Analyse de rapport Ad-Remover

Kamalh · le 15 septembre 2011

Bonjour,

Depuis quelques temps j'ai des fenetres publicitaires qui s'ouvrent régulièrement (publicités eorezo).

J'ai suivi un tutoriel qui conseillais d'effectuer une analyse avec le programme AD-R. Voici le rapport que j'ai obtenu, merci de ma dire si je peux utiliser l'option nettoyer:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: [url=http://www.teamxscript.org]TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF[/url]

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 12:35:45 le 15/09/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium  Service Pack 1 (X64) 
Simon@PORTABLE_SIMON (ASUSTeK Computer Inc. N53SV) 

============== RECHERCHE ==============


Dossier trouvé: C:\Users\Simon\AppData\Roaming\EoRezo
Dossier trouvé: C:\Users\Simon\AppData\Local\EoRezo
Dossier trouvé: C:\Program Files (x86)\EoRezo

-- Fichier ouvert: C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default\Prefs.js --
Ligne trouvée: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprintin... 
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKU\.DEFAULT\Software\EoRezo
Clé trouvée: HKU\S-1-5-18\Software\EoRezo
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1

Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|AgenceChromeBHO@eorezo.com
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [6.0.2 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\ZEON/PDF,version=2.0 (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml (    hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKLM_Extensions|AgenceChromeBHO@eorezo.com - C:\Program Files (x86)\EoRezo
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default --
Prefs.js - browser.startup.homepage_override.buildID, 20110902133214
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://asus.msn.com
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://www.google.fr/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://asus.msn.com
AboutUrls|Tabs - hxxp://y.lo.st
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll)
BHO\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - "EOBHO Class" (C:\Program Files (x86)\EoRezo\EoRezoBHO.dll)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 2 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 08/09/2011 20:10:00 (5013 Octet(s)) 
C:\Ad-Report-SCAN[2].txt - 15/09/2011 12:35:49 (4940 Octet(s)) 

Fin à: 12:36:25, 15/09/2011 

============== E.O.F ==============

chantal11 · le 15 septembre 2011

Bonjour,

On va regarder ça ensemble

---------------------------------------------------------------------------------------------

Recommandations pendant la désinfection :

n'utilise ton PC que pour un strict minimum et surtout n'installe aucun autre programme (hormis les outils indiqués)
suis bien les instructions dans l'ordre où elles sont indiquées et n'utilise aucun outil de désinfection de ta propre initiative
signale si tu as ouvert le même sujet dans un autre forum, cela peut s'avérer fort dangereux pour ton système
un blocage est toujours possible pendant la procédure de désinfection, sauvegarde toutes tes données personnelles auparavant ou dès que c'est possible
que les symptômes ne se manifestent plus ne veut pas dire que le système est propre, il faut donc aller jusqu'au bout de la désinfection

---------------------------------------------------------------------------------------------

Ad_Remover - Nettoyage :

Ferme toutes les applications, y compris ton navigateur
Relance Ad_Remover par un double-clique sur l'icône AD-R.exe pour lancer l'installation
/!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal, clique sur Nettoyage et confirme l'action pour lancer l'action
A la fin du scan, un rapport Ad-Report-CLEAN.txt s'ouvre. Poste le rapport en pièce jointe dans ta prochaine réponse
Le rapport se trouve sous C:\Ad-Report-CLEAN.txt

---------------------------------------------------------------------------------------------

AdwCleaner - Recherche :

Sur cette page AdwCleaner de Xplode , clique sur Télécharger et enregistre le fichier sur ton Bureau
Double-clique sur l'icône AdwCleaner0.exe pour lancer l'installation
/!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal, clique sur Recherche et patiente le temps de l'analyse
A la fin du scan, un rapport AdwCleaner[R].txt s'ouvre. Poste le rapport en pièce jointe dans ta prochaine réponse
Le rapport se trouve sous C:\AdwCleaner[R].txt

---------------------------------------------------------------------------------------------

Sont attendus les rapports :

Ad-Report-CLEAN.txt
AdwCleaner[R].txt

@+

Kamalh · le 15 septembre 2011

Merci pour la rapidité de ta réponse.

Voici les 2 rapports:

Ad-Report-CLEAN.txt:

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: [url=http://www.teamxscript.org]TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF[/url]

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:11:54 le 15/09/2011, Mode normal

Microsoft Windows 7 Édition Familiale Premium  Service Pack 1 (X64) 
Simon@PORTABLE_SIMON (ASUSTeK Computer Inc. N53SV) 

============== ACTION(S) ==============


Dossier supprimé: C:\Users\Simon\AppData\Roaming\EoRezo
Dossier supprimé: C:\Users\Simon\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files (x86)\EoRezo

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default\Prefs.js --
Ligne supprimée: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprintin... 
-- Fichier Fermé --


Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKU\.DEFAULT\Software\EoRezo
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1

Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|AgenceChromeBHO@eorezo.com
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [6.0.2 (fr)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKLM_MozillaPlugins\ZEON/PDF,version=2.0 (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\bing.xml (    hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

-- C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default --
Prefs.js - browser.startup.homepage_override.buildID, 20110902133214
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 14 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 18 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 15/09/2011 18:12:00 (4925 Octet(s)) 
C:\Ad-Report-SCAN[1].txt - 08/09/2011 20:10:00 (5013 Octet(s)) 
C:\Ad-Report-SCAN[2].txt - 15/09/2011 12:35:49 (5078 Octet(s)) 

Fin à: 18:12:44, 15/09/2011 

============== E.O.F ==============

AdwCleaner[R1].txt:

# AdwCleaner v1.306 - Rapport créé le 15/09/2011 à 18:18:48
# Mis à jour le 14/09/11 à 13h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Simon - PORTABLE_SIMON (Administrateur)
# Exécuté depuis : C:\Users\Simon\Desktop\adwcleaner.exe
# Option [Recherche]


***** [Processus] *****


***** [services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****

Clé Présente : HKCU\Software\EoRezo

***** [Registre (64 bits)] *****

[x64] Clé Présente : HKCU64\Software\EoRezo
[x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v6.0.2 (fr)

Profil : 80rxxshe.default
Fichier : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\80rxxshe.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [1037 octets] - [15/09/2011 18:18:48]

########## EOF - C:\AdwCleaner[R1].txt - [1165 octets] ##########

chantal11 · le 15 septembre 2011

Bonjour,

Merci pour les rapports.

---------------------------------------------------------------------------------------------

AdwCleaner - Suppression :

Ferme toutes les applications, y compris ton navigateur
Relance AdwCleaner par un double-clique sur l'icône AdwCleaner0.exe pour lancer l'installation
/!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Sur le menu principal, clique sur Suppression et patiente le temps de l'analyse
A la fin du scan, un rapport AdwCleaner.txt s'ouvre. Poste le rapport en pièce jointe dans ta prochaine réponse
Le rapport se trouve sous C:\AdwCleaner.txt

---------------------------------------------------------------------------------------------

Malwarebyte's Anti-Malware :

Télécharge et installe Malwarebyte's Anti-Malware (clique sur Download Free version)
A la fin de l'installation, veille à ce que l'option Mettre à jour Malwarebytes' Anti-Malware soit cochée
Clique sur Terminer
/!\ Important -> Branche tous les périphériques externes (clés, disques durs ....)
Lance Malwarebyte's en double-cliquant sur l'icône sur le bureau
/!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Les Mises à jour se téléchargent, puis ouvre Malwarebyte's
Dans l'onglet Recherche, coche Exécuter un examen complet puis clique sur Rechercher
Sélectionne ton disque dur, puis clique sur Lancer l'examen
A la fin du scan, clique sur Afficher les résultats
Pour supprimer les éléments détectés, clique sur Supprimer la sélection
Si un redémarrage est demandé, clique sur Yes
Le rapport mbam-log[date-heure].txt s'ouvre, Poste le rapport en pièce jointe dans ta prochaine réponse

---------------------------------------------------------------------------------------------

Nous allons établir un diagnostic de contrôle avec cet outil, suis bien les instructions indiquées :

ZHPDiag :

Télécharge ZHPDiag de Nicolas Coolman et enregistre-le sur ton Bureau
Décompresse le fichier ZHPDiag2.zip par clic-droit -> Extraire tout
Double-clique sur ZHPDiag2.exe pour lancer l'installation
/!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau
L'outil a créé 3 icônes ZHPDiag, ZHPFix et MBRCheck sur le Bureau
Double-clique sur ZHPDiag pour lancer l'outil
/!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
Clique sur la loupe pour lancer l'analyse et patiente jusqu'à ce que le scan affiche 100%
Referme ZHPDiag
Le rapport ZHPDiag.txt se trouve sur le Bureau.
Ce rapport étant trop long pour le forum, héberge-le sur cijoint.fr ou pjjoint.fr et copie-colle le lien fourni dans ta réponse.

---------------------------------------------------------------------------------------------

Sont attendus les rapports :

AdwCleaner.txt
mbam-log[date-heure].txt
ZHPDiag.txt

@+

Kamalh · le 16 septembre 2011

J'ai suivi tes indications et voici les 3 rapports:

AdwCleaner.txt:

# AdwCleaner v1.306 - Rapport créé le 16/09/2011 à 17:36:37
# Mis à jour le 14/09/11 à 13h par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Simon - PORTABLE_SIMON (Administrateur)
# Exécuté depuis : C:\Users\Simon\Desktop\adwcleaner.exe
# Option [suppression]


***** [KillNav] *****

Aucun navigateur n'était en cours d'exécution.

***** [Processus] *****


***** [services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****

Clé Supprimée : HKCU\Software\EoRezo

***** [Registre (64 bits)] *****

[x64] Clé Supprimée : HKLM64\SOFTWARE\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v6.0.2 (fr)

Profil : 80rxxshe.default
Fichier : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\80rxxshe.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [1166 octets] - [15/09/2011 18:18:48]
AdwCleaner[s1].txt - [1131 octets] - [16/09/2011 17:36:37]

########## EOF - C:\AdwCleaner[s1].txt - [1259 octets] ##########

mbam-log-2011-09-16 (18-46-32).txt:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 7727

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

16/09/2011 18:46:32
mbam-log-2011-09-16 (18-46-32).txt

Type d'examen: Examen complet (C:\|D:\|F:\|)
Elément(s) analysé(s): 462100
Temps écoulé: 54 minute(s), 19 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\EoRezo\eorezo.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\EoRezo\eorezobho.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files (x86)\ad-remover\quarantine\C\Users\Simon\AppData\Roaming\EoRezo\EoRezo\softwareupdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files (x86)\ad-remover\quarantine\C\Users\Simon\AppData\Roaming\EoRezo\EoRezo\softwareupdatehp.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.

ZHPDiag.txt:

Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by Simon at 16/09/2011 18:53:33
Web site :  [url=http://www.premiumorange.com/zeb-help-process/zhpdiag.html]ZHPDiag Outil de diagnostic[/url]


---\\ Web Browser
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut)

---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle)  : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4007 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 97 GB (65%) free of 149 GB

---\\ Logged in mode
~ Computer Name: PORTABLE_SIMON
~ User Name: Simon
~ All Users Names: UpdatusUser, Simon, HomeGroupUser$, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Simon\AppData\Roaming\
~ %Desktop% : C:\Users\Simon\Desktop\
~ %Favorites% : C:\Users\Simon\Favorites\
~ %LocalAppData% : C:\Users\Simon\AppData\Local\
~ %StartMenu% : C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 97 Go of 149 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 391 Go of 426 Go)
E:\ CD-ROM drive (Free 0 Go of 0 Go)
F:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 466 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.30/04/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.1A36497983C867FB85FF1DCD4933015F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/08/2011 - 07:20:53.) -- C:\Windows\system32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/05/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.30/04/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.04/05/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.04/05/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/8
~ Mes musiques (My Musics) : 9/42
Mes Videos (My Videos) : 2/2   (Modified) 
~ Mes Favoris (My Favorites) : 2/35
~ Mes Documents (My Documents) : 1/3308
~ Mon Bureau (My Desktop) : 2/12124
~ Menu demarrer (Programs) : 7/35
~ Scan Hidden Files in 00mn 13s



---\\ Processus lancés
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe   [51768] [PID.2124]
[MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe   [5732992] [PID.2248]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe   [3058304] [PID.2292]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe   [103720] [PID.3236]
[MD5.D5C19842C2271327CA20511C30FFEED3] - (.Sonix Technology Co., Ltd. - CameraMonitor Application.) -- C:\Windows\vsnp2uvc.exe   [909824] [PID.3332]
[MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] - (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe   [984400] [PID.4396]
[MD5.79A3B950988F8D2B81906D0C0473158B] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe   [170624] [PID.4428]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe   [105016] [PID.4460]
[MD5.FD22B00049F775E952371E9C3DAC631B] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe   [1601536] [PID.4504]
[MD5.7E7C0EB0F46307C18A5C46C346F549D4] - (...) -- C:\ExpressGateUtil\VAWinAgent.exe   [21504] [PID.4524]
[MD5.22EC0852DBF032A93D8DA697065FA189] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe   [87336] [PID.4544]
[MD5.E66B40FF945DB80B2FA3D5D62CC27010] - (.cyberlink - brs.) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe   [75048] [PID.4552]
[MD5.72860972F8196EBB3C896F53D2B95470] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe   [150528] [PID.4600]
[MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe   [54840] [PID.4608]
[MD5.DC73E11DC27E7D9AEF884EBE816C4240] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe   [284440] [PID.4656]
[MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe   [281768] [PID.4680]
[MD5.879D74337173A6D630D3D06184D354C1] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe   [421736] [PID.4704]
[MD5.90368C19808AC9376BA21B85642D3ECB] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe   [965728] [PID.5504]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [669696] [PID.5152]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe   [84536] [PID.]
[MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe   [96896] [PID.]
[MD5.20757C632ACA98B73FB022C5B87F3753] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [42184] [PID.]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe   [136360] [PID.]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe   [269480] [PID.]
[MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [37664] [PID.]
[MD5.1C87705CCB2F60172B0FC86B5D82F00D] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe   [387944] [PID.]
[MD5.0ADF410187B71C9B855721C8D59CEC7A] - (...) -- C:\ExpressGateUtil\VAWinService.exe   [77312] [PID.]
[MD5.616F6E52CAE254727A886BA8EDA1BEEA] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe   [247152] [PID.]
[MD5.D41861E56E7552C13674D7F147A02464] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe   [13592] [PID.]
[MD5.7F32D4C47A50E7223491E8FB9359907D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe   [325656] [PID.]
[MD5.4E5C5D88EB0A8D21824D5A3EB7327E69] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe   [2255464] [PID.]
[MD5.2C16648A12999AE69A9EBF41974B0BA2] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe   [2656280] [PID.]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://fr.msn.com]MSN : Hotmail, Messenger, Bing, Actualité et Sport[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://asus.msn.com]Asus | MSN[/url]
R0 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://asus.msn.com]Asus | MSN[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://www.microsoft.com]Microsoft Corporation[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://www.microsoft.com]Microsoft Corporation[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com]Search Microsoft.com[/url]
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE64.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch [64Bits] - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (.Google Inc. - Fast Search.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE64.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe 
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe 
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 
O4 - HKLM\..\Run: [snp2uvc] . (.Sonix Technology Co., Ltd. - CameraMonitor Application.) -- C:\Windows\vsnp2uvc.exe 
O4 - HKLM\..\Run: [intelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\wscript.exe 
O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe 
O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKLM\..\Wow6432Node\Run: [updateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Wow6432Node\Run: [updateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Wow6432Node\Run: [Nuance PDF Reader-reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe 
O4 - HKLM\..\Wow6432Node\Run: [FLxHCIm] . (.Windows (R) Win 7 DDK provider - Fresco Logic.) -- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe 
O4 - HKLM\..\Wow6432Node\Run: [sonicMasterTray] . (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe 
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe 
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe 
O4 - HKLM\..\Wow6432Node\Run: [VAWinAgent] . (...) -- C:\ExpressGateUtil\VAWinAgent.exe 
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe 
O4 - HKLM\..\Wow6432Node\Run: [bDRegion] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe 
O4 - HKLM\..\Wow6432Node\Run: [updatePSTShortCut] Clé orpheline 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe 
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe 
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe 
O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe 
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe 
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\Run: [iSUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe 
O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Simon\Desktop\AD-R.lnk . (...)  -- C:\Program Files (x86)\Ad-Remover\main.exe
O4 - Global Startup: C:\Users\Simon\Desktop\Magic Workstation.lnk . (.Magic Technology.)  -- D:\Magic Workstation\MagicWorkstation.exe
O4 - Global Startup: C:\Users\Simon\Desktop\MWS Online Play.lnk . (.Magi-Soft Development.)  -- D:\Magic Workstation\MWSPlay.exe
O4 - Global Startup: C:\Users\Simon\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.)  -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\Simon\Desktop\Texmaker.lnk . (...)  -- C:\Program Files (x86)\Texmaker\texmaker.exe
O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.)  -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpNameServer = 192.168.55.55
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpNameServer = 192.168.250.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpDomain = rooms.iriga
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpDomain = mobile.lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpNameServer = 192.168.55.55
O17 - HKLM\System\CS1\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpNameServer = 192.168.250.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpDomain = rooms.iriga
O17 - HKLM\System\CS1\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpDomain = mobile.lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpNameServer = 192.168.55.55
O17 - HKLM\System\CS2\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpNameServer = 192.168.250.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpDomain = rooms.iriga
O17 - HKLM\System\CS2\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpDomain = mobile.lan
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 280.) - C:\Windows\system32\nvinitx.dll
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) - C:\Windows\system32\FBAgent.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) . (.ASUS - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Product - 2011/03/04 20:54:00 (CLKMSVC10_38F51D56) . (.CyberLink - CyberLink KM Service.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) . (.Intel(R) Corporation - Turbo Boost Monitor Service.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VideAceWindowsService (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.3ACABCA6A8DB71B7F19C8A7523AE1846] [APT] [ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] [APT] [ASUS Live Update] (...) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
[MD5.180E79B16063F7DFD005DC021AC543C6] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\P4G\BatteryLife.exe
[MD5.BC3DA234CDA880578526DAB028F40268] [APT] [ASUS SmartLogon Console Sensor] (.ASUS.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
[MD5.5BB1F77C8AF725A15EC9366498D275BB] [APT] [ATKOSD2] (.ASUS.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
[MD5.90368C19808AC9376BA21B85642D3ECB] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
[MD5.92B476DD52794881A4B91A5529C2706B] [APT] [{23CDBA1A-D4F1-45E1-A6A5-7C70381B1F8D}] (...) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe
[MD5.5D539617604E953FD2DF852F4B51A383] [APT] [{68550D31-B7C4-4CBE-BFCF-10304A2017AC}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 04s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (ATKWMIACPIIO) . (.ASUS - ATK WMIACPI Utility.) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
O41 - Driver:  (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM] -- {E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}
O42 - Logiciel: ASUS Video Magic - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: ASUS Video Magic - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage
O42 - Logiciel: ASUS_Screensaver - (.Pas de propriétaire.) [HKLM] -- ASUS_Screensaver
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bookworm Deluxe - (.Oberon Media Inc..) [HKLM] -- Bookworm Deluxe
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Call of Duty: Black Ops - (.Treyarch.) [HKLM] -- Steam App 42700
O42 - Logiciel: Call of Duty: Black Ops - Multiplayer - (.Treyarch.) [HKLM] -- Steam App 42710
O42 - Logiciel: Cooking Dash - (.Oberon Media Inc..) [HKLM] -- Cooking Dash
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: ExpressGate Cloud - (.Asus.) [HKLM] -- InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart All-In-One Driver Software 13.0 Rel. 2 - (.HP.) [HKLM] -- {988329F4-A1A1-4D51-803C-EF2725A97627}
O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential
O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {918A9082-6287-4D25-9002-5E5D5E4971CB}
O42 - Logiciel: Magic Workstation 0.94f - (.Magic Technology.) [HKLM] -- Magic Workstation_is1
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft IntelliPoint 8.1 - (.Microsoft.) [HKLM] -- Microsoft IntelliPoint 8.1
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Mises à jour NVIDIA 1.4.28 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr)
O42 - Logiciel: Mozilla Thunderbird (6.0.2) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (6.0.2)
O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 280.19 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Pilote graphique 280.26 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Napoleon: Total War - (.The Creative Assembly.) [HKLM] -- Steam App 34030
O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM] -- HPOCR
O42 - Logiciel: Plants vs Zombies - (.Oberon Media Inc..) [HKLM] -- Plants vs Zombies
O42 - Logiciel: R for Windows 2.13.0 - (.R Development Core Team.) [HKLM] -- R for Windows 2.13.0_is1
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: TeX Live 2010 - (.Pas de propriétaire.) [HKCU] -- TeXLive2010
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: Texmaker - (.Pas de propriétaire.) [HKLM] -- Texmaker
O42 - Logiciel: USB2.0 UVC 2M WebCam - (.Sonix.) [HKLM] -- USB2.0 UVC 2M WebCam
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553110) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{05D27A23-8E87-46B5-9EAF-F5B4DE7CCCA0}
O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: World of Goo - (.Oberon Media Inc..) [HKLM] -- World of Goo
O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATK0100]
[HKCU\Software\AVAST Software]
[HKCU\Software\Ad-Remover]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\ECAREME]
[HKCU\Software\Elantech]
[HKCU\Software\FLEXnet]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\I.R.I.S.]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Iris]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Magic Workstation]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mio]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Mumble]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\The Creative Assembly]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\Zeon]
[HKCU\Software\cybelsoft]
[HKCU\Software\xm1]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ASUS]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATK0100]
[HKLM\Software\AVAST Software]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CoreSecurity]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\ECAREME]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Mio]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Pando Networks]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\R-core]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Riot Games]
[HKLM\Software\SONIX]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\ScanSoft]
[HKLM\Software\Skype]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Valve]
[HKLM\Software\VideACE]
[HKLM\Software\VideoLAN]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Wow6432Node]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Yahoo]
[HKLM\Software\Zeon]
[HKLM\Software\asus]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\syncables]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05/03/2011 - 06:43:54 - [1518345] ----D- C:\Program Files\ASUS
O43 - CFD: 29/04/2011 - 14:25:14 - [169960150] ----D- C:\Program Files\AVAST Software
O43 - CFD: 26/07/2011 - 18:42:24 - [135066] ----D- C:\Program Files\Bonjour
O43 - CFD: 21/08/2011 - 14:23:58 - [8458144] ----D- C:\Program Files\CCleaner
O43 - CFD: 01/06/2011 - 20:20:02 - [101758030] ----D- C:\Program Files\Common Files
O43 - CFD: 04/05/2011 - 16:51:18 - [90256916] ----D- C:\Program Files\DVD Maker
O43 - CFD: 05/03/2011 - 06:40:46 - [11876568] ----D- C:\Program Files\Elantech
O43 - CFD: 05/03/2011 - 06:38:54 - [3772580] ----D- C:\Program Files\Fresco Logic Inc
O43 - CFD: 05/03/2011 - 06:01:00 - [318960] ----D- C:\Program Files\Google
O43 - CFD: 24/05/2011 - 18:18:00 - [242697] ----D- C:\Program Files\HP
O43 - CFD: 05/03/2011 - 06:44:10 - [1430726] ----D- C:\Program Files\Intel
O43 - CFD: 16/08/2011 - 17:46:18 - [5183665] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 23/08/2011 - 20:00:58 - [1951827] ----D- C:\Program Files\iPod
O43 - CFD: 23/08/2011 - 20:01:08 - [2358288] ----D- C:\Program Files\iTunes
O43 - CFD: 14/07/2009 - 09:45:56 - [149237810] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 30/04/2011 - 15:12:34 - [50171159] ----D- C:\Program Files\Microsoft IntelliPoint
O43 - CFD: 29/04/2011 - 22:10:04 - [594846] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 19/08/2011 - 22:31:26 - [513067180] ----D- C:\Program Files\NVIDIA Corporation
O43 - CFD: 05/03/2011 - 06:48:12 - [13858491] ----D- C:\Program Files\P4G
O43 - CFD: 29/04/2011 - 23:40:46 - [62601375] ----D- C:\Program Files\R
O43 - CFD: 05/03/2011 - 06:41:42 - [18185136] ----D- C:\Program Files\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 04/05/2011 - 16:51:14 - [4039680] ----D- C:\Program Files\Windows Defender
O43 - CFD: 04/05/2011 - 16:51:18 - [9224824] ----D- C:\Program Files\Windows Journal
O43 - CFD: 04/05/2011 - 16:51:18 - [6667776] ----D- C:\Program Files\Windows Mail
O43 - CFD: 04/05/2011 - 16:51:18 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12627636] ----D- C:\Program Files\Windows NT
O43 - CFD: 04/05/2011 - 16:51:18 - [5516056] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 04/05/2011 - 16:51:18 - [244736] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 04/05/2011 - 16:51:18 - [12520404] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 01/06/2011 - 20:20:02 - [6580905] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 05/03/2011 - 06:30:16 - [15974334] ----D- C:\Program Files\Common Files\Intel
O43 - CFD: 20/08/2011 - 12:06:20 - [66397030] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 03/05/2011 - 11:27:52 - [12194291] ----D- C:\Program Files\Common Files\System
O43 - CFD: 05/03/2011 - 06:40:54 - [495] ----D- C:\ProgramData\AmUStor
O43 - CFD: 01/06/2011 - 20:19:52 - [81926144] ----D- C:\ProgramData\Apple
O43 - CFD: 23/08/2011 - 20:00:56 - [66232176] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 20/08/2011 - 16:29:48 - [2282] ----D- C:\ProgramData\ASUS WebStorage
O43 - CFD: 29/04/2011 - 14:25:14 - [9373431] ----D- C:\ProgramData\AVAST Software
O43 - CFD: 21/08/2011 - 14:42:30 - [55692910] ----D- C:\ProgramData\Avira
O43 - CFD: 02/05/2011 - 23:51:40 - [63935] ----D- C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 05/03/2011 - 06:00:42 - [19852288] ----D- C:\ProgramData\Downloaded Installations
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 05/03/2011 - 06:00:44 - [3991919] ----D- C:\ProgramData\FLEXnet
O43 - CFD: 05/03/2011 - 06:01:04 - [12707] ----D- C:\ProgramData\Google
O43 - CFD: 24/05/2011 - 18:25:52 - [103971] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 24/05/2011 - 18:27:14 - [13136797] ----D- C:\ProgramData\HP
O43 - CFD: 24/05/2011 - 18:22:28 - [8988] ----D- C:\ProgramData\HP Product Assistant
O43 - CFD: 05/03/2011 - 06:32:06 - [1898] ----D- C:\ProgramData\Intel
O43 - CFD: 19/08/2011 - 21:03:54 - [1225371] ----D- C:\ProgramData\ma-config.com
O43 - CFD: 16/09/2011 - 17:47:44 - [7346083] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 29/04/2011 - 22:11:56 - [276452200] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 15/09/2011 - 14:09:02 - [65262] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 02/05/2011 - 17:48:40 - [486] ----D- C:\ProgramData\Nuance
O43 - CFD: 19/08/2011 - 22:36:40 - [5290065] ----D- C:\ProgramData\NVIDIA
O43 - CFD: 05/03/2011 - 06:34:20 - [880873] ----D- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 05/03/2011 - 06:12:04 - [1543603] ----D- C:\ProgramData\OberonGameConsole
O43 - CFD: 13/08/2011 - 15:37:48 - [1966] ----D- C:\ProgramData\P4G
O43 - CFD: 21/05/2011 - 11:52:56 - [1594] ----D- C:\ProgramData\Partner
O43 - CFD: 30/07/2011 - 12:39:38 - [0] ----D- C:\ProgramData\PlayFirst
O43 - CFD: 15/09/2011 - 11:58:50 - [17274] ----D- C:\ProgramData\PMB Files
O43 - CFD: 05/03/2011 - 06:00:44 - [1275444] ----D- C:\ProgramData\ScanSoft
O43 - CFD: 10/07/2011 - 13:03:48 - [42625036] ----D- C:\ProgramData\Skype
O43 - CFD: 02/07/2011 - 16:53:10 - [1302373] ----D- C:\ProgramData\Skype Extras
O43 - CFD: 05/03/2011 - 06:41:46 - [8886] ----D- C:\ProgramData\SonicFocus
O43 - CFD: 08/09/2011 - 13:33:30 - [6897] ----D- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 30/07/2011 - 12:50:18 - [323868] ---AD- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 29/04/2011 - 18:38:04 - [3726290] ----D- C:\ProgramData\Trend Micro
O43 - CFD: 24/05/2011 - 18:27:28 - [208] ----D- C:\ProgramData\WEBREG
O43 - CFD: 13/08/2011 - 15:33:04 - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 29/04/2011 - 18:24:46 - [3238384] ----D- C:\Users\Simon\AppData\Roaming\Adobe
O43 - CFD: 01/06/2011 - 20:22:56 - [212149] ----D- C:\Users\Simon\AppData\Roaming\Apple Computer
O43 - CFD: 20/08/2011 - 16:29:50 - [16089019] ----D- C:\Users\Simon\AppData\Roaming\Asus WebStorage
O43 - CFD: 07/09/2011 - 23:12:30 - [0] ----D- C:\Users\Simon\AppData\Roaming\Avira
O43 - CFD: 02/05/2011 - 23:51:12 - [2518] ----D- C:\Users\Simon\AppData\Roaming\CyberLink
O43 - CFD: 13/08/2011 - 15:33:28 - [249392] ----D- C:\Users\Simon\AppData\Roaming\Dropbox
O43 - CFD: 20/08/2011 - 16:28:48 - [0] ----D- C:\Users\Simon\AppData\Roaming\EeeStorageUploader
O43 - CFD: 02/05/2011 - 17:48:40 - [252] ----D- C:\Users\Simon\AppData\Roaming\FLEXnet
O43 - CFD: 24/05/2011 - 18:27:56 - [178782] ----D- C:\Users\Simon\AppData\Roaming\HP
O43 - CFD: 29/04/2011 - 11:08:40 - [0] ----D- C:\Users\Simon\AppData\Roaming\Identities
O43 - CFD: 08/08/2011 - 20:25:22 - [25798] ----D- C:\Users\Simon\AppData\Roaming\inkscape
O43 - CFD: 19/08/2011 - 22:34:42 - [0] ----D- C:\Users\Simon\AppData\Roaming\InstallShield
O43 - CFD: 19/08/2011 - 22:37:10 - [0] ----D- C:\Users\Simon\AppData\Roaming\Intel Corporation
O43 - CFD: 30/04/2011 - 15:14:16 - [461] ----D- C:\Users\Simon\AppData\Roaming\LolClient
O43 - CFD: 29/04/2011 - 18:24:48 - [1831] ----D- C:\Users\Simon\AppData\Roaming\Macromedia
O43 - CFD: 16/09/2011 - 17:48:04 - [2482847] ----D- C:\Users\Simon\AppData\Roaming\Malwarebytes
O43 - CFD: 14/07/2009 - 09:44:40 - [0] ----D- C:\Users\Simon\AppData\Roaming\Media Center Programs
O43 - CFD: 20/08/2011 - 11:43:00 - [3396479] -S--D- C:\Users\Simon\AppData\Roaming\Microsoft
O43 - CFD: 04/06/2011 - 11:32:46 - [14636478] ----D- C:\Users\Simon\AppData\Roaming\Mozilla
O43 - CFD: 09/09/2011 - 13:05:28 - [1375787] ----D- C:\Users\Simon\AppData\Roaming\Mumble
O43 - CFD: 02/05/2011 - 17:48:40 - [12] ----D- C:\Users\Simon\AppData\Roaming\Nuance
O43 - CFD: 02/05/2011 - 23:52:00 - [229152] ----D- C:\Users\Simon\AppData\Roaming\NVIDIA
O43 - CFD: 30/07/2011 - 12:39:38 - [2958] ----D- C:\Users\Simon\AppData\Roaming\PlayFirst
O43 - CFD: 08/09/2011 - 17:35:42 - [2030522] ----D- C:\Users\Simon\AppData\Roaming\Skype
O43 - CFD: 03/07/2011 - 00:03:10 - [20544] ----D- C:\Users\Simon\AppData\Roaming\skypePM
O43 - CFD: 03/07/2011 - 12:17:24 - [1866776] ----D- C:\Users\Simon\AppData\Roaming\The Creative Assembly
O43 - CFD: 04/06/2011 - 11:32:46 - [223617876] ----D- C:\Users\Simon\AppData\Roaming\Thunderbird
O43 - CFD: 13/08/2011 - 15:37:22 - [1688896] ----D- C:\Users\Simon\AppData\Roaming\vlc
O43 - CFD: 27/05/2011 - 22:35:44 - [0] ----D- C:\Users\Simon\AppData\Roaming\Windows Live Writer
O43 - CFD: 31/07/2011 - 00:46:14 - [12] ----D- C:\Users\Simon\AppData\Roaming\WinRAR
O43 - CFD: 02/05/2011 - 17:31:10 - [19574] ----D- C:\Users\Simon\AppData\Roaming\xm1
O43 - CFD: 24/05/2011 - 18:24:26 - [0] ----D- C:\Users\Simon\AppData\Roaming\Yahoo!
O43 - CFD: 02/05/2011 - 17:48:36 - [183603] ----D- C:\Users\Simon\AppData\Roaming\Zeon
O43 - CFD: 22/05/2011 - 11:03:34 - [0] ----D- C:\Users\Simon\AppData\Local\Activision
O43 - CFD: 01/06/2011 - 20:20:12 - [0] ----D- C:\Users\Simon\AppData\Local\Apple
O43 - CFD: 01/06/2011 - 20:21:32 - [4317535] ----D- C:\Users\Simon\AppData\Local\Apple Computer
O43 - CFD: 29/04/2011 - 11:07:58 - [0] -SH-D- C:\Users\Simon\AppData\Local\Application Data
O43 - CFD: 02/05/2011 - 23:51:14 - [2032] ----D- C:\Users\Simon\AppData\Local\Cyberlink
O43 - CFD: 19/08/2011 - 21:29:42 - [1223029] ----D- C:\Users\Simon\AppData\Local\Diagnostics
O43 - CFD: 21/08/2011 - 14:28:58 - [0] ----D- C:\Users\Simon\AppData\Local\Google
O43 - CFD: 29/04/2011 - 11:07:58 - [0] -SH-D- C:\Users\Simon\AppData\Local\Historique
O43 - CFD: 24/05/2011 - 18:27:12 - [345357] ----D- C:\Users\Simon\AppData\Local\HP
O43 - CFD: 13/09/2011 - 19:51:10 - [359487473] ----D- C:\Users\Simon\AppData\Local\Microsoft
O43 - CFD: 13/09/2011 - 19:49:50 - [173037] ----D- C:\Users\Simon\AppData\Local\Microsoft Games
O43 - CFD: 13/05/2011 - 21:00:38 - [300996] ----D- C:\Users\Simon\AppData\Local\Microsoft Help
O43 - CFD: 30/05/2011 - 20:55:48 - [453] ----D- C:\Users\Simon\AppData\Local\MiTAC_International_Corpo
O43 - CFD: 08/09/2011 - 10:44:18 - [187889135] ----D- C:\Users\Simon\AppData\Local\Mozilla
O43 - CFD: 15/09/2011 - 11:58:58 - [172293] ----D- C:\Users\Simon\AppData\Local\PMB Files
O43 - CFD: 29/04/2011 - 11:08:10 - [40960] ----D- C:\Users\Simon\AppData\Local\Power2Go
O43 - CFD: 16/09/2011 - 18:51:50 - [15594820] ----D- C:\Users\Simon\AppData\Local\Temp
O43 - CFD: 29/04/2011 - 11:07:58 - [0] -SH-D- C:\Users\Simon\AppData\Local\Temporary Internet Files
O43 - CFD: 21/06/2011 - 20:48:24 - [6734234] ----D- C:\Users\Simon\AppData\Local\Thunderbird
O43 - CFD: 07/09/2011 - 22:51:50 - [166184] ----D- C:\Users\Simon\AppData\Local\VirtualStore
O43 - CFD: 15/09/2011 - 19:28:54 - [69632] ----D- C:\Users\Simon\AppData\Local\Windows Live
O43 - CFD: 27/05/2011 - 22:35:54 - [372494] ----D- C:\Users\Simon\AppData\Local\Windows Live Writer
O43 - CFD: 07/08/2011 - 22:38:22 - [0] ----D- C:\Users\Simon\AppData\Local\{00EC9F05-7FA6-4D26-804D-DAD10A2A59D2}
O43 - CFD: 11/07/2011 - 18:21:28 - [0] ----D- C:\Users\Simon\AppData\Local\{02700E88-8D9D-4001-B6A7-D68F08EB733C}
O43 - CFD: 11/08/2011 - 20:42:00 - [0] ----D- C:\Users\Simon\AppData\Local\{027367E4-766D-4ED9-B1DC-FC94244C805C}
O43 - CFD: 31/05/2011 - 21:52:10 - [0] ----D- C:\Users\Simon\AppData\Local\{04B9AFB4-A8EC-4B02-B581-874AA1AECAD1}
O43 - CFD: 21/06/2011 - 18:05:28 - [0] ----D- C:\Users\Simon\AppData\Local\{08F20CE8-ABB9-4451-9EAC-B72972AC1FAE}
O43 - CFD: 13/07/2011 - 18:41:58 - [0] ----D- C:\Users\Simon\AppData\Local\{09B4D146-F920-4BF4-B590-8A36CC017104}
O43 - CFD: 13/09/2011 - 17:27:54 - [0] ----D- C:\Users\Simon\AppData\Local\{0CE5A6C2-F824-445D-8394-3189D4EECE8A}
O43 - CFD: 05/08/2011 - 19:16:18 - [0] ----D- C:\Users\Simon\AppData\Local\{0DBF8804-832A-4A28-9A2B-F93B499D4FFE}
O43 - CFD: 26/07/2011 - 18:27:20 - [0] ----D- C:\Users\Simon\AppData\Local\{0E585FE0-2BAF-456B-87B3-22AABCACE95A}
O43 - CFD: 10/08/2011 - 20:27:42 - [0] ----D- C:\Users\Simon\AppData\Local\{11DCFEA2-7063-443C-8DD2-8DCCCA41354D}
O43 - CFD: 10/08/2011 - 20:27:30 - [0] ----D- C:\Users\Simon\AppData\Local\{11EBF9A6-B844-4E9D-844D-9250E7FEBDCA}
O43 - CFD: 20/08/2011 - 13:07:22 - [0] ----D- C:\Users\Simon\AppData\Local\{130A07B2-13D8-4F83-8D0E-B6F9F97FFC19}
O43 - CFD: 17/08/2011 - 17:52:24 - [0] ----D- C:\Users\Simon\AppData\Local\{1479696E-4096-4E4F-BFFE-BA30278D6558}
O43 - CFD: 02/06/2011 - 10:20:08 - [0] ----D- C:\Users\Simon\AppData\Local\{14A48122-23F3-4EDF-9501-41BFD509D67C}
O43 - CFD: 30/05/2011 - 10:22:02 - [0] ----D- C:\Users\Simon\AppData\Local\{1529BEF3-9DAB-4B19-AA21-CD48B6DF3F1A}
O43 - CFD: 05/08/2011 - 20:21:48 - [0] ----D- C:\Users\Simon\AppData\Local\{156B118C-61AC-407C-AF2E-F9D550C40D04}
O43 - CFD: 02/08/2011 - 18:09:36 - [0] ----D- C:\Users\Simon\AppData\Local\{19C45E82-7FFC-4AE9-891A-76FF5624A70F}
O43 - CFD: 19/08/2011 - 22:37:30 - [0] ----D- C:\Users\Simon\AppData\Local\{1AC9DB8C-9B68-429F-8CA7-B6E1907B4B7C}
O43 - CFD: 16/08/2011 - 20:15:16 - [0] ----D- C:\Users\Simon\AppData\Local\{1D1A6F20-CCEE-44F8-A1D4-3ABDB0ED11EE}
O43 - CFD: 24/08/2011 - 20:15:52 - [0] ----D- C:\Users\Simon\AppData\Local\{1D7FB589-1821-487F-82AB-836308DC8E74}
O43 - CFD: 04/08/2011 - 18:06:34 - [0] ----D- C:\Users\Simon\AppData\Local\{1F2C952D-BF8B-463B-B8EE-D86E6E5FDA55}
O43 - CFD: 28/08/2011 - 20:53:16 - [0] ----D- C:\Users\Simon\AppData\Local\{1F766F6F-11C0-45EF-B1B6-4012B87B4884}
O43 - CFD: 23/06/2011 - 08:42:18 - [0] ----D- C:\Users\Simon\AppData\Local\{22F6F023-1FFE-4F96-B11E-C7106B31E69E}
O43 - CFD: 30/08/2011 - 21:42:36 - [0] ----D- C:\Users\Simon\AppData\Local\{24AB53AA-4238-4F34-A4FB-E91EE0AFE700}
O43 - CFD: 17/06/2011 - 18:15:18 - [0] ----D- C:\Users\Simon\AppData\Local\{278B0928-F99C-47AF-AB4E-827FEB8CBB27}
O43 - CFD: 04/06/2011 - 11:28:24 - [0] ----D- C:\Users\Simon\AppData\Local\{27BC23FE-938A-4559-B9A2-02CFB20EFF2E}
O43 - CFD: 10/08/2011 - 18:21:58 - [0] ----D- C:\Users\Simon\AppData\Local\{28805982-F29E-4858-9D55-E75C36E44070}
O43 - CFD: 07/08/2011 - 18:29:52 - [0] ----D- C:\Users\Simon\AppData\Local\{2C54D0E7-BE10-4B36-8729-5C477DB0EA64}
O43 - CFD: 22/08/2011 - 20:50:32 - [0] ----D- C:\Users\Simon\AppData\Local\{2CA606C8-F01C-4FA4-8897-47A10EDC7724}
O43 - CFD: 15/08/2011 - 22:35:08 - [0] ----D- C:\Users\Simon\AppData\Local\{2E5FA4C1-3529-4B0E-BF3F-664CEAF408AC}
O43 - CFD: 22/07/2011 - 18:00:12 - [0] ----D- C:\Users\Simon\AppData\Local\{2E757AE4-F82A-4ECE-BF23-C0E3402E822C}
O43 - CFD: 19/08/2011 - 12:23:50 - [0] ----D- C:\Users\Simon\AppData\Local\{312706EA-3751-46FA-B72F-E20CCD70B84B}
O43 - CFD: 25/07/2011 - 18:26:42 - [0] ----D- C:\Users\Simon\AppData\Local\{341239D5-7C8B-44BF-8CA1-3770E2C87237}
O43 - CFD: 27/05/2011 - 10:10:50 - [0] ----D- C:\Users\Simon\AppData\Local\{34DE378C-1F17-4EC4-9C5C-02D030DB059B}
O43 - CFD: 25/06/2011 - 12:07:26 - [0] ----D- C:\Users\Simon\AppData\Local\{3555E8EC-B274-4040-8C38-5256BBBCBC82}
O43 - CFD: 15/09/2011 - 19:28:34 - [0] ----D- C:\Users\Simon\AppData\Local\{37C931B0-5969-44A9-A20A-B0B415D8B07F}
O43 - CFD: 19/08/2011 - 22:37:42 - [0] ----D- C:\Users\Simon\AppData\Local\{3C90B1B3-4F6F-48C4-BB79-A4582B8A054F}
O43 - CFD: 13/08/2011 - 15:40:30 - [0] ----D- C:\Users\Simon\AppData\Local\{3D998918-B21C-4768-9D61-DD6BB36D9589}
O43 - CFD: 12/06/2011 - 12:40:26 - [0] ----D- C:\Users\Simon\AppData\Local\{3E48E8FD-4571-44DE-9C67-F86F4E9192A1}
O43 - CFD: 09/09/2011 - 11:49:18 - [0] ----D- C:\Users\Simon\AppData\Local\{3EAB732E-FD0B-4B00-93FB-CCF47CF21771}
O43 - CFD: 22/08/2011 - 20:50:00 - [0] ----D- C:\Users\Simon\AppData\Local\{3F22412E-1FA9-48A8-84D8-93547572064F}
O43 - CFD: 22/06/2011 - 19:01:00 - [0] ----D- C:\Users\Simon\AppData\Local\{404ED8C1-7B35-4D03-A0B3-0ABE3D9ADC4E}
O43 - CFD: 19/08/2011 - 12:24:00 - [0] ----D- C:\Users\Simon\AppData\Local\{40814BBB-E494-436A-BAED-970392B2914F}
O43 - CFD: 04/07/2011 - 18:37:28 - [0] ----D- C:\Users\Simon\AppData\Local\{43D019AE-F7DB-4344-88A3-4135854F9445}
O43 - CFD: 20/08/2011 - 11:11:34 - [0] ----D- C:\Users\Simon\AppData\Local\{4429CF98-3B2D-4C26-9262-012501ADCE07}
O43 - CFD: 21/08/2011 - 11:10:22 - [0] ----D- C:\Users\Simon\AppData\Local\{47B3F895-8E31-4173-B8AC-C98981CEDEF6}
O43 - CFD: 09/06/2011 - 08:19:06 - [0] ----D- C:\Users\Simon\AppData\Local\{4877A8C3-21F6-4908-A080-E6708BBBEB6A}
O43 - CFD: 18/07/2011 - 20:01:24 - [0] ----D- C:\Users\Simon\AppData\Local\{4915592F-7D23-480A-BBE2-9B8F240B4BE4}
O43 - CFD: 09/07/2011 - 11:04:54 - [0] ----D- C:\Users\Simon\AppData\Local\{4B710BC2-FCF7-4640-8141-82DB0DF7C98C}
O43 - CFD: 03/06/2011 - 18:07:50 - [0] ----D- C:\Users\Simon\AppData\Local\{4BA7DFA6-6710-4E9C-83E3-390289FB185B}
O43 - CFD: 06/08/2011 - 09:01:16 - [0] ----D- C:\Users\Simon\AppData\Local\{51B40316-0338-45B7-AAE9-C81BA919732C}
O43 - CFD: 24/06/2011 - 18:14:30 - [0] ----D- C:\Users\Simon\AppData\Local\{51BA880E-9B37-4270-8BF8-3AE58EF9DCC8}
O43 - CFD: 14/06/2011 - 18:22:22 - [0] ----D- C:\Users\Simon\AppData\Local\{51C61361-3C73-46F8-BB68-0031DB95ED8E}
O43 - CFD: 20/08/2011 - 13:07:12 - [0] ----D- C:\Users\Simon\AppData\Local\{51EA7181-FEA9-47DA-8800-7D7001D89320}
O43 - CFD: 25/05/2011 - 12:02:32 - [0] ----D- C:\Users\Simon\AppData\Local\{56152107-C592-49F6-919F-E337D4705D51}
O43 - CFD: 21/08/2011 - 11:10:34 - [0] ----D- C:\Users\Simon\AppData\Local\{561F0D00-C1A3-4104-A741-12D72D47FB86}
O43 - CFD: 16/06/2011 - 20:03:36 - [0] ----D- C:\Users\Simon\AppData\Local\{569F28EC-D030-4158-B87B-5643737EB8B3}
O43 - CFD: 06/07/2011 - 18:13:04 - [0] ----D- C:\Users\Simon\AppData\Local\{56F7E6BE-6981-4406-B496-F2502C618861}
O43 - CFD: 30/07/2011 - 12:27:18 - [0] ----D- C:\Users\Simon\AppData\Local\{570E6124-8C2B-4222-952C-66A9DD3D9F97}
O43 - CFD: 19/08/2011 - 17:38:40 - [0] ----D- C:\Users\Simon\AppData\Local\{57481B7B-5E4B-40E7-80A8-4025316BD587}
O43 - CFD: 15/07/2011 - 18:28:16 - [0] ----D- C:\Users\Simon\AppData\Local\{581F43B9-76B2-4DC8-BC82-2293338BAD22}
O43 - CFD: 28/05/2011 - 10:37:06 - [0] ----D- C:\Users\Simon\AppData\Local\{59574C72-2FCC-43BD-81C5-72B785AA0A21}
O43 - CFD: 07/08/2011 - 18:29:42 - [0] ----D- C:\Users\Simon\AppData\Local\{5A7FB0E0-579D-40B3-850D-82C117BDBA60}
O43 - CFD: 06/08/2011 - 21:20:24 - [0] ----D- C:\Users\Simon\AppData\Local\{5A9712BC-0CE3-4027-A0FB-D4360FBB3C1D}
O43 - CFD: 17/06/2011 - 20:02:14 - [0] ----D- C:\Users\Simon\AppData\Local\{5AB5006B-374C-4B99-8323-91B7EC21E5B8}
O43 - CFD: 24/05/2011 - 13:03:04 - [0] ----D- C:\Users\Simon\AppData\Local\{5BA7385E-D832-43CC-90E9-822820E77243}
O43 - CFD: 20/08/2011 - 12:03:50 - [0] ----D- C:\Users\Simon\AppData\Local\{5E540AA9-62AD-441E-B3A8-D6CF9AE388FE}
O43 - CFD: 30/08/2011 - 21:42:46 - [0] ----D- C:\Users\Simon\AppData\Local\{5FC1D109-FC4F-49CB-992A-505CEE4958EF}
O43 - CFD: 10/08/2011 - 18:22:08 - [0] ----D- C:\Users\Simon\AppData\Local\{60A39786-A27F-45FD-9746-309D3F004B77}
O43 - CFD: 05/08/2011 - 20:21:38 - [0] ----D- C:\Users\Simon\AppData\Local\{63F2A49F-D833-4D24-9D5B-DE63C834D9BF}
O43 - CFD: 26/06/2011 - 12:08:44 - [0] ----D- C:\Users\Simon\AppData\Local\{69CFE0E4-DEF2-4800-B47A-80C872980A01}
O43 - CFD: 20/08/2011 - 11:11:44 - [0] ----D- C:\Users\Simon\AppData\Local\{6A0FD1D5-CBC5-47F9-89DC-472772927145}
O43 - CFD: 27/08/2011 - 17:30:16 - [0] ----D- C:\Users\Simon\AppData\Local\{6D5D0835-E9D7-48BE-ADEA-DF545C2A748D}
O43 - CFD: 16/08/2011 - 17:49:32 - [0] ----D- C:\Users\Simon\AppData\Local\{6DC3675D-F5E0-4D1C-9C43-10934B8F0A89}
O43 - CFD: 23/08/2011 - 19:59:12 - [0] ----D- C:\Users\Simon\AppData\Local\{6E859BDA-ACCE-45CE-A92F-35C15A085CE6}
O43 - CFD: 12/08/2011 - 18:11:24 - [0] ----D- C:\Users\Simon\AppData\Local\{6FD24BC9-06AF-4B73-8D91-AE8E84B27133}
O43 - CFD: 28/07/2011 - 18:35:24 - [0] ----D- C:\Users\Simon\AppData\Local\{71643C26-2394-417B-A773-FA66D26B6F54}
O43 - CFD: 23/05/2011 - 22:52:02 - [0] ----D- C:\Users\Simon\AppData\Local\{75DA480E-90E0-447A-8C84-2E3CA0F9D803}
O43 - CFD: 06/08/2011 - 21:20:12 - [0] ----D- C:\Users\Simon\AppData\Local\{76C5F757-4314-46FF-AB62-9E4EC28D84F6}
O43 - CFD: 09/09/2011 - 11:49:08 - [0] ----D- C:\Users\Simon\AppData\Local\{7884D8FE-E526-4A06-A8B8-47699731F828}
O43 - CFD: 30/06/2011 - 19:57:42 - [0] ----D- C:\Users\Simon\AppData\Local\{7A6C5C2B-63C1-44E3-BFA9-A69412E489BF}
O43 - CFD: 15/09/2011 - 19:28:46 - [0] ----D- C:\Users\Simon\AppData\Local\{7B12A3F9-31BD-4AB8-9210-4E97B6D7AB0D}
O43 - CFD: 07/06/2011 - 18:40:44 - [0] ----D- C:\Users\Simon\AppData\Local\{7B91F521-C960-4C7D-951E-DCF1C0A351B8}
O43 - CFD: 12/08/2011 - 18:11:12 - [0] ----D- C:\Users\Simon\AppData\Local\{803F4A13-A5E6-44F2-8C5C-3AB0ED140C4B}
O43 - CFD: 10/06/2011 - 18:07:08 - [0] ----D- C:\Users\Simon\AppData\Local\{8229011D-DB18-408A-B18D-AF270E5679F7}
O43 - CFD: 08/09/2011 - 21:37:54 - [0] ----D- C:\Users\Simon\AppData\Local\{82530806-47DC-4F56-A6DE-2EE13CF60AB5}
O43 - CFD: 23/07/2011 - 11:15:34 - [0] ----D- C:\Users\Simon\AppData\Local\{82C1143B-6603-4016-B203-2B04D45351FB}
O43 - CFD: 26/08/2011 - 20:10:34 - [0] ----D- C:\Users\Simon\AppData\Local\{83FF1F8A-644A-4D8C-9AA0-E80CB73C0BC6}
O43 - CFD: 09/08/2011 - 18:31:36 - [0] ----D- C:\Users\Simon\AppData\Local\{85906F01-36D4-4ECE-83E8-B8735887A523}
O43 - CFD: 29/05/2011 - 19:44:48 - [0] ----D- C:\Users\Simon\AppData\Local\{8793BF18-26DE-416E-96D4-2218F84FE7DC}
O43 - CFD: 26/06/2011 - 00:08:06 - [0] ----D- C:\Users\Simon\AppData\Local\{87FD22FB-3365-41A3-9125-9D6F2FEEBE8B}
O43 - CFD: 07/08/2011 - 22:38:32 - [0] ----D- C:\Users\Simon\AppData\Local\{895B0B69-61CE-4A3E-AB02-1243A0199D64}
O43 - CFD: 06/06/2011 - 18:28:40 - [0] ----D- C:\Users\Simon\AppData\Local\{8BE9DDBD-6633-4A70-8A6B-E2547C7E5BB1}
O43 - CFD: 20/08/2011 - 12:04:00 - [0] ----D- C:\Users\Simon\AppData\Local\{8F46A592-7E7B-4860-BA3A-F9C3CAAA873F}
O43 - CFD: 16/08/2011 - 17:49:20 - [0] ----D- C:\Users\Simon\AppData\Local\{8F4FB952-B030-422C-B687-730C284BE828}
O43 - CFD: 27/06/2011 - 18:14:54 - [0] ----D- C:\Users\Simon\AppData\Local\{90908835-7B0A-4194-8671-B9174FF601EB}
O43 - CFD: 23/06/2011 - 20:51:06 - [0] ----D- C:\Users\Simon\AppData\Local\{90974AD4-12A4-4B48-BC8C-28E5B468D6A4}
O43 - CFD: 13/09/2011 - 17:27:54 - [0] ----D- C:\Users\Simon\AppData\Local\{93859180-71F7-4E33-882B-A035E50779B3}
O43 - CFD: 31/08/2011 - 18:35:12 - [0] ----D- C:\Users\Simon\AppData\Local\{939BE22C-BA83-4093-9F2B-52483415C5EA}
O43 - CFD: 31/07/2011 - 11:03:02 - [0] ----D- C:\Users\Simon\AppData\Local\{93E1E39E-CC18-4DAC-A04C-DE89519C4FBE}
O43 - CFD: 17/07/2011 - 21:25:34 - [0] ----D- C:\Users\Simon\AppData\Local\{94CC241E-AC85-4A3A-807F-51920FD69957}
O43 - CFD: 14/07/2011 - 10:54:02 - [0] ----D- C:\Users\Simon\AppData\Local\{94DFD98F-8DA1-442F-9D54-47259A556E12}
O43 - CFD: 03/07/2011 - 17:54:02 - [0] ----D- C:\Users\Simon\AppData\Local\{99B7AF2C-416D-4474-ABEB-88F12CA77468}
O43 - CFD: 01/06/2011 - 18:46:54 - [0] ----D- C:\Users\Simon\AppData\Local\{9E54A5DB-A66E-489C-BB26-13D3E075567C}
O43 - CFD: 16/08/2011 - 20:15:04 - [0] ----D- C:\Users\Simon\AppData\Local\{9F0564F7-4B06-4C31-BB2C-7C3E6EF071DA}
O43 - CFD: 29/07/2011 - 17:58:42 - [0] ----D- C:\Users\Simon\AppData\Local\{A0AB9DEC-3728-4D48-B930-59768FA573EB}
O43 - CFD: 03/08/2011 - 18:29:54 - [0] ----D- C:\Users\Simon\AppData\Local\{A1A249F9-AEEF-4EBF-AAB3-696DDB5325F0}
O43 - CFD: 01/07/2011 - 18:03:08 - [0] ----D- C:\Users\Simon\AppData\Local\{A4478696-BB37-45BD-84C5-02BD1C57AAE6}
O43 - CFD: 20/06/2011 - 22:56:42 - [0] ----D- C:\Users\Simon\AppData\Local\{A8CD35F4-A610-498F-BD5A-12BFB5EF35DD}
O43 - CFD: 22/08/2011 - 20:50:44 - [0] ----D- C:\Users\Simon\AppData\Local\{A907C239-1885-46FD-B7E5-0A2FA91AFE4D}
O43 - CFD: 11/06/2011 - 11:42:12 - [0] ----D- C:\Users\Simon\AppData\Local\{AFDDF7DE-85F6-4969-B054-05172DBC9B2B}
O43 - CFD: 15/06/2011 - 19:24:58 - [0] ----D- C:\Users\Simon\AppData\Local\{B32CF596-6D80-4CE7-B5CD-980A46622A25}
O43 - CFD: 10/08/2011 - 20:48:24 - [0] ----D- C:\Users\Simon\AppData\Local\{B5359798-A6F9-4BE1-83BB-FEB6E1C3D40B}
O43 - CFD: 30/05/2011 - 10:21:12 - [0] ----D- C:\Users\Simon\AppData\Local\{B5748EE8-9B9F-4479-A5A9-9E8170DF423B}
O43 - CFD: 01/08/2011 - 18:17:10 - [0] ----D- C:\Users\Simon\AppData\Local\{B59010F9-4309-47C3-9DFE-8C40C46F833A}
O43 - CFD: 12/07/2011 - 18:28:22 - [0] ----D- C:\Users\Simon\AppData\Local\{B5B90714-ED14-42DF-B8BA-9D233D6A37FC}
O43 - CFD: 28/06/2011 - 18:16:42 - [0] ----D- C:\Users\Simon\AppData\Local\{B6461CCB-E02C-4A0A-977E-C3155C6186EB}
O43 - CFD: 11/08/2011 - 20:41:48 - [0] ----D- C:\Users\Simon\AppData\Local\{BACACB18-063F-47AE-AA51-1C03BF6A7B1B}
O43 - CFD: 21/07/2011 - 12:21:40 - [0] ----D- C:\Users\Simon\AppData\Local\{BCF0CCDB-F59B-4B73-9CE9-3110F1B02960}
O43 - CFD: 05/08/2011 - 19:16:06 - [0] ----D- C:\Users\Simon\AppData\Local\{C3A0C932-D091-4EFE-A2C5-86C94BB5C829}
O43 - CFD: 13/06/2011 - 10:47:08 - [0] ----D- C:\Users\Simon\AppData\Local\{C4EA832D-B607-44C1-95F7-8AE16B4B4E87}
O43 - CFD: 08/09/2011 - 21:38:04 - [0] ----D- C:\Users\Simon\AppData\Local\{C572ECC0-8207-4A11-9299-D6F6AFCF86C2}
O43 - CFD: 15/08/2011 - 22:35:36 - [0] ----D- C:\Users\Simon\AppData\Local\{C63B2F82-F74E-417C-9F75-006FB4196E6B}
O43 - CFD: 16/07/2011 - 10:53:26 - [0] ----D- C:\Users\Simon\AppData\Local\{CAF586D2-04DF-4CD4-8327-5AD2043CCB83}
O43 - CFD: 24/07/2011 - 10:49:14 - [0] ----D- C:\Users\Simon\AppData\Local\{CB21A129-08F1-4250-A6E2-0A6948C9F71D}
O43 - CFD: 24/08/2011 - 20:15:40 - [0] ----D- C:\Users\Simon\AppData\Local\{CBDA3D15-0129-44BF-B85F-46B6B20077CE}
O43 - CFD: 27/07/2011 - 18:57:04 - [0] ----D- C:\Users\Simon\AppData\Local\{CDB10600-5572-40A9-8C53-EC18EAC80E8C}
O43 - CFD: 03/07/2011 - 04:29:52 - [0] ----D- C:\Users\Simon\AppData\Local\{D0CEA2F6-DA6F-4FD2-A844-D4373E35EBAC}
O43 - CFD: 12/09/2011 - 18:46:46 - [0] ----D- C:\Users\Simon\AppData\Local\{D1EA1A6D-9BE6-4B70-ACB9-43955A3F0FD5}
O43 - CFD: 26/05/2011 - 09:09:56 - [0] ----D- C:\Users\Simon\AppData\Local\{D2EDD844-558A-4AB4-A96E-E680EBA85093}
O43 - CFD: 19/07/2011 - 18:53:08 - [0] ----D- C:\Users\Simon\AppData\Local\{D3D24F53-7DFB-42F9-82DD-167EC6BCCF0B}
O43 - CFD: 31/08/2011 - 18:35:00 - [0] ----D- C:\Users\Simon\AppData\Local\{D5243766-08A4-489B-8157-5A0257D242C9}
O43 - CFD: 06/08/2011 - 10:12:52 - [0] ----D- C:\Users\Simon\AppData\Local\{D8A2C579-16F2-41AE-8EB9-D728A12B34FC}
O43 - CFD: 10/07/2011 - 11:48:48 - [0] ----D- C:\Users\Simon\AppData\Local\{DC5B7793-3EC4-4B85-8AC7-66F5CD998B8B}
O43 - CFD: 05/06/2011 - 11:29:38 - [0] ----D- C:\Users\Simon\AppData\Local\{DCAE484C-E87C-4085-A977-9752D1C2A720}
O43 - CFD: 08/06/2011 - 19:17:00 - [0] ----D- C:\Users\Simon\AppData\Local\{DCB8DF97-CC63-421B-9F82-CBB399EE95C1}
O43 - CFD: 08/07/2011 - 18:20:30 - [0] ----D- C:\Users\Simon\AppData\Local\{DF3E79A7-3816-4E56-ABE2-A0E940C883EE}
O43 - CFD: 20/07/2011 - 18:11:16 - [0] ----D- C:\Users\Simon\AppData\Local\{DF476E0C-C426-4C43-A631-6B89B9E071D6}
O43 - CFD: 09/08/2011 - 18:31:26 - [0] ----D- C:\Users\Simon\AppData\Local\{DF8068A9-BFAF-4D11-8C6B-87A94F7CB24D}
O43 - CFD: 22/08/2011 - 20:50:00 - [0] ----D- C:\Users\Simon\AppData\Local\{DFA47E39-29D9-4110-9063-F2E270083697}
O43 - CFD: 05/07/2011 - 18:28:06 - [0] ----D- C:\Users\Simon\AppData\Local\{E04A02D5-38F6-4EF6-BC66-08F45A8BF89E}
O43 - CFD: 12/09/2011 - 18:46:34 - [0] ----D- C:\Users\Simon\AppData\Local\{E10C8C50-4C19-4601-A6EF-02C661F387B0}
O43 - CFD: 06/08/2011 - 09:01:28 - [0] ----D- C:\Users\Simon\AppData\Local\{E33C526A-FB19-465C-8B4B-C61E1410FA9F}
O43 - CFD: 26/08/2011 - 20:10:46 - [0] ----D- C:\Users\Simon\AppData\Local\{E3B48EFD-30B4-47FA-82AD-56C1DE65702E}
O43 - CFD: 27/05/2011 - 22:36:18 - [0] ----D- C:\Users\Simon\AppData\Local\{E406981E-4888-44CB-A972-84D078D54875}
O43 - CFD: 10/08/2011 - 20:48:14 - [0] ----D- C:\Users\Simon\AppData\Local\{E4898195-8FE9-4137-B597-389BA1A10F72}
O43 - CFD: 27/08/2011 - 17:30:06 - [0] ----D- C:\Users\Simon\AppData\Local\{E7F7709B-76E1-44C9-B5DA-D76A5F21A495}
O43 - CFD: 29/06/2011 - 18:22:24 - [0] ----D- C:\Users\Simon\AppData\Local\{E8F1EF20-8C23-417A-88F3-B6444C6A01F0}
O43 - CFD: 16/07/2011 - 22:54:02 - [0] ----D- C:\Users\Simon\AppData\Local\{E986C877-7128-4034-8D7B-9AACCD8D0E9E}
O43 - CFD: 09/06/2011 - 20:19:42 - [0] ----D- C:\Users\Simon\AppData\Local\{EB884A84-08B0-4C20-BFE0-ACB6E3E19864}
O43 - CFD: 23/08/2011 - 19:59:24 - [0] ----D- C:\Users\Simon\AppData\Local\{ED3D5DBD-B498-4EC7-9CCA-EC296351180B}
O43 - CFD: 04/06/2011 - 23:29:00 - [0] ----D- C:\Users\Simon\AppData\Local\{EE0ED4C5-A326-47B1-AAF6-8BD6EA351EE1}
O43 - CFD: 13/06/2011 - 01:30:16 - [0] ----D- C:\Users\Simon\AppData\Local\{F04CC751-2998-4F8A-A27D-C3160018B933}
O43 - CFD: 05/08/2011 - 18:14:42 - [0] ----D- C:\Users\Simon\AppData\Local\{F42B68F7-5A1E-416D-8C42-C742B97ABFD0}
O43 - CFD: 19/08/2011 - 17:38:52 - [0] ----D- C:\Users\Simon\AppData\Local\{F4707298-AF37-4A04-8980-F579D1396F78}
O43 - CFD: 07/07/2011 - 19:48:04 - [0] ----D- C:\Users\Simon\AppData\Local\{F4B28F80-DA0E-42D2-BA7E-C937739694E5}
O43 - CFD: 17/08/2011 - 17:52:14 - [0] ----D- C:\Users\Simon\AppData\Local\{F7673E10-309B-43C0-88B9-CD318DA2F407}
O43 - CFD: 28/08/2011 - 20:53:28 - [0] ----D- C:\Users\Simon\AppData\Local\{F7823C48-9F48-45DF-BC0A-F29D52702068}
O43 - CFD: 13/08/2011 - 15:18:08 - [0] ----D- C:\Users\Simon\AppData\Local\{FB4D9438-29C8-49D5-884B-BDD97E4D09A4}
O43 - CFD: 02/07/2011 - 12:02:24 - [0] ----D- C:\Users\Simon\AppData\Local\{FD0F4C8E-308A-41E1-992F-67DDB808DC95}
O43 - CFD: 08/09/2011 - 20:09:54 - [211967441] ----D- C:\Program Files (x86)\Ad-Remover
O43 - CFD: 05/03/2011 - 06:40:54 - [3037097] ----D- C:\Program Files (x86)\AmIcoSingLun
O43 - CFD: 07/07/2011 - 19:58:16 - [2428606] ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 16/08/2011 - 17:59:04 - [186108861] ----D- C:\Program Files (x86)\ASUS
O43 - CFD: 21/08/2011 - 14:42:30 - [153232771] ----D- C:\Program Files (x86)\Avira
O43 - CFD: 26/07/2011 - 18:42:24 - [628555] ----D- C:\Program Files (x86)\Bonjour
O43 - CFD: 19/08/2011 - 22:39:02 - [629844604] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 05/03/2011 - 06:54:10 - [1261733639] ----D- C:\Program Files (x86)\CyberLink
O43 - CFD: 21/08/2011 - 14:29:12 - [38252643] ----D- C:\Program Files (x86)\Google
O43 - CFD: 13/08/2011 - 15:18:46 - [0] ----D- C:\Program Files (x86)\GRETECH
O43 - CFD: 24/05/2011 - 18:24:00 - [343618554] ----D- C:\Program Files (x86)\HP
O43 - CFD: 13/08/2011 - 15:37:10 - [84101002] ----D- C:\Program Files (x86)\Inkscape
O43 - CFD: 20/08/2011 - 16:31:36 - [106817615] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 19/08/2011 - 22:35:02 - [38341478] ----D- C:\Program Files (x86)\Intel
O43 - CFD: 16/08/2011 - 17:46:18 - [5718511] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 23/08/2011 - 20:01:08 - [122400899] ----D- C:\Program Files (x86)\iTunes
O43 - CFD: 19/08/2011 - 21:03:56 - [6511189] ----D- C:\Program Files (x86)\ma-config.com
O43 - CFD: 16/09/2011 - 17:47:44 - [7017356] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 29/04/2011 - 18:26:20 - [0] ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 29/04/2011 - 22:12:20 - [577351558] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 16/06/2011 - 00:04:18 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 29/04/2011 - 22:12:18 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 29/04/2011 - 22:10:00 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 01/05/2011 - 11:04:06 - [3726168] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 02/05/2011 - 16:38:20 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30/05/2011 - 20:56:12 - [0] ----D- C:\Program Files (x86)\Mio
O43 - CFD: 08/09/2011 - 10:44:08 - [35681140] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 07/09/2011 - 11:37:30 - [38373883] ----D- C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 29/04/2011 - 22:12:24 - [26521] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 05/03/2011 - 06:15:56 - [154033] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 30/05/2011 - 21:06:54 - [32512873] ----D- C:\Program Files (x86)\Mumble
O43 - CFD: 05/03/2011 - 06:00:44 - [45049512] ----D- C:\Program Files (x86)\Nuance
O43 - CFD: 19/08/2011 - 22:31:12 - [86925673] ----D- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 29/04/2011 - 18:28:26 - [7460142] ----D- C:\Program Files (x86)\Pando Networks
O43 - CFD: 16/08/2011 - 18:03:22 - [75694785] ----D- C:\Program Files (x86)\QuickTime
O43 - CFD: 20/08/2011 - 11:48:14 - [15893395] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 20/08/2011 - 11:30:02 - [15141858] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 08/09/2011 - 12:03:34 - [50740712] ----D- C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 05/03/2011 - 06:12:42 - [169308348] ----D- C:\Program Files (x86)\syncables
O43 - CFD: 05/03/2011 - 06:41:58 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 02/05/2011 - 17:30:58 - [54697742] ----D- C:\Program Files (x86)\Texmaker
O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 01/06/2011 - 20:46:10 - [82679395] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 03/05/2011 - 11:27:52 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 20/08/2011 - 12:06:38 - [115477637] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 04/05/2011 - 16:51:22 - [6181376] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 04/05/2011 - 16:51:20 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 04/05/2011 - 16:51:20 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 04/05/2011 - 16:51:20 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 04/05/2011 - 16:51:22 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 27/08/2011 - 13:46:48 - [4142972] ----D- C:\Program Files (x86)\WinRAR
O43 - CFD: 27/05/2011 - 22:59:40 - [0] ----D- C:\Program Files (x86)\Yahoo!
O43 - CFD: 16/09/2011 - 18:54:00 - [4014804] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 23/08/2011 - 20:00:56 - [96662340] ----D- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 29/04/2011 - 22:12:18 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 24/05/2011 - 18:20:28 - [531477] ----D- C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 24/05/2011 - 18:20:30 - [5665956] ----D- C:\Program Files (x86)\Common Files\HP
O43 - CFD: 05/03/2011 - 06:43:46 - [3261625] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 05/03/2011 - 06:30:14 - [13799665] ----D- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 19/08/2011 - 22:39:02 - [7581] ----D- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 20/08/2011 - 12:06:20 - [225014860] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 05/03/2011 - 06:11:26 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 05/03/2011 - 06:37:24 - [162236] ----D- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 06/09/2011 - 19:38:48 - [411432] ----D- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 03/05/2011 - 11:27:52 - [44307943] ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 05/03/2011 - 06:01:26 - [198465132] ----D- C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 38s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.CD7341893E28D2D1C938E8E6E64ADA0F] - 16/09/2011 - 17:53:34 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1712728]
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 16/09/2011 - 17:48:17 ---A- . (...) -- C:\Windows\SysNative\acovcnt.exe   [45056]
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 16/09/2011 - 17:48:17 RSHAD . (...) -- C:\Windows\system32\acovcnt.exe   [45056]
O44 - LFC:[MD5.23C40D9EBFBD6353299038234005CE46] - 16/09/2011 - 17:48:15 ---A- . (...) -- C:\Windows\setupact.log   [2850]
O44 - LFC:[MD5.BD3D45ECF7625AAA61DBB2A0661DF334] - 16/09/2011 - 17:48:14 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.AFC7FD3061B0570EB76557928B668BAC] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1580460]
O44 - LFC:[MD5.6FDF129038BF61CF24D5C9E815FF31C9] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [110140]
O44 - LFC:[MD5.3CBC580EA10BBA341B027B55435E160F] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [134506]
O44 - LFC:[MD5.040567405EEFDDBB2C9046FBEACAEA91] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [627420]
O44 - LFC:[MD5.A1B4626B373A461E8B1E9179A549981E] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [715892]
O44 - LFC:[MD5.AFC7FD3061B0570EB76557928B668BAC] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI   [1580460]
O44 - LFC:[MD5.6FDF129038BF61CF24D5C9E815FF31C9] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfc009.dat   [110140]
O44 - LFC:[MD5.3CBC580EA10BBA341B027B55435E160F] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat   [134506]
O44 - LFC:[MD5.040567405EEFDDBB2C9046FBEACAEA91] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfh009.dat   [627420]
O44 - LFC:[MD5.A1B4626B373A461E8B1E9179A549981E] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat   [715892]
O44 - LFC:[MD5.4EEF933E67084E616AF90897108E4E9C] - 15/09/2011 - 17:18:54 ---A- . (...) -- C:\AdwCleaner[R1].txt   [1166]
O44 - LFC:[MD5.3AA94FD00F3D82D709629ADD56E6636D] - 15/09/2011 - 11:36:25 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt   [5078]
O44 - LFC:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 07/09/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys   [123784]
O44 - LFC:[MD5.B1224E6B086CD6548315B04AB575A23E] - 07/09/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys   [88288]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/09/2011 - 12:57:23 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 31/08/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys   [25416]
O44 - LFC:[MD5.4FE02E2ABFC7D8385D7F4F5C134B6C3D] - 21/08/2011 - 18:01:19 ---A- . (...) -- C:\Windows\SysNative\AutoRunFilter.ini   [2266]
O44 - LFC:[MD5.4FE02E2ABFC7D8385D7F4F5C134B6C3D] - 21/08/2011 - 18:01:19 RSHAD . (...) -- C:\Windows\system32\AutoRunFilter.ini   [2266]
O44 - LFC:[MD5.428EC3C89450BA36B77D4A7A155A7C93] - 21/08/2011 - 18:01:08 ---A- . (...) -- C:\Windows\SysNative\ServiceFilter.ini   [1350]
O44 - LFC:[MD5.428EC3C89450BA36B77D4A7A155A7C93] - 21/08/2011 - 18:01:08 RSHAD . (...) -- C:\Windows\system32\ServiceFilter.ini   [1350]
O44 - LFC:[MD5.92C704590FCEDDA971B7A77945DCCDA4] - 20/08/2011 - 10:47:46 ---A- . (.Pas de propriétaire - About Page.) -- C:\Windows\SysNative\RtNicProp64.dll   [74272]
O44 - LFC:[MD5.49A88E6CD77939F5F7D443628A18A317] - 20/08/2011 - 10:47:46 ---A- . (.Realtek Semiconductor Corporation - RTNUninst.) -- C:\Windows\SysNative\RTNUninst64.dll   [107552]
O44 - LFC:[MD5.92C704590FCEDDA971B7A77945DCCDA4] - 20/08/2011 - 10:47:46 RSHAD . (.Pas de propriétaire - About Page.) -- C:\Windows\system32\RtNicProp64.dll   [74272]
O44 - LFC:[MD5.EE082E06A82FF630351D1E0EBBD3D8D0] - 20/08/2011 - 10:47:46 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\system32\drivers\Rt64win7.sys   [539240]
O44 - LFC:[MD5.49A88E6CD77939F5F7D443628A18A317] - 20/08/2011 - 10:47:46 RSHAD . (.Realtek Semiconductor Corporation - RTNUninst.) -- C:\Windows\system32\RTNUninst64.dll   [107552]
O44 - LFC:[MD5.2FDAEC4B02729C48C0FD1B0B4695995B] - 19/08/2011 - 21:34:43 RSHAD . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys   [557848]
O44 - LFC:[MD5.2D4A51E3D0137B22466472D1420846A7] - 19/08/2011 - 21:30:03 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\SysNative\OpenCL.dll   [67176]
O44 - LFC:[MD5.2D4A51E3D0137B22466472D1420846A7] - 19/08/2011 - 21:30:03 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\system32\OpenCL.dll   [67176]
O44 - LFC:[MD5.6B60F1B8D93EC46B022BF296068E181A] - 19/08/2011 - 21:30:03 ---A- . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 280.26.) -- C:\Windows\SysNative\nvwgf2umx.dll   [8355944]
O44 - LFC:[MD5.6B60F1B8D93EC46B022BF296068E181A] - 19/08/2011 - 21:30:03 RSHAD . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 280.26.) -- C:\Windows\system32\nvwgf2umx.dll   [8355944]
O44 - LFC:[MD5.CB0483F5C79EDA101AD603FEFADC0D78] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\SysNative\nvdispco64.dll   [1519720]
O44 - LFC:[MD5.09F7E98136C13B4C41CF0CA448B7BDAD] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\SysNative\nvgenco64.dll   [1453160]
O44 - LFC:[MD5.F6A33FE1896951C81FBB06F89BB77CC8] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 280.26.) -- C:\Windows\SysNative\nvcuda.dll   [7254632]
O44 - LFC:[MD5.F6A33FE1896951C81FBB06F89BB77CC8] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 280.26.) -- C:\Windows\system32\nvcuda.dll   [7254632]
O44 - LFC:[MD5.1B887B61A5E001CDC7F733EDC1327F1D] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 280.2.) -- C:\Windows\SysNative\nvcuvid.dll   [2532456]
O44 - LFC:[MD5.1B887B61A5E001CDC7F733EDC1327F1D] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 280.2.) -- C:\Windows\system32\nvcuvid.dll   [2532456]
O44 - LFC:[MD5.3AF3DAC8DD7FF6B9FC90551642F46902] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 280.26.) -- C:\Windows\SysNative\nvcuvenc.dll   [2222184]
O44 - LFC:[MD5.3AF3DAC8DD7FF6B9FC90551642F46902] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 280.26.) -- C:\Windows\system32\nvcuvenc.dll   [2222184]
O44 - LFC:[MD5.D332D01F8B2FD019D2C817D7A0F809C4] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\SysNative\nvoglv64.dll   [22470248]
O44 - LFC:[MD5.28EB9A79B9F2E1DB6D71C6B54D4B8664] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 280.26.) -- C:\Windows\SysNative\nvcompiler.dll   [24692840]
O44 - LFC:[MD5.28EB9A79B9F2E1DB6D71C6B54D4B8664] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 280.26.) -- C:\Windows\system32\nvcompiler.dll   [24692840]
O44 - LFC:[MD5.321135AE3A4547231CFA830820829AEC] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Optimus Playback MFT, Version 280.26.) -- C:\Windows\SysNative\nvoptimusmft.dll   [369256]
O44 - LFC:[MD5.321135AE3A4547231CFA830820829AEC] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Optimus Playback MFT, Version 280.26.) -- C:\Windows\system32\nvoptimusmft.dll   [369256]
O44 - LFC:[MD5.F575E8B9DF344DE93B1277EDE7D2F630] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Video Decoder MFT, Version 280.26.) -- C:\Windows\SysNative\nvdecodemft.dll   [362600]
O44 - LFC:[MD5.F575E8B9DF344DE93B1277EDE7D2F630] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Video Decoder MFT, Version 280.26.) -- C:\Windows\system32\nvdecodemft.dll   [362600]
O44 - LFC:[MD5.A1F2BA9CB0B251032B1FB14A2BD33440] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 280.26.) -- C:\Windows\SysNative\nvd3dumx.dll   [15064168]
O44 - LFC:[MD5.CB0483F5C79EDA101AD603FEFADC0D78] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\system32\nvdispco64.dll   [1519720]
O44 - LFC:[MD5.09F7E98136C13B4C41CF0CA448B7BDAD] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\system32\nvgenco64.dll   [1453160]
O44 - LFC:[MD5.D332D01F8B2FD019D2C817D7A0F809C4] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\system32\nvoglv64.dll   [22470248]
O44 - LFC:[MD5.A1F2BA9CB0B251032B1FB14A2BD33440] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 280.26.) -- C:\Windows\system32\nvd3dumx.dll   [15064168]
O44 - LFC:[MD5.CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\system32\drivers\nvlddmkm.sys   [12909672]
O44 - LFC:[MD5.2E5DE4423BF6D1C44609FEBED7B1FF0F] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\system32\drivers\nvpciflt.sys   [27240]
O44 - LFC:[MD5.71308A15265B6A89E5B51C9635085562] - 03/08/2011 - 12:50:00 ---A- . (...) -- C:\Windows\SysNative\nvinfo.pb   [7383]
O44 - LFC:[MD5.71308A15265B6A89E5B51C9635085562] - 03/08/2011 - 12:50:00 RSHAD . (...) -- C:\Windows\system32\nvinfo.pb   [7383]
~ Scan Files in 00mn 58s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector  [Key] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer  [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr  [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl  [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O53 - SMSR:HKLM\...\startupreg\Skype  [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\Steam  [Key] . (.Valve Corporation - Steam.) -- D:\Programmes\Steam\Steam.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys   [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys   [182864]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys   [15440]
O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 30/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys   [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys   [194128]
O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 30/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys   [27008]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys   [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys   [97856]
O58 - SDL:[MD5.499AF6F57CF093642D647CAFC006DEAA] - 29/04/2011 - 18:13:01 RSHAD . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys   [22360]
O58 - SDL:[MD5.54EDF58577868BAF01D25D8359F9E84F] - 29/04/2011 - 18:13:13 RSHAD . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys   [64344]
O58 - SDL:[MD5.E69CDC2D04A0A4B338A933C44BDB0FD4] - 29/04/2011 - 18:13:24 RSHAD . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys   [31064]
O58 - SDL:[MD5.22F7ED60F9FA6272AF7F35813CA548D6] - 29/04/2011 - 18:17:59 RSHAD . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys   [600920]
O58 - SDL:[MD5.BE84EFCD3CDD11DDCC79F3ECAB47E827] - 29/04/2011 - 18:18:01 RSHAD . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys   [287064]
O58 - SDL:[MD5.0BF5483E5FB88D85638708E7D56300D8] - 29/04/2011 - 18:16:23 RSHAD . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys   [53592]
O58 - SDL:[MD5.F8633CDD09647A64EE8DB550630427FF] - 02/03/2010 - 09:45:23 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys   [1594368]
O58 - SDL:[MD5.B1224E6B086CD6548315B04AB575A23E] - 21/08/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys   [88288]
O58 - SDL:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 21/08/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys   [123784]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys   [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys   [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys   [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys   [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys   [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys   [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys   [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys   [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys   [17488]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.05B0DCDA418E297A1B4CD8D7B8ADE403] - 08/09/2010 - 12:39:31 RSHAD . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\system32\drivers\ETD.sys   [129024]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys   [3286016]
O58 - SDL:[MD5.D0ADBCF2A5316D23EF67DFAA02D5D544] - 05/03/2011 - 01:25:40 RSHAD . (.Fresco Logic - xHCI Bus Driver.) -- C:\Windows\system32\drivers\FLxHCIc.sys   [210944]
O58 - SDL:[MD5.F9B6DB9727AD2F14ECF84E43EB5279F7] - 05/03/2011 - 01:25:40 RSHAD . (.Fresco Logic - xHCI Hub Driver.) -- C:\Windows\system32\drivers\FLxHCIh.sys   [49664]
O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 01/06/2011 - 12:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys   [34152]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - 05/03/2011 - 01:34:26 RSHAD . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys   [56344]
O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 04/05/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys   [78720]
O58 - SDL:[MD5.2FDAEC4B02729C48C0FD1B0B4695995B] - 19/08/2011 - 08:53:44 RSHAD . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys   [557848]
O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 30/04/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys   [410496]
O58 - SDL:[MD5.0AC9E321D604BE48A0D72B69BA484BDC] - 28/11/2010 - 14:23:15 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys   [12252192]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys   [44112]
O58 - SDL:[MD5.FC727061C0F47C8059E88E05D5C8E381] - 14/10/2010 - 17:28:15 RSHAD . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\system32\drivers\IntcDAud.sys   [317440]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 RSHAD . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\system32\drivers\kbfiltr.sys   [15416]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys   [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys   [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys   [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys   [115776]
O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 16/09/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys   [25416]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys   [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys   [284736]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys   [51264]
O58 - SDL:[MD5.CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0] - 19/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 280.26.) -- C:\Windows\system32\drivers\nvlddmkm.sys   [12909672]
O58 - SDL:[MD5.2E5DE4423BF6D1C44609FEBED7B1FF0F] - 19/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 280.26.) -- C:\Windows\system32\drivers\nvpciflt.sys   [27240]
O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 30/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys   [148352]
O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 30/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys   [166272]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys   [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys   [128592]
O58 - SDL:[MD5.EE082E06A82FF630351D1E0EBBD3D8D0] - 20/08/2011 - 10:47:46 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys   [539240]
O58 - SDL:[MD5.A0C2C3D4C03C4FB896CFC53873784178] - 05/03/2011 - 10:06:01 RSHAD . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys   [2647528]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys   [23040]
O58 - SDL:[MD5.1BC348CF6BAA90EC8E533EF6E6A69933] - 10/06/2009 - 21:35:57 RSHAD . (.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device.) -- C:\Windows\system32\drivers\SiSG664.sys   [56832]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys   [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys   [80464]
O58 - SDL:[MD5.3D35D7F8A91FA5127EE052BE41BD87D3] - 28/01/2010 - 04:04:13 RSHAD . (.Sonix Technology Co., Ltd. - USBCAMD for Sonix UVC.) -- C:\Windows\system32\drivers\sncduvc.sys   [35328]
O58 - SDL:[MD5.C98375D19F9E9966F6201BAE65FB3728] - 07/09/2010 - 10:19:37 RSHAD . (.Sonix Technology Co., Ltd. - UVC Camera Streaming Driver.) -- C:\Windows\system32\drivers\snp2uvc.sys   [1800832]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.B355581A9DA34C92E2DBAFA410D2F829] - 05/03/2011 - 01:07:28 RSHAD . (...) -- C:\Windows\system32\drivers\TurboB.sys   [13832]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys   [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys   [161872]
~ Scan Drivers in 00mn 03s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 03/07/2009 - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - No object(No service)  .(.ASUS - Memory mapping Driver.) - LEGACY_ASMMAP64
O64 - Services: CurCS - 18/04/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - No object(No service)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 26/07/2010 - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - No object(No service)  .(.ASUS - ATK WMIACPI Utility.) - LEGACY_ATKWMIACPIIO
O64 - Services: CurCS - 07/09/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service)  .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 07/09/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service)  .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 02/07/2011 - C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys - No object(No service)  .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64
O64 - Services: CurCS - 03/08/2011 - C:\Windows\system32\DRIVERS\nvpciflt.sys - No object(No service)  .(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) - LEGACY_NVPCIFLT
O64 - Services: CurCS - 17/04/2010 - C:\Windows\system32\DRIVERS\TurboB.sys - No object (No service)  .(...) - LEGACY_TURBOB
~ Scan Services in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - [url=http://search.live.com]Bing[/url]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - [url=http://search.live.com]Bing[/url]
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - [url=http://www.google.com]Google[/url]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [url=http://www.google.com]Google[/url]
~ Scan Keys in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.BD850A328EEFE88A23DA8E3A6B428ECC] [sPRF][06/09/2011] (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Users\Simon\AppData\Local\Temp\insAACF.tmp.exe   [12430696]
[MD5.9A5A1D2BD77241922A75B538560FE2DE] [sPRF][15/09/2011] (...) -- C:\Users\Simon\Desktop\adwcleaner.exe   [471476]
[MD5.E8269245566BE948F6A219135B434160] [sPRF][07/09/2011] (.Trend Micro Inc. - HijackThis.) -- C:\Users\Simon\Desktop\HiJackThis.exe   [401720]
[MD5.31B66CC197BE80F499538597FCFE3FBF] [sPRF][16/09/2011] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\Simon\Desktop\mbam-setup-1.51.2.1300.exe   [9852544]
[MD5.5CAAFF20C5695611F08ABD954E58DEA2] [sPRF][29/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Simon\Desktop\ZHPDiag2.exe   [2582227]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{24C1BCBC-A10B-458E-80D4-08B617497B04}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Cinema 10 Main Program.) -- C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
O87 - FAEL: "{90ACD568-52AC-4E16-82DE-0EB8DD147312}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{18EF261B-C7A7-4309-B40D-E95353C7727C}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{84F4FA07-9758-41DA-BDBE-45690F41FA2F}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{5890457F-CC50-4FE2-8A70-FF67EEF3811C}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{CF68744F-EECB-4D95-9574-84824FE88868}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "TCP Query User{6066BC56-4DB5-4C56-BF56-C3C0EB8E5B4C}C:\riot games\league of legends\lol.launcher.exe" | In - Private - P6 - TRUE | .(...) -- C:\riot games\league of legends\lol.launcher.exe
O87 - FAEL: "UDP Query User{319EF21A-A54B-4C9E-B0A7-C60FC00F89CC}C:\riot games\league of legends\lol.launcher.exe" | In - Private - P17 - TRUE | .(...) -- C:\riot games\league of legends\lol.launcher.exe
O87 - FAEL: "{BBCDBEA8-6F48-420D-BD6D-D5D3A9AE3FDB}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- D:\Programmes\Steam\Steam.exe
O87 - FAEL: "{4A55F4F2-6574-45E2-A435-844313F287D1}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- D:\Programmes\Steam\Steam.exe
O87 - FAEL: "{B7302095-284F-4424-9EB3-54CCEF3E8A87}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe
O87 - FAEL: "{B7B11A80-AD4A-4262-A5DE-D8845983B194}" | In - Private - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
O87 - FAEL: "{FC9169A2-E7B8-40A7-9B4A-319F6D9C3ECB}" | In - Private - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
O87 - FAEL: "{FDE67862-EBCA-4EDE-A7E4-E0D87AAB8708}" | In - Private - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
O87 - FAEL: "{0ACC5940-5EAC-447C-A74A-BB0AB2E24633}" | In - Private - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
O87 - FAEL: "{0465C88E-827A-4E80-BA20-E84B095E1ECA}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{DE362749-759D-42B1-BF7E-DF690CAD4E4E}D:\programmes\steam\steam.exe" | In - Public - P6 - TRUE | .(.Valve Corporation - Steam.) -- D:\programmes\steam\steam.exe
O87 - FAEL: "UDP Query User{D132A511-D612-4057-B9D0-B7C6D9CACCA5}D:\programmes\steam\steam.exe" | In - Public - P17 - TRUE | .(.Valve Corporation - Steam.) -- D:\programmes\steam\steam.exe
O87 - FAEL: "{870809E8-DC82-4928-B984-E48DF360EFC4}" | In - Public - P6 - TRUE | .(.The Creative Assembly Ltd - Napoleon: Total War.) -- D:\Programmes\Steam\SteamApps\common\napoleon total war\Napoleon.exe
O87 - FAEL: "{CCBE8646-C1B2-4300-B25D-1104389F73FD}" | In - Public - P17 - TRUE | .(.The Creative Assembly Ltd - Napoleon: Total War.) -- D:\Programmes\Steam\SteamApps\common\napoleon total war\Napoleon.exe
O87 - FAEL: "{2D52625A-CC36-415E-80D5-10C463C79482}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{359FF996-6CFF-4C12-9975-ACC931BA9D79}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{87237983-40EC-41C4-925E-B0D92A2C99EE}" | In - Public - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
O87 - FAEL: "{AE798487-0127-4959-ADC8-82BC390743AC}" | In - Public - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
O87 - FAEL: "{AF55AF33-5DB8-48D8-9EED-E0BD06B4FAE0}" | In - Public - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
O87 - FAEL: "{52C006C1-761D-4258-B8A3-5F86D8F8113F}" | In - Public - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
O87 - FAEL: "{AB0992B4-EAFF-4C7F-B166-D4FC6EDE089D}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{5C846C5D-0B0C-4C7D-A381-967C81EBA520}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
O87 - FAEL: "{1A57242F-DB63-4AA1-9C3C-71C642A3E83E}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe
O87 - FAEL: "{C92D5A84-ED11-4AA2-8671-C62047E75B6F}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{1C6A418E-613D-4C74-99F8-0190032C09D8}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{5043ACAD-E9A8-4B0D-A0DD-A3CC055457D6}" | In - Public - P6 - TRUE | .(...) -- C:\Riot Games\League of Legends\lol.launcher.exe
O87 - FAEL: "{C08CB73E-4971-4D12-8CF2-FC44D9086425}" | In - Public - P17 - TRUE | .(...) -- C:\Riot Games\League of Legends\lol.launcher.exe
O87 - FAEL: "{0E385544-95A9-476E-89A6-4A6E0CA9EEEA}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
~ Scan Firewall in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : 8634 - (29/08/2011)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO
~ Scan Additionnel in 00mn 05s



---\\ Recherche détournement de DNS routeur (O89)
Serveur :   UnKnown
Address:  127.0.0.1
~ Scan DNS in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 05/03/2011 379520 |  (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 21/08/2011 136360 |  (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 21/08/2011 269480 |  (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 01/06/2011 37664 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 05/03/2011 84536 |  (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 05/03/2011 96896 |  (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 18/04/2011 42184 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 26/07/2011 387944 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SS - | Auto 05/03/2011 246256 |  (CLKMSVC10_38F51D56) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
SS - | Demand 05/03/2011 182768 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 19/08/2011 13592 |  (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Demand 23/08/2011 934760 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 05/03/2011 325656 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 19/08/2011 311928 |  (maconfservice) . (.CybelSoft.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe
SR - | Auto 05/03/2011 980072 |  (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 05/03/2011 2255464 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SR - | Demand  247152 |  (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SS - | Demand 20/05/2011 411432 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 05/03/2011 134928 |  (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 05/03/2011 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto  77312 |  (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, [url=http://www.gmer.net]GMER - Rootkit Detector and Remover[/url]
Run by Simon at 16/09/2011 18:56:09

device: opened successfully
user: error reading MBR 

Disk trace:
error: Read  Descripteur non valide
kernel: error reading MBR 
~ Scan MBR in 00mn 05s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, [url=http://ad13.geekstog]http://ad13.geekstog[/url]
Run by Simon at 16/09/2011 18:56:11

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s



End of the scan (1429 lines in 02mn 37s)(0)

Connexion

Pas encore inscrit ?

Analyse de rapport Ad-Remover

Messages recommandés

Kamalh

chantal11

Kamalh

chantal11

Kamalh

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer