Petits soucis

(2 Pages)
1
2
→

Vous ne pouvez pas commencer un sujet
Vous ne pouvez pas répondre à ce sujet

Petits soucis clignotement dans la barre des taches Noter :

#1 Lorak

Member

Groupe : Membres
Messages : 52
Inscrit(e) : 29-avril 07

Posté 30 novembre 2011 - 09:08

Bonjour,
je voudrais être sur qu'il n'y a pas de virus sur mon pc car en ce moment il est un peu
bizar.voici mon rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:07, on 30/11/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe
C:\Program Files (x86)\ASUS\AASP\1.01.12\aaCenter.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Peer2Me\Peer2Me.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\VPN Lifeguard\VpnLifeguard.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe
C:\Users\Lorak\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google Actualités
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus....k_sys_ctrl3.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.tous...fig_5_1_4_1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F8027F5-0AFC-4C24-B78D-5B3EFB32C4E6}: NameServer = 10.1.1.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F8027F5-0AFC-4C24-B78D-5B3EFB32C4E6}: NameServer = 10.1.1.12
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files (x86)\ma-config.com\maconfservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8924 bytes

Retour en haut of the page up there ^

#2 Apollo

Devil Member !

Groupe : Equipe Sécurité
Messages : 14909
Inscrit(e) : 21-novembre 04

Posté 30 novembre 2011 - 09:12

Bonsoir,

Il ne faut plus utiliser Hijackthis, il n'est plus adapté.

ZHPDiag :

Télécharge ZHPDiag de Nicolas Coolman. et enregistre-le sur le BUREAU.
Double-clique sur ZHPDiag.exe pour lancer l'installation
N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
L'outil a créé 2 icônes ZHPDiag et ZHPFix sur le Bureau.
Double-clique sur ZHPDiag pour lancer l'exécution
Clique sur le tournevis.
Clique sur la loupe pour lancer l'analyse. Tu patientes jusqu'à ce que le scan affiche 100%
Tu refermes ZHPDiag
Le rapport ZHPDiag.txt se trouve sur le Bureau. (et sous c:\ZHP\ZHPDiag.txt)
Ce rapport étant trop long pour le forum, héberge le :
- soit directement sur le forum en pièce jointe dans ta réponse : Ajouter un fichier en pièce jointe sur le forum <<< Seulement pour le forum Vista-XP.fr!
- soit sur Cjoint et copie-colle le lien fourni dans ta réponse. OU >>
- Free large file hosting. Send big files the easy way! copier/coller le tout premier lien fourni.

@++

- Ne pas utiliser ComboFix ou The Avenger sauf demande expresse d'un membre du groupe sécurité de Zébulon! Trouver le rapport d'Antivir.- Je ne réponds pas aux demandes d'aide par MP-
Antispam 32/64 Bits. Créez votre propre sujet avec le bouton "Commencer un sujet".

- Vista-XP.fr- Ne postez pas sur plus d'un forum pour traiter le même sujet! Respectez les helpers svp. Restaurer le Hosts - Kaspersky Virus Removal Tool - Microsoft FixIt Center - Failles de niveau critique - Kaspersky Password Manager - Je ne recommande plus Antivir Free qui installe Ask Toolbar.- Stocker mots de passe - A tenir à jour! - HEBERGEZ VOS LONGS RAPPORTS, NOM D'UNE PIPE! - ROGUES!

Retour en haut of the page up there ^

#3 Lorak

Member

Groupe : Membres
Messages : 52
Inscrit(e) : 29-avril 07

Posté 30 novembre 2011 - 09:27

Apollo, le 30 novembre 2011 - 09:12 , dit :

Bonsoir,

Il ne faut plus utiliser Hijackthis, il n'est plus adapté.

ZHPDiag :

Télécharge ZHPDiag de Nicolas Coolman. et enregistre-le sur le BUREAU.
Double-clique sur ZHPDiag.exe pour lancer l'installation
N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
L'outil a créé 2 icônes ZHPDiag et ZHPFix sur le Bureau.
Double-clique sur ZHPDiag pour lancer l'exécution
Clique sur le tournevis.
Clique sur la loupe pour lancer l'analyse. Tu patientes jusqu'à ce que le scan affiche 100%
Tu refermes ZHPDiag
Le rapport ZHPDiag.txt se trouve sur le Bureau. (et sous c:\ZHP\ZHPDiag.txt)
Ce rapport étant trop long pour le forum, héberge le :
- soit directement sur le forum en pièce jointe dans ta réponse : Ajouter un fichier en pièce jointe sur le forum <<< Seulement pour le forum Vista-XP.fr!
- soit sur Cjoint et copie-colle le lien fourni dans ta réponse. OU >>
- Free large file hosting. Send big files the easy way! copier/coller le tout premier lien fourni.

@++

Retour en haut of the page up there ^

#4 Apollo

Devil Member !

Groupe : Equipe Sécurité
Messages : 14909
Inscrit(e) : 21-novembre 04

Posté 30 novembre 2011 - 09:32

Je vais te demander de bien vouloir utiliser le bouton "Ajouter une réponse" afin de ne pas citer chaque fois le post précédent, merci.

Image IPB

Retour en haut of the page up there ^

#5 Lorak

Member

Groupe : Membres
Messages : 52
Inscrit(e) : 29-avril 07

Posté 30 novembre 2011 - 09:39

Re
"C:\Users\Lorak\Desktop\ZHPDiag.txt"

Retour en haut of the page up there ^

#6 Apollo

Devil Member !

Groupe : Equipe Sécurité
Messages : 14909
Inscrit(e) : 21-novembre 04

Posté 30 novembre 2011 - 09:43

Oui bon,

Ouvre le fichier texte (zhpdiag), sélectionne tout ce qu'il contient et fais un copié/collé ici tp.

@++

Retour en haut of the page up there ^

#7 Lorak

Member

Groupe : Membres
Messages : 52
Inscrit(e) : 29-avril 07

Posté 30 novembre 2011 - 09:48

Rapport de ZHPDiag v1.28.2423 par Nicolas Coolman, Update du 27/11/2011
Run by Lorak at 30/11/2011 21:27:11
Web site : ZHPDiag Outil de diagnostic
State : Version à jour.

---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
OPIE: Opera v11.52
OPIE: Opera vv11.52

---\\ Windows Product Information
~ Langage: Français
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6143 MB (56% free)
System Restore: Activé (Enable)
System drive C: has 143 GB (47%) free of 300 GB

---\\ Logged in mode
~ Computer Name: LORAK-PC
~ User Name: Lorak
~ All Users Names: Lorak, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Lorak\AppData\Roaming\
~ %Desktop% : C:\Users\Lorak\Desktop\
~ %Favorites% : C:\Users\Lorak\Favorites\
~ %LocalAppData% : C:\Users\Lorak\AppData\Local\
~ %StartMenu% : C:\Users\Lorak\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 143 Go of 300 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 142 Go of 501 Go)
G:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
L:\ Hard drive, Flash drive, Thumb drive (Free 166 Go of 431 Go)
M:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.19/11/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.19/11/2011 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/11/2011 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.271E8FB1354AA205A214F280A6766E30] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.19/11/2011 - 06:17:57.) -- C:\Windows\system32\wininet.dll [1389056]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.19/11/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.19/11/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.19/11/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.19/11/2011 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.19/11/2011 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/11/2011 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2011 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.19/11/2011 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.19/11/2011 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.19/11/2011 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.19/11/2011 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.19/11/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.19/11/2011 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.19/11/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/11/2011 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/11/2011 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.19/11/2011 - 12:06:41.) -- C:\Windows\system32\drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.19/11/2011 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.19/11/2011 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/11/2011 - 14:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/4
~ Mes musiques (My Musics) : 2/4
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 3/40
~ Mes Documents (My Documents) : 1/610
~ Menu demarrer (Programs) : 7/26
~ Scan Hidden Files in 00mn 01s

---\\ Processus lancés
[MD5.E5DEE383D8DA636382045CC09CA73AED] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [7275008] [PID.2140]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.2760]
[MD5.478515FA22E17C4CA7177B3305630FA4] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [258512] [PID.3060]
[MD5.AF7E3264968EA4B864F78556515FB1CC] - (.ASUSTeK Computer Inc. - PC Probe II.) -- C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe [2166912] [PID.4068]
[MD5.F3FC2C8F5F02959489B9C8AF05173CC7] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AASP\1.01.12\aaCenter.exe [632448] [PID.2436]
[MD5.4A0F6440634BE2B598E2F68DDA2C0129] - (.Mozilla Messaging - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [399512] [PID.4788]
[MD5.1EC63FD92C2A31EEC918BB88FDD9F7F0] - (...) -- C:\Program Files (x86)\Peer2Me\Peer2Me.exe [49152] [PID.4836]
[MD5.99C904854E154E903C8EAC4329DD48C2] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe [947056] [PID.2024]
[MD5.39D309E9E35725D11AADDE498032B911] - (.Philippe734 - VPN Lifeguard.) -- C:\Program Files (x86)\VPN Lifeguard\VpnLifeguard.exe [196608] [PID.3620]
[MD5.BCE1D8C2BFB38D9F26EFC5464A033533] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe [641400] [PID.5104]
[MD5.3851F104F5C445C6CDC77E1816E5174C] - (.TuneUp Software - TuneUp Utilities - Interface de démarrage.) -- C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe [1116480] [PID.4468]
[MD5.A29999E6CF54648B4C9DA986A0AEB325] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [707072] [PID.292]
[MD5.72709089A54BDC1C5B16BC4A4B926567] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224] [PID.]
[MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.]
[MD5.42F88BFBB76F7A63E381829479B18518] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032] [PID.]
[MD5.E781164C7D47950E3D218C84B2901CB2] - (...) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112] [PID.]
[MD5.3A2BDD76E7D2A5F40A7174793D1BA794] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [75136] [PID.]
~ Scan Processes Running in 00mn 00s

---\\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
B0 - SPO: operaprefs.ini [Lorak] Home URL=http://news.google.fr/
~ Scan Opera Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google Actualités
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3606147994-3904090742-1213292612-1001\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-3606147994-3904090742-1213292612-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Lorak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lorak\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CrystalDiskInfo.lnk . (.Crystal Dew World.) -- C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
O4 - Global Startup: C:\Users\Lorak\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Lorak\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
~ Scan Winsock in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F8027F5-0AFC-4C24-B78D-5B3EFB32C4E6}: NameServer = 10.1.1.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{67B002B7-10B5-4D83-A869-52C1D690549E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F8027F5-0AFC-4C24-B78D-5B3EFB32C4E6}: NameServer = 10.1.1.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{67B002B7-10B5-4D83-A869-52C1D690549E}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{67B002B7-10B5-4D83-A869-52C1D690549E}: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) . (...) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
[MD5.86619C72F17B6511DD05D5DCEF4C1BD4] [APT] [TuneUpUtilities_Task_BkGndMaintenance2012] (.TuneUp Software.) -- C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe
[MD5.9338A77C9FA83B346D3C32B0CE76DB52] [APT] [{22A6F29B-11A6-4742-AF53-6AEA5FC93333}] (.VSO Software SARL.) -- C:\Program Files (x86)\VSO\pcsetup\PcSetup.exe
[MD5.A35B6619C5D1A519EC4B521F665414C1] [APT] [ASUS RegRun Loader] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe
[MD5.E5DEE383D8DA636382045CC09CA73AED] [APT] [ASUS SIX Engine] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
[MD5.F4AD88FF508A573E3EC7C8E0E4760328] [APT] [ASUS Update Checker] (.ASUSTeK Computer Inc..) -- C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
~ Scan Scheduled Task in 00mn 03s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (AsIO) . (...) - C:\Windows\Syswow64\drivers\AsIO.sys
O41 - Driver: (AsUpIO) . (...) - C:\Windows\Syswow64\drivers\AsUpIO.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\Windows\system32\DRIVERS\avkmgr.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {B858CA94-FAA0-3663-01AE-0B0798C61657}
O42 - Logiciel: ASUSUpdate - (.ASUSTeK Computer Inc..) [HKLM] -- {587178E7-B1DF-494E-9838-FA4DD36E873C}
O42 - Logiciel: Adobe Flash Player 11 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Assassin's Creed Revelations - (.Ubisoft.) [HKLM] -- {33A22B2D-55BA-4508-B767-BF2E9C21A73F}
O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Battlefield 3™ - (.Electronic Arts.) [HKLM] -- {76285C16-411A-488A-BCE3-C83CB933D8CF}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {19A492A0-888F-44A0-9B21-D91700763F62}
O42 - Logiciel: ConvertXtoDVD 4.1.19.365 - (.Pas de propriétaire.) [HKLM] -- {DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1
O42 - Logiciel: CrystalDiskInfo 4.1.3 - (.Crystal Dew World.) [HKLM] -- CrystalDiskInfo_is1
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite
O42 - Logiciel: Driver Genius Professional Edition - (.Driver-Soft Inc..) [HKLM] -- Driver Genius Professional Edition_is1
O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner
O42 - Logiciel: EPU-6 Engine - (.Pas de propriétaire.) [HKLM] -- {56B83336-FBC1-4C46-8613-90A9E3B440D6}
O42 - Logiciel: F1 2010 - (.Codemasters.) [HKLM] -- {434D0831-A4CC-401A-9E74-621000018401}
O42 - Logiciel: F1 2010 - (.Codemasters.) [HKLM] -- {434D0831-A4CC-401A-9E74-621000018402}
O42 - Logiciel: F1 2010 - (.Codemasters.) [HKLM] -- {434D0831-A4CC-401A-9E74-621000018403}
O42 - Logiciel: F1 2011 - (.Codemasters.) [HKLM] -- {434D0FA1-A4CC-401A-9E74-621000018101}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: ICQ7.6 - (.ICQ.) [HKLM] -- {7644E42D-B096-457F-8B5B-901238FC81AE}
O42 - Logiciel: Internet TV pour Windows Media Center - (.Microsoft Corporation.) [HKLM] -- {9D318C86-AF4C-409F-A6AC-7183FF4CF424}
O42 - Logiciel: Java™ 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216026FF}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {A4EF9D8B-E19B-45ED-BFAF-CB4364574FFF}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {F2508213-9989-4E85-A078-72BE483917EF}
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM] -- {820B6609-4C97-3A2B-B644-573B06A0F0CC}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Thunderbird (8.0) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (8.0)
O42 - Logiciel: Next Generation Visualisations - (. Microsoft.) [HKLM] -- {2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}
O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Opera 11.52 - (.Opera Software ASA.) [HKLM] -- Opera 11.52.1100
O42 - Logiciel: PC Probe II - (.ASUSTeK Computer Inc..) [HKLM] -- {F7338FA3-DAB5-49B2-900D-0AFB5760C166}
O42 - Logiciel: Peer2Me - (.Peer2Me.) [HKLM] -- {C783600B-C726-4481-9BBE-06F560CF8968}
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: PunkBuster Services - (.Pas de propriétaire.) [HKLM] -- PunkBusterSvc
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek HDMI Audio Driver for ATI - (.Realtek Semiconductor Corp..) [HKLM] -- {5449FB4F-1802-4D5B-A6D8-087DB1142147}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype™ 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}
O42 - Logiciel: TuneUp Utilities 2012 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2012
O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM] -- {888F1505-C2B3-4FDE-835D-36353EBD4754}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VPN Lifeguard - (.Pas de propriétaire.) [HKLM] -- VPN Lifeguard 1.4.12_is1
O42 - Logiciel: WinRAR 4.01 (64-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {9B48B0AC-C813-4174-9042-476A887592C7}
O42 - Logiciel: Windows Media Center Add-in for Silverlight - (.Microsoft Corporation.) [HKLM] -- {0EDBEB2B-7C8D-42E6-8312-0F84394A3223}
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ASUS]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avira]
[HKCU\Software\BitTorrent]
[HKCU\Software\BlueRippleSound]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Codemasters]
[HKCU\Software\DT Soft]
[HKCU\Software\EPSON]
[HKCU\Software\Eidos]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Opera Software]
[HKCU\Software\Peer2Me]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\Realtek]
[HKCU\Software\RocketDock]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\SpinTop]
[HKCU\Software\THETA AnIn]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\VSO]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\cybelsoft]
[HKLM\Software\AMD]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Aardwork]
[HKLM\Software\Adobe]
[HKLM\Software\Avira]
[HKLM\Software\BlueRippleSound]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Canneverbe Limited]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DICE]
[HKLM\Software\DT Soft]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Driver-Soft]
[HKLM\Software\EA Games]
[HKLM\Software\EPSON]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Even Balance]
[HKLM\Software\Gabest]
[HKLM\Software\Google]
[HKLM\Software\ICQ]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Knowles]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Mirabilis]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Netscape]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Opera Software]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Skype]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\Ubisoft]
[HKLM\Software\VSO]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/06/2011 - 16:00:56 - [23,096] ----D- C:\Program Files\ATI
O43 - CFD: 15/11/2011 - 23:37:26 - [5,104] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 29/11/2011 - 20:48:08 - [8,443] ----D- C:\Program Files\CCleaner
O43 - CFD: 14/07/2009 - 04:20:10 - [67,725] ----D- C:\Program Files\Common Files
O43 - CFD: 08/04/2011 - 16:42:08 - [86,076] ----D- C:\Program Files\DVD Maker
O43 - CFD: 08/04/2011 - 15:08:44 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 25/07/2011 - 15:39:28 - [0] ----D- C:\Program Files\Google
O43 - CFD: 12/10/2011 - 14:59:06 - [6,345] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/07/2009 - 16:35:14 - [142,324] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/07/2009 - 06:32:40 - [0,025] ----D- C:\Program Files\MSBuild
O43 - CFD: 26/04/2011 - 00:48:26 - [2,078] ----D- C:\Program Files\PlayReady
O43 - CFD: 21/08/2011 - 18:16:42 - [36,730] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 06:32:40 - [35,109] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 14/07/2009 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 08/04/2011 - 16:42:06 - [3,853] ----D- C:\Program Files\Windows Defender
O43 - CFD: 08/04/2011 - 16:42:08 - [8,797] ----D- C:\Program Files\Windows Journal
O43 - CFD: 08/04/2011 - 16:42:08 - [6,359] ----D- C:\Program Files\Windows Mail
O43 - CFD: 08/04/2011 - 16:42:08 - [7,331] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 08/04/2011 - 15:08:44 - [12,043] ----D- C:\Program Files\Windows NT
O43 - CFD: 08/04/2011 - 16:42:08 - [5,261] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 08/04/2011 - 16:42:08 - [0,233] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 08/04/2011 - 16:42:08 - [7,041] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 18/07/2011 - 15:43:44 - [5,689] ----D- C:\Program Files\WinRAR
O43 - CFD: 17/04/2011 - 19:45:04 - [55,512] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 - [0,581] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 08/11/2011 - 19:14:38 - [11,629] ----D- C:\Program Files\Common Files\System
O43 - CFD: 19/06/2011 - 17:16:10 - [0,000] ----D- C:\ProgramData\Adobe
O43 - CFD: 15/11/2011 - 23:37:22 - [0,001] ----D- C:\ProgramData\AMD
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 15/11/2011 - 23:11:36 - [1,098] ----D- C:\ProgramData\ATI
O43 - CFD: 30/10/2011 - 13:01:02 - [5,123] ----D- C:\ProgramData\Avira
O43 - CFD: 08/04/2011 - 15:08:44 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 12/04/2011 - 17:13:20 - [0] ----D- C:\ProgramData\Canneverbe Limited
O43 - CFD: 22/09/2011 - 16:24:20 - [-96,484] ----D- C:\ProgramData\Codemasters
O43 - CFD: 28/04/2011 - 15:02:48 - [0,001] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 24/07/2011 - 14:41:02 - [0,004] -SH-D- C:\ProgramData\DSS
O43 - CFD: 08/04/2011 - 15:08:44 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 30/09/2011 - 16:23:06 - [1,226] ----D- C:\ProgramData\ma-config.com
O43 - CFD: 08/04/2011 - 18:49:46 - [16,504] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 08/04/2011 - 15:08:44 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 16/04/2011 - 15:16:24 - [123,750] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 08/04/2011 - 15:08:44 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 26/09/2011 - 17:54:50 - [40,053] ----D- C:\ProgramData\Skype
O43 - CFD: 13/06/2011 - 16:09:40 - [78,065] ----D- C:\ProgramData\SpinTop Games
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 07/07/2011 - 13:07:52 - [0,000] ----D- C:\ProgramData\Sun
O43 - CFD: 01/08/2011 - 18:47:34 - [0] ---AD- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 20/10/2011 - 14:11:30 - [46,763] ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 27/11/2011 - 00:09:36 - [0] ----D- C:\ProgramData\Ubisoft
O43 - CFD: 15/04/2011 - 22:32:46 - [0,000] ----D- C:\ProgramData\vsosdk
O43 - CFD: 08/04/2011 - 22:26:20 - [17,617] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
O43 - CFD: 20/10/2011 - 14:10:38 - [22,677] -SH-D- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
O43 - CFD: 12/04/2011 - 13:23:46 - [4,692] ----D- C:\Users\Lorak\AppData\Roaming\Adobe
O43 - CFD: 08/04/2011 - 19:29:54 - [0] ----D- C:\Users\Lorak\AppData\Roaming\ATI
O43 - CFD: 30/10/2011 - 13:05:38 - [0] ----D- C:\Users\Lorak\AppData\Roaming\Avira
O43 - CFD: 12/04/2011 - 17:13:20 - [0,002] ----D- C:\Users\Lorak\AppData\Roaming\Canneverbe Limited
O43 - CFD: 30/11/2011 - 01:23:12 - [0,000] ----D- C:\Users\Lorak\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 24/04/2011 - 01:37:44 - [0,000] ----D- C:\Users\Lorak\AppData\Roaming\dvdcss
O43 - CFD: 22/07/2011 - 14:16:24 - [0] ----D- C:\Users\Lorak\AppData\Roaming\Google
O43 - CFD: 29/11/2011 - 19:08:16 - [0,087] ----D- C:\Users\Lorak\AppData\Roaming\ICQ
O43 - CFD: 08/04/2011 - 15:09:06 - [0] ----D- C:\Users\Lorak\AppData\Roaming\Identities
O43 - CFD: 10/04/2011 - 14:15:20 - [0] ----D- C:\Users\Lorak\AppData\Roaming\InstallShield
O43 - CFD: 08/04/2011 - 17:08:02 - [0,010] ----D- C:\Users\Lorak\AppData\Roaming\Macromedia
O43 - CFD: 08/04/2011 - 18:49:50 - [0,004] ----D- C:\Users\Lorak\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 16:35:04 - [0] ----D- C:\Users\Lorak\AppData\Roaming\Media Center Programs
O43 - CFD: 10/05/2011 - 14:47:54 - [0] ----D- C:\Users\Lorak\AppData\Roaming\Media Player Classic
O43 - CFD: 13/04/2011 - 16:24:52 - [1,092] -S--D- C:\Users\Lorak\AppData\Roaming\Microsoft
O43 - CFD: 08/04/2011 - 21:11:28 - [0] ----D- C:\Users\Lorak\AppData\Roaming\Mozilla
O43 - CFD: 07/07/2011 - 13:02:18 - [1,447] ----D- C:\Users\Lorak\AppData\Roaming\OpenOffice.org
O43 - CFD: 08/04/2011 - 17:42:24 - [0,460] ----D- C:\Users\Lorak\AppData\Roaming\Opera
O43 - CFD: 27/11/2011 - 00:05:58 - [2,979] ----D- C:\Users\Lorak\AppData\Roaming\PunkBuster
O43 - CFD: 29/11/2011 - 18:52:16 - [1,600] ----D- C:\Users\Lorak\AppData\Roaming\Skype
O43 - CFD: 08/04/2011 - 21:11:54 - [114,445] ----D- C:\Users\Lorak\AppData\Roaming\Thunderbird
O43 - CFD: 20/10/2011 - 14:11:30 - [0,081] ----D- C:\Users\Lorak\AppData\Roaming\TuneUp Software
O43 - CFD: 30/11/2011 - 21:27:16 - [3,643] ----D- C:\Users\Lorak\AppData\Roaming\uTorrent
O43 - CFD: 21/08/2011 - 18:32:30 - [1,037] ----D- C:\Users\Lorak\AppData\Roaming\vlc
O43 - CFD: 15/11/2011 - 18:54:44 - [0,412] ----D- C:\Users\Lorak\AppData\Roaming\Vso
O43 - CFD: 18/07/2011 - 15:44:10 - [1,180] ----D- C:\Users\Lorak\AppData\Roaming\WinRAR
O43 - CFD: 26/08/2011 - 17:54:50 - [0,001] ----D- C:\Users\Lorak\AppData\Local\28050
O43 - CFD: 28/06/2011 - 15:20:06 - [0,000] ----D- C:\Users\Lorak\AppData\Local\Activision
O43 - CFD: 12/04/2011 - 13:23:46 - [14,442] ----D- C:\Users\Lorak\AppData\Local\Adobe
O43 - CFD: 08/04/2011 - 19:30:00 - [0,000] ----D- C:\Users\Lorak\AppData\Local\AMD
O43 - CFD: 08/04/2011 - 15:08:56 - [0] -SH-D- C:\Users\Lorak\AppData\Local\Application Data
O43 - CFD: 08/04/2011 - 19:29:54 - [0,105] ----D- C:\Users\Lorak\AppData\Local\ATI
O43 - CFD: 17/06/2011 - 17:39:40 - [0,001] ----D- C:\Users\Lorak\AppData\Local\Darksiders
O43 - CFD: 18/11/2011 - 16:37:22 - [14,406] ----D- C:\Users\Lorak\AppData\Local\Downloaded Installations
O43 - CFD: 25/09/2011 - 13:08:56 - [0,002] ----D- C:\Users\Lorak\AppData\Local\dxhr
O43 - CFD: 22/07/2011 - 17:37:18 - [0] ----D- C:\Users\Lorak\AppData\Local\Google
O43 - CFD: 08/04/2011 - 15:08:56 - [0] -SH-D- C:\Users\Lorak\AppData\Local\Historique
O43 - CFD: 16/04/2011 - 20:52:40 - [146,127] ----D- C:\Users\Lorak\AppData\Local\Microsoft
O43 - CFD: 08/04/2011 - 17:42:24 - [91,037] ----D- C:\Users\Lorak\AppData\Local\Opera
O43 - CFD: 28/06/2011 - 15:20:06 - [0,000] ----D- C:\Users\Lorak\AppData\Local\SKIDROW
O43 - CFD: 30/11/2011 - 21:27:40 - [1,313] ----D- C:\Users\Lorak\AppData\Local\Temp
O43 - CFD: 08/04/2011 - 15:08:56 - [0] -SH-D- C:\Users\Lorak\AppData\Local\Temporary Internet Files
O43 - CFD: 01/05/2011 - 15:02:46 - [5,241] ----D- C:\Users\Lorak\AppData\Local\Thunderbird
O43 - CFD: 27/11/2011 - 00:45:02 - [0,000] ----D- C:\Users\Lorak\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 06/10/2011 - 17:30:12 - [0] ----D- C:\Users\Lorak\AppData\Local\uTorrent
O43 - CFD: 08/04/2011 - 15:09:04 - [0] ----D- C:\Users\Lorak\AppData\Local\VirtualStore
O43 - CFD: 19/06/2011 - 17:16:06 - [157,103] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 28/07/2011 - 17:26:22 - [60,493] ----D- C:\Program Files (x86)\ASUS
O43 - CFD: 01/11/2011 - 14:53:44 - [41,087] ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 30/10/2011 - 13:01:02 - [158,677] ----D- C:\Program Files (x86)\Avira
O43 - CFD: 14/11/2011 - 15:42:16 - [-255,311] ----D- C:\Program Files (x86)\Battlefield 3
O43 - CFD: 28/11/2011 - 15:55:50 - [12,250] ----D- C:\Program Files (x86)\CDBurnerXP
O43 - CFD: 13/11/2011 - 17:04:26 - [77,863] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 22/10/2011 - 13:37:58 - [3,397] ----D- C:\Program Files (x86)\CrystalDiskInfo
O43 - CFD: 10/11/2011 - 21:32:08 - [23,312] ----D- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 08/04/2011 - 17:37:56 - [23,576] ----D- C:\Program Files (x86)\Driver-Soft
O43 - CFD: 10/04/2011 - 14:16:16 - [5,481] ----D- C:\Program Files (x86)\epson
O43 - CFD: 08/11/2011 - 16:06:32 - [47,887] ----D- C:\Program Files (x86)\ICQ7.6
O43 - CFD: 27/11/2011 - 00:05:26 - [40,595] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 12/10/2011 - 14:59:06 - [4,915] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 06/11/2011 - 14:53:12 - [84,496] ----D- C:\Program Files (x86)\Java
O43 - CFD: 30/09/2011 - 16:23:06 - [6,210] ----D- C:\Program Files (x86)\ma-config.com
O43 - CFD: 13/09/2011 - 05:33:18 - [6,720] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 06/05/2011 - 11:30:10 - [8,929] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 12/10/2011 - 15:03:06 - [36,633] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 08/04/2011 - 16:51:08 - [0,015] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 24/11/2011 - 15:48:52 - [39,645] ----D- C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 14/07/2009 - 06:32:40 - [0,025] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 16/04/2011 - 15:25:00 - [0,772] ----D- C:\Program Files (x86)\OpenAL
O43 - CFD: 07/07/2011 - 13:00:48 - [338,128] ----D- C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 20/10/2011 - 13:57:10 - [32,526] ----D- C:\Program Files (x86)\Opera
O43 - CFD: 19/11/2011 - 18:33:12 - [0,678] ----D- C:\Program Files (x86)\Peer2Me
O43 - CFD: 24/10/2011 - 11:48:28 - [5,745] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:40 - [37,345] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/04/2011 - 21:15:52 - [26,523] ----D- C:\Program Files (x86)\RocketDock
O43 - CFD: 16/10/2011 - 10:19:58 - [31,089] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 24/10/2011 - 11:51:30 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 28/11/2011 - 15:54:42 - [75,297] ----D- C:\Program Files (x86)\TuneUp Utilities 2012
O43 - CFD: 27/11/2011 - 00:05:26 - [705,679] ----D- C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/07/2009 - 05:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 20/10/2011 - 10:45:04 - [0,612] ----D- C:\Program Files (x86)\uTorrent
O43 - CFD: 06/06/2011 - 16:38:14 - [81,156] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 30/10/2011 - 12:26:20 - [0,916] ----D- C:\Program Files (x86)\VPN Lifeguard
O43 - CFD: 15/04/2011 - 17:56:06 - [65,156] ----D- C:\Program Files (x86)\VSO
O43 - CFD: 14/07/2009 - 16:24:10 - [0,500] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/04/2011 - 16:42:08 - [5,895] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 09/04/2011 - 17:23:24 - [19,335] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:40 - [11,632] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 08/04/2011 - 16:42:08 - [4,213] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 08/04/2011 - 16:42:08 - [0,181] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 08/04/2011 - 16:42:08 - [6,209] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/11/2011 - 21:27:40 - [8,423] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 19/06/2011 - 17:16:16 - [3,439] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 10/11/2011 - 21:59:08 - [0,957] --H-D- C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 15/04/2011 - 17:14:52 - [3,111] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 06/11/2011 - 14:53:36 - [1,201] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 17/04/2011 - 19:45:04 - [20,183] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:10 - [39,200] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 08/11/2011 - 19:14:38 - [9,771] ----D- C:\Program Files (x86)\Common Files\System
~ Scan Program Folder in 00mn 05s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/11/2011 - 15:59:15 ---A- . (...) -- C:\Windows\setupact.log [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/11/2011 - 15:59:15 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.195B520D6182000F1662394EA45CF27E] - 30/11/2011 - 14:25:46 ---A- . (...) -- C:\Windows\WindowsUpdate.log [103621]
O44 - LFC:[MD5.8FD0EA0B96A59A863A6D6E8BC153CA34] - 30/11/2011 - 03:13:34 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.3208D87061818EBA7F1F42564275041D] - 30/11/2011 - 03:13:34 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190]
O44 - LFC:[MD5.0045FB5FBAE75778DE2EB044807EE178] - 30/11/2011 - 03:13:34 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548]
O44 - LFC:[MD5.81DA7632873A8CEEBAFABA4F442D6702] - 30/11/2011 - 03:13:34 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810]
O44 - LFC:[MD5.2133BDDF97414D06729F41DEB4936859] - 30/11/2011 - 03:13:34 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242]
O44 - LFC:[MD5.8FD0EA0B96A59A863A6D6E8BC153CA34] - 30/11/2011 - 03:13:34 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.3208D87061818EBA7F1F42564275041D] - 30/11/2011 - 03:13:34 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106190]
O44 - LFC:[MD5.0045FB5FBAE75778DE2EB044807EE178] - 30/11/2011 - 03:13:34 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130548]
O44 - LFC:[MD5.81DA7632873A8CEEBAFABA4F442D6702] - 30/11/2011 - 03:13:34 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [615810]
O44 - LFC:[MD5.2133BDDF97414D06729F41DEB4936859] - 30/11/2011 - 03:13:34 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704242]
O44 - LFC:[MD5.BB5CEB74EEB13DE70C9470F09A1ED8D3] - 30/11/2011 - 03:08:46 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.1A387DE325899061AEF4EB25A83D35D3] - 29/11/2011 - 15:31:33 RSH-- . (...) -- C:\AZRYF [472149]
O44 - LFC:[MD5.5885F8E7B91A29B6D673FAD0B36A2DE5] - 22/11/2011 - 17:02:18 ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\SysNative\TURegOpt.exe [34624]
O44 - LFC:[MD5.CBF7577849773BBCABAC627CD653B8B1] - 22/11/2011 - 17:02:18 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\SysNative\uxtuneup.dll [35648]
O44 - LFC:[MD5.CBF7577849773BBCABAC627CD653B8B1] - 22/11/2011 - 17:02:18 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\system32\uxtuneup.dll [35648]
O44 - LFC:[MD5.BD471E04BF93D2B9D4F926C3D9690806] - 22/11/2011 - 17:02:18 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\SysNative\authuitu.dll [25920]
O44 - LFC:[MD5.BD471E04BF93D2B9D4F926C3D9690806] - 22/11/2011 - 17:02:18 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\system32\authuitu.dll [25920]
O44 - LFC:[MD5.5885F8E7B91A29B6D673FAD0B36A2DE5] - 22/11/2011 - 17:02:18 RSHAD . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\system32\TURegOpt.exe [34624]
O44 - LFC:[MD5.A4B8D951D2E0C75926040E8768DF1B4A] - 15/11/2011 - 17:00:30 ---A- . (...) -- C:\Windows\SysNative\Xxx Divx Porno Anal British Housewife Fantasies 3 - Exhib Amateur Mature Mure MÃ¨re Maman Mother Mummy Older Des Vraies Vieilles Salopes Se Fon
O44 - LFC:[MD5.A4B8D951D2E0C75926040E8768DF1B4A] - 15/11/2011 - 17:00:30 RSHAD . (...) -- C:\Windows\system32\Xxx Divx Porno Anal British Housewife Fantasies 3 - Exhib Amateur Mature Mure MÃ¨re Maman Mother Mummy Older Des Vraies Vieilles Salopes Se Font
O44 - LFC:[MD5.400582B09E0BB557D0EC28A945150EEB] - 10/11/2011 - 21:32:07 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [279616]
O44 - LFC:[MD5.9837038DB503DC92C9880C6F81195533] - 08/11/2011 - 19:15:50 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [292872]
O44 - LFC:[MD5.9837038DB503DC92C9880C6F81195533] - 08/11/2011 - 19:15:50 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [292872]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/11/2011 - 17:45:40 RSHAD . (...) -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [0]
O44 - LFC:[MD5.B7037444DC5138FC7D3D3968B4DE5C4B] - 04/11/2011 - 17:43:05 RSHAD . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [53376]
O44 - LFC:[MD5.259525CFB422E6AC8E87BC9777B1DF73] - 20/11/2010 - 13:40:07 RSHA- . (...) -- C:\bootmgr [383786]
~ Scan Files in 01mn 21s

---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\system32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - LiveSSP.) -- C:\Windows\system32\livessp.dll
~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 19/11/2011 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 19/11/2011 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 19/11/2011 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 19/11/2011 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]
O58 - SDL:[MD5.6A2EEB0C4133B20773BB3DD0B7B377B4] - 19/11/2011 - 08:18:24 RSHAD . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\system32\drivers\amdiox64.sys [46136]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 19/11/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 19/11/2011 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 19/11/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 19/11/2011 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 19/11/2011 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]
O58 - SDL:[MD5.19B006B181E3875FD254F7B67ACF1E7C] - 19/11/2011 - 10:38:40 RSHAD . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [15416]
O58 - SDL:[MD5.DBB487D09F56C674430AC454FD8BCAB9] - 19/11/2011 - 23:07:00 RSHAD . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW76.sys [231440]
O58 - SDL:[MD5.0415FFE1B6A6EA141FEAFCA57567F57F] - 19/11/2011 - 04:05:10 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [10496512]
O58 - SDL:[MD5.DC24D6F38F17C0D643D9AA8A6852F8D0] - 19/11/2011 - 02:21:58 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [326656]
O58 - SDL:[MD5.E82E61F46D1336447F4DEFF8C074F13E] - 19/11/2011 - 11:15:36 RSHAD . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie64.sys [16440]
O58 - SDL:[MD5.AA8F79A1BDFC03B3BC70C44AB00589B4] - 19/11/2011 - 16:56:49 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [97312]
O58 - SDL:[MD5.D959309ECECCA73FC79F8EF8521346B2] - 19/11/2011 - 16:56:49 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [130760]
O58 - SDL:[MD5.248DB59FC86DE44D2779F4C7FB1A567D] - 19/11/2011 - 16:56:50 RSHAD . (.Avira GmbH - Avira Manager Driver.) -- C:\Windows\system32\drivers\avkmgr.sys [27760]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 19/11/2011 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 19/11/2011 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 19/11/2011 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 19/11/2011 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 19/11/2011 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 19/11/2011 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 19/11/2011 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 19/11/2011 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 19/11/2011 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]
O58 - SDL:[MD5.400582B09E0BB557D0EC28A945150EEB] - 19/11/2011 - 21:32:07 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [279616]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 19/11/2011 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 19/11/2011 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 19/11/2011 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 19/11/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 19/11/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 19/11/2011 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 19/11/2011 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 19/11/2011 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 19/11/2011 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 19/11/2011 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 19/11/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 19/11/2011 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 19/11/2011 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 19/11/2011 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]
O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 19/11/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]
O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 19/11/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 19/11/2011 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 19/11/2011 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]
O58 - SDL:[MD5.9140DB0911DE035FED0A9A77A2D156EA] - 19/11/2011 - 02:57:24 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [565352]
O58 - SDL:[MD5.2E7D1CA91D62501713C9D6E6704395C6] - 19/11/2011 - 17:12:50 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RtHDMIVX.sys [367976]
O58 - SDL:[MD5.F2744FD54BE1580BE05916D1C755C92A] - 19/11/2011 - 18:53:14 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2957544]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 19/11/2011 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 19/11/2011 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 19/11/2011 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 19/11/2011 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]
O58 - SDL:[MD5.B7037444DC5138FC7D3D3968B4DE5C4B] - 19/11/2011 - 21:44:46 RSHAD . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [53376]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 19/11/2011 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 19/11/2011 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]
O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 19/11/2011 - 12:34:42 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys [10216]
O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 19/11/2011 - 12:34:48 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys [11832]
O58 - SDL:[MD5.F6BDA026E4157DC4E321CA391E9D9BC6] - 19/11/2011 - 18:20:46 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [13440]
O58 - SDL:[MD5.26D66E32E78D3059715B3A17BC679CD9] - 19/11/2011 - 09:48:34 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsUpIO.sys [13368]
~ Scan Drivers in 00mn 02s

---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 26/10/2011 - C:\Windows\system32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 24/06/2011 - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys (AODDriver4.01) .(.Advanced Micro Devices - AMD OverDrive Service Driver.) - LEGACY_AODDRIVER4.01
O64 - Services: CurCS - 22/04/2010 - C:\Windows\Syswow64\drivers\AsIO.sys - AsIO (AsIO) .(...) - LEGACY_ASIO
O64 - Services: CurCS - 06/07/2009 - C:\Windows\Syswow64\drivers\AsUpIO.sys - AsUpIO (AsUpIO) .(...) - LEGACY_ASUPIO
O64 - Services: CurCS - 19/10/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 19/10/2011 - C:\Windows\system32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 19/10/2011 - C:\Windows\system32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira GmbH - Avira Manager Driver.) - LEGACY_AVKMGR
O64 - Services: CurCS - 21/07/2011 - C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys (driverhardwarev2x64) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 13/10/2011 - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV
~ Scan Services in 00mn 02s

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google
O69 - SBI: SearchScopes [HKCU] {A6C4554E-0AFA-4245-A17B-36B6F2CC772F} - (Google) - Google
~ Scan Keys in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows™.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [35648]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2420736]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Scan Services in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][20/04/2011] (...) -- C:\Users\Lorak\AppData\Roaming\inst.exe [99384]
[MD5.AF7CE12C4F3DC8CB2B07685C916BBCFE] [SPRF][20/04/2011] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\Lorak\AppData\Roaming\pcouffin.sys [82816]
[MD5.9149E19DB451DF6C7735942DC71451C8] [SPRF][21/12/2009] (.Pas de propriétaire - asusTek_sys_ctrl Module.) -- C:\Windows\Downloaded Program Files\asusTek_sys_ctrl.dll [139776]
[MD5.C23D44716A9D800E85ACD19AA51BEF94] [SPRF][10/02/2010] (.Symantec Corporation - Symantec Security Check Virus Detection Scan.) -- C:\Windows\Downloaded Program Files\avsniff.dll [337808]
[MD5.E6401B99A94A21A98C0E4C699A14A8C2] [SPRF][10/02/2010] (.TODO: <Company name> - TODO: <File description>.) -- C:\Windows\Downloaded Program Files\avsniffdlgs.dll [264080]
[MD5.4C124A94D0DD39B2D6939CC6CD7E3217] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\catalog.dat [2584]
[MD5.03CA4A509E1B0E59005A731F54EB9481] [SPRF][10/02/2010] (.Symantec Corp. - Symantec Engine Common Object Model Loader.) -- C:\Windows\Downloaded Program Files\ecmldr32.dll [42112]
[MD5.A6E4C541FB166237F85FE757CE183B12] [SPRF][26/10/2011] (.Symantec Corporation - Symantec Engine Common Object Model Server.) -- C:\Windows\Downloaded Program Files\ecmsvr32.dll [279992]
[MD5.7D7B1F8578F2F946A61A015AA44ADCF5] [SPRF][10/03/2011] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.2 r153.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2872992]
[MD5.CA74A39806ECD04FD412EABCB70473C9] [SPRF][10/02/2010] (.Symantec Corp. - Symantec AntiVirus Engine API.) -- C:\Windows\Downloaded Program Files\navapi32.dll [201896]
[MD5.1D340BF30C4BA80D86C4FBAEC5D582E9] [SPRF][26/10/2011] (.Symantec Corporation - AV Engine.) -- C:\Windows\Downloaded Program Files\naveng32.dll [177520]
[MD5.30C92D9540816E1BECB303B4E50A28A0] [SPRF][26/10/2011] (.Symantec Corporation - AV Engine.) -- C:\Windows\Downloaded Program Files\navex32a.dll [1934704]
[MD5.698239F4373767BAAC984E5511B137CA] [SPRF][10/02/2010] (.Symantec Corporation - Symantec Security Check Registry and File Information control.) -- C:\Windows\Downloaded Program Files\rufsi.dll [284048]
[MD5.384350958A2801B5B38D82C7ED52786D] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\scrauth.dat [98112]
[MD5.D1D73DAED82659D7EE4066F03BC7D8E6] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tcdefs.dat [22921321]
[MD5.9589C06C6CCB4C7BAF7C6AA86734EA12] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tcscan7.dat [22991018]
[MD5.A2E18D7EEC17BEEA8F56FDA41F514F84] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tcscan8.dat [178189]
[MD5.7C50C13698DB3A3C39F5373DE18D986C] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tcscan9.dat [652942]
[MD5.CF214896000FF599373A4687389D1FF4] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tinf.dat [453]
[MD5.F482930D99D74BCD79CB09F2E88BB7F7] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tinfidx.dat [148]
[MD5.66E00B2AE5A9923B46DA9C802235C7D0] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tinfl.dat [1957]
[MD5.44009C0B07E5B04D4EA0E8AD53ECADA7] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tscan1.dat [74646]
[MD5.44C7CE785BF1CFD02E75CAF4D7E8BF23] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\tscan1hd.dat [3934]
[MD5.EB6AA2397F094AD693F3F22291815A92] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan1.dat [1061529]
[MD5.C70981C9BCF365C2C83B1B1B077CABB5] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan2.dat [574068]
[MD5.5D1931134EE63E9225A4414E44433D2A] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan3.dat [157916]
[MD5.BDFB2177F890B422CDC1DDB9AB2202A6] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan4.dat [320391]
[MD5.73456A45254FB9E336B2DE5EA8046C44] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan5.dat [16185581]
[MD5.BDE2BD0EEA846F3A58FE8D17517C0D77] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan6.dat [398711]
[MD5.C3572D29D1B17C51B3946FC6865CE167] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan7.dat [196883146]
[MD5.E61438986718F4E798954E493B308689] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan8.dat [1009960]
[MD5.B8E7929890D96E7124CC744CD79ED752] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscan9.dat [6410151]
[MD5.ABA9D890ACB343EE58F02562B8D1B74D] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\virscant.dat [32]
[MD5.2EA09C8B4B4669C516433AE31982E259] [SPRF][26/10/2011] (...) -- C:\Windows\Downloaded Program Files\zdone.dat [224]
~ Scan Files in 00mn 07s

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{A489C6A2-265D-422F-AFBC-9E94CB9A15CC}" | In - Private - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O87 - FAEL: "{A345D9A5-A1A2-4307-B7B1-FDC237C7E671}" | In - Private - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O87 - FAEL: "{6614A2C6-AD70-4F2E-80F5-A090C4AAEBF8}" | In - Public - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O87 - FAEL: "{FCF029C2-C7DF-4EC9-B7ED-22B43851680C}" | In - Public - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O87 - FAEL: "{ABC351AE-7089-404C-B0E4-A4BEE2D78BBD}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
O87 - FAEL: "{6EFB4B45-704E-4D1E-BE6E-370A21E2E1AF}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
O87 - FAEL: "{D2A885FB-AFE4-4EFA-BD13-D42F1E261139}" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{8B6490D8-F239-4D22-BC9C-F9F981A0BDE1}" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{DC83D784-EA89-48A5-8F47-B9683B821134}" |Out - Domain - P17 - TRUE | .(...) -- C:\Program Files\ (x86)\uTorrent\uTorrent.exe (.not file.)
O87 - FAEL: "{53EEA510-9555-4EF9-BA63-7A4F90FCF3BE}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{549FE3C3-A34D-440E-AA8B-E3FE9F663FEE}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
O87 - FAEL: "{00FAC727-D251-4A43-8591-6C99BABCDEC4}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
O87 - FAEL: "{E9B6D60F-F1F7-4E07-8039-A2089EFC1F7D}" | In - Domain - P6 - TRUE | .(.ICQ, LLC. - ICQ.) -- C:\Program Files (x86)\ICQ7.6\ICQ.exe
O87 - FAEL: "{7D64F48B-1262-40EE-A4C3-128A9BBED186}" | In - Domain - P17 - TRUE | .(.ICQ, LLC. - ICQ.) -- C:\Program Files (x86)\ICQ7.6\ICQ.exe
O87 - FAEL: "{89D271D4-D482-410D-9DE8-96459F60CD54}" | In - Private - P6 - TRUE | .(.ICQ, LLC. - ICQ.) -- C:\Program Files (x86)\ICQ7.6\ICQ.exe
O87 - FAEL: "{0A61B311-2017-45B0-B919-D8FA599106EF}" | In - Private - P17 - TRUE | .(.ICQ, LLC. - ICQ.) -- C:\Program Files (x86)\ICQ7.6\ICQ.exe
O87 - FAEL: "{4E76CCCD-95E6-4CB5-8513-0B59F984FABA}" | In - Public - P6 - TRUE | .(.ICQ, LLC. - ICQ.) -- C:\Program Files (x86)\ICQ7.6\ICQ.exe
O87 - FAEL: "{BF5366B9-E2B7-4525-815A-FCE4D89B4B0D}" | In - Public - P17 - TRUE | .(.ICQ, LLC. - ICQ.) -- C:\Program Files (x86)\ICQ7.6\ICQ.exe
O87 - FAEL: "{0AE2A124-8249-4CD9-9E3E-E4653EAD50AC}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "{099ED0DA-2128-4241-8FA2-C7FDC82218B3}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
O87 - FAEL: "{F277DA23-0767-47D4-B86D-D509F29ED7B3}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{779CC544-9E06-44A2-8528-D54B2E88FFC8}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{9911945D-F6F2-4AD1-8FC7-89629DCE1148}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{247D61CD-3987-4364-BE1B-27D3E135100F}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{5CB56FC5-333F-49A9-8110-5F0C3A8EFB3A}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
O87 - FAEL: "{17D639C0-AB18-4A88-A72C-45D052A59EE4}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
O87 - FAEL: "{691A89D7-EC2E-49A8-8AAE-D432A32F201C}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
O87 - FAEL: "{1A237891-7330-4545-997B-CA79567FFAFD}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
O87 - FAEL: "{EE85E6C8-191D-4EF3-A9E5-395B5E9EC51C}" | In - Public - P6 - FALSE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
O87 - FAEL: "{151755A6-64E7-4455-8964-9274BD905159}" | In - Public - P17 - FALSE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
~ Scan Firewall in 00mn 05s

---\\ Scan Additionnel (O88)
Database Version : 8852 - (27/11/2011)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

[HKCU\Software\PopCap] =>Adware.PopCap
~ Scan Additionnel in 00mn 18s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 19/11/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/11/2011 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
SR - | Auto 19/11/2011 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 19/11/2011 86224 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 19/11/2011 110032 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 90112 | (AsSysCtrlService) . (...) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
SS - | Demand 19/11/2011 311928 | (maconfservice) . (.CybelSoft.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe
SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe
SR - | Auto 28/11/2011 2118976 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
SR - | Auto 19/11/2011 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/11/2011 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 19s

---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Run by Lorak at 30/11/2011 21:30:04

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 02s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Lorak at 30/11/2011 21:30:06

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite
~ Scan Emulateurs in 00mn 04s

End of the scan (1154 lines in 02mn 54s)(0)

Retour en haut of the page up there ^

#8 Apollo

Devil Member !

Groupe : Equipe Sécurité
Messages : 14909
Inscrit(e) : 21-novembre 04

Posté 30 novembre 2011 - 09:55

Re,

Télécharge AdwCleaner par Xplode: Les Téléchargements - Outils de Xplode - AdwCleaner

Enregistre-le sur le bureau (et pas ailleurs).

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.
Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

Clique sur Suppression et laisse travailler l'outil.

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

Le rapport est en outre sauvegardé sous C:\AdwCleaner[S1]

-------------------------

+++

Retour en haut of the page up there ^

#9 Lorak

Member

Groupe : Membres
Messages : 52
Inscrit(e) : 29-avril 07

Posté 30 novembre 2011 - 10:05

je suis désolé pour le temps perdu
j'ai du redemarrer merci prendre de ton temps voici le dernier rapport:

# AdwCleaner v1.319 - Rapport créé le 30/11/2011 à 22:06:26
# Mis à jour le 20/11/11 à 11h par Xplode
# Système d'exploitation : Windows 7 Ultimate Service Pack 1 (64 bits)
# Nom d'utilisateur : Lorak - LORAK-PC (Administrateur)
# Exécuté depuis : C:\Users\Lorak\Desktop\adwcleaner.exe
# Option [Suppression]

***** [Services] *****

***** [Fichiers / Dossiers] *****

***** [Registre] *****

***** [Registre (x64)] *****

***** [Navigateurs] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Opera v11.52.1100.0

Fichier : C:\Users\Lorak\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[S1].txt - [760 octets] - [30/11/2011 22:06:26]

*************************

Dossier Temporaire : 6 dossier(s)et 15 fichier(s) supprimés

########## EOF - C:\AdwCleaner[S1].txt - [979 octets] ##########

Retour en haut of the page up there ^

#10 Apollo

Devil Member !

Groupe : Equipe Sécurité
Messages : 14909
Inscrit(e) : 21-novembre 04

Posté 30 novembre 2011 - 10:29

Je ne crois pas ton pc infecté mais on va vérifier tout de même.

1) Télécharger ATF Cleaner par Atribune.

Archive-Host | Hébergement de fichiers et Solutions Web

|MG| ATF Cleaner 3.0.0.2 Download

ATF-Cleaner.exe

Sous Vista/7: Clic droit/exécuter en temps qu'administrateur.

Main

Select All

Empty Selected

Si tu utilises le navigateur Firefox :

Firefox

Select All

Empty Selected

NOTE :

Si tu utilises le navigateur Opera :

Opera

Select All

Empty Selected

NOTE :

Clique Exit, du menu principal, afin de fermer le programme.
Pour obtenir du Support technique, double-clique l'adresse électronique située au bas de chacun des menus.
------------------
2) Télécharge Malwarebytes' Anti-Malware (MBAM).

Malwarebytes : Malwarebytes Anti-Malware PRO removes malware including viruses, spyware, worms and trojans, plus it protects your computer clique pour la version FREE et enregistre l'exécutable sur le bureau.

A la proposition d'évaluation de la version Pro, refuser. Ceci évitera les éventuels conflits avec l'une ou l'autre suite de sécurité.

Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

Ce logiciel est à garder.

Uniquement en cas de problème de mise à jour:

Télécharger mises à jour MBAM

Exécute le fichier après l'installation de MBAM

Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Sélectionne "Exécuter un examen complet"
Clique sur "Rechercher"
L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :

Citation
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Si MBAM demande à redémarrer le pc, fais-le.

Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.

@++

Retour en haut of the page up there ^

(2 Pages)
1
2
→

Vous ne pouvez pas commencer un sujet
Vous ne pouvez pas répondre à ce sujet

Similar Topics
Sujet	Commencé par	Statistiques	Infos sur le dernier message
Certaines langues ont disparu de ma barre des langues	Melinda93	0 réponses 38 vues	Hier, 20:12 Par : Melinda93
Problème barre des tâches 1 2 3 4	caro_line	35 réponses 519 vues	21 mai 2012 - 05:25 Par : tomtom95
Soucis avec dossier corbeille 1 2 3 7 →	fbouba	60 réponses 1342 vues	07 mai 2012 - 04:22 Par : Notpa
Planificateur de tâches 1 2	lepompier	10 réponses 332 vues	11 mai 2012 - 04:41 Par : leminou
Disparition icônes bureau + gestionnaire de tâches inactif	lucky chanel	4 réponses 517 vues	26 avril 2012 - 01:39 Par : lucky chanel
Soucis au démarrage [sujet bloqué par contenu volumineux]	schumiseb1	0 réponses 133 vues	01 mai 2012 - 11:31 Par : schumiseb1
Barre supplémentaire	alma	1 réponses 242 vues	24 avril 2012 - 03:09 Par : Apollo
[Résolu] Bip, écran noir et autres soucis Prescott 800 ASROCK P4i65G	manly	6 réponses 463 vues	07 avril 2012 - 03:54 Par : manly
Barre d'outils La flèche pour revenir en arrière	Raymond 78	0 réponses 291 vues	07 avril 2012 - 03:58 Par : Raymond 78
Barre des tâches bloquée + problème Windows Installer	cec	1 réponses 454 vues	08 mars 2012 - 04:57 Par : Tonton