS User mode I/O driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\netbt.sys (netbt)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\nsiproxy.sys (nsiproxy)  .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY
O64 - Services: CurCS - 04/01/2007 - C:\WINDOWS\System32\drivers\pacer.sys (PSched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\rasacd.sys (RasAcd)  .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\DRIVERS\rdbss.sys (rdbss)  .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\rdpencdd.sys (RDPENCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPENCDD
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\system32\tcpipcfg.dll (Smb)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_SMB
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\system32\tcpipcfg.dll (Tcpip)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\system32\tcpipcfg.dll (tdx)  .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\volmgrx.sys (volmgrx)  .(.Microsoft Corporation - Volume Manager Extension Driver.) - LEGACY_VOLMGRX
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\drivers\Wdf01000.sys (Wdf01000)  .(.Microsoft Corporation - WDF dynamique.) - LEGACY_WDF01000
~ Legacy: 66 Scanned in 00mn 17s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\WINDOWS\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 12 Scanned in 00mn 04s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {2F10D2E3-43C5-40F0-AADD-367FE7D5BA46} - (Kelkoo) - http://fr.kelkoopartners.net
O69 - SBI: SearchScopes [HKCU] {DEDCEC8F-6742-4132-98FC-1B1D10F4D759} [DefaultScope] - (AOL Recherche) - http://slirsredirect.search.aol.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\WINDOWS\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\WINDOWS\System32\wercplsupport.dll   [63488]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll   [245248]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll   [39936]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll   [39936]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\System32\srvsvc.dll   [121344]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll   [569344]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll   [416768]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\WINDOWS\System32\Audiosrv.dll   [310272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\WINDOWS\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\WINDOWS\System32\rasmans.dll   [234496]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\WINDOWS\System32\mprdim.dll   [65536]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\WINDOWS\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll   [286208]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\WINDOWS\System32\termsrv.dll   [427520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\WINDOWS\System32\wuaueng.dll   [1568256]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\System32\qmgr.dll   [750080]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll   [245248]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll   [178688]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\WINDOWS\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll   [111104]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\WINDOWS\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll   [152576]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll   [34816]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll   [161280]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\WINDOWS\System32\schedsvc.dll   [595456]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\WINDOWS\System32\sessenv.dll   [92160]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\WINDOWS\System32\browser.dll   [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll   [69120]

~ Services: 31 Scanned in 00mn 12s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.25A6B5BCDA9C01B69E4534BBD4C0EF84] [SPRF][26/09/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Pascal\AppData\Local\Temp\_is8CE7.exe   [453688]
[MD5.34772D1478521E76F7BF20E93715C384] [SPRF][27/04/2013] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\Pascal\Desktop\ZHPDiag2.exe   [6862144]
~ Files: 2 Scanned in 00mn 04s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur DCOM des journaux et alertes de performance.) -- C:\Windows\system32\plasrv.exe
O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "SNMPTRAP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe
O87 - FAEL: "WMP-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-QWave-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-QWave-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Media Center.) -- C:\Windows\ehome\ehshell.exe
O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MCX-Prov-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe
O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Distributed File System Replication.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Distributed File System Replication.) -- C:\Windows\system32\dfsr.exe
O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WinCollab-P2P-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-P2PHost-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe
O87 - FAEL: "Collab-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe
O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe
O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe
O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe
O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe
O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPC-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "BITSSVC-RPCSS-In-TCP" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Programme DTCconsole MS.) -- C:\Windows\system32\msdtc.exe
O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe
O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe
O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "RemoteAssistance-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe
O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-In" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DHCP-Out" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-In" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-Teredo-Out" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe  =>.Microsoft Corporation
O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe
O87 - FAEL: "{70E5C50E-0F4B-45E4-AA5B-7B8A28F563DE}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDPlay.) -- C:\Program Files\HP\DVDPlay\DVDPlay.exe
O87 - FAEL: "{5DD6159D-9DF4-4B87-9ACB-E7B215C3AE3D}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDPlay Resident Program.) -- C:\Program Files\HP\DVDPlay\DPService.exe
O87 - FAEL: "{15898CC2-D832-4881-8B12-3AF3F19FA741}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe
~ Firewall: 174 Scanned in 01mn 41s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "000021090200C0400000000000F01FEC" . (.Module de compatibilité pour Microsoft Office System 2007.) -- C:\Windows\Installer\{90120000-0020-040C-0000-0000000FF1CE}\O12ConvIcon.exe
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0  =>.Microsoft Corporation
O90 - PUC: "098990BCF5D15D11E99A0005AB3E711E" . (.PowerDirector.) -- c:\Windows\Installer\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\ARPPRODUCTICON.exe
O90 - PUC: "168061B30527E1545BEEB829FB037A01" . (.Microsoft Works.) -- C:\Windows\Installer\{3B160861-7250-451E-B5EE-8B92BF30A710}\MSWorks.exe
O90 - PUC: "3DA38B1164A7E2C45A86595089D1C4F6" . (.HP Update.) -- c:\Windows\Installer\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}\ARPPRODUCTICON.exe
O90 - PUC: "5BFBFC6E2329C0143B35FAE616B46218" . (.LightScribe System Software  1.10.16.1.) -- c:\Windows\Installer\{E6CFBFB5-9232-410C-B353-AF6E614B2681}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B7448A0100000030" . (.Adobe Reader 8.1.0 - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\SC_Reader.exe
O90 - PUC: "82d3b69e6d74cc3489df0796eebab611" . (.HP Total Care Advisor.) -- C:\Windows\Installer\{e96b3d28-47d6-43cc-98fd-7069eeab6b11}\ARPPRODUCTICON.exe
O90 - PUC: "E7ABFF77379093F4BBBDCAF23557872D" . (.Norton AntiVirus.) -- c:\Windows\Installer\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}\Navw32.ico
O90 - PUC: "F633BB1185E077948B662FF43A4316B6" . (.HP Active Support Library.) -- c:\Windows\Installer\{11BB336F-0E58-4977-B866-F24FA334616B}\ARPPRODUCTICON.exe
~ Update Products: 28 Scanned in 00mn 03s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
~ WIS: 33 Scanned in 00mn 25s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 23/08/2007 243064 |  (Automatic LiveUpdate Scheduler) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
SS - | Auto 24/08/2007 149864 |  (ccEvtMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Auto 24/08/2007 149864 |  (ccSetMgr) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Auto 24/08/2007 149864 |  (CLTNetCnService) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Demand 21/08/2007 55640 |  (comHost) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
SS - | Demand 24/07/2007 181800 |  (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
SS - | Auto 19/09/2007 65536 |  (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SS - | Auto 29/05/2007 198240 |  (HPBtnSrv) . (...) - c:\hp\HPEZBTN\HPBtnSrv.exe
SS - | Auto 25/09/2007 79136 |  (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 23/08/2007 3192184 |  (LiveUpdate) . (.Symantec Corporation.) - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.exe
SS - | Auto 24/08/2007 149864 |  (LiveUpdate Notice) . (.Symantec Corporation.) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
SS - | Demand 03/01/2007 1245064 |  (Symantec Core LC) . (...) - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
SS - | Auto 02/11/2006 22016 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SS - | Auto 09/10/2007 39408 |  ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) . (.Cyberlink Corp..) - C:\Program Files\HP\DVDPlay\000.fcl

SR - | Auto 02/11/2006 22016 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe

~ Services:  Scanned in 00mn 47s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

~ MBR: 1 Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (26/12/2013)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKLM\Software\Classes\S]   =>Toolbar.Agent
~ Additionnel Scan: 206175 Items scanned in 42mn 23s



---\\ Récapitulatif des détections trouvées sur votre station
~ MSI: 0 link(s) detected in 42mn 46s



End of the scan (1184 lines in 25mn 36s)(0)