Bureau qui disparaît sous Seven

nicoferra · le 21 février 2012

Bonjour à tous.

J'ai un petit soucis de virus, malware....

Au demarrage de SEVEN tout va bien puis le bureau disparait, puis l'explorateur s'ouvre puis 2 page web s'ouvre. Le bureau n'apparait plus ainsi que le menu demarrer. j'ai fait un Msconfig en mode sans echec et j'ai supprimer 2 élément de démarrage qui me paraissaient etranges (l'un est OpenOffice.org3.2 avec un fabricant incconu, l'autre 0.386888957965338767f76.exe avec fabricant inconnu).

Depuis le PC semble aller mieux mais toutjours très lent. Du coup j'ai pu faire un ZHPDiag que voici

Merci d'avance pour votre aide

Rapport de ZHPDiag v1.28.32 par Nicolas Coolman, Update du 05/02/2012

Run by Aurélie at 21/02/2012 15:30:12

Web site : ZHPDiag Outil de diagnostic

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

State : Version à jour.

---\\ Web Browser

MSIE: Internet Explorer v8.0.7601.17514

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : 3Q6C9

Windows License : OK

~ Windows Remaining Initializations Number : 2

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3002 MB (59% free)

System Restore: Activé (Enable)

System drive C: has 200 GB (70%) free of 282 GB

---\\ Logged in mode

~ Computer Name: AURÉLIE-HP

~ User Name: Aurélie

~ All Users Names: HomeGroupUser$, Aurélie, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Aurélie\AppData\Roaming\

~ %Desktop% : C:\Users\Aurélie\Desktop\

~ %Favorites% : C:\Users\Aurélie\Favorites\

~ %LocalAppData% : C:\Users\Aurélie\AppData\Local\

~ %StartMenu% : C:\Users\Aurélie\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 200 Go of 282 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 16 Go)

E:\ CD-ROM drive (Not Inserted)

Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.F6C45D1D448B38A3298505917710F047] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/12/2011 - 09:47:38.) -- C:\Windows\system32\wininet.dll [1188864]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.20/11/2010 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 01s

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/1713

~ Mes musiques (My Musics) : 70/741

~ Mes Videos (My Videos) : 1/14

~ Mes Favoris (My Favorites) : Non accessible (Not found)

~ Mes Documents (My Documents) : 2/93

~ Mon Bureau (My Desktop) : 1/45

~ Menu demarrer (Programs) : 7/25

~ Scan Hidden Files in 00mn 04s

---\\ Processus lancés

[MD5.16F32849549A5D7B9F61641B6F386DBA] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128] [PID.1872]

[MD5.569E547273C25B019054A12A40400ECE] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [11318784] [PID.1932]

[MD5.4B723F33D7331F20E06F3A2FD76EC1D5] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [11312128] [PID.2060]

[MD5.4C8981727B06F718832DD3D42C9EB769] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168] [PID.2284]

[MD5.1568FF282E268082C67CF0C3EBCC9179] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320] [PID.2316]

[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.2332]

[MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3493720] [PID.2364]

[MD5.D743372A621ED03A274539A88EEB3450] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736] [PID.2456]

[MD5.EF930CF6DA0B1BF3C19EC5476B141520] - (.Symantec Corporation - Norton Internet Security.) -- C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe [779792] [PID.3064]

[MD5.52DB6CDAC5BC7A1FC884E97C41C91213] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040] [PID.2080]

[MD5.47D1F0444CE33A0CA42409A88896CD8D] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840] [PID.4412]

[MD5.4309B75F125067EF805F3125B01FCC30] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [2210816] [PID.4740]

[MD5.D8E18021F91AD79CA8491CB5A5DA22D4] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144] [PID.]

[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.]

[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.]

[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]

[MD5.436E7B2E6F42C2717C1D670220D03336] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [126904] [PID.]

[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.]

[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.]

[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [822624] [PID.]

[MD5.EC9739A46F1F83C6E52A7A4697F44A65] - (.Hewlett-Packard Company - hpqwmiex Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [799800] [PID.]

~ Scan Processes Running in 00mn 01s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R3 - URLSearchHook: (no name) [64Bits] - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} . (...) (No version) -- (.not file.)

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 21

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Easy Photo Print [64Bits] - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\

O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Easy Photo Print [64Bits] - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

O4 - HKLM\..\Run: [HPWirelessAssistant] . (...) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKCU\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [EPSON SX218 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIGDE.exe

O4 - HKCU\..\Run: [EPSON SX218 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIGDE.exe

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe

O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-2223425425-4130041201-3537120648-1001\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

O4 - HKUS\S-1-5-21-2223425425-4130041201-3537120648-1001\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

O4 - HKUS\S-1-5-21-2223425425-4130041201-3537120648-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-2223425425-4130041201-3537120648-1001\..\Run: [EPSON SX218 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIGDE.exe

O4 - HKUS\S-1-5-21-2223425425-4130041201-3537120648-1001\..\Run: [EPSON SX218 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIGDE.exe

O4 - HKUS\S-1-5-21-2223425425-4130041201-3537120648-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Aurélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Aurélie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Aurélie\Desktop\OpenOffice.org 3.2.lnk . (.OpenOffice.org.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

O4 - Global Startup: C:\Users\Aurélie\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe

O4 - Global Startup: C:\Users\Aurélie\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - Global Startup: C:\Users\Aurélie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Aurélie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe

~ Scan Global Startup in 00mn 00s

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

~ Scan Winsock in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{45A386F0-B9EE-4D70-A083-11FF76E4A524}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CCS\Services\Tcpip\..\{D37CB3D7-21AF-445C-BB6A-D38CDB601EDE}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{45A386F0-B9EE-4D70-A083-11FF76E4A524}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{D37CB3D7-21AF-445C-BB6A-D38CDB601EDE}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{45A386F0-B9EE-4D70-A083-11FF76E4A524}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{D37CB3D7-21AF-445C-BB6A-D38CDB601EDE}: DhcpNameServer = 212.27.40.241 212.27.40.240

~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll

~ Scan Winlogon in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe

O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe

O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe

O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: RtVOsdService Installer (RtVOsdService) . (.Realtek Semiconductor Corp. - RtVOsdService.) - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForAurélie.job

[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForAur‚lie] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [Registration] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

[MD5.B4BFB9F068A27062AE8C133354D3E31F] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe

[MD5.F5E1109CFBDE7E3219213177B7B6A9D7] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.F5E1109CFBDE7E3219213177B7B6A9D7] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.3EA98EF084CB360121A6D7BA2B47E655] [APT] [update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe

~ Scan Scheduled Task in 00mn 04s

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (SRTSP) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.sys

O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)

O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- ABBYY FineReader 9.0 Sprint

O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM] -- {F9000000-0018-0000-0000-074957833700}

O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader X (10.0.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA0000000001}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc.) [HKLM] -- {9ECF7817-DB11-4FBA-9DF1-296A578D513A}

O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM] -- WT087420

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A83279FD-CA4B-4206-9535-90974DE76654}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {9C98CA38-4C1A-4AC8-B55C-169497C8826B}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT087428

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}

O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT087453

O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}

O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}

O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM] -- InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}

O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM] -- {A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}

O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT087536

O42 - Logiciel: EPSON SX218 Series Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON SX218 Series Manual

O42 - Logiciel: EPSON SX218 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX218 Series

O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner

O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}

O42 - Logiciel: Energy Star Digital Logo - (.Hewlett-Packard.) [HKLM] -- {BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}

O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {39F58DDB-B2B8-4B86-AF20-4706A80EB30D}

O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}

O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {03B8AA32-F23C-4178-B8E6-09ECD07EAA47}

O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT087361

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}

O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM] -- {7C36414C-DC87-4943-A525-BC1717BA17C9}

O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall

O42 - Logiciel: HP Power Manager - (.Hewlett-Packard Company.) [HKLM] -- {4B156358-CE9C-4E9F-8CAD-79AE86A68C60}

O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM] -- {E342D296-DB9D-4FC7-ACB0-39926C0BFA16}

O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833}

O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM] -- {CE9A85B7-358E-42E2-B211-E10C75D96171}

O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}

O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {FE840F8B-9007-4496-AB62-B869ED05F4B2}

O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.1.0 - (.Hewlett-Packard.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}

O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT087480

O42 - Logiciel: Intel® Control Center - (.Intel Corporation.) [HKLM] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}

O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}

O42 - Logiciel: Java 6 Update 20 (64-bit) - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416020FF}

O42 - Logiciel: Java 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}

O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT087485

O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM] -- WT087490

O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM] -- WT087380

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {46BA053F-57B3-4153-BDB6-D37EEC8B12D7}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: Magic Desktop - (.EasyBits Software AS.) [HKLM] -- EasyBits Magic Desktop

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}

O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM] -- {95140000-0070-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Starter 2010 - Français - (.Microsoft Corporation.) [HKLM] -- {90140011-0066-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.Click2Run

O42 - Logiciel: Microsoft Office « Démarrer en un clic » 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006D-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- NIS

O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}

O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {266517E6-D866-439D-919C-B8B1A52E6080}

O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT087394

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT087501

O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT087396

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C}

O42 - Logiciel: REALTEK Wireless LAN Software - (.REALTEK Semiconductor Corp..) [HKLM] -- {901F0D4C-009D-1112-8DE4-03599E7B0C5C}

O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}

O42 - Logiciel: RtVOsd - (.Realtek Semiconductor Corp..) [HKLM] -- {F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870

O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM] -- WT087510

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM] -- WT087513

O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM] -- WT087519

O42 - Logiciel: WildTangent Games App (HP Games) - (.WildTangent.) [HKLM] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp

O42 - Logiciel: WinRAR 4.01 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1B8ABA62-74F0-47ED-B18C-A43128E591B8}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {D07A61E5-A59C-433C-BCBD-22025FA2287B}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT087533

O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\AVAST Software]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\EPSON]

[HKCU\Software\EasyBits]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lake]

[HKCU\Software\LightScribe]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\OfferBox]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\RegisteredApplications]

[HKCU\Software\Skype]

[HKCU\Software\Surf Canyon]

[HKCU\Software\Synaptics]

[HKCU\Software\Trolltech]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\Yahoo]

[HKLM\Software\ABBYY]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CXT]

[HKLM\Software\Caphyon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\Cyberlink]

[HKLM\Software\EPSON]

[HKLM\Software\EasyBits]

[HKLM\Software\Freeze.com]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\HPQ]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Lake]

[HKLM\Software\LightScribe]

[HKLM\Software\Macromedia]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Norton]

[HKLM\Software\ODBC]

[HKLM\Software\OfferBox]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\P2G_Upgrade]

[HKLM\Software\PDR_Upgrade]

[HKLM\Software\Policies]

[HKLM\Software\Product_Upgrade]

[HKLM\Software\RTLSetup]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLan]

[HKLM\Software\SEIKO EPSON CORPORATION]

[HKLM\Software\SRS Labs]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\W3i]

[HKLM\Software\WildTangent]

[HKLM\Software\Win32 Services]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Yahoo]

~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 17/01/2011 - 18:00:34 - [0] ----D- C:\Program Files\Alwil Software

O43 - CFD: 24/03/2011 - 09:06:32 - [198,240] ----D- C:\Program Files\AVAST Software

O43 - CFD: 02/11/2011 - 07:28:56 - [0,586] ----D- C:\Program Files\Bonjour

O43 - CFD: 25/07/2011 - 16:07:06 - [70,023] ----D- C:\Program Files\Common Files

O43 - CFD: 06/01/2012 - 07:43:48 - [86,076] ----D- C:\Program Files\DVD Maker

O43 - CFD: 17/01/2011 - 21:26:30 - [0,352] ----D- C:\Program Files\Epson Software

O43 - CFD: 17/01/2011 - 17:29:18 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 17/01/2011 - 15:23:44 - [3,130] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 17/02/2012 - 16:42:02 - [4,943] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 06/11/2011 - 00:45:32 - [2,000] ----D- C:\Program Files\iPod

O43 - CFD: 06/11/2011 - 00:46:54 - [2,386] ----D- C:\Program Files\iTunes

O43 - CFD: 12/07/2010 - 21:40:30 - [76,108] ----D- C:\Program Files\Java

O43 - CFD: 17/08/2010 - 10:22:20 - [142,324] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 17/01/2011 - 20:43:08 - [1,511] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 06:32:40 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 17/08/2010 - 00:31:48 - [28,466] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 06:32:40 - [35,109] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 17/08/2010 - 00:30:22 - [36,875] ----D- C:\Program Files\Synaptics

O43 - CFD: 14/07/2009 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 06/01/2012 - 07:43:38 - [3,853] ----D- C:\Program Files\Windows Defender

O43 - CFD: 17/01/2011 - 18:57:52 - [7,396] ----D- C:\Program Files\Windows Live

O43 - CFD: 06/01/2012 - 07:43:48 - [6,359] ----D- C:\Program Files\Windows Mail

O43 - CFD: 06/01/2012 - 07:43:46 - [7,331] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 17/01/2011 - 17:29:18 - [12,043] ----D- C:\Program Files\Windows NT

O43 - CFD: 06/01/2012 - 07:43:46 - [5,261] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 06/01/2012 - 07:43:46 - [0,233] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 06/01/2012 - 07:43:48 - [11,307] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 25/07/2011 - 16:07:06 - [6,277] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 17/01/2011 - 21:31:24 - [0,281] ----D- C:\Program Files\Common Files\EPSON

O43 - CFD: 17/08/2010 - 00:30:04 - [17,540] ----D- C:\Program Files\Common Files\Intel

O43 - CFD: 17/06/2011 - 07:54:02 - [33,711] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 04:20:10 - [0,581] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 06/01/2012 - 07:43:42 - [11,629] ----D- C:\Program Files\Common Files\System

O43 - CFD: 17/01/2011 - 21:22:08 - [1,383] ----D- C:\ProgramData\ABBYY

O43 - CFD: 30/03/2011 - 11:26:32 - [479,531] ----D- C:\ProgramData\Adobe

O43 - CFD: 24/03/2011 - 09:03:00 - [0] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 25/07/2011 - 16:34:04 - [62,136] ----D- C:\ProgramData\Apple

O43 - CFD: 25/07/2011 - 16:10:18 - [68,553] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 07/07/2011 - 18:01:20 - [41,496] ----D- C:\ProgramData\AVAST Software

O43 - CFD: 17/01/2011 - 17:29:18 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 21/01/2011 - 11:35:42 - [0,050] ----D- C:\ProgramData\CyberLink

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 17/01/2011 - 21:31:24 - [8,171] ----D- C:\ProgramData\EPSON

O43 - CFD: 17/01/2011 - 17:29:18 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 24/01/2011 - 07:12:06 - [0] ----D- C:\ProgramData\Google

O43 - CFD: 15/02/2011 - 14:57:20 - [63,534] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 17/01/2011 - 17:29:18 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 17/01/2011 - 21:30:06 - [-1856,826] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 17/01/2011 - 17:29:18 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 17/01/2011 - 17:48:44 - [117,743] ----D- C:\ProgramData\Norton

O43 - CFD: 17/08/2010 - 00:45:10 - [19,528] ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 17/08/2011 - 10:00:20 - [40,979] ----D- C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 12/07/2010 - 21:40:24 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 12/07/2010 - 19:55:44 - [0,091] ----D- C:\ProgramData\Symantec

O43 - CFD: 17/08/2010 - 00:43:32 - [0,551] ----D- C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 17/01/2011 - 21:28:08 - [0,003] ----D- C:\ProgramData\UDL

O43 - CFD: 18/01/2011 - 12:00:08 - [0] ----D- C:\ProgramData\VirtualizedApplications

O43 - CFD: 22/12/2011 - 20:03:14 - [1657,632] ----D- C:\ProgramData\WildTangent

O43 - CFD: 07/03/2011 - 23:23:22 - [0] ----D- C:\ProgramData\Yahoo!

O43 - CFD: 15/02/2011 - 15:01:22 - [33,621] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}

O43 - CFD: 25/07/2011 - 16:11:32 - [0,853] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 12/07/2010 - 22:09:52 - [33,439] ----D- C:\ProgramData\{B3E4AC03-E4D6-4B87-BD2D-22E100E3AE90}

O43 - CFD: 16/09/2011 - 10:25:38 - [45,266] ----D- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}

O43 - CFD: 30/03/2011 - 11:25:06 - [3,886] ----D- C:\Users\Aurélie\AppData\Roaming\Adobe

O43 - CFD: 09/02/2011 - 21:33:18 - [0] ----D- C:\Users\Aurélie\AppData\Roaming\Anthropics

O43 - CFD: 25/07/2011 - 16:34:18 - [964,723] ----D- C:\Users\Aurélie\AppData\Roaming\Apple Computer

O43 - CFD: 21/01/2011 - 11:35:42 - [0,002] ----D- C:\Users\Aurélie\AppData\Roaming\CyberLink

O43 - CFD: 17/01/2011 - 21:34:32 - [0,007] ----D- C:\Users\Aurélie\AppData\Roaming\Epson

O43 - CFD: 09/09/2011 - 06:07:26 - [0,089] ----D- C:\Users\Aurélie\AppData\Roaming\Hewlett-Packard

O43 - CFD: 05/02/2012 - 18:32:30 - [0,079] ----D- C:\Users\Aurélie\AppData\Roaming\hpqLog

O43 - CFD: 17/01/2011 - 17:47:50 - [0] ----D- C:\Users\Aurélie\AppData\Roaming\Identities

O43 - CFD: 17/01/2011 - 21:24:44 - [0] ----D- C:\Users\Aurélie\AppData\Roaming\InstallShield

O43 - CFD: 17/01/2011 - 17:49:12 - [0,032] ----D- C:\Users\Aurélie\AppData\Roaming\Macromedia

O43 - CFD: 17/08/2010 - 10:22:20 - [0] ----D- C:\Users\Aurélie\AppData\Roaming\Media Center Programs

O43 - CFD: 27/05/2011 - 14:38:30 - [27,361] -S--D- C:\Users\Aurélie\AppData\Roaming\Microsoft

O43 - CFD: 07/03/2011 - 23:18:06 - [0,238] ----D- C:\Users\Aurélie\AppData\Roaming\OfferBox

O43 - CFD: 17/01/2011 - 21:04:38 - [2,487] ----D- C:\Users\Aurélie\AppData\Roaming\OpenOffice.org

O43 - CFD: 01/05/2011 - 17:03:16 - [0,001] ----D- C:\Users\Aurélie\AppData\Roaming\PhotoFiltre

O43 - CFD: 03/10/2011 - 10:00:22 - [3,602] ----D- C:\Users\Aurélie\AppData\Roaming\Skype

O43 - CFD: 30/08/2011 - 15:36:54 - [0,022] ----D- C:\Users\Aurélie\AppData\Roaming\skypePM

O43 - CFD: 11/11/2011 - 10:13:40 - [1,013] ----D- C:\Users\Aurélie\AppData\Roaming\SoftGrid Client

O43 - CFD: 17/01/2011 - 20:45:02 - [0] ----D- C:\Users\Aurélie\AppData\Roaming\TP

O43 - CFD: 05/02/2011 - 13:28:20 - [0] ----D- C:\Users\Aurélie\AppData\Roaming\Windows Live Writer

O43 - CFD: 11/08/2011 - 18:02:48 - [0,000] ----D- C:\Users\Aurélie\AppData\Roaming\WinRAR

O43 - CFD: 07/03/2011 - 23:17:26 - [0,016] ----D- C:\Users\Aurélie\AppData\Roaming\Yahoo!

O43 - CFD: 17/01/2011 - 21:22:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\ABBYY

O43 - CFD: 30/03/2011 - 11:25:06 - [13,941] ----D- C:\Users\Aurélie\AppData\Local\Adobe

O43 - CFD: 25/07/2011 - 16:07:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\Apple

O43 - CFD: 25/07/2011 - 16:12:24 - [13,578] ----D- C:\Users\Aurélie\AppData\Local\Apple Computer

O43 - CFD: 17/01/2011 - 17:29:32 - [0] -SH-D- C:\Users\Aurélie\AppData\Local\Application Data

O43 - CFD: 27/01/2011 - 11:19:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\Cyberlink

O43 - CFD: 29/01/2012 - 19:45:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\Diagnostics

O43 - CFD: 07/07/2011 - 18:11:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\Google

O43 - CFD: 03/02/2011 - 13:55:22 - [0,421] ----D- C:\Users\Aurélie\AppData\Local\Hewlett-Packard

O43 - CFD: 17/01/2011 - 17:29:32 - [0] -SH-D- C:\Users\Aurélie\AppData\Local\Historique

O43 - CFD: 19/11/2011 - 14:44:36 - [431,499] ----D- C:\Users\Aurélie\AppData\Local\Microsoft

O43 - CFD: 25/01/2012 - 15:58:06 - [0,219] ----D- C:\Users\Aurélie\AppData\Local\Microsoft Games

O43 - CFD: 17/01/2011 - 20:44:16 - [0,496] ----D- C:\Users\Aurélie\AppData\Local\SoftGrid Client

O43 - CFD: 21/02/2012 - 15:30:50 - [679,780] ----D- C:\Users\Aurélie\AppData\Local\Temp

O43 - CFD: 17/01/2011 - 17:29:32 - [0] -SH-D- C:\Users\Aurélie\AppData\Local\Temporary Internet Files

O43 - CFD: 17/01/2011 - 21:44:50 - [0,753] ----D- C:\Users\Aurélie\AppData\Local\VirtualStore

O43 - CFD: 19/11/2011 - 14:44:36 - [0,148] ----D- C:\Users\Aurélie\AppData\Local\Windows Live

O43 - CFD: 05/02/2011 - 13:28:30 - [0,618] ----D- C:\Users\Aurélie\AppData\Local\Windows Live Writer

O43 - CFD: 07/03/2011 - 23:18:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\Yahoo

O43 - CFD: 06/02/2011 - 09:33:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{006ADD49-8E06-49D5-BD13-850EF4CF9CF6}

O43 - CFD: 21/02/2012 - 15:20:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{00F4A259-7A8D-4563-9C13-5AA1B3945D55}

O43 - CFD: 31/01/2012 - 08:51:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{01BCD227-6062-4C97-998D-ADEF7B9E6239}

O43 - CFD: 26/04/2011 - 17:45:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0235A1A0-606E-4C2A-9123-0B0A19BC5CA2}

O43 - CFD: 17/10/2011 - 16:44:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{02C941DD-A2F8-42E7-BE67-BF3FB28A949D}

O43 - CFD: 11/06/2011 - 00:58:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0542D717-23EE-4CF1-BC15-A23296EFCCAF}

O43 - CFD: 05/02/2012 - 12:20:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{059A9010-459E-4028-8751-99CE8CCCFB78}

O43 - CFD: 24/05/2011 - 06:46:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{060E0165-779F-487F-ACA8-4834474C68AA}

O43 - CFD: 27/01/2012 - 17:46:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{06FD0D0A-DC77-497D-9C5B-C94811A82733}

O43 - CFD: 06/03/2011 - 23:29:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0709E51C-1A36-47A9-B786-9BB8BAAAE4AA}

O43 - CFD: 19/12/2011 - 14:26:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0742D519-91F8-45C6-A624-955FFEDA217A}

O43 - CFD: 20/02/2012 - 21:23:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{082E8637-BEF5-4BB9-86EA-0E25BCF92D9E}

O43 - CFD: 16/02/2011 - 08:52:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{09BB050E-EE29-4F6E-9D4D-24DD9F81FC4A}

O43 - CFD: 30/03/2011 - 20:48:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0B70AAA4-0320-4137-B00D-8749ED8931CD}

O43 - CFD: 14/01/2012 - 11:22:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0BA4CE33-6E7A-462B-917B-FDA6147BAAEF}

O43 - CFD: 06/02/2011 - 21:33:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0C51D96F-2EDE-4C5B-9C3C-37EB404FF23A}

O43 - CFD: 28/08/2011 - 10:37:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0D8C22DC-A194-4BF7-AF3E-ED1133EC953C}

O43 - CFD: 05/04/2011 - 10:06:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0DEF6C58-D54E-41B7-B88B-020EC1577534}

O43 - CFD: 30/06/2011 - 06:56:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0E2C4020-7E9E-42B1-B68B-BFD27A835131}

O43 - CFD: 04/04/2011 - 21:51:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0E81300C-950D-4C18-93B2-6948F54E3AA0}

O43 - CFD: 10/05/2011 - 20:45:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0EE742FD-452B-4CAB-B117-ABC24F0D5EF1}

O43 - CFD: 04/01/2012 - 18:35:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0F57D260-E15B-4A70-8FC4-3E74A3D60009}

O43 - CFD: 29/05/2011 - 00:03:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0F9572CC-9B3E-4EA9-9B62-61B1ECD3EF69}

O43 - CFD: 31/08/2011 - 14:19:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0FA76723-093F-4F04-841F-8C0B101E9785}

O43 - CFD: 30/06/2011 - 22:24:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{0FC53D33-4580-4D85-B91D-0745BC1AF4DC}

O43 - CFD: 27/03/2011 - 10:29:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{102D4C8B-A61D-4DB0-A693-4A2BDD53428E}

O43 - CFD: 28/01/2011 - 09:50:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1174BB99-513B-4AA0-9D19-6502532339D1}

O43 - CFD: 14/05/2011 - 16:09:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{137EEE69-8237-4EDC-9EC4-9CCD55A6BBDB}

O43 - CFD: 09/06/2011 - 20:12:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1398D96A-95B6-44B3-B6CD-E075EE552F4D}

O43 - CFD: 17/10/2011 - 16:44:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{13B27EFA-2888-4847-8AA0-5171E2779234}

O43 - CFD: 23/03/2011 - 18:51:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{142F0E23-3A27-4AC6-86F7-855BF7D43528}

O43 - CFD: 31/03/2011 - 08:49:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1565F534-BB19-439A-8BB7-4737F3BBCC27}

O43 - CFD: 28/09/2011 - 15:06:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{15842F55-1EBA-4430-B748-9311A5D9FB02}

O43 - CFD: 22/05/2011 - 22:16:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1646A2C3-FED4-4125-91AC-F4AE5CFB21DF}

O43 - CFD: 12/02/2011 - 11:40:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{16E09332-E643-4134-8282-CEE82BDDFB90}

O43 - CFD: 04/07/2011 - 10:39:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1718921D-5080-47BF-9070-B2A572525FB7}

O43 - CFD: 20/10/2011 - 12:07:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1746171F-3666-4AFA-B94A-DB5CBA35F911}

O43 - CFD: 26/03/2011 - 01:04:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{178F658E-D74E-428A-86A4-E415D6DBDF3A}

O43 - CFD: 23/01/2011 - 10:49:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{17C94102-53C0-4A86-B24F-340CAB1A6520}

O43 - CFD: 20/02/2012 - 23:28:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{17F541F6-DAFC-4B2B-B467-63FE90EF755E}

O43 - CFD: 29/08/2011 - 10:45:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{17FB4CD4-8C71-4CAF-B00E-8DEB7FE06BBD}

O43 - CFD: 08/01/2012 - 21:40:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{186A18C4-0B5D-4F16-B82E-DDC4569FFF48}

O43 - CFD: 17/05/2011 - 10:14:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{18B94F1E-0A7A-4FBA-87E9-07996003032B}

O43 - CFD: 20/04/2011 - 08:00:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{18C043F6-2613-42D8-A9E8-C8693DC2AF72}

O43 - CFD: 06/07/2011 - 08:50:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{19092B90-0D9F-40DD-BF49-848F054C911F}

O43 - CFD: 26/06/2011 - 10:40:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{19746FFB-04A7-4E4F-9FA9-56E1F4249174}

O43 - CFD: 22/01/2011 - 12:18:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{199D02BD-1212-433E-BC66-2897571C3E5C}

O43 - CFD: 19/07/2011 - 08:57:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1A737FEB-F3F2-4036-9B6B-5CFB2A555954}

O43 - CFD: 29/04/2011 - 06:03:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1A9E6686-40AF-4C8E-AF2D-9331746B004E}

O43 - CFD: 17/02/2012 - 16:49:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1B8F06AA-BF5D-4553-BBBD-D5CC551DFE92}

O43 - CFD: 14/04/2011 - 16:31:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1BC8109F-E31D-4ADC-8229-E7AB6B5FBA02}

O43 - CFD: 11/07/2011 - 11:18:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1BE882B7-F27F-44C4-9E86-EB31076D632D}

O43 - CFD: 09/02/2012 - 16:36:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1C1FD57A-141C-4DF8-BEBE-FDB457C5B00F}

O43 - CFD: 16/07/2011 - 23:38:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1F413A79-E37C-41EC-AB51-A05AC442724F}

O43 - CFD: 13/02/2012 - 17:36:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{1F4CFA22-4B51-4F67-AEF6-38165706B245}

O43 - CFD: 09/06/2011 - 06:05:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2153609F-A8D1-4416-B10D-26C8F04B4DA5}

O43 - CFD: 01/03/2011 - 19:09:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{21FB9233-38F8-4401-BCAC-87F6FBDF146C}

O43 - CFD: 04/01/2012 - 18:35:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{22B626A6-B63D-4238-82B6-8E9277111314}

O43 - CFD: 14/06/2011 - 10:32:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{23A3437B-5424-4F57-8D87-191DA9B78EC2}

O43 - CFD: 18/07/2011 - 19:02:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{24B039FD-0A83-45EF-9DE8-BF79B359AB56}

O43 - CFD: 14/03/2011 - 19:13:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{25DC3DDD-6782-46DB-94CB-B83BED16EE8F}

O43 - CFD: 19/01/2011 - 20:41:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{263A9E99-0B8D-414F-87DB-231A830AAF12}

O43 - CFD: 14/03/2011 - 07:12:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{263DA0BC-B624-4203-A2FD-44F1AF22FD17}

O43 - CFD: 19/07/2011 - 21:38:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{268B5F05-0A4B-4814-972F-E3FF7C48099C}

O43 - CFD: 12/07/2011 - 18:35:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2698C24D-B54C-45D1-BE7C-A07CA03A2D9D}

O43 - CFD: 27/06/2011 - 13:04:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{28A83D39-8977-41A0-9C71-A31CFD658B57}

O43 - CFD: 28/01/2012 - 16:58:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{29A230D6-D341-4F05-A5AA-82D7EFB2D15F}

O43 - CFD: 07/09/2011 - 20:45:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2C654228-0378-4ECB-8E68-DF935CC35769}

O43 - CFD: 09/02/2011 - 20:59:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2C844B81-3E47-4A32-8174-9B9AC4A7450E}

O43 - CFD: 25/04/2011 - 12:56:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2E2EA33A-7F18-4527-992D-46F8FD835C00}

O43 - CFD: 20/04/2011 - 20:01:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2E36EDA8-D7B8-43E8-BE08-5EBDA0CEF1BF}

O43 - CFD: 21/02/2012 - 15:14:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2EA271A2-0328-4266-A9A9-FF26C0F733B2}

O43 - CFD: 16/02/2011 - 20:53:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2EAB8F82-6AAD-4BF2-A699-EC823EFEDFF4}

O43 - CFD: 20/01/2011 - 09:58:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2EB78EA0-1365-464E-9E55-1C795BC17CC4}

O43 - CFD: 12/09/2011 - 09:05:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{2F8B58DB-B4C2-4022-9BB8-F9CB32F69D39}

O43 - CFD: 30/03/2011 - 08:47:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3138ED27-8951-4022-AD2C-73048300FB1E}

O43 - CFD: 20/02/2012 - 23:29:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3246125A-27CD-40C0-B61A-BAA6868C9AFE}

O43 - CFD: 03/07/2011 - 09:11:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{324F848C-5586-4F5D-A647-D12393D604A6}

O43 - CFD: 25/05/2011 - 11:00:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{325F0380-21A7-455E-A3A0-ABF5C0717BA7}

O43 - CFD: 09/03/2011 - 00:06:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{32CE92BC-0E87-4EC3-967E-B9130FD928C5}

O43 - CFD: 25/03/2011 - 11:42:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{32E824ED-241C-40DE-A892-0F242C1260C1}

O43 - CFD: 21/07/2011 - 18:22:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3303497D-5C7D-445D-AD98-996EFE48C380}

O43 - CFD: 11/04/2011 - 15:36:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{34A9C234-1ABD-4065-9962-424B9F9849F4}

O43 - CFD: 04/03/2011 - 07:04:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{34BE820E-6A28-4C93-A5A7-2AE6E0D30140}

O43 - CFD: 05/03/2011 - 18:24:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{35545F9D-D065-4A37-A786-4B1A8E88A39E}

O43 - CFD: 26/01/2011 - 11:55:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{357CCD46-7DCF-4562-A728-496E1BC3C4B5}

O43 - CFD: 04/08/2011 - 05:50:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{35A9C3D8-EDC2-46D7-8D75-391508925356}

O43 - CFD: 14/07/2011 - 10:22:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{35BB193A-D391-4B4E-A548-154D2A375907}

O43 - CFD: 30/05/2011 - 00:04:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{362048A5-8690-4DE5-A525-5DB29BFF29DE}

O43 - CFD: 21/01/2011 - 10:14:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{36306C0F-1F91-4C7C-8388-35B33B2C7D22}

O43 - CFD: 07/07/2011 - 09:20:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3871F012-B3BA-41E1-A583-3620589E697E}

O43 - CFD: 27/02/2011 - 11:08:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3884C1A3-DE54-4CE9-9EED-8C1E104CCEC5}

O43 - CFD: 16/06/2011 - 22:07:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3969BDFB-9394-408B-9A6E-F62CDDB624C4}

O43 - CFD: 11/12/2011 - 15:16:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{39F6EDF6-073B-4078-A16E-CADE9F09D767}

O43 - CFD: 29/03/2011 - 20:47:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3A12D1C8-77C6-4A5F-9DA0-BE024A5DD91E}

O43 - CFD: 31/03/2011 - 21:58:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3A1F576F-17C8-4EF2-ABE3-49BCCC2E40B0}

O43 - CFD: 12/03/2011 - 12:38:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3A306C3C-8EDB-4A3C-9F83-6560918C0F6C}

O43 - CFD: 28/07/2011 - 05:55:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3B744FA6-D802-4BD3-99A4-67FAA273108D}

O43 - CFD: 20/02/2012 - 22:43:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3BD502EC-4653-4CA2-B830-3F828151AE33}

O43 - CFD: 27/07/2011 - 05:10:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3BD53000-6F69-4656-84B5-6E6815517136}

O43 - CFD: 22/07/2011 - 06:36:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3CEBE0AB-CBF5-4076-AFAE-17381D80DB13}

O43 - CFD: 19/05/2011 - 11:20:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3D79E167-C779-417C-874C-7E637EB85FDE}

O43 - CFD: 26/02/2011 - 17:54:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3DB0AE15-A438-4F8C-AEF7-B83B32C157CD}

O43 - CFD: 13/02/2012 - 17:35:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3E1E1703-D483-40AA-BFDA-7A87CDD558A2}

O43 - CFD: 14/09/2011 - 15:28:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3F393D44-78A2-4665-BE98-3385FEFCFE59}

O43 - CFD: 02/04/2011 - 08:53:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{3F64CA72-EAA9-451C-B218-A2FA0BFBE1BC}

O43 - CFD: 22/05/2011 - 09:43:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{40C6A997-47D0-4F00-ABF2-745A3670124B}

O43 - CFD: 21/02/2012 - 14:52:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{42631408-378F-4E0C-B399-898C4CE6C942}

O43 - CFD: 28/05/2011 - 08:47:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{43CDFCEF-3DCE-4B72-8CE2-0B8B325FBC57}

O43 - CFD: 12/09/2011 - 09:05:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{43D508B0-CEA2-4551-AF50-0FE019D8B4B3}

O43 - CFD: 18/04/2011 - 20:46:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{45084EE3-5C6D-4F5B-989D-135258C97FCD}

O43 - CFD: 31/08/2011 - 14:18:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4568F3AD-160A-4A65-9154-F5DACABDD859}

O43 - CFD: 15/12/2011 - 19:01:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{458C35C7-0124-4380-80F1-E8750D146AC0}

O43 - CFD: 20/05/2011 - 07:37:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{45BA5394-64AE-404D-B358-977DDC6D760D}

O43 - CFD: 12/05/2011 - 06:00:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{45E3ED48-8F31-4D01-8CAE-66FF3E634802}

O43 - CFD: 20/07/2011 - 15:20:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{46328613-C337-4758-B3F5-C78114090C21}

O43 - CFD: 18/09/2011 - 17:15:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{481F3276-6A10-45C4-8F31-67C09ED88A0F}

O43 - CFD: 15/11/2011 - 17:03:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{482B2DD4-EF2F-4EA0-BE8D-C928806119D0}

O43 - CFD: 21/01/2012 - 11:35:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{495B729D-25CB-4553-82A5-51FF1D227E0A}

O43 - CFD: 16/09/2011 - 11:11:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4B821D33-343F-41A5-9B76-7B4F497A8FC0}

O43 - CFD: 13/05/2011 - 06:27:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4CBB2DD5-F97F-4AC3-ADAB-8D8653E92833}

O43 - CFD: 11/02/2011 - 11:09:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4D5645EF-237C-4780-9F1E-489C1A82DFD0}

O43 - CFD: 27/05/2011 - 06:52:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4D6BD3D3-9C15-48A5-BF0F-A93B57FE91CC}

O43 - CFD: 11/03/2011 - 07:36:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4E3DD3E4-4CBE-4C15-B80D-B6B074ED76EC}

O43 - CFD: 06/06/2011 - 08:03:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4EE48FF4-ABA9-4C84-A3B3-E34B3BF9B258}

O43 - CFD: 24/06/2011 - 11:00:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{4FD57558-A7C0-4970-96D8-086948C4916C}

O43 - CFD: 23/02/2011 - 09:34:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{516B17FB-FCB8-4EFE-9642-B9D502044CEA}

O43 - CFD: 26/03/2011 - 13:09:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{51767EBA-0267-44BF-910A-4291295EEE79}

O43 - CFD: 15/12/2011 - 19:01:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5179CF74-485D-4AC8-9330-35CB7D84C3B9}

O43 - CFD: 18/02/2011 - 18:45:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{51D0D13A-B9BA-4C1E-BB45-D0FD5187ED9F}

O43 - CFD: 25/08/2011 - 16:26:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5293FCEA-4200-441F-A354-854AA4D8E77C}

O43 - CFD: 01/02/2011 - 10:26:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5335A980-F5F9-43D1-9E32-200E8BF8F57A}

O43 - CFD: 02/07/2011 - 12:53:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{551DE657-D657-40E5-9654-22743D652E78}

O43 - CFD: 11/11/2011 - 10:18:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{559BCA5F-A139-4CF6-8397-C120401230C6}

O43 - CFD: 04/05/2011 - 15:26:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{55BD4686-6CBB-4C40-9D47-3EA620CE3C23}

O43 - CFD: 04/02/2011 - 23:03:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{56063E84-1996-41D7-B472-D96AD7B2B5E7}

O43 - CFD: 25/01/2012 - 15:42:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{563F203A-974B-4194-A38F-C13179114002}

O43 - CFD: 07/04/2011 - 15:49:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{575F206D-401C-44D1-9BE5-F4A211F46EE4}

O43 - CFD: 16/09/2011 - 11:11:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{57C137CD-CC22-4627-A628-503C76F888D8}

O43 - CFD: 28/07/2011 - 18:10:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{57D97262-34BE-4FD0-B3E1-57CA3D6CFD19}

O43 - CFD: 24/07/2011 - 13:18:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5837D9A8-938C-4913-8D11-97E2B3C8AD82}

O43 - CFD: 07/02/2012 - 11:40:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{58910861-ADBC-46F8-8516-249069508A29}

O43 - CFD: 08/01/2012 - 21:41:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{58C3561E-E3C5-44D8-B431-74A473A376F5}

O43 - CFD: 15/09/2011 - 10:12:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{58E11883-22A9-48C2-9D34-33C5B5E0E546}

O43 - CFD: 09/07/2011 - 00:05:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5902FE30-A581-499D-90BF-CAFAB0CD1F29}

O43 - CFD: 28/02/2011 - 17:22:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5A67D970-5B5E-412F-9B14-CF26B614B747}

O43 - CFD: 10/01/2012 - 13:24:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5A9015B8-5253-45BF-83C1-38CA8ACBC971}

O43 - CFD: 17/01/2011 - 19:05:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5A965071-F475-404B-866A-EAD3E6A7F081}

O43 - CFD: 14/08/2011 - 13:51:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5ACF6CE8-1E20-4C1B-930A-71CF83F0D7A2}

O43 - CFD: 28/01/2011 - 22:38:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5B4C4094-4CC4-44D3-898F-33BF3B4CDF89}

O43 - CFD: 18/05/2011 - 05:45:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5B84FE0B-0FF7-4234-9B74-77B9F6956C68}

O43 - CFD: 20/02/2012 - 21:22:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5BC15EEC-7503-4EB4-B0B7-E0ACF45B2AB7}

O43 - CFD: 05/07/2011 - 11:54:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5C00EB70-767E-4D20-80C3-08FB089D6D11}

O43 - CFD: 24/10/2011 - 09:14:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5C49BF0B-9D8A-4F42-8D7C-E20E67C10A88}

O43 - CFD: 24/03/2011 - 23:41:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5CC7C8CA-DC1F-4609-B472-651BA9E2236E}

O43 - CFD: 27/04/2011 - 05:49:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5CFC1EA5-A6AE-4AD6-94EB-FF77486A027A}

O43 - CFD: 21/03/2011 - 19:09:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{5D547109-58D6-4186-B74B-FA50A12482E8}

O43 - CFD: 13/02/2011 - 19:29:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6068C0C4-55EC-4AD7-8032-474CCE5EB62F}

O43 - CFD: 18/09/2011 - 17:15:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{609666C2-AF0A-4CC1-AE05-340BD55E3288}

O43 - CFD: 20/10/2011 - 12:08:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{61B3A49A-12BE-4418-B543-573B88639B3E}

O43 - CFD: 20/02/2011 - 19:47:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{622E47B5-EB37-4B22-B6ED-A5947A7714DB}

O43 - CFD: 20/06/2011 - 06:27:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6235E302-EF05-465D-AD9E-F0536936F87A}

O43 - CFD: 02/11/2011 - 09:47:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6267D8C0-7921-4533-B75A-E50B8C674602}

O43 - CFD: 22/02/2011 - 08:35:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{62A35721-89B9-42E3-8A9B-1829D7E57C6A}

O43 - CFD: 28/01/2012 - 16:49:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6376AFE4-3622-4DBB-AACB-56B9D054FBB6}

O43 - CFD: 16/06/2011 - 10:07:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{639E0063-4C0F-4B68-B55D-3117D43FFA6A}

O43 - CFD: 23/04/2011 - 14:00:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6416963E-EA9B-4744-9CA7-EE002802C2B6}

O43 - CFD: 31/01/2012 - 08:51:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{648CCAE6-554C-4C85-9E13-732A85F88D98}

O43 - CFD: 28/01/2012 - 16:50:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{653D9AB3-38D0-4182-964C-0FFD21425753}

O43 - CFD: 29/08/2011 - 10:47:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{654D24F4-64DF-407C-83E6-612072D613D0}

O43 - CFD: 18/01/2011 - 07:44:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{656783AC-4384-458A-AA26-BB45F7665836}

O43 - CFD: 11/12/2011 - 15:16:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{65936258-86EC-4BE7-9683-60906902BE43}

O43 - CFD: 02/03/2011 - 11:19:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{660C789E-C5F5-4E8C-97DE-B5E8220A0C64}

O43 - CFD: 24/03/2011 - 08:57:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{662C95DE-71D1-4E39-B8E8-81D4D9FCCB30}

O43 - CFD: 10/04/2011 - 11:38:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{66D27C92-9F4E-4514-80F8-B244E0D68E1E}

O43 - CFD: 17/06/2011 - 11:39:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{66F06E6F-B0A0-4367-B7D3-66A71DAA7945}

O43 - CFD: 16/01/2012 - 10:39:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{677C53CD-968C-45A6-90F1-9478165495AC}

O43 - CFD: 06/11/2011 - 00:26:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{68AEAD59-6B64-4B78-B55E-2FD4E504A36B}

O43 - CFD: 09/02/2012 - 16:36:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{69061EDE-0A39-495D-9B39-DB907720FBB3}

O43 - CFD: 02/08/2011 - 04:16:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{69198722-8C81-429F-8565-3A182E52B36C}

O43 - CFD: 02/02/2011 - 16:15:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6A4DF47C-5E91-4794-9547-3CB8FB5CB3EE}

O43 - CFD: 03/02/2011 - 13:44:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6AD238C4-E3A0-446E-8C31-E8912B44E013}

O43 - CFD: 29/01/2011 - 22:39:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6BF81E8F-40C3-4A85-8331-21273FC3BC29}

O43 - CFD: 01/04/2011 - 15:24:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6CF55FF4-CC10-4EA5-A474-6604FD4A5896}

O43 - CFD: 07/06/2011 - 12:16:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6DC69677-E191-4D6D-9425-E9515A6A49B3}

O43 - CFD: 17/02/2012 - 16:49:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6E1E20B3-948C-41AD-AA64-45192D8D98BB}

O43 - CFD: 06/05/2011 - 22:20:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6E524CBA-2518-4C42-9E6C-9D7272E7DBC0}

O43 - CFD: 26/06/2011 - 22:40:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{6E52DF0E-68E5-4392-9275-E44E72E55A28}

O43 - CFD: 17/03/2011 - 14:45:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{701C3C62-85A5-4D29-8038-3D5E872FC4B5}

O43 - CFD: 23/07/2011 - 11:28:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{739E8BE2-9DE4-4C53-89F1-E960E673D749}

O43 - CFD: 25/07/2011 - 19:25:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{74BE1ACA-6EC1-4E06-9697-1AC2AEF5A2C6}

O43 - CFD: 29/08/2011 - 10:47:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{758BCDAE-199D-44E3-B4BB-0C93E6FE08B6}

O43 - CFD: 19/03/2011 - 09:39:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7633B366-D324-41E1-9963-1A33796B1EA5}

O43 - CFD: 29/05/2011 - 12:04:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7658734F-7A25-443F-A943-9D4E1F574668}

O43 - CFD: 08/01/2012 - 17:20:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7775AEF7-B7F9-47C2-B705-EC60F1DDE527}

O43 - CFD: 14/12/2011 - 08:28:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{77971BC6-4CDE-404D-9399-EA58BF7D0DCE}

O43 - CFD: 09/09/2011 - 05:57:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{788BEB8C-6393-4BE7-98EF-C107EE79E42E}

O43 - CFD: 22/06/2011 - 05:58:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{795D62E7-4650-47EB-92A7-17944CD3A2EE}

O43 - CFD: 19/06/2011 - 14:21:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7A1E2005-F5E2-4FB9-B89B-D07ADA870AEA}

O43 - CFD: 20/01/2011 - 21:58:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7AE32EF6-96FB-4718-9ABF-03B2B570134E}

O43 - CFD: 26/07/2011 - 10:12:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7B5166F7-BD84-4E60-9021-AE8DF5A2586F}

O43 - CFD: 21/06/2011 - 17:51:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7B920D4B-21FD-4333-86D8-95E7E067FE1D}

O43 - CFD: 29/07/2011 - 07:42:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7BFDD299-5486-480D-9170-5531D1E24186}

O43 - CFD: 03/03/2011 - 12:50:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7C1ECB38-F530-4D53-9DAF-CF96E05002E8}

O43 - CFD: 16/12/2011 - 13:58:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7C25AEFF-AD9D-44D9-8259-0F249CE8C9E9}

O43 - CFD: 26/04/2011 - 05:34:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7C95EF6E-0A68-4B07-9097-4AC14A926A2D}

O43 - CFD: 13/03/2011 - 15:13:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7D1ADCE8-BA4D-4AEB-81FE-71206D0A1EAF}

O43 - CFD: 10/01/2012 - 13:24:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{7F42ACDE-4B7B-4D34-8C05-21F402DE8A60}

O43 - CFD: 14/12/2011 - 08:28:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{80364475-7754-4B9F-A5AE-5E354D774ABE}

O43 - CFD: 02/11/2011 - 09:47:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{809D7F5E-2C05-427C-88C0-93EE2094FF88}

O43 - CFD: 11/05/2011 - 12:12:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{80DA5CFA-93E3-4AD9-A0F5-473E1A619689}

O43 - CFD: 03/05/2011 - 18:29:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8153E106-8040-4065-ACE4-45184D1FA745}

O43 - CFD: 14/09/2011 - 15:28:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{816DEDBB-D6B0-4645-BB85-B1927E25A5B1}

O43 - CFD: 12/06/2011 - 13:51:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{816F856D-0A97-463C-98A0-721B06A10942}

O43 - CFD: 09/02/2011 - 07:49:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{83295015-8283-476E-A893-5767639A8C00}

O43 - CFD: 30/07/2011 - 09:54:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{843CC63E-4870-4211-B5CE-3C7CFF04BEC4}

O43 - CFD: 28/08/2011 - 10:36:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{84E67CDF-0D75-4284-8094-E66910858F1E}

O43 - CFD: 19/02/2012 - 23:30:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{85732E89-077E-4DC5-ADE9-EEB9FA6EFFFE}

O43 - CFD: 16/12/2011 - 13:59:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{85874603-5ED5-4ED9-BD4C-653E7041A389}

O43 - CFD: 04/01/2012 - 13:11:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{86B4C1DA-FC4B-44B7-A543-CAFC62FDF2CB}

O43 - CFD: 20/02/2012 - 21:33:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{870F5682-2F30-4724-8EB6-634D207FB7F3}

O43 - CFD: 17/07/2011 - 13:00:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{876F3D2E-F666-4731-9C29-6E4227B5F334}

O43 - CFD: 08/02/2012 - 21:21:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{87DF79D0-F076-4FC9-B281-1E637572EA68}

O43 - CFD: 08/06/2011 - 18:05:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8876C1A3-9CE3-4496-BFA3-CE3108477038}

O43 - CFD: 30/04/2011 - 23:36:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{890899D5-1546-4F2D-AEA2-0607F985FDBE}

O43 - CFD: 15/03/2011 - 18:07:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{89233687-3835-4366-8B30-F05C363D8164}

O43 - CFD: 13/04/2011 - 15:42:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{89FA6F22-0787-4DB5-9DDF-779A302655BC}

O43 - CFD: 03/04/2011 - 11:34:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8A1D1B54-0856-4EA4-9971-61476188EAAE}

O43 - CFD: 09/09/2011 - 05:57:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8A40AF3E-63EB-46DB-A20E-BEAEAF3E3537}

O43 - CFD: 21/02/2012 - 15:14:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8B94A222-07A7-414F-9BD9-1AFCEBACBBA1}

O43 - CFD: 20/03/2011 - 11:40:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8BB612D4-6D15-4452-B559-16F9BBBBEDA0}

O43 - CFD: 14/01/2012 - 11:22:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8C1ADEB0-C9BB-44F3-B8F1-4B5DD6F8CC7A}

O43 - CFD: 10/03/2011 - 13:18:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8C7D841A-7090-4CE3-83CD-ABC5EA00A287}

O43 - CFD: 18/01/2011 - 19:45:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8D04A7DC-9C43-465C-AFEB-B77248123669}

O43 - CFD: 04/07/2011 - 22:44:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8D9F05A7-6990-4A0B-A653-55FB6449BA01}

O43 - CFD: 15/06/2011 - 07:00:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{8E1BE458-D02A-4823-A831-D81DE715D733}

O43 - CFD: 26/05/2011 - 11:57:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9089AEF2-2BD0-411F-9F17-0C885C1C680E}

O43 - CFD: 31/01/2011 - 10:25:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{93188C74-7D59-42FB-BA39-AB4514FEEDC0}

O43 - CFD: 19/12/2011 - 14:26:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{93E07486-1ABB-41A5-A759-5F47C16D057F}

O43 - CFD: 07/03/2011 - 12:27:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{94AAC6E8-3DCF-434C-AE99-294421F7F6A5}

O43 - CFD: 29/04/2011 - 18:54:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{95041F25-B688-4CC5-A0F1-C442C1B20F86}

O43 - CFD: 01/03/2011 - 07:00:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{95B3640E-FEA6-4198-90FE-B3E0E5036273}

O43 - CFD: 01/01/2012 - 22:15:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9610EFC3-D4FA-4E27-A81A-BE3A65A20655}

O43 - CFD: 16/03/2011 - 06:54:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9640B7CD-013C-447E-8D1C-171BB82FE28D}

O43 - CFD: 01/05/2011 - 12:06:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{97D346A1-2F8E-458D-B6C8-645328BC3334}

O43 - CFD: 09/04/2011 - 01:06:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9836F423-1E5D-4F86-93FD-3A85E4C10D84}

O43 - CFD: 11/11/2011 - 10:21:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{988B3C28-BC7D-46AE-8302-CCDBD1698106}

O43 - CFD: 05/02/2012 - 12:20:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{990FD2C6-0FAA-4907-8B2F-3DC0E703B33A}

O43 - CFD: 07/01/2012 - 22:20:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{99587F48-B8CF-474D-907F-3714E3ACE30D}

O43 - CFD: 06/06/2011 - 20:03:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{99C2C5FF-6887-4AA1-9352-EB7BF8EB2DA4}

O43 - CFD: 05/04/2011 - 22:20:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9C77D5B8-44AB-41C3-B462-5E7672519965}

O43 - CFD: 02/05/2011 - 18:01:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9DD6F0B8-6F2E-401C-9ED6-F53D5F480847}

O43 - CFD: 27/01/2011 - 21:10:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9E2D72EE-8239-4125-B57C-BF78F48585EA}

O43 - CFD: 29/03/2011 - 08:47:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9E471AF1-9B18-480C-AFF6-952F240E6BFF}

O43 - CFD: 28/04/2011 - 05:50:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9EDF93AF-4CC0-4D2C-9E32-6235D4C818BD}

O43 - CFD: 15/09/2011 - 10:12:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{9FA7402C-67D5-46AD-9D3E-83B7FECC3D28}

O43 - CFD: 12/06/2011 - 00:42:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A0696123-FD6D-4AAF-9BEC-4301D4DAC0A6}

O43 - CFD: 24/01/2011 - 07:00:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A0E61145-7D45-435C-A507-1CA31103E20C}

O43 - CFD: 11/11/2011 - 10:18:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A213630E-D4AE-457D-87AC-B056C7780A41}

O43 - CFD: 14/09/2011 - 06:56:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A2B916C3-80A9-4A43-80D4-F325D0CB468F}

O43 - CFD: 30/01/2011 - 10:50:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A2E436FF-7274-4FC1-B332-A8658E4FCF02}

O43 - CFD: 07/02/2012 - 11:39:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A2E544C3-D338-4201-A764-58D8CD323CDA}

O43 - CFD: 30/04/2011 - 10:06:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A383BA46-F5CA-4BF9-A5DA-A1ACEA9CD710}

O43 - CFD: 01/07/2011 - 23:43:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A42518E4-551F-49DC-814F-55DD26B3465A}

O43 - CFD: 21/02/2012 - 15:19:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A45D423A-126E-4781-8A54-C2D7C613179E}

O43 - CFD: 03/05/2011 - 06:02:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{A7FBD068-9788-4B6D-9992-D7FFF6767EF7}

O43 - CFD: 10/05/2011 - 08:45:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AA954891-FB80-4F1A-948B-672FB8F21488}

O43 - CFD: 15/05/2011 - 10:41:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AA9BDA9E-8733-4C9B-B528-08371EDD9292}

O43 - CFD: 27/01/2012 - 17:45:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AB4B200D-BFC3-4D85-A789-47E2FEF5C137}

O43 - CFD: 18/05/2011 - 19:47:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{ABA7C76A-EBF6-4D95-828F-99C6CDC21052}

O43 - CFD: 07/09/2011 - 19:41:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{ABC2C92F-02A0-446A-8B40-C06E36736FD4}

O43 - CFD: 07/05/2011 - 10:51:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AD34AC57-F6D9-4D0A-8A0E-5C25A32C2573}

O43 - CFD: 23/06/2011 - 11:19:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AE5714B6-7986-4C89-BB0F-ED4BAC1CA5AF}

O43 - CFD: 24/02/2011 - 10:06:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AE7761DF-F708-483B-95EE-D2E359E7A4F7}

O43 - CFD: 08/03/2011 - 07:36:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AF06230F-1912-48AB-951B-68F29A250EB1}

O43 - CFD: 29/01/2011 - 10:39:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AF13A304-85F7-46EE-9FE6-B02E6E77EB67}

O43 - CFD: 13/06/2011 - 10:05:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AF1D090C-A2CB-44BF-8664-283B5746E190}

O43 - CFD: 22/06/2011 - 22:33:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{AF540A81-CEC9-4064-9950-AC0B45C00955}

O43 - CFD: 12/07/2011 - 05:58:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B08B8986-AA26-49BA-A408-5D311EF35194}

O43 - CFD: 30/05/2011 - 12:35:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B0AD13C4-F86E-4AD3-9DA5-3BDEB6182255}

O43 - CFD: 05/05/2011 - 18:00:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B0FFD838-F10E-4B30-82BD-F9CAEBAA2408}

O43 - CFD: 29/06/2011 - 11:26:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B1BEAC06-2491-479F-960B-2BDA122956C1}

O43 - CFD: 08/02/2011 - 11:32:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B2198797-234C-4990-80E0-57423593EAB6}

O43 - CFD: 01/08/2011 - 08:36:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B2702DE9-B2A9-43C5-942F-EB5779F04595}

O43 - CFD: 07/09/2011 - 19:42:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B2CFFB98-4036-4550-A393-C465F4031687}

O43 - CFD: 19/03/2011 - 23:07:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B4A4002F-82E4-4B97-BD87-E1983D3B41E2}

O43 - CFD: 19/01/2011 - 08:41:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B5D2F744-F7B3-4D79-A1EC-CABA44604ECF}

O43 - CFD: 10/06/2011 - 10:16:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B62FA563-7559-4B7A-8A2F-42F50A21F3D9}

O43 - CFD: 31/05/2011 - 16:02:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B6A12F10-05F3-4E21-8110-56F5EBC67340}

O43 - CFD: 05/06/2011 - 20:01:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B99019E8-4B15-40CB-9558-EF4313188240}

O43 - CFD: 13/05/2011 - 18:27:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{B9A5178F-18BE-46E3-90E6-9E47E1034E1A}

O43 - CFD: 16/05/2011 - 21:38:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BBBA506E-C945-4F11-AAA6-8023F0D0CC21}

O43 - CFD: 25/02/2011 - 23:46:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BC13790A-07A1-4648-A8DF-4FCE3A8E4F08}

O43 - CFD: 20/02/2012 - 22:43:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BCCB0F9A-FD79-4049-882C-22757561328A}

O43 - CFD: 28/03/2011 - 19:37:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BE3220F8-C8D8-4242-9C20-AFCBD95E6991}

O43 - CFD: 09/05/2011 - 07:17:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BE36A560-A937-4C8C-9BCC-64A1B6662A00}

O43 - CFD: 03/10/2011 - 13:46:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BE9EB87B-B5BB-42AF-83ED-1F588ECBFBD2}

O43 - CFD: 03/01/2012 - 21:58:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BF6DE3CE-1E06-49DF-9D9B-FB69610E4F4F}

O43 - CFD: 28/04/2011 - 18:03:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BF87F701-0B42-42BA-AF5C-A75B0EBAAB22}

O43 - CFD: 10/02/2011 - 09:00:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BFAE7B87-6F57-4FFA-A315-BAC882248C0F}

O43 - CFD: 15/07/2011 - 12:14:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BFC0BBA5-68E7-4E87-AD57-88D2B7B8EE57}

O43 - CFD: 29/11/2011 - 13:25:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{BFC44DA1-A16C-471E-8A0C-1C529F50D6B3}

O43 - CFD: 08/05/2011 - 17:13:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C01F9D2D-0DA7-45CF-B19D-BF3840C2CAF6}

O43 - CFD: 25/08/2011 - 16:26:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C037E4AA-0DB9-4347-AD91-4839AFE1A3B4}

O43 - CFD: 14/07/2011 - 23:50:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C056F71A-E025-450F-9DB1-DA78E79B7F15}

O43 - CFD: 17/08/2011 - 09:58:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C1259C4E-8D82-4110-8DD5-1FB5262EB897}

O43 - CFD: 02/08/2011 - 16:52:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C139E3DE-78F0-4C25-B0A6-A81BC08191E5}

O43 - CFD: 04/04/2011 - 08:18:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C147E226-4FB2-44CA-9045-9E7DA01A92E6}

O43 - CFD: 23/05/2011 - 13:47:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C284FC43-CCCE-4049-95FC-70CD3ECEAF28}

O43 - CFD: 21/01/2012 - 11:36:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C2A0664F-D70B-4ED3-BC4A-97056117AEAF}

O43 - CFD: 29/11/2011 - 13:25:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C2CC6583-ABB3-4061-9174-1D6CB1075F67}

O43 - CFD: 10/12/2011 - 18:58:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C2DB6FE6-C9A0-48B9-A78D-C1DFA533EF85}

O43 - CFD: 13/07/2011 - 13:10:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C3C94EB8-53B8-4C37-B4C1-79DE08D3BE7D}

O43 - CFD: 07/07/2011 - 21:22:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C3DFC118-8985-4426-8E98-B5BCE245D2B5}

O43 - CFD: 20/05/2011 - 22:07:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C3F9FE5C-E728-4846-B4AC-AD9F4465897E}

O43 - CFD: 17/08/2011 - 09:58:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C45D5292-D94A-42E3-962E-322CFB966B00}

O43 - CFD: 27/01/2011 - 06:46:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C6201E24-47B7-4AC9-ABE5-1605CC32877F}

O43 - CFD: 28/01/2012 - 16:58:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C67E46C1-38B9-4553-B97C-BDC1727F67A7}

O43 - CFD: 02/03/2011 - 23:19:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C86D8D22-B30C-4CF4-82F1-F354CACBDFAA}

O43 - CFD: 18/06/2011 - 23:15:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{C8E62904-B0B3-492E-BDB2-516889424DD8}

O43 - CFD: 09/05/2011 - 20:45:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CB288A35-E252-4DF9-939D-B7808A7D33F7}

O43 - CFD: 27/07/2011 - 17:10:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CB29E9E0-F03E-4E3D-9849-1BBF5175BD16}

O43 - CFD: 06/07/2011 - 21:20:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CC07754D-05A9-4E63-BC66-0002F91EAA88}

O43 - CFD: 08/06/2011 - 06:05:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CC41D908-2FF6-43BD-BBE8-F36E45D86E6B}

O43 - CFD: 22/04/2011 - 09:53:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CD7FC03E-8E5D-4392-987D-79567967058D}

O43 - CFD: 03/10/2011 - 07:59:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CDA0DBD7-F66A-4D00-87C2-B26B0891DD29}

O43 - CFD: 25/01/2011 - 22:49:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CDBDB67D-C48C-4F74-893C-AFE2A21B5B3C}

O43 - CFD: 07/01/2012 - 22:32:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CDE66C4F-73E3-4AD9-94C8-4DC9C6197C6A}

O43 - CFD: 04/08/2011 - 19:09:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CE31547A-6F12-4EC9-AA8B-F3B258A5B6BF}

O43 - CFD: 07/01/2012 - 22:20:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CE34A7F7-0501-463F-87FD-77E6AAEDFA7E}

O43 - CFD: 07/02/2011 - 17:33:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CEDC79C2-424F-4681-8392-17717EA4965D}

O43 - CFD: 08/01/2012 - 16:49:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CF0A5656-63D6-4F39-A58D-78154788EEBA}

O43 - CFD: 21/02/2011 - 13:27:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{CF9D16D4-FA64-40B8-BE79-FB247911F6AD}

O43 - CFD: 21/07/2011 - 06:04:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D178EB50-9D0D-4EBA-B47E-EAFF2EDD6DE0}

O43 - CFD: 09/08/2011 - 15:55:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D1E74210-8381-4507-9C8C-167518452285}

O43 - CFD: 17/02/2011 - 11:19:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D26518A6-FB24-40AE-9AA5-D55D44F05785}

O43 - CFD: 04/01/2012 - 13:12:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D2900F3C-2251-4102-9296-93C1B3CBCD5B}

O43 - CFD: 28/03/2011 - 07:28:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D37D1ACA-269E-4218-96C3-8E2D34E4C201}

O43 - CFD: 28/09/2011 - 15:06:42 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D3A30A07-5865-4BD5-9482-113686597563}

O43 - CFD: 18/02/2011 - 06:45:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D3A5F627-4FA2-418F-A414-644A514A2633}

O43 - CFD: 24/04/2011 - 09:00:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D46A4A34-1523-456F-81C8-F496CDFD0149}

O43 - CFD: 03/10/2011 - 13:46:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D49B7127-9AC6-4E47-B387-0D9A5ABCF63F}

O43 - CFD: 22/04/2011 - 22:45:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D578925B-3C68-4677-B29F-457D01149224}

O43 - CFD: 19/04/2011 - 14:04:58 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D59A411E-7CBD-4272-91CC-671BD502411C}

O43 - CFD: 03/10/2011 - 07:59:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D78D14FF-FE66-4345-8B93-D6CCA3DBF855}

O43 - CFD: 24/10/2011 - 09:14:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D822F975-F1BB-4DA3-A40A-9AB105302B44}

O43 - CFD: 22/03/2011 - 17:13:32 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D82CE4C8-1D7E-45EB-B7CF-FB527D3A6520}

O43 - CFD: 15/06/2011 - 22:06:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D88BFBB7-CFCA-4F67-8A71-9D5332498B75}

O43 - CFD: 08/01/2012 - 16:49:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D9C28C76-374D-4841-B244-01163D6510B7}

O43 - CFD: 18/03/2011 - 08:03:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D9CEA7CE-2D10-4958-97D0-0401ECD1CE72}

O43 - CFD: 15/02/2011 - 11:09:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{D9FD7DEB-0A0E-4BBB-A9C9-E6E05CA2643A}

O43 - CFD: 19/11/2011 - 14:44:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{DB0F3245-5AD7-468D-98F2-648794D80728}

O43 - CFD: 24/04/2011 - 23:34:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{DB166D0D-3D87-4431-962E-53F9A8B1E459}

O43 - CFD: 03/01/2012 - 21:58:16 - [0] ----D- C:\Users\Aurélie\AppData\Local\{DD704082-B07F-4CB3-A7B7-FE11C00C6E3B}

O43 - CFD: 24/05/2011 - 21:36:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{DD84EA88-AF2C-47ED-B059-CB3B5A6E03BC}

O43 - CFD: 08/02/2012 - 21:21:26 - [0] ----D- C:\Users\Aurélie\AppData\Local\{DF2A8524-63B1-410C-8A01-F5D46777C9CE}

O43 - CFD: 20/02/2012 - 23:04:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{DF73B2B6-FD1E-4076-80AA-ADE8FAC58A71}

O43 - CFD: 01/01/2012 - 22:16:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E0B7DA9E-DF69-4573-AC1E-699F27F3A875}

O43 - CFD: 22/02/2011 - 20:35:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E19AF4F7-4F6A-4556-82DC-E9E0730062FB}

O43 - CFD: 14/09/2011 - 06:56:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E1BA8970-5F8A-401B-9ABE-2AD8DC26A262}

O43 - CFD: 04/02/2011 - 08:58:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E1D30EF8-5FEC-4A48-B19C-A6E5A9F9CA43}

O43 - CFD: 25/07/2011 - 06:20:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E1DA3F10-5007-4B94-A4C3-BB0CD397401A}

O43 - CFD: 08/07/2011 - 09:23:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E22F5B47-213A-4DF6-8EBA-C0D266011C1B}

O43 - CFD: 17/04/2011 - 18:11:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E2A045A3-AC41-485D-93E7-8024827BD729}

O43 - CFD: 09/04/2011 - 17:02:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E31A975F-832C-4779-A0D4-AA6CBCE46658}

O43 - CFD: 06/09/2011 - 07:49:18 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E3423E70-23C0-42F4-8074-522EA422397C}

O43 - CFD: 02/05/2011 - 05:56:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E3A7764E-A70F-41AC-9DA8-06295C7D99EB}

O43 - CFD: 06/11/2011 - 00:25:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E3E5E012-196D-4188-842E-F5F3B8DE93D0}

O43 - CFD: 21/05/2011 - 16:20:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E4FAFB63-F1AA-430F-90E3-511B9791C66C}

O43 - CFD: 10/12/2011 - 18:58:20 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E57A3775-FDCC-4ECB-8347-B34751990406}

O43 - CFD: 21/02/2012 - 14:52:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E609CDBF-65FE-44C5-985D-41898A0A16B4}

O43 - CFD: 23/03/2011 - 06:51:34 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E9B67782-744D-484F-8D48-220B5D1694FA}

O43 - CFD: 27/01/2012 - 16:43:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{E9BA43E4-3ED3-40D7-984E-AE10466CE227}

O43 - CFD: 28/06/2011 - 08:35:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EA9248E9-56DE-486D-8E28-43DA306CB105}

O43 - CFD: 13/02/2011 - 02:58:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EB4C3C9E-6059-43D0-8365-BFFC3E856134}

O43 - CFD: 27/05/2011 - 18:52:36 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EB548987-89BC-4476-8BEA-B796A7EEFE45}

O43 - CFD: 12/03/2011 - 00:03:44 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EBCB8E92-96E2-461A-B01C-56F6278A05A1}

O43 - CFD: 15/04/2011 - 20:53:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EC1F289F-DD81-46CB-86B6-3E2F3887D611}

O43 - CFD: 10/02/2011 - 23:08:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{ECB14B87-7513-47F9-8A94-E68F8FD5EC59}

O43 - CFD: 19/02/2012 - 23:31:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{ECB7B884-7475-44B0-99BC-4BB8767E863D}

O43 - CFD: 22/07/2011 - 22:52:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{ED1D1AFA-2352-4673-BF42-A08B6C082D7A}

O43 - CFD: 27/01/2012 - 16:44:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{ED1DD6A8-F18C-4B3A-9967-47D67CED17F9}

O43 - CFD: 12/04/2011 - 16:49:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EDBB534D-EC92-4D41-8CD0-9802F76140CC}

O43 - CFD: 14/02/2011 - 20:47:38 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EE43A181-8C5E-4B5A-9A7B-220EE6FADDCF}

O43 - CFD: 21/06/2011 - 05:51:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EE9B299A-AA1E-43E5-8ECC-3923243DEA2B}

O43 - CFD: 27/04/2011 - 17:50:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EED8189B-D544-4778-BAAD-4D0E174BF541}

O43 - CFD: 21/03/2011 - 06:49:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{EF3B6A22-7C1B-44B0-92A1-849D4864C2F9}

O43 - CFD: 07/01/2012 - 22:31:50 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F0A2C375-5A06-4634-AE86-3A693340169E}

O43 - CFD: 03/07/2011 - 22:32:14 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F114E66E-0CC1-4974-A6A0-FC439CCBD1F5}

O43 - CFD: 13/06/2011 - 22:05:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F2091F24-2806-4858-B952-4EB720516D0D}

O43 - CFD: 25/01/2011 - 07:18:48 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F2808BF6-3FC7-4403-88FE-4A8CE1B6A690}

O43 - CFD: 09/03/2011 - 15:33:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F398CF3B-7957-4833-8A6D-D7781A727AD0}

O43 - CFD: 27/02/2011 - 23:08:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F3F4C342-ECCA-4C6E-AF9B-CE93C01914E9}

O43 - CFD: 06/04/2011 - 14:03:24 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F4B93110-9EC2-470B-8B5D-D56822B9582B}

O43 - CFD: 11/11/2011 - 10:21:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F5026C40-2968-4321-80E4-731B56CDC13E}

O43 - CFD: 10/07/2011 - 21:14:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F517BD1A-7CE1-45D8-A7E7-FCAE8C2338EE}

O43 - CFD: 12/05/2011 - 18:27:08 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F575A246-D650-4338-8FD9-F91F7FCFD07A}

O43 - CFD: 20/02/2012 - 23:04:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F606953B-BEA3-44D7-94DE-4649C8420684}

O43 - CFD: 20/01/2011 - 09:57:22 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F60AAD4A-3396-4FA0-8686-B4C9265A3873}

O43 - CFD: 21/04/2011 - 21:53:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F61F6167-C43D-425C-90C6-979927D7260E}

O43 - CFD: 16/01/2012 - 10:39:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F65BDBF0-E947-4A43-AE4F-94DFE5811883}

O43 - CFD: 05/02/2011 - 12:08:54 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F69F67E7-6417-41A8-935A-9AE1969FA86C}

O43 - CFD: 06/09/2011 - 07:49:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F72EA550-24BC-45CE-855D-BB29661452DC}

O43 - CFD: 16/05/2011 - 09:09:00 - [0] ----D- C:\Users\Aurélie\AppData\Local\{F7EF3A07-74F6-4F0C-996A-DB874C9269F1}

O43 - CFD: 16/03/2011 - 19:49:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FAB28874-243E-43BA-A7ED-1F1AC4B291DC}

O43 - CFD: 15/11/2011 - 17:03:12 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FAC2A8A7-05B6-4550-824C-1BA2214396D5}

O43 - CFD: 08/01/2012 - 17:19:56 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FB98923F-4A83-48FD-93A2-08656F96EAB2}

O43 - CFD: 25/02/2011 - 07:30:02 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FBE4AD69-C434-4D8E-AFAB-8979B13FDA55}

O43 - CFD: 18/06/2011 - 07:21:04 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FC41642E-6FFA-4DA9-9541-C837FA85A9E1}

O43 - CFD: 21/02/2012 - 14:41:40 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FD168E20-D934-4615-825C-2490554D3AB6}

O43 - CFD: 31/05/2011 - 00:39:10 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FD4E21FF-BABE-4AAE-AD37-A74AB4B4E610}

O43 - CFD: 07/09/2011 - 20:44:52 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FD6C948C-733D-4AE5-B3F1-06618E525FB8}

O43 - CFD: 20/02/2012 - 21:33:30 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FDCB0BA1-5EA7-4155-A67C-F0FBD8D5110F}

O43 - CFD: 14/02/2011 - 07:29:46 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FE0601E8-5689-4D22-87FB-1F1759DCE942}

O43 - CFD: 14/08/2011 - 13:51:28 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FEF4A34C-CE02-4693-A416-F6ABEB9B441F}

O43 - CFD: 06/03/2011 - 10:57:06 - [0] ----D- C:\Users\Aurélie\AppData\Local\{FF63947B-8073-4C1D-9180-3D09517BA375}

O43 - CFD: 17/01/2011 - 21:23:20 - [173,311] ----D- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint

O43 - CFD: 30/03/2011 - 11:22:16 - [110,605] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 25/07/2011 - 16:07:32 - [2,316] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 13/06/2011 - 22:20:32 - [0,002] ----D- C:\Program Files (x86)\Ask.com

O43 - CFD: 02/11/2011 - 07:28:56 - [0,602] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 17/08/2010 - 00:33:54 - [3,432] ----D- C:\Program Files (x86)\Cisco

O43 - CFD: 03/10/2011 - 10:00:26 - [270,190] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 17/08/2010 - 00:43:34 - [1648,318] ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 12/07/2010 - 21:18:28 - [102,203] ----D- C:\Program Files (x86)\EasyBits For Kids

O43 - CFD: 17/01/2011 - 21:24:14 - [14,375] ----D- C:\Program Files (x86)\epson

O43 - CFD: 17/01/2011 - 21:26:58 - [160,427] ----D- C:\Program Files (x86)\Epson Software

O43 - CFD: 07/07/2011 - 19:07:12 - [0] ----D- C:\Program Files (x86)\Google

O43 - CFD: 16/09/2011 - 10:28:06 - [846,379] ----D- C:\Program Files (x86)\Hewlett-Packard

O43 - CFD: 22/12/2011 - 19:56:58 - [347,052] ----D- C:\Program Files (x86)\HP Games

O43 - CFD: 16/09/2011 - 10:28:42 - [191,958] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 17/08/2010 - 00:30:56 - [9,104] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 17/02/2012 - 16:42:02 - [5,453] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 06/11/2011 - 00:46:54 - [139,827] ----D- C:\Program Files (x86)\iTunes

O43 - CFD: 12/07/2010 - 21:40:12 - [87,258] ----D- C:\Program Files (x86)\Java

O43 - CFD: 17/01/2011 - 21:01:54 - [15,541] ----D- C:\Program Files (x86)\JRE

O43 - CFD: 10/03/2011 - 14:11:08 - [0,000] ----D- C:\Program Files (x86)\LimeWire

O43 - CFD: 16/02/2012 - 22:55:44 - [12,399] ----D- C:\Program Files (x86)\Microsoft Application Virtualization Client

O43 - CFD: 17/01/2011 - 20:43:08 - [6,425] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 12/07/2010 - 19:22:32 - [1,745] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 19/01/2011 - 08:48:14 - [0,015] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 14/07/2009 - 06:32:40 - [0,025] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 17/08/2010 - 00:45:44 - [179,683] ----D- C:\Program Files (x86)\Norton Internet Security

O43 - CFD: 17/08/2010 - 00:45:10 - [37,989] ----D- C:\Program Files (x86)\NortonInstaller

O43 - CFD: 17/01/2011 - 17:32:04 - [20,599] R---D- C:\Program Files (x86)\Online Services

O43 - CFD: 17/01/2011 - 21:01:54 - [370,139] ----D- C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 01/05/2011 - 16:46:38 - [3,528] ----D- C:\Program Files (x86)\PhotoFiltre

O43 - CFD: 02/11/2011 - 07:36:44 - [72,431] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 17/08/2010 - 00:33:12 - [7,813] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 06:32:40 - [37,345] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 12/07/2010 - 19:55:44 - [6,152] ----D- C:\Program Files (x86)\Symantec

O43 - CFD: 17/08/2010 - 00:31:52 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 14/07/2009 - 05:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 22/12/2011 - 19:56:10 - [9,600] ----D- C:\Program Files (x86)\WildTangent Games

O43 - CFD: 13/07/2010 - 04:47:42 - [0,500] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 17/01/2011 - 19:01:24 - [168,545] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 06/01/2012 - 07:43:54 - [5,895] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 06/01/2012 - 07:43:54 - [5,090] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 06:32:40 - [11,632] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 06/01/2012 - 07:43:54 - [4,213] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 06/01/2012 - 07:43:54 - [0,181] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 06/01/2012 - 07:43:56 - [5,717] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 11/08/2011 - 18:02:42 - [3,865] ----D- C:\Program Files (x86)\WinRAR

O43 - CFD: 08/03/2011 - 07:35:00 - [0] ----D- C:\Program Files (x86)\Yahoo!

O43 - CFD: 21/02/2012 - 15:30:28 - [10,100] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 17/01/2011 - 21:22:08 - [7,724] ----D- C:\Program Files (x86)\Common Files\ABBYY

O43 - CFD: 30/03/2011 - 11:22:20 - [3,353] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 12/07/2010 - 20:38:58 - [30,315] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 06/11/2011 - 00:45:30 - [98,993] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 17/08/2010 - 00:44:58 - [0,132] ----D- C:\Program Files (x86)\Common Files\CyberLink

O43 - CFD: 17/01/2011 - 20:43:08 - [0,095] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 12/07/2010 - 19:18:44 - [3,806] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 17/08/2010 - 00:30:04 - [13,578] ----D- C:\Program Files (x86)\Common Files\Intel

O43 - CFD: 12/07/2010 - 21:40:24 - [1,175] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 17/08/2010 - 00:37:56 - [35,698] ----D- C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 17/06/2011 - 07:57:48 - [26,350] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 04:20:10 - [39,200] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 06/01/2012 - 07:43:52 - [9,771] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 12/07/2010 - 19:19:54 - [0] ----D- C:\Program Files (x86)\Common Files\Windows Live

~ Scan Program Folder in 00mn 54s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.0B413BA1CAB1C20CD26558785E02EE65] - 21/02/2012 - 15:22:57 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1896857]

O44 - LFC:[MD5.2CF16ABF1188340D7565094987E1E455] - 21/02/2012 - 15:17:35 ---A- . (...) -- C:\Windows\setupact.log [77060]

O44 - LFC:[MD5.39AD0F556AFF6ECA11B5D8DACA9EC390] - 21/02/2012 - 15:17:32 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.B0AE7742DA25B7973F7BB7C11F1D7CB3] - 21/02/2012 - 15:04:28 ---A- . (...) -- C:\Windows\ntbtlog.txt [65730]

O44 - LFC:[MD5.9C7B8995249D6B0F3B2A509E27769C91] - 19/02/2012 - 12:49:52 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1551488]

O44 - LFC:[MD5.2735B1220B5CDD4424FA5D0BC2AAD55D] - 19/02/2012 - 12:49:52 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106816]

O44 - LFC:[MD5.E18F9623B7902FB75A17292FDF7842D0] - 19/02/2012 - 12:49:52 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [131182]

O44 - LFC:[MD5.DC86400597E41CF2373D7360030EA002] - 19/02/2012 - 12:49:52 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616694]

O44 - LFC:[MD5.D8F92473985466DB11B66F4A5174EEC3] - 19/02/2012 - 12:49:52 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [705166]

O44 - LFC:[MD5.9C7B8995249D6B0F3B2A509E27769C91] - 19/02/2012 - 12:49:52 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1551488]

O44 - LFC:[MD5.2735B1220B5CDD4424FA5D0BC2AAD55D] - 19/02/2012 - 12:49:52 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106816]

O44 - LFC:[MD5.E18F9623B7902FB75A17292FDF7842D0] - 19/02/2012 - 12:49:52 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [131182]

O44 - LFC:[MD5.DC86400597E41CF2373D7360030EA002] - 19/02/2012 - 12:49:52 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [616694]

O44 - LFC:[MD5.D8F92473985466DB11B66F4A5174EEC3] - 19/02/2012 - 12:49:52 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [705166]

O44 - LFC:[MD5.29780A5FD79700141F7117194BDF25C2] - 17/02/2012 - 16:43:56 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [301144]

O44 - LFC:[MD5.29780A5FD79700141F7117194BDF25C2] - 17/02/2012 - 16:43:56 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [301144]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/02/2012 - 22:04:50 ---A- . (...) -- C:\Windows\SysNative\HP_ActiveX_Patch_NOT_DETECTED.txt [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/02/2012 - 22:04:50 RSHAD . (...) -- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt [0]

~ Scan Files in 00mn 48s

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.dll

~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1

~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.55353CD0DA287B2C3782485740965B54] - 04/07/2011 - 12:32:14 RSHAD . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [22360]

O58 - SDL:[MD5.B38061CDEFB71361E0C7547AC60527E8] - 04/07/2011 - 12:32:24 RSHAD . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [64856]

O58 - SDL:[MD5.91E7ACA95933633B2557F47CDFDB74C3] - 04/07/2011 - 12:32:35 RSHAD . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [31064]

O58 - SDL:[MD5.2B15499F68FAD60CE69264A327E9B0F0] - 04/07/2011 - 12:36:56 RSHAD . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [600920]

O58 - SDL:[MD5.4D939ECB19DC930056593390D1C87C43] - 04/07/2011 - 12:36:54 RSHAD . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [288088]

O58 - SDL:[MD5.D633426C5A207CE21767569AA4946891] - 04/07/2011 - 12:35:28 RSHAD . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [45400]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 18/05/2009 - 13:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.1384872112E8E7FD5786ECEB8BDDF4C9] - 13/04/2010 - 08:44:22 RSHAD . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [540696]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.677AA5991026A65ADA128C4B59CF2BAD] - 25/08/2010 - 19:36:04 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys [10611552]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.07071C1E3CD8F0F9114AAC8B072CA1E5] - 29/04/2009 - 15:28:30 RSHAD . (.Windows ® Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\system32\drivers\KMWDFILTER.sys [30208]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.64428DFDAF6E88366CB51F45A79C5F69] - 10/06/2009 - 21:35:28 RSHAD . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\netw5v64.sys [5434368]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.4FBDA07EF0A3097CE14C5CABF723B278] - 23/03/2010 - 02:57:20 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [347680]

O58 - SDL:[MD5.B88E24BD77A0CE2CFFEE2FACF1151BE0] - 26/05/2010 - 02:15:34 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2374560]

O58 - SDL:[MD5.CD8F32BB993B98E6705F11504A7F7250] - 05/02/2010 - 04:06:00 RSHAD . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\system32\drivers\rtl8192se.sys [1093152]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.868DFB220A18312A12CEF01BA9AC069B] - 23/04/2010 - 02:17:40 RSHAD . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [318000]

O58 - SDL:[MD5.AA33FC47ED58C34E6E9261E4F850B7EB] - 10/05/2011 - 07:06:08 RSHAD . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.0C4540311E11664B245A263E1154CEF8] - 10/06/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL6.SYS [292864]

O58 - SDL:[MD5.18E40C245DBFAF36FD0134A7EF2DF396] - 10/06/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT6.SYS [740864]

O58 - SDL:[MD5.02071D207A9858FBE3A48CBFD59C4A04] - 10/06/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV6.SYS [1485312]

O58 - SDL:[MD5.B3EEACF62445E24FBB2CD4B0FB4DB026] - 10/06/2009 - 21:35:33 RSHAD . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk62x64.sys [389120]

~ Scan Drivers in 00mn 03s

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - 04/07/2011 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI RDR Driver.) - LEGACY_ASWRDR

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI

O64 - Services: CurCS - 28/05/2010 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\ENG64.sys (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG

O64 - Services: CurCS - 28/05/2010 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\EX64.sys (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 24/05/2010 - C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.sys (SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP

O64 - Services: CurCS - 24/05/2010 - C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.sys (SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX

~ Scan Services in 00mn 00s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com

O69 - SBI: SearchScopes [HKCU] {344633C7-C56B-43FE-93D0-F45753919258} - (Wikipedia) - Wikipédia, l'encyclopédie libre

O69 - SBI: SearchScopes [HKCU] {3DB4494E-131B-4378-97FE-D80D63F34F8D} - (Yahoo) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {3F366C64-CB93-40AD-BA33-10BADDEF4978} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {56256A51-B582-467e-B8D4-7786EDA79AE0} - (My Web Search) - MyWebSearch Home Page

O69 - SBI: SearchScopes [HKCU] {F32C9CE2-DF57-4E42-9622-17A352095307} - (Bing) - Bing

~ Scan Keys in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\system32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\system32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\system32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\system32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\system32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\system32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\system32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\system32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\system32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\system32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2420736]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\system32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\system32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\system32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\system32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\system32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\system32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\system32\bdesvc.dll [100864]

~ Scan Services in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.8461933B2236F2951A9630BBE488AA24] [sPRF][20/02/2012] (...) -- C:\Users\Aurélie\AppData\Local\Temp\0.326888957965338767f76.exe [251920]

[MD5.171F1BB73D0238A7A56126D3459ECDCD] [sPRF][15/10/2008] (...) -- C:\Users\Aurélie\AppData\Local\Temp\Extract.exe [50432]

[MD5.CE5163BBB95664F60FF557DABFB09835] [sPRF][14/01/2008] (.Hewlett-Packard Company - HPQ System Information.) -- C:\Users\Aurélie\AppData\Local\Temp\HPQSi.exe [69632]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][10/03/2011] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Aurélie\AppData\Local\Temp\jna6849761928852721565.dll [347258]

[MD5.A8D666FCE8EFD0788FA0DF14FB3491B4] [sPRF][10/02/2011] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Aurélie\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe [885536]

[MD5.A4354D5C44121304E5561B8449B7EE91] [sPRF][12/11/2010] (.Microsoft Corporation - Barre d'outils Bing.) -- C:\Users\Aurélie\AppData\Local\Temp\MSN3FD5.exe [469768]

[MD5.41CE07431D39FD3DAACA2DC3E0DA5DAD] [sPRF][07/03/2011] (.Secure Digital Services Limited - OfferBox Browser setup.) -- C:\Users\Aurélie\AppData\Local\Temp\OB.exe [1255424]

[MD5.3DE7C6D01B163FBBEDE001C3FEA49787] [sPRF][04/02/2011] (.Hewlett-Packard Company - Resource.) -- C:\Users\Aurélie\AppData\Local\Temp\Resource.exe [88120]

[MD5.ACD9603B1C81CBC5A3824861486E4FDA] [sPRF][27/02/2011] (.Skype Technologies S.A. - Skype.) -- C:\Users\Aurélie\AppData\Local\Temp\SkypeSetup.exe [18077576]

[MD5.EDD9A77AE6C84C0499CE042D10DA1445] [sPRF][26/11/2010] (.Hewlett-Packard - Pas de description.) -- C:\Users\Aurélie\AppData\Local\Temp\SP50843.exe [35845112]

[MD5.EDD9A77AE6C84C0499CE042D10DA1445] [sPRF][15/02/2011] (.Hewlett-Packard - Pas de description.) -- C:\Users\Aurélie\AppData\Local\Temp\sp50843.exe.exe [35845112]

[MD5.1538CC8EE9A3B2E02B0A40A291C128B5] [sPRF][12/08/2011] (.Hewlett-Packard - HP Bios Update UEFI.) -- C:\Users\Aurélie\AppData\Local\Temp\SP51327.exe [1173696]

[MD5.A03A9BC880957C8173DCD9411A8BE3D7] [sPRF][15/03/2011] (.Hewlett Packard Inc - HP Software Framework.) -- C:\Users\Aurélie\AppData\Local\Temp\SP51976.exe [4077456]

[MD5.D83D78FCBD283019B0196C08DC381B42] [sPRF][07/07/2011] (.Hewlett-Packard - HP System Diagnostics UEFI.) -- C:\Users\Aurélie\AppData\Local\Temp\SP52093.exe [1530904]

[MD5.27BCA7F55743101C6AC7D2C205DFE64E] [sPRF][16/09/2011] (.Hewlett-Packard - Pas de description.) -- C:\Users\Aurélie\AppData\Local\Temp\sp54373.exe [48461176]

[MD5.837B725A2A6818AB4F64475351233F69] [sPRF][16/09/2011] (...) -- C:\Users\Aurélie\AppData\Local\Temp\temp.bat [301]

[MD5.0980ED49BA5D6F1D108DDC67C5672689] [sPRF][21/06/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Aurélie\AppData\Local\Temp\UninstallHPSA.exe [449592]

[MD5.0980ED49BA5D6F1D108DDC67C5672689] [sPRF][21/06/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Aurélie\AppData\Local\Temp\UninstallHPTCA.exe [449592]

[MD5.40395C175553CB14D2050888EFCCDF00] [sPRF][13/05/2011] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Aurélie\AppData\Local\Temp\vcredist_x64.exe [4961800]

[MD5.A205551E7BA8580D2C0FF896A4D79FA9] [sPRF][31/08/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Aurélie\AppData\Local\Temp\_is8C59.exe [460248]

[MD5.91C72FB8035A33C00D18E987A780D0D2] [sPRF][06/11/2011] (.Apple Inc. - iTunes Installer.) -- C:\Users\Aurélie\Desktop\iTunes64Setup.exe [71733104]

[MD5.15F36FE896759EA58A5253D4E235C06B] [sPRF][06/11/2011] (.Apple Inc. - iTunes Installer.) -- C:\Users\Aurélie\Desktop\iTunesSetup.exe [69948784]

[MD5.C8CBD57CD0768C3DD69A2F54374CC778] [sPRF][21/02/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Aurélie\Desktop\ZHPDiag2.exe [3903203]

[MD5.93796C1DAD56B10786635C3C13AF26F3] [sPRF][21/02/2012] (.Nicolas Coolman - Zeb Help Process.) -- C:\Users\Aurélie\Desktop\ZHP_2.55.exe [15935908]

~ Scan Files in 00mn 08s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{73E9515E-478B-4375-AAA6-A6607FFED0B6}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe

O87 - FAEL: "{B71A83C5-C040-40A1-91DC-D1FFFFC2522B}" | In - Public - P6 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe

O87 - FAEL: "{1F1E6E67-C064-45FC-8496-C7C24F0ED362}" | In - Public - P17 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{90DF973D-8295-4611-A117-2084ACB40D30}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 9.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.exe

O87 - FAEL: "TCP Query User{4B1F1862-7D2F-4F3F-A132-3FAF0C283F2A}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Public - P6 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEvent

O87 - FAEL: "UDP Query User{0E4E93B4-856E-485C-808A-31130FFAD068}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Public - P17 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEven

O87 - FAEL: "TCP Query User{A3F48CB8-09FA-430B-B116-BF7119BC6ADE}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Private - P6 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEven

O87 - FAEL: "UDP Query User{9C4FF9D0-1819-4AB4-A102-27C55F565810}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Private - P17 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEve

O87 - FAEL: "TCP Query User{64FCBA3A-5AF0-44F1-8F5F-D87E7331062C}C:\program files (x86)\finaltorrent\finaltorrent.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\finaltorrent\finaltorrent.exe (.not file.)

O87 - FAEL: "UDP Query User{732B25D6-009C-4B84-9C55-0C70B43262D6}C:\program files (x86)\finaltorrent\finaltorrent.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\finaltorrent\finaltorrent.exe (.not file.)

O87 - FAEL: "TCP Query User{08E6A247-5654-4EFF-A58E-7E2F2E7B9836}C:\program files (x86)\limewire\limewire.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\limewire\limewire.exe (.not file.)

O87 - FAEL: "UDP Query User{73D55C93-C885-4FBF-8E70-5BD0EF2FF6E9}C:\program files (x86)\limewire\limewire.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\limewire\limewire.exe (.not file.)

O87 - FAEL: "{B2E76243-E15C-4A44-AB24-99871E8C9722}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "{253DE27D-77AE-4E80-8FFD-90496270FC44}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{D888CEFE-EF41-4811-88FD-38071EF89E1A}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{BF7BE1F3-F97E-425A-B57B-44D193836443}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{931D5087-9CED-4C6F-8D65-0961D719AB0A}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{5626B59F-A184-4B2D-8359-995D2165A34E}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

~ Scan Firewall in 00mn 03s

---\\ Scan Additionnel (O88)

Database Version : 9066 - (05/02/2012)

Clés trouvées (Keys found) : 24

Valeurs trouvées (Values found) : 1

Dossiers trouvés (Folders found) : 4

Fichiers trouvés (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] =>Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent

[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox

[HKLM\Software\WOW6432Node\freeze.com] =>Adware.BHO

[HKCU\Software\OfferBox] =>PUP.OfferBox

[HKLM\Software\WOW6432Node\OfferBox] =>PUP.OfferBox

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar

C:\Users\Aurélie\AppData\Roaming\OfferBox =>PUP.OfferBox

C:\Users\Aurélie\AppData\LocalLow\FunWebProducts =>Adware.MyWebSearch

C:\Users\Aurélie\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis

C:\Program Files (x86)\Ask.com =>Toolbar.AskBar

~ Scan Additionnel in 00mn 10s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Disabled 14/05/2009 759048 | ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

SS - | Disabled 18/11/2009 98208 | (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

SR - | Auto 09/10/2011 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SS - | Disabled 04/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

SS - | Disabled 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 14/09/2009 166400 | (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe

SR - | Auto 14/09/2009 128512 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe

SR - | Auto 30/12/1899 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe

SS - | Disabled 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

SR - | Auto 21/06/2011 85560 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

SR - | Auto 18/06/2010 103992 | (HP Wireless Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

SR - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

SS - | Disabled 27192 | (HPWMISVC) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

SR - | Demand 09/10/2011 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

SS - | Auto 23/05/2010 126904 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe

SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

SR - | Auto 19/04/2010 315392 | (RtVOsdService) . (.Realtek Semiconductor Corp..) - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 13s

End of the scan (1673 lines in 02mn 44s)(0)

Apollo · le 21 février 2012

Bonjour,,

Quand tu as des rapports de deux kilomètres, mieux vaut les héberger pour ne pas risquer de planter le sujet

Télécharge AdwCleaner par Xplode: Les Téléchargements - Outils de Xplode - AdwCleaner

Enregistre-le sur le bureau (et pas ailleurs).

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.

Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

Clique sur Suppression et laisse travailler l'outil.

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

Le rapport est en outre sauvegardé sous C:\AdwCleaner[s1]

-------------------------

@++

nicoferra · le 21 février 2012

Voici le rapport. Commznt fait on pour heberger les rapports ?

Merci à toi

# AdwCleaner v1.410 - Rapport créé le 21/02/2012 à 17:26:28

# Mis à jour le 20/02/2012 par Xplode

# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)

# Nom d'utilisateur : Aurélie - AURÉLIE-HP (Administrateur)

# Exécuté depuis : C:\Users\Aurélie\Desktop\adwcleaner.exe

# Option [Recherche]

***** [services] *****

***** [Fichiers / Dossiers] *****

Dossier Présent : C:\Users\Aurélie\AppData\Roaming\OfferBox

Dossier Présent : C:\Users\Aurélie\AppData\LocalLow\FunWebProducts

Dossier Présent : C:\Program Files (x86)\Ask.com

***** [Registre] *****

Clé Présente : HKCU\Software\Offerbox

Clé Présente : HKCU\Software\Surf Canyon

Clé Présente : HKLM\SOFTWARE\Offerbox

Clé Présente : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe

Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4

Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}

Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Registre (x64)] *****

Clé Présente : HKCU\Software\Offerbox

Clé Présente : HKCU\Software\Surf Canyon

Clé Présente : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe

Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}