Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Trojan résistant


Messages recommandés

Bonjour a tous,

 

Ce programme 'malwarebytes' me sort a repetition ce type de trojan ou cette cle infectée:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|51158 (Trojan.Agent) -> Données: C:\PROGRA~3\LOCALS~1\Temp\msaees.bat -> Suppression au redémarrage.

Qu il n arrive pas a supprimer par ailleurs, pourriez vous me venir en aide?

J'ai passer aussi trojanremover, aucun succes, different antivirus online:rien, malware trouve toujours cet element.

Dites moi si vous avez besoin d autres données ou log par exemple.

 

Merci par avance

Lien vers le commentaire
Partager sur d’autres sites

Bonjour,

 

Avant d'aller plus loin, faites cette vérification, svp:

 

Poste de travail->Outils ->Options des dossiers ->Affichage

Cocher "Afficher les dossiers cachés"

Décocher" Masquer les extension des fichiers dont le type est connu "ainsi que "Masquer les fichiers protégés du système d exploitation"

--> un message dit que cela peut endommager le système, ne pas en tenir compte, valider par oui.

Rendez vous à cette adresse:

Cliquez sur parcourir pour trouver ces fichiers

 

C:\PROGRA~3\LOCALS~1\Temp\msaees.ba

 

et cliquez sur "envoyer le fichier"

Copiez /collez la réponse dans votre prochain message.

Note: il peut arriver que le fichier ait déjà été analysé. Si c'est le cas, cliquez sur le bouton Reanalyse file now

 

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Double-cliquer sur ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

zhp0710.png

 

Sous XP, double clic sur l'icône ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

ZHPDiag.jpg

 

Cliquez sur le tournevis et choisissez Tous

En cas de blocage, sur 061 ou O80 par exemple, cliquez sur le tournevis pour le décocher

 

Clic sur la Loupe pour lancer le scan

Postez le rapport ZhpDiag.txt qui apparait sur le bureau

 

Comment poster les rapports

Copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution à privilégier pour un rapport lourd

Aller sur le site :Ci-Jointicne2cjoint.png

Appuyez sur Parcourir et chercher les rapports sur le disque,

Cliquer sur Ouvrir

Cliquer sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

Lien vers le commentaire
Partager sur d’autres sites

Je n arrive pas a trouver cette localisation: PROGRA~3 et LOCALS~1 dans cette ligne C:\PROGRA~3\LOCALS~1\Temp\msaees.bat. ;/

 

 

 

...en fait cela correspond il a C:\ProgramData\Local Settings\Temp? dans ce cas le dossier est vide

Modifié par pepechan
Lien vers le commentaire
Partager sur d’autres sites

Rapport de ZHPDiag v1.28.34 par Nicolas Coolman, Update du 06/03/2012

Run by ianick at 31/03/2012 12:26:17

Web site : ZHPDiag Outil de diagnostic

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

State : Nouvelle version disponible

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

OPIE: Opera v11.62

OPIE: Opera vv11.62

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : Absent (Not found)

Windows ID Activation : Inconnue (Unknown)

Windows Licence : Inconnue (Unknown)

Software Protection Service (Protection logicielle) : KO

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8159 MB (74% free)

System Restore: Activé (Enable)

System drive C: has 23 GB (32%) free of 69 GB

 

---\\ Logged in mode

~ Computer Name: IANICK-PC

~ User Name: ianick

~ All Users Names: UpdatusUser, ianick, HomeGroupUser$, Guest, Administrator,

~ Unselected Option: None

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\ianick\AppData\Roaming\

~ %Desktop% : C:\Users\ianick\Desktop\

~ %Favorites% : C:\Users\ianick\Favorites\

~ %LocalAppData% : C:\Users\ianick\AppData\Local\

~ %StartMenu% : C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 69 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 613 Go of 932 Go)

E:\ CD-ROM drive (Not Inserted)

I:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.B1AC85B6ADC005CF3F9EB4E28DFDCCE6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/12/2011 - 08:04:30.) -- C:\Windows\system32\wininet.dll [1390080]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.20/11/2010 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]

[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\drivers\rdpdr.sys [165888]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/29

~ Mes Videos (My Videos) : 1/6

~ Mes Favoris (My Favorites) : Non accessible (Not found)

~ Mes Documents (My Documents) : 2/801

~ Mon Bureau (My Desktop) : 1/28

~ Menu demarrer (Programs) : 7/33

~ Scan Hidden Files in 00mn 00s

 

 

 

---\\ Processus lancés

[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.1464]

[MD5.4405758C4569213F3CFAC20E495EDF4C] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [258512] [PID.3004]

[MD5.D4C073DB0B506852B35197069A1892C7] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe [949104] [PID.2116]

[MD5.B8F49232247D0825B2B82E08A9E10753] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [981680] [PID.4148]

[MD5.46AE705AC463F50AC714C8084A09A2A3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [2211328] [PID.4068]

[MD5.9E1222C417291BC836210743624A8E5E] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [381248] [PID.]

[MD5.27C9A4E1EF31C7A64DE8FBC0AA568503] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224] [PID.]

[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.]

[MD5.E491888D529410D7BD8FBBAD825795C8] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032] [PID.]

[MD5.E7859BA062DB5E23C6DD34AD66B09F50] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [326168] [PID.]

[MD5.7E22DE30E222BFDFCEC7E77032BAF3CD] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120] [PID.]

[MD5.E91F8AFBD7FB96C94B266579D6BFA77A] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2656280] [PID.]

~ Scan Processes Running in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Les tueurs de chars :: Escadrille virtuelle sur DCSA 10 et Ka50

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 1

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Easy Photo Print [64Bits] - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Easy Photo Print [64Bits] - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

~ Scan Toolbar in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

O4 - HKLM\..\Run: [ProfilerU] . (.Saitek - Saitek SST Profile Launcher.) -- C:\Program Files\Saitek\SD6\Software\ProfilerU.exe

O4 - HKLM\..\Run: [saiMfd] . (.Saitek - Saitek MFD File System Driver.) -- C:\Program Files\Saitek\SD6\Software\SaiMfd.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [TrojanScanner] . (.Simply Super Software - Trojan Scanner.) -- C:\Program Files (x86)\Trojan Remover\Trjscan.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\policies\Explorer\Run: [51158] C:\PROGRA~3\LOCALS~1\Temp\msaees.bat (.not file.)

O4 - HKUS\S-1-5-21-1413474751-2073566379-3662516970-1004-1413474751-2073566379-3662516970-1001\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\CDDSExplorer.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\TimeAdjuster.lnk . (...) -- C:\Program Files (x86)\TimeAdjuster\time_adjuster.exe

O4 - Global Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O4 - Global Startup: C:\Users\ianick\Desktop\Adobe Premiere Pro - Raccourci.lnk . (...) -- D:\Program Files (x86)\Adobe\Adobe Premiere Pro CS3\Adobe Premiere Pro.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.) -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe

O4 - Global Startup: C:\Users\ianick\Desktop\AVSVideoConverter - Raccourci.lnk . (.Online Media Technologies Ltd..) -- C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe

O4 - Global Startup: C:\Users\ianick\Desktop\CDDSExplorer.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Computer - Shortcut.lnk - Clé orpheline

O4 - Global Startup: C:\Users\ianick\Desktop\DarknessII - Raccourci.lnk . (.Digital Extremes.) -- D:\darkness\The Darkness II\DarknessII.exe

O4 - Global Startup: C:\Users\ianick\Desktop\DCS A-10C - Raccourci.lnk . (...) -- C:\dcs-a10c-warthog\DCS A-10C

O4 - Global Startup: C:\Users\ianick\Desktop\DCS Black Shark 2 - Raccourci.lnk . (...) -- D:\black shark 2 rep\DCS Black Shark 2

O4 - Global Startup: C:\Users\ianick\Desktop\Documents - Shortcut.lnk . (...) -- C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms

O4 - Global Startup: C:\Users\ianick\Desktop\Editeur De Profil.lnk . (.Saitek.) -- C:\Windows\Installer\{4042812A-E4A4-47D2-8953-B3930CC89539}\ProfileEditor.exe

O4 - Global Startup: C:\Users\ianick\Desktop\films - Raccourci.lnk . (...) -- D:\films

O4 - Global Startup: C:\Users\ianick\Desktop\Fraps.lnk . (.Beepa P/L.) -- C:\Fraps\fraps.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Free PDF to Word Converterr.lnk . (.Free-PDF-to-Word.com.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe

O4 - Global Startup: C:\Users\ianick\Desktop\MassEffect3 - Raccourci.lnk . (.BioWare.) -- D:\me3\Binaries\Win32\MassEffect3.exe

O4 - Global Startup: C:\Users\ianick\Desktop\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\ianick\Desktop\mplayerc - Raccourci.lnk . (.Gabest.) -- C:\Users\ianick\Documents\mplayerc.exe

O4 - Global Startup: C:\Users\ianick\Desktop\photos - Raccourci.lnk . (...) -- D:\photos

O4 - Global Startup: C:\Users\ianick\Desktop\Profiler.lnk . (.Saitek.) -- C:\Windows\Installer\{4042812A-E4A4-47D2-8953-B3930CC89539}\Profiler.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Tacview 1.0.lnk . (.Stra Software.) -- C:\Program Files (x86)\Stra Software\Tacview 1.0\Tacview.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Tacview 1.1.1.lnk . (.Stra Software.) -- C:\Program Files (x86)\Stra Software\Tacview 1.1.1\Tacview.exe

O4 - Global Startup: C:\Users\ianick\Desktop\TimeAdjuster.lnk . (...) -- C:\Program Files (x86)\TimeAdjuster\time_adjuster.exe

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free PDF to Word Converter.lnk . (.Free-PDF-to-Word.com.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xport to Microsoft Excel - (.not file.) - C:\Program Files\MICROS~1\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{172C4B04-A154-47C6-89D0-889724917966}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CCS\Services\Tcpip\..\{74EE54C2-B679-4892-AE43-BA0785D4E879}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{172C4B04-A154-47C6-89D0-889724917966}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{74EE54C2-B679-4892-AE43-BA0785D4E879}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{172C4B04-A154-47C6-89D0-889724917966}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{74EE54C2-B679-4892-AE43-BA0785D4E879}: DhcpNameServer = 212.27.40.241 212.27.40.240

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe

O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe

O23 - Service: ForceWare Intelligent Application Manage (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 285.6.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Intel® Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (PDBoot.exe) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job

[MD5.0D4C486A24A711A45FD83ACDF4D18506] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[MD5.00000000000000000000000000000000] [APT] [{1703209F-DBDC-4F21-8577-2D29DBAD98D2}] (...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\Redist\vcredist_x86.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{8BDB5BEE-F30C-4751-B8DE-E9F521B26644}] (...) -- C:\Users\ianick\Documents\vcredist_x64.exe (.not file.)

[MD5.67384147DD005E54D2C0A20408E28579] [APT] [{9139E61C-415E-438B-B68D-F54343046215}] (.Valve Corporation.) -- C:\Program Files (x86)\Steam\steam.exe

[MD5.00000000000000000000000000000000] [APT] [{9B45FC8A-CB2B-43C8-8E53-DC06AB642F4D}] (...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{EBC86DA3-D57B-4256-AFC8-75CCA4C8CE0A}] (...) -- F:\FreeTrack_V2.2.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{F1D2633F-6D93-4C69-AE3B-26D325D1E2BB}] (...) -- C:\Users\ianick\Documents\epson326207eu.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{FF256623-1A13-4382-9F70-EB957243F2A0}] (...) -- D:\Games\Battlefield 3T\__Installer\vc\vc2008sp1\redist\vcredist_x64.exe (.not file.)

~ Scan Scheduled Task in 00mn 00s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\Windows\system32\DRIVERS\avkmgr.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\system32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

O41 - Driver: C:\Windows\system32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: AVS Video Converter 8 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1

O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1

O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}

O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}

O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}

O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

O42 - Logiciel: Adobe Flash Player 11 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}

O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {04AF207D-9A77-465A-8B76-991F6AB66245}

O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078}

O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_32fdd767b4383606e8168e834af5d90

O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}

O42 - Logiciel: Adobe Premiere Pro CS3 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {50F102CA-4BE2-41A9-9810-5BB05EB91B9A}

O42 - Logiciel: Adobe Premiere Pro CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {485ACF57-F364-440A-8496-E1E81C8FA1AA}

O42 - Logiciel: Adobe Reader X (10.1.2) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {BB81360F-041C-4CF7-B15E-71380D154244}

O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}

O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}

O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {0224CACC-994D-45F8-B973-D65056EA9C2F}

O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1}

O42 - Logiciel: Audacity 1.3.14 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1

O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: BitTornado 0.3.17 - (.John Hoffman.) [HKLM] -- BitTornado

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: ControlCenter - (.MSI.) [HKLM] -- {698B7D8B-0F43-4A19-8B9B-47F1EFEB858F}_is1

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: DCS A-10C - (.Pas de propriétaire.) [HKLM] -- DCS A-10C_is1

O42 - Logiciel: DCS Black Shark - (.Pas de propriétaire.) [HKLM] -- DCS Black Shark

O42 - Logiciel: DCS Black Shark 2 - (.Pas de propriétaire.) [HKLM] -- DCS KA-50_is1

O42 - Logiciel: EPSON SX218 Series Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON SX218 Series Manual

O42 - Logiciel: EPSON SX218 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX218 Series

O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner

O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {39F58DDB-B2B8-4B86-AF20-4706A80EB30D}

O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}

O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {03B8AA32-F23C-4178-B8E6-09ECD07EAA47}

O42 - Logiciel: Fraps (remove only) - (.Pas de propriétaire.) [HKLM] -- Fraps

O42 - Logiciel: Free PDF to Word Converter 1.5 - (.Free-PDF-to-Word.com.) [HKLM] -- Free PDF to Word Converter_is1

O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}

O42 - Logiciel: Java 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216029FF}

O42 - Logiciel: Java 6 Update 31 (64-bit) - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416031FF}

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Malwarebytes Anti-Malware version 1.60.1.1000 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {86A4C6D9-29EE-4719-AFA1-BA3341862B83}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {1FDA5A37-B22D-43FF-B582-B8964050DC13}

O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0409-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0116-0409-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {EE936C7A-EA40-31D5-9B65-8E3E089C3828}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM] -- {820B6609-4C97-3A2B-B644-573B06A0F0CC}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

O42 - Logiciel: Mises à jour NVIDIA 1.5.20 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update

O42 - Logiciel: ModMan 7.3.0.0 - (.C6.) [HKLM] -- ModMan

O42 - Logiciel: Mumble 1.2.3 - (.Thorvald Natvig.) [HKLM] -- {E1019541-10A2-464F-A23E-A4F23DA65160}

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}

O42 - Logiciel: NVIDIA Logiciel système PhysX 9.11.0621 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}

O42 - Logiciel: NVIDIA Pilote 3D Vision 285.62 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision

O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.24.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver

O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 285.62 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB

O42 - Logiciel: NVIDIA Pilote graphique 285.62 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo

O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++

O42 - Logiciel: Opera 11.62 - (.Opera Software ASA.) [HKLM] -- Opera 11.62.1347

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PerfectDisk 12 Professional - (.Raxco Software Inc..) [HKLM] -- {A3D5B54A-9792-404F-AE8B-BDA961EBA58E}

O42 - Logiciel: PunkBuster Services - (.Pas de propriétaire.) [HKLM] -- PunkBusterSvc

O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}

O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- {5442DAB8-7177-49E1-8B22-09A049EA5996}

O42 - Logiciel: Sar Updater 1.1 - (.N1bus-Experiences.) [HKLM] -- {C39EB3BE-AC00-411B-B6F1-44EF4F7036BC}_is1

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{797AE457-BA17-4BBC-B501-25FB3A0103C7}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB960003) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F04F8702-18D0-458D-921E-146FB7CD38CF}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB959997) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9EAC3AEC-5C81-4856-A05B-DE9DC236D740}

O42 - Logiciel: Security Update for Microsoft Office OneNote 2007 (KB950130) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB951338) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{558B709B-821B-4FC5-90FC-9A8890641E77}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB950114) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB956358) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4551666D-0FD6-4C69-8A81-1C6F2E64517C}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5F7F6FFF-395D-480E-8450-64F385D82C5F}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB956828) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{885E081B-72BD-4E76-8E98-30B4BE468FAC}

O42 - Logiciel: Skype 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}

O42 - Logiciel: Smart Technology Programming Software 7.0.2.7 - (.Mad Catz.) [HKLM] -- {4042812A-E4A4-47D2-8953-B3930CC89539}

O42 - Logiciel: SoulSeek 157 NS 13e - (.Pas de propriétaire.) [HKLM] -- Soulseek2

O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}

O42 - Logiciel: TARS - (.TARS.) [HKLM] -- {674DA4F6-9418-4C4D-B3B0-7A9AAE3F1B93}

O42 - Logiciel: Tacview 1.0 - (.Stra Software.) [HKLM] -- {C5BE0D64-13C7-43BA-9964-5202572A646E}

O42 - Logiciel: Tacview 1.1.1 - (.Stra Software.) [HKLM] -- {15D4CBB9-EF84-4BC7-9AA4-DE1FFDFB3D49}

O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client

O42 - Logiciel: The Darkness II - (.Pas de propriétaire.) [HKLM] -- The Darkness II_is1

O42 - Logiciel: Time Adjuster STANDARD 3.1 - (.IrekSoftware.com.) [HKCU] -- TimeAdjuster

O42 - Logiciel: TortoiseSVN 1.7.3.22386 (64 bit) - (.TortoiseSVN.) [HKLM] -- {7095F86C-BB1A-4254-96A0-7C63A1F8D403}

O42 - Logiciel: TrackIR5 - (.Pas de propriétaire.) [HKLM] -- {F3CA05B7-B4C0-4C9B-AAA6-16B868B35DF2}

O42 - Logiciel: Trojan Remover 6.8.3 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1

O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM] -- {888F1505-C2B3-4FDE-835D-36353EBD4754}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{91E130AA-C37F-42D8-9D5D-397B3416A7F2}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB952142) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4AD3A076-427C-491F-A5B7-7D1DE788A756}

O42 - Logiciel: Update for Microsoft Script Editor Help (KB957253) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{F21BF703-548C-47B2-B92A-6876E9566C42}

O42 - Logiciel: Update for Office 2007 (KB932080) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EDC9CA29-6BC1-471C-828C-7A36109005D7}

O42 - Logiciel: Update for Office 2007 (KB934391) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B3091818-7C56-4C45-BE7D-CA23027A5EA5}

O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}

O42 - Logiciel: Xfire (remove only) - (.Pas de propriétaire.) [HKLM] -- Xfire

O42 - Logiciel: dBpoweramp Music Converter - (.Illustrate.) [HKLM] -- dBpoweramp Music Converter

O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Illustrate.) [HKLM] -- dBpoweramp Ogg Vorbis Codec

O42 - Logiciel: marvell 91xx driver - (.Marvell.) [HKLM] -- MagniDriver

O42 - Logiciel: x64 Components v3.3.6 - (.Shark007.) [HKLM] -- x64 Components_is1

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ABBYY]

[HKCU\Software\AMD]

[HKCU\Software\ATI]

[HKCU\Software\AVAST Software]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Audacity]

[HKCU\Software\Avira]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\DT Soft]

[HKCU\Software\EPSON]

[HKCU\Software\Eagle Dynamics]

[HKCU\Software\Fraps3]

[HKCU\Software\Freetrack]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GameSpy]

[HKCU\Software\IGearSettings]

[HKCU\Software\Illustrate]

[HKCU\Software\InstallCore]

[HKCU\Software\IrekZielinskiSoft]

[HKCU\Software\JavaSoft]

[HKCU\Software\LAV64]

[HKCU\Software\LAV]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept (Adobe2)]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Minnetonka Audio Software]

[HKCU\Software\Mozilla]

[HKCU\Software\Mumble]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\NaturalPoint]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Opera Software]

[HKCU\Software\PDFCreator]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Raxco]

[HKCU\Software\Realtek]

[HKCU\Software\SCC]

[HKCU\Software\Saitek]

[HKCU\Software\Simply Super Software]

[HKCU\Software\Skype]

[HKCU\Software\SoulSeek]

[HKCU\Software\Soulseek2]

[HKCU\Software\SpoonInstall]

[HKCU\Software\Stra Software]

[HKCU\Software\SweetIM]

[HKCU\Software\Sysinternals]

[HKCU\Software\TCP Optimizer]

[HKCU\Software\TeamSpeak 3 Client]

[HKCU\Software\TortoiseSVN]

[HKCU\Software\Trolltech]

[HKCU\Software\Ubisoft]

[HKCU\Software\Valve]

[HKCU\Software\Volition]

[HKCU\Software\Wget]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\Xfire]

[HKLM\Software\ABBYY]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\AMD]

[HKLM\Software\AMI]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVAST Software]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Avira]

[HKLM\Software\Babylon]

[HKLM\Software\BioWare]

[HKLM\Software\CLSYSTEM]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\DT Soft]

[HKLM\Software\DTS]

[HKLM\Software\Dolby]

[HKLM\Software\EPSON]

[HKLM\Software\Eagle Dynamics]

[HKLM\Software\GNU]

[HKLM\Software\Gabest]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\IObit]

[HKLM\Software\Illustrate]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\Knowles]

[HKLM\Software\Licenses]

[HKLM\Software\MSI]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Marvell]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NaturalPoint]

[HKLM\Software\Netscape]

[HKLM\Software\Ntpad]

[HKLM\Software\ODBC]

[HKLM\Software\Opera Software]

[HKLM\Software\PDFCreator]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\Rainbow Technologies]

[HKLM\Software\Raxco]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SEIKO EPSON CORPORATION]

[HKLM\Software\SRS Labs]

[HKLM\Software\Saitek]

[HKLM\Software\Simply Super Software]

[HKLM\Software\Skype]

[HKLM\Software\SonicFocus]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Swearware]

[HKLM\Software\SweetIM]

[HKLM\Software\TARS]

[HKLM\Software\TortoiseOverlays]

[HKLM\Software\TortoiseSVN]

[HKLM\Software\Ubisoft]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volition]

[HKLM\Software\Waves Audio]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

[HKLM\Software\X-AVCSD]

[HKLM\Software\swearware]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 13/03/2011 - 15:52:10 - [0] ----D- C:\Program Files\AVAST Software

O43 - CFD: 29/03/2012 - 21:27:12 - [8,854] ----D- C:\Program Files\CCleaner

O43 - CFD: 31/03/2012 - 11:05:24 - [77,540] ----D- C:\Program Files\Common Files

O43 - CFD: 17/03/2011 - 18:50:54 - [86,144] ----D- C:\Program Files\DVD Maker

O43 - CFD: 19/05/2011 - 18:52:06 - [0,352] ----D- C:\Program Files\Epson Software

O43 - CFD: 15/02/2012 - 09:19:40 - [5,915] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 31/03/2012 - 10:52:58 - [98,537] ----D- C:\Program Files\Java

O43 - CFD: 14/07/2009 - 09:46:54 - [142,848] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 03/04/2011 - 20:41:48 - [0,567] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 07:32:40 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 26/10/2011 - 15:10:12 - [788,173] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 26/08/2011 - 20:05:00 - [40,370] ----D- C:\Program Files\Raxco

O43 - CFD: 13/03/2011 - 16:06:32 - [33,264] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [35,109] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 28/10/2011 - 23:06:28 - [64,346] ----D- C:\Program Files\Saitek

O43 - CFD: 30/12/2011 - 18:04:32 - [48,551] ----D- C:\Program Files\Shark007

O43 - CFD: 17/02/2012 - 17:59:32 - [58,301] ----D- C:\Program Files\TeamSpeak 3 Client

O43 - CFD: 21/12/2011 - 00:52:00 - [24,901] ----D- C:\Program Files\TortoiseSVN

O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 17/03/2011 - 18:50:52 - [3,945] ----D- C:\Program Files\Windows Defender

O43 - CFD: 17/03/2011 - 18:50:52 - [8,901] ----D- C:\Program Files\Windows Journal

O43 - CFD: 17/03/2011 - 18:50:54 - [6,858] ----D- C:\Program Files\Windows Mail

O43 - CFD: 17/03/2011 - 18:50:52 - [7,459] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [12,100] ----D- C:\Program Files\Windows NT

O43 - CFD: 17/03/2011 - 18:50:52 - [5,298] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 17/03/2011 - 18:50:52 - [0,233] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 17/03/2011 - 18:50:54 - [7,606] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 13/03/2011 - 16:05:26 - [4,315] ----D- C:\Program Files\WinRAR

O43 - CFD: 19/05/2011 - 19:05:40 - [0,281] ----D- C:\Program Files\Common Files\EPSON

O43 - CFD: 19/12/2011 - 17:55:10 - [55,078] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 26/08/2011 - 20:05:00 - [6,712] ----D- C:\Program Files\Common Files\Raxco

O43 - CFD: 14/07/2009 - 05:20:10 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [0,583] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 09/11/2011 - 18:43:34 - [11,890] ----D- C:\Program Files\Common Files\System

O43 - CFD: 21/12/2011 - 00:51:58 - [2,993] ----D- C:\Program Files\Common Files\TortoiseOverlays

O43 - CFD: 21/08/2011 - 19:11:42 - [0,058] ----D- C:\ProgramData\ABBYY

O43 - CFD: 23/06/2011 - 19:35:22 - [0,000] ----D- C:\ProgramData\Adobe

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 31/03/2012 - 09:28:54 - [0] ----D- C:\ProgramData\AVAST Software

O43 - CFD: 31/03/2012 - 09:32:14 - [28,912] ----D- C:\ProgramData\Avira

O43 - CFD: 26/07/2011 - 16:15:00 - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 20/11/2011 - 19:20:24 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 22/03/2012 - 20:21:04 - [0,000] --H-D- C:\ProgramData\Common Files

O43 - CFD: 25/03/2011 - 23:35:58 - [0,001] ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 17/09/2011 - 18:50:22 - [3,015] ----D- C:\ProgramData\Downloaded Installations

O43 - CFD: 19/05/2011 - 19:05:40 - [8,124] ----D- C:\ProgramData\EPSON

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 01/12/2006 - 20:46:44 - [0,018] ----D- C:\ProgramData\FLEXnet

O43 - CFD: 20/08/2011 - 15:09:58 - [0,007] ----D- C:\ProgramData\IObit

O43 - CFD: 23/03/2012 - 21:19:08 - [0] ----D- C:\ProgramData\Local Settings

O43 - CFD: 13/03/2011 - 23:10:32 - [16,548] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 24/09/2011 - 19:21:38 - [250,058] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 31/03/2012 - 11:32:48 - [0,143] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 01/01/2012 - 00:19:50 - [0] ----D- C:\ProgramData\Minnetonka Audio Software

O43 - CFD: 31/03/2012 - 11:10:48 - [2,658] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 26/10/2011 - 15:09:08 - [0,913] ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 26/08/2011 - 20:05:02 - [2,207] ----D- C:\ProgramData\Raxco

O43 - CFD: 28/10/2011 - 23:06:30 - [0,500] ----D- C:\ProgramData\Saitek

O43 - CFD: 30/12/2011 - 18:05:08 - [0,002] ----D- C:\ProgramData\Shark007

O43 - CFD: 31/03/2012 - 08:53:52 - [7,411] ----D- C:\ProgramData\Simply Super Software

O43 - CFD: 12/12/2011 - 01:08:08 - [17,984] ----D- C:\ProgramData\Skype

O43 - CFD: 10/09/2011 - 10:26:20 - [0,125] ----D- C:\ProgramData\Soulseek

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 20/11/2011 - 12:25:36 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 31/03/2012 - 09:04:02 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 04/12/2011 - 12:41:48 - [0] ----D- C:\ProgramData\Ubisoft

O43 - CFD: 19/05/2011 - 18:53:06 - [0,003] ----D- C:\ProgramData\UDL

O43 - CFD: 30/10/2011 - 10:48:00 - [3,494] ----D- C:\ProgramData\Xfire

O43 - CFD: 08/01/2012 - 20:17:26 - [0,116] ----D- C:\Users\ianick\AppData\Roaming\.BitTornado

O43 - CFD: 25/02/2012 - 21:11:10 - [0] ----D- C:\Users\ianick\AppData\Roaming\AccurateRip

O43 - CFD: 01/12/2006 - 20:49:44 - [6,689] ----D- C:\Users\ianick\AppData\Roaming\Adobe

O43 - CFD: 13/03/2011 - 15:55:42 - [0] ----D- C:\Users\ianick\AppData\Roaming\ATI

O43 - CFD: 24/03/2012 - 12:39:26 - [0,001] ----D- C:\Users\ianick\AppData\Roaming\Audacity

O43 - CFD: 31/03/2012 - 09:49:46 - [0] ----D- C:\Users\ianick\AppData\Roaming\Avira

O43 - CFD: 26/07/2011 - 16:15:00 - [0,002] ----D- C:\Users\ianick\AppData\Roaming\AVS4YOU

O43 - CFD: 20/11/2011 - 19:20:24 - [0,005] ----D- C:\Users\ianick\AppData\Roaming\Babylon

O43 - CFD: 10/03/2012 - 01:33:36 - [0] ----D- C:\Users\ianick\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 19/02/2012 - 00:11:52 - [0,025] ----D- C:\Users\ianick\AppData\Roaming\DarknessII

O43 - CFD: 24/06/2011 - 19:01:48 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\Day 1 Studios

O43 - CFD: 03/11/2011 - 11:02:02 - [0,050] ----D- C:\Users\ianick\AppData\Roaming\Dropbox

O43 - CFD: 29/08/2011 - 20:27:02 - [0] ----D- C:\Users\ianick\AppData\Roaming\dvdcss

O43 - CFD: 19/05/2011 - 18:18:36 - [0,007] ----D- C:\Users\ianick\AppData\Roaming\Epson

O43 - CFD: 23/03/2012 - 21:19:36 - [1,860] ----D- C:\Users\ianick\AppData\Roaming\gizza

O43 - CFD: 24/03/2012 - 12:01:22 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\gtk-2.0

O43 - CFD: 13/03/2011 - 15:12:32 - [0] ----D- C:\Users\ianick\AppData\Roaming\Identities

O43 - CFD: 19/05/2011 - 18:31:10 - [0] ----D- C:\Users\ianick\AppData\Roaming\InstallShield

O43 - CFD: 20/08/2011 - 15:13:12 - [0,251] ----D- C:\Users\ianick\AppData\Roaming\IObit

O43 - CFD: 13/03/2011 - 15:59:30 - [0,001] ----D- C:\Users\ianick\AppData\Roaming\Macromedia

O43 - CFD: 13/03/2011 - 23:12:48 - [0,059] ----D- C:\Users\ianick\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 09:45:16 - [0] ----D- C:\Users\ianick\AppData\Roaming\Media Center Programs

O43 - CFD: 28/01/2012 - 12:06:06 - [0] ----D- C:\Users\ianick\AppData\Roaming\Media Player Classic

O43 - CFD: 22/03/2012 - 20:18:02 - [3,110] -S--D- C:\Users\ianick\AppData\Roaming\Microsoft

O43 - CFD: 26/02/2012 - 10:44:38 - [0,113] ----D- C:\Users\ianick\AppData\Roaming\Mumble

O43 - CFD: 18/12/2011 - 14:13:34 - [0,242] ----D- C:\Users\ianick\AppData\Roaming\Notepad++

O43 - CFD: 06/10/2011 - 18:33:24 - [2,249] ----D- C:\Users\ianick\AppData\Roaming\NVIDIA

O43 - CFD: 22/03/2012 - 20:20:56 - [14,358] ----D- C:\Users\ianick\AppData\Roaming\OpenCandy

O43 - CFD: 13/03/2011 - 15:15:16 - [1,766] ----D- C:\Users\ianick\AppData\Roaming\Opera

O43 - CFD: 22/03/2012 - 20:20:56 - [0,002] ----D- C:\Users\ianick\AppData\Roaming\pdfforge

O43 - CFD: 10/04/2011 - 00:37:28 - [0,797] ----D- C:\Users\ianick\AppData\Roaming\PunkBuster

O43 - CFD: 30/12/2011 - 18:04:32 - [0,001] ----D- C:\Users\ianick\AppData\Roaming\Shark007

O43 - CFD: 31/03/2012 - 08:53:52 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\Simply Super Software

O43 - CFD: 21/03/2012 - 22:59:42 - [1,486] ----D- C:\Users\ianick\AppData\Roaming\Skype

O43 - CFD: 21/12/2011 - 00:52:28 - [0,018] ----D- C:\Users\ianick\AppData\Roaming\Subversion

O43 - CFD: 30/03/2012 - 18:32:48 - [3,076] ----D- C:\Users\ianick\AppData\Roaming\TS3Client

O43 - CFD: 29/01/2012 - 15:12:20 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\ts3overlay

O43 - CFD: 01/12/2006 - 23:20:32 - [1,425] ----D- C:\Users\ianick\AppData\Roaming\vlc

O43 - CFD: 13/03/2011 - 16:05:34 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\WinRAR

O43 - CFD: 19/11/2011 - 15:48:32 - [0,003] ----D- C:\Users\ianick\AppData\Roaming\Xfire

O43 - CFD: 05/04/2011 - 19:03:48 - [0,004] ----D- C:\Users\ianick\AppData\Local\3DMGAME

O43 - CFD: 19/05/2011 - 18:00:02 - [0] ----D- C:\Users\ianick\AppData\Local\ABBYY

O43 - CFD: 13/03/2011 - 17:42:52 - [0] ----D- C:\Users\ianick\AppData\Local\Activision

O43 - CFD: 01/01/2012 - 13:57:06 - [15,122] ----D- C:\Users\ianick\AppData\Local\Adobe

O43 - CFD: 11/06/2011 - 21:44:22 - [0,190] ----D- C:\Users\ianick\AppData\Local\ALI213

O43 - CFD: 13/03/2011 - 15:12:18 - [0] -SH-D- C:\Users\ianick\AppData\Local\Application Data

O43 - CFD: 13/03/2011 - 15:55:42 - [0,069] ----D- C:\Users\ianick\AppData\Local\ATI

O43 - CFD: 20/11/2011 - 19:20:24 - [3,668] ----D- C:\Users\ianick\AppData\Local\Babylon

O43 - CFD: 25/04/2011 - 17:13:54 - [0] ----D- C:\Users\ianick\AppData\Local\Diagnostics

O43 - CFD: 20/06/2011 - 15:19:32 - [0] ----D- C:\Users\ianick\AppData\Local\ElevatedDiagnostics

O43 - CFD: 13/03/2011 - 15:12:18 - [0] -SH-D- C:\Users\ianick\AppData\Local\History

O43 - CFD: 31/10/2011 - 13:48:02 - [39,587] ----D- C:\Users\ianick\AppData\Local\Microsoft

O43 - CFD: 14/06/2011 - 17:34:04 - [0,152] ----D- C:\Users\ianick\AppData\Local\Microsoft Games

O43 - CFD: 03/04/2011 - 20:41:18 - [0] ----D- C:\Users\ianick\AppData\Local\Microsoft Help

O43 - CFD: 13/03/2011 - 15:15:16 - [50,868] ----D- C:\Users\ianick\AppData\Local\Opera

O43 - CFD: 14/10/2011 - 17:52:58 - [0,001] ----D- C:\Users\ianick\AppData\Local\RAGELauncher

O43 - CFD: 03/03/2012 - 10:23:54 - [1,268] ----D- C:\Users\ianick\AppData\Local\SKIDROW

O43 - CFD: 29/01/2012 - 15:44:46 - [0,001] ----D- C:\Users\ianick\AppData\Local\TARS

O43 - CFD: 31/03/2012 - 12:25:00 - [0,589] ----D- C:\Users\ianick\AppData\Local\Temp

O43 - CFD: 13/03/2011 - 15:12:18 - [0] -SH-D- C:\Users\ianick\AppData\Local\Temporary Internet Files

O43 - CFD: 31/03/2012 - 11:11:30 - [0] ----D- C:\Users\ianick\AppData\Local\TSVNCache

O43 - CFD: 04/12/2011 - 13:54:02 - [0,000] ----D- C:\Users\ianick\AppData\Local\Ubisoft Game Launcher

O43 - CFD: 13/03/2011 - 15:12:26 - [0] ----D- C:\Users\ianick\AppData\Local\VirtualStore

O43 - CFD: 31/12/2011 - 20:10:32 - [0] ----D- C:\Users\ianick\AppData\Local\WMTools Downloaded Files

O43 - CFD: 01/12/2006 - 20:45:02 - [176,181] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 24/03/2012 - 12:28:46 - [40,720] ----D- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)

O43 - CFD: 31/03/2012 - 09:32:14 - [169,875] ----D- C:\Program Files (x86)\Avira

O43 - CFD: 26/07/2011 - 16:30:38 - [62,927] ----D- C:\Program Files (x86)\AVS4YOU

O43 - CFD: 11/05/2011 - 09:19:12 - [16,333] ----D- C:\Program Files (x86)\BitTornado

O43 - CFD: 01/12/2006 - 20:44:44 - [0,309] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 18/08/2011 - 21:20:58 - [0] ----D- C:\Program Files (x86)\Codemasters

O43 - CFD: 31/03/2012 - 11:05:24 - [686,952] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 25/03/2011 - 23:37:56 - [16,359] ----D- C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 25/03/2011 - 23:42:48 - [0] ----D- C:\Program Files (x86)\Electronic Arts

O43 - CFD: 19/05/2011 - 18:51:32 - [14,375] ----D- C:\Program Files (x86)\epson

O43 - CFD: 19/05/2011 - 18:52:28 - [160,427] ----D- C:\Program Files (x86)\Epson Software

O43 - CFD: 19/05/2011 - 16:56:26 - [1,447] ----D- C:\Program Files (x86)\Free PDF to Word Converter

O43 - CFD: 28/01/2012 - 20:15:26 - [107,900] ----D- C:\Program Files (x86)\GIMP-2.0

O43 - CFD: 25/02/2012 - 21:11:08 - [16,866] ----D- C:\Program Files (x86)\Illustrate

O43 - CFD: 26/12/2011 - 22:49:20 - [39,251] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 17/09/2011 - 18:50:06 - [9,003] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 31/03/2012 - 08:58:38 - [4,915] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 20/11/2011 - 12:25:20 - [84,496] ----D- C:\Program Files (x86)\Java

O43 - CFD: 04/02/2012 - 00:21:14 - [11,464] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 17/09/2011 - 18:47:46 - [0,746] ----D- C:\Program Files (x86)\Marvell

O43 - CFD: 30/04/2011 - 10:21:42 - [8,905] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

O43 - CFD: 03/04/2011 - 20:43:04 - [284,361] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 25/04/2011 - 16:03:06 - [7,789] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 31/10/2011 - 13:47:40 - [8,904] ----D- C:\Program Files (x86)\Movie Maker 2.6

O43 - CFD: 14/07/2009 - 07:32:40 - [0,025] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 24/12/2011 - 13:31:46 - [75,023] ----D- C:\Program Files (x86)\MSI

O43 - CFD: 20/08/2011 - 12:36:12 - [31,043] ----D- C:\Program Files (x86)\Mumble

O43 - CFD: 21/06/2011 - 18:35:26 - [24,518] ----D- C:\Program Files (x86)\N1bus Softwares

O43 - CFD: 18/12/2011 - 14:13:26 - [10,911] ----D- C:\Program Files (x86)\Notepad++

O43 - CFD: 26/10/2011 - 15:10:30 - [125,471] ----D- C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 28/03/2012 - 22:15:26 - [34,180] ----D- C:\Program Files (x86)\Opera

O43 - CFD: 22/03/2012 - 20:21:10 - [34,641] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 26/08/2011 - 20:04:24 - [275,952] ----D- C:\Program Files (x86)\Raxco

O43 - CFD: 24/12/2011 - 13:21:00 - [5,886] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [37,345] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 17/09/2011 - 18:50:36 - [0,987] ----D- C:\Program Files (x86)\Renesas Electronics

O43 - CFD: 20/08/2011 - 20:26:02 - [1,728] ----D- C:\Program Files (x86)\Setup Files

O43 - CFD: 12/12/2011 - 01:08:12 - [16,555] R---D- C:\Program Files (x86)\Skype

O43 - CFD: 28/07/2011 - 19:04:16 - [3,591] ----D- C:\Program Files (x86)\SoulseekNS

O43 - CFD: 23/03/2012 - 22:07:38 - [343,889] ----D- C:\Program Files (x86)\Steam

O43 - CFD: 18/12/2011 - 21:28:58 - [227,614] ----D- C:\Program Files (x86)\Stra Software

O43 - CFD: 10/02/2012 - 11:42:16 - [3,588] ----D- C:\Program Files (x86)\TARS

O43 - CFD: 24/12/2011 - 13:22:34 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 20/11/2011 - 19:33:26 - [1,951] ----D- C:\Program Files (x86)\TimeAdjuster

O43 - CFD: 31/03/2012 - 08:58:02 - [9,783] ----D- C:\Program Files (x86)\Trojan Remover

O43 - CFD: 10/04/2011 - 00:36:54 - [37,350] ----D- C:\Program Files (x86)\Ubisoft

O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 28/03/2011 - 18:13:54 - [78,938] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 24/06/2011 - 18:00:16 - [0,403] ----D- C:\Program Files (x86)\WB Games

O43 - CFD: 17/03/2011 - 08:25:56 - [0,549] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 17/03/2011 - 18:50:54 - [6,395] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 17/03/2011 - 18:50:54 - [4,878] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [11,690] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 17/03/2011 - 18:50:54 - [4,251] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 17/03/2011 - 18:50:54 - [0,181] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 17/03/2011 - 18:50:54 - [6,604] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 29/10/2011 - 14:41:40 - [19,271] ----D- C:\Program Files (x86)\Xfire

O43 - CFD: 31/03/2012 - 12:26:20 - [10,096] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 01/12/2006 - 20:44:50 - [396,409] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 26/07/2011 - 16:30:36 - [89,664] ----D- C:\Program Files (x86)\Common Files\AVSMedia

O43 - CFD: 03/04/2011 - 20:43:02 - [0,089] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 31/10/2011 - 21:11:34 - [0,501] --H-D- C:\Program Files (x86)\Common Files\EAInstaller

O43 - CFD: 23/12/2011 - 20:40:36 - [3,282] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 20/11/2011 - 12:25:36 - [1,201] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 01/12/2006 - 20:41:56 - [0,625] ----D- C:\Program Files (x86)\Common Files\Macrovision Shared

O43 - CFD: 19/12/2011 - 17:55:10 - [85,488] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 17/09/2011 - 18:50:08 - [0,155] ----D- C:\Program Files (x86)\Common Files\postureAgent

O43 - CFD: 14/07/2009 - 05:20:10 - [0,003] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [39,202] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 10/12/2011 - 22:13:50 - [0,400] ----D- C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 09/11/2011 - 18:43:34 - [41,914] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 21/12/2011 - 00:52:00 - [0,372] ----D- C:\Program Files (x86)\Common Files\TortoiseOverlays

O43 - CFD: 26/01/2011 - 00:28:58 - [27,647] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 00mn 00s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.CB53A9D66257254B4C9C0948ACE73391] - 31/03/2012 - 10:34:00 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1476845]

O44 - LFC:[MD5.5FBACB0ED34A051B0281843896BE087C] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549936]

O44 - LFC:[MD5.F4809C83AD3DC9D57E26AA5ED2ADCDA9] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106412]

O44 - LFC:[MD5.D8EC22E797EFEECB7C1672290EF72D38] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130290]

O44 - LFC:[MD5.88BBE8851D6F2461F63C22243C29B5ED] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616032]

O44 - LFC:[MD5.A15042AA45C81CC9F50015E782B45860] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [702584]

O44 - LFC:[MD5.5FBACB0ED34A051B0281843896BE087C] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549936]

O44 - LFC:[MD5.F4809C83AD3DC9D57E26AA5ED2ADCDA9] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106412]

O44 - LFC:[MD5.D8EC22E797EFEECB7C1672290EF72D38] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130290]

O44 - LFC:[MD5.88BBE8851D6F2461F63C22243C29B5ED] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [616032]

O44 - LFC:[MD5.A15042AA45C81CC9F50015E782B45860] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [702584]

O44 - LFC:[MD5.E570239983AA75E89B105CE43F92F21F] - 31/03/2012 - 10:10:49 ---A- . (...) -- C:\Windows\setupact.log [448]

O44 - LFC:[MD5.7094C280B401A241A3E0D7C0D93879FB] - 31/03/2012 - 10:10:44 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.412E01340EBCC92704EF2DDDD8BAC489] - 31/03/2012 - 10:10:40 ---A- . (...) -- C:\Windows\PFRO.log [82356]

O44 - LFC:[MD5.F9746B4ED3A71C80D4AA5C2D4B05D5EC] - 31/03/2012 - 10:07:35 ---A- . (...) -- C:\ComboFix.txt [29736]

O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 31/03/2012 - 10:06:22 ---A- . (...) -- C:\Windows\system.ini [215]

O44 - LFC:[MD5.0A3D815042644E048068635A421145E7] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [525544]

O44 - LFC:[MD5.ECE8A00251257396ECDBA84537C3A24D] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\java.exe [172320]

O44 - LFC:[MD5.36BB463CFDC39FCE5B1A13FA29BAE1BB] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [172320]

O44 - LFC:[MD5.0A3D815042644E048068635A421145E7] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [525544]

O44 - LFC:[MD5.ECE8A00251257396ECDBA84537C3A24D] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [172320]

O44 - LFC:[MD5.36BB463CFDC39FCE5B1A13FA29BAE1BB] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [172320]

O44 - LFC:[MD5.DE8EC7BA7E0BF239D5C2922D042B56A4] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [191264]

O44 - LFC:[MD5.DE8EC7BA7E0BF239D5C2922D042B56A4] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [191264]

O44 - LFC:[MD5.F1C9DB5F7B2A56A0B29667D22BA540FC] - 31/03/2012 - 08:32:13 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [130760]

O44 - LFC:[MD5.248DB59FC86DE44D2779F4C7FB1A567D] - 31/03/2012 - 08:32:13 RSHAD . (.Avira GmbH - Avira Manager Driver.) -- C:\Windows\system32\drivers\avkmgr.sys [27760]

O44 - LFC:[MD5.AA8F79A1BDFC03B3BC70C44AB00589B4] - 31/03/2012 - 08:32:13 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [97312]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/03/2012 - 21:40:12 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.EF10AD3C98A06E6A502B19A8B71513D1] - 29/03/2012 - 21:35:59 ---A- . (...) -- C:\Windows\ntbtlog.txt [191326]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 RSHAD . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 RSHAD . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.A777C82BCF8B47BA1F6AD2290DF73A79] - 14/03/2012 - 17:57:36 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [2287664]

O44 - LFC:[MD5.A777C82BCF8B47BA1F6AD2290DF73A79] - 14/03/2012 - 17:57:36 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [2287664]

O44 - LFC:[MD5.9664BCBA769FACE40013A493BBEB47E1] - 14/03/2012 - 17:23:22 ---A- . (.pdfforge GbR - pdfcmon.) -- C:\Windows\SysNative\pdfcmon.dll [65024]

O44 - LFC:[MD5.9664BCBA769FACE40013A493BBEB47E1] - 14/03/2012 - 17:23:22 RSHAD . (.pdfforge GbR - pdfcmon.) -- C:\Windows\system32\pdfcmon.dll [65024]

~ Scan Files in 00mn 06s

 

 

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:[MD5.A2988EE32FA554B9023347E78E107FB8] - 28/03/2012 - 19:31:08 ---A- - C:\Windows\Prefetch\VLC.EXE-CC6F4A79.pf

O45 - LFCP:[MD5.8B884121814BCA8AB2DB60F7E86BC94C] - 30/03/2012 - 17:17:45 ---A- - C:\Windows\Prefetch\MPAS-D_BD1.EXE-97E29C40.pf

O45 - LFCP:[MD5.B68A1F95E718C846A598829849A93401] - 30/03/2012 - 17:17:45 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf

O45 - LFCP:[MD5.AA9A302A111A87E60541A230A7BD88A1] - 30/03/2012 - 19:06:29 ---A- - C:\Windows\Prefetch\Layout.ini

O45 - LFCP:[MD5.7C15FD7CE49F7677F85A33F144C043C9] - 30/03/2012 - 19:09:36 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf

O45 - LFCP:[MD5.8F88107E2F2A1D22405D6ECF91387335] - 30/03/2012 - 19:10:53 ---A- - C:\Windows\Prefetch\SF.BIN-0C95A5A6.pf

O45 - LFCP:[MD5.0319A703DB1D206473B1BE98992EDE14] - 30/03/2012 - 20:10:54 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1413474751-2073566379-3662516970-1001.db

O45 - LFCP:[MD5.CCFF018F8D948498071BAEA2EF046C99] - 30/03/2012 - 20:10:54 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1413474751-2073566379-3662516970-1001.db

O45 - LFCP:[MD5.FF64DACA4A5F91498D7678474FC3247D] - 30/03/2012 - 20:16:16 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf

O45 - LFCP:[MD5.9307C80BB0D847CBBD77947887533165] - 30/03/2012 - 20:16:23 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf

O45 - LFCP:[MD5.EBC8E040E6C70B934489730785F2C116] - 30/03/2012 - 20:17:52 ---A- - C:\Windows\Prefetch\TRACKIR5.EXE-BC0F8E38.pf

O45 - LFCP:[MD5.D33CDCEE570E47E95668231186C77B10] - 30/03/2012 - 21:24:57 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-FAEB250F.pf

O45 - LFCP:[MD5.D993C5D6E31A7BC994755F0E29CBA622] - 30/03/2012 - 21:25:11 ---A- - C:\Windows\Prefetch\PROTECT.EXE-F1F63AF2.pf

O45 - LFCP:[MD5.47FEC8EDF515E46D05D6C2EB05AB2C6C] - 30/03/2012 - 21:25:20 ---A- - C:\Windows\Prefetch\DCS.EXE-05137D8F.pf

O45 - LFCP:[MD5.AAF35A92709624703A5B78D45683900E] - 30/03/2012 - 22:55:48 ---A- - C:\Windows\Prefetch\EXCEL.EXE-16800A1F.pf

O45 - LFCP:[MD5.70AE6CD8A9D2179267C554C23D9AA4AC] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\E_S50RPB.EXE-74C1409B.pf

O45 - LFCP:[MD5.367459B4A8EF39487AB495B6A1E25985] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\NSVCAPPFLT.EXE-81337C33.pf

O45 - LFCP:[MD5.C8CC66A40B6EFBC247D315DF26423347] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf

O45 - LFCP:[MD5.F8D5341801E28171926ED2317513B03A] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf

O45 - LFCP:[MD5.FBF621F4566F3F95A27CDDA5B50A4F62] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-61AE5AB6.pf

O45 - LFCP:[MD5.20823DBCBE87DFD26D34673D2940887A] - 31/03/2012 - 07:53:45 ---A- - C:\Windows\Prefetch\TRJSETUP682.EXE-82BE3D8F.pf

O45 - LFCP:[MD5.03C0DA089B10E9D290848027BEAF28D9] - 31/03/2012 - 07:53:45 ---A- - C:\Windows\Prefetch\TRJSETUP682.TMP-FB884462.pf

O45 - LFCP:[MD5.13B7146BD766F4D41F9B48FDA692C064] - 31/03/2012 - 07:57:28 ---A- - C:\Windows\Prefetch\LPKSETUP.EXE-90F505D8.pf

O45 - LFCP:[MD5.42119464BF43BBB33C7F17EA298CDFFA] - 31/03/2012 - 07:58:13 ---A- - C:\Windows\Prefetch\TRUPD.EXE-985F863A.pf

O45 - LFCP:[MD5.8C50B1D29DE7AC95BCD6AABF1F291263] - 31/03/2012 - 07:58:25 ---A- - C:\Windows\Prefetch\RMVTRJAN.EXE-B1391503.pf

O45 - LFCP:[MD5.4695E2ABDBBE513DCEACCC3F4E4B4437] - 31/03/2012 - 08:04:23 ---A- - C:\Windows\Prefetch\SF.BIN-E33A7813.pf

O45 - LFCP:[MD5.94EA782F9815F4868D9922E496E0A4AD] - 31/03/2012 - 08:04:23 ---A- - C:\Windows\Prefetch\TRJSCAN.EXE-7B2812D8.pf

O45 - LFCP:[MD5.A8A10AB38692877F1E0CCDCE19BB0B04] - 31/03/2012 - 08:28:39 ---A- - C:\Windows\Prefetch\ASWRUNDLL.EXE-08C9C8CB.pf

O45 - LFCP:[MD5.AB867BE291B54EA8017A96E0909497E3] - 31/03/2012 - 08:28:39 ---A- - C:\Windows\Prefetch\AVAST.SETUP-B1D66586.pf

O45 - LFCP:[MD5.904618FF591069F1F693C5D94AD7FE53] - 31/03/2012 - 08:28:39 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-97F6A314.pf

O45 - LFCP:[MD5.454A1BB39EEC509831B6567A53A1FE66] - 31/03/2012 - 08:28:41 ---A- - C:\Windows\Prefetch\CTFMON.EXE-5E5138CF.pf

O45 - LFCP:[MD5.47750DAE430399C9EF9A3A3BD7A0E6D1] - 31/03/2012 - 08:28:50 ---A- - C:\Windows\Prefetch\ASWREGSVR.EXE-AD27A91B.pf

O45 - LFCP:[MD5.71F01A7A2C3950212E61DF8EB2FF51ED] - 31/03/2012 - 08:28:50 ---A- - C:\Windows\Prefetch\ASWREGSVR64.EXE-9CD9EB4D.pf

O45 - LFCP:[MD5.2D7CBD182CEB15FCE7E8EEF5F21B7E7D] - 31/03/2012 - 08:28:50 ---A- - C:\Windows\Prefetch\VISTHAUX.EXE-E83618CB.pf

O45 - LFCP:[MD5.04F65F15378F2164BD69A8AC7CE51F60] - 31/03/2012 - 08:29:00 ---A- - C:\Windows\Prefetch\SIDEBAR.EXE-FA75EA61.pf

O45 - LFCP:[MD5.3549970F3FAC0CBABDE5C9C7530E2513] - 31/03/2012 - 08:31:43 ---A- - C:\Windows\Prefetch\AVIRA_FREE_ANTIVIRUS_FR.EXE-AD6DBE0D.pf

O45 - LFCP:[MD5.F9FD0533C6050C23C1CEB4A1EA4A9CAD] - 31/03/2012 - 08:31:49 ---A- - C:\Windows\Prefetch\PRESETUP.EXE-10CD3CD6.pf

O45 - LFCP:[MD5.DC2FC4749DDE8A2E85AF482A52D409CE] - 31/03/2012 - 08:31:49 ---A- - C:\Windows\Prefetch\VCREDIST_X86.EXE-079BBD13.pf

O45 - LFCP:[MD5.4E2241ECAE326FA4C413219E1D2EAC91] - 31/03/2012 - 08:31:50 ---A- - C:\Windows\Prefetch\SETUP.EXE-79651DD2.pf

O45 - LFCP:[MD5.68DE4BF0F26EB0EC5EF64A23CEB9BD0B] - 31/03/2012 - 08:32:00 ---A- - C:\Windows\Prefetch\APNSTUB.EXE-8B52B9C7.pf

O45 - LFCP:[MD5.92F7CD6A9758DE9F50D7C3B9BC9AA2A4] - 31/03/2012 - 08:32:07 ---A- - C:\Windows\Prefetch\SETUP.EXE-D00F1C0B.pf

O45 - LFCP:[MD5.6170209E9D58091C8461104E92F89ED4] - 31/03/2012 - 08:32:18 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf

O45 - LFCP:[MD5.301AE1221394D586037D0B72870A6CE5] - 31/03/2012 - 08:32:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F8A8DFEA.pf

O45 - LFCP:[MD5.3EE0A2BC1989147B5EDB11A35F06C66D] - 31/03/2012 - 08:32:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1095AF20.pf

O45 - LFCP:[MD5.0E50192A4C5E6CA6A1C23F5A4EAD37CD] - 31/03/2012 - 08:32:23 ---A- - C:\Windows\Prefetch\GRPCONV.EXE-B823222B.pf

O45 - LFCP:[MD5.EF45901D54FAA5D9C22A5B6C990E90CC] - 31/03/2012 - 08:32:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6B7884DC.pf

O45 - LFCP:[MD5.28B2A6C6FD31CE73AB16C5B4C391F8E5] - 31/03/2012 - 08:32:23 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-D0649312.pf

O45 - LFCP:[MD5.14A754BC9A745207B288998EA830C0BD] - 31/03/2012 - 08:32:24 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf

O45 - LFCP:[MD5.FE3FE01D7531D1CA9DB89BDEEFE85753] - 31/03/2012 - 08:32:42 ---A- - C:\Windows\Prefetch\SCHED.EXE-CD2C25D2.pf

O45 - LFCP:[MD5.A2C2FC1A6E30A06637EA76AB5734302B] - 31/03/2012 - 08:32:44 ---A- - C:\Windows\Prefetch\AVGNT.EXE-DB62B80F.pf

O45 - LFCP:[MD5.0039D571028B3A1CD1B6C03CA8D080F2] - 31/03/2012 - 08:32:47 ---A- - C:\Windows\Prefetch\AVCONFIG.EXE-1AA497F0.pf

O45 - LFCP:[MD5.3134538E6DE5F00048B0282B43700A09] - 31/03/2012 - 08:49:09 ---A- - C:\Windows\Prefetch\UPDATE.EXE-0D8A637E.pf

O45 - LFCP:[MD5.BE5482EB2C0E77738C3A6BCF863A5B25] - 31/03/2012 - 08:49:14 ---A- - C:\Windows\Prefetch\AVGUARD.EXE-6F6E0A09.pf

O45 - LFCP:[MD5.0EEBA31C4CF4430BF251528DDAC4839D] - 31/03/2012 - 08:49:27 ---A- - C:\Windows\Prefetch\AVSHADOW.EXE-04DD2548.pf

O45 - LFCP:[MD5.BC26C90B8F649A6BE0D619130C5BAA21] - 31/03/2012 - 08:57:18 ---A- - C:\Windows\Prefetch\AVNOTIFY.EXE-377AF47F.pf

O45 - LFCP:[MD5.AD3CBFD58DC1BBD94A037B13B7FEFCEA] - 31/03/2012 - 09:00:06 ---A- - C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf

O45 - LFCP:[MD5.218768090C58E96274776C3B869B97B8] - 31/03/2012 - 09:42:46 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf

O45 - LFCP:[MD5.80DE8F3CA4BFF93A6F58CAB1387DED70] - 31/03/2012 - 09:46:42 ---A- - C:\Windows\Prefetch\HOUSECALLLAUNCHER64.EXE-2D53FB76.pf

O45 - LFCP:[MD5.73CDB6B1134244A7D78780F4D7CA34EB] - 31/03/2012 - 09:46:42 ---A- - C:\Windows\Prefetch\SETUP.EXE-748742C3.pf

O45 - LFCP:[MD5.7E4B5CEA47B1222EEA647C79D6077A14] - 31/03/2012 - 09:52:42 ---A- - C:\Windows\Prefetch\MSIEEE4.TMP-69EBD6B3.pf

O45 - LFCP:[MD5.EF5FDBD27DAB87B42AEC651296582F2E] - 31/03/2012 - 09:52:43 ---A- - C:\Windows\Prefetch\JRE-6U31-WINDOWS-X64.EXE-F988C4A1.pf

O45 - LFCP:[MD5.625B4F2715C4D56F157D3220A9806ABE] - 31/03/2012 - 09:52:59 ---A- - C:\Windows\Prefetch\ZIPPER.EXE-45D9BE29.pf

O45 - LFCP:[MD5.F95A0CE2F0C8057150249CC64267CDBE] - 31/03/2012 - 09:53:07 ---A- - C:\Windows\Prefetch\UNPACK200.EXE-FB3B322C.pf

O45 - LFCP:[MD5.D7FEA64BAE2B9AD8E948D9B06DD986CD] - 31/03/2012 - 09:53:13 ---A- - C:\Windows\Prefetch\WMIC.EXE-A7D06383.pf

O45 - LFCP:[MD5.65BE07B42F21690B3D8B60BA4EBA758E] - 31/03/2012 - 09:53:15 ---A- - C:\Windows\Prefetch\JAVAW.EXE-91B81925.pf

O45 - LFCP:[MD5.36E3F74D624F488977589420C795ECA3] - 31/03/2012 - 09:53:15 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-5FA6EB7C.pf

O45 - LFCP:[MD5.47CC512319A0A0E6B359B2DF0F4E8689] - 31/03/2012 - 09:53:46 ---A- - C:\Windows\Prefetch\INSTALL_FLASHPLAYER11X64AX_CH-586643E0.pf

O45 - LFCP:[MD5.962EBE9E71900E8734A3038F214A1D8A] - 31/03/2012 - 09:53:49 ---A- - C:\Windows\Prefetch\GCCHECK.EXE-CE23CD34.pf

O45 - LFCP:[MD5.6207A87C6FA23E5BCDE4FC1DD0E23DDC] - 31/03/2012 - 09:53:56 ---A- - C:\Windows\Prefetch\INSTALL_FLASHPLAYER11X64AX_CH-D2CD7A77.pf

O45 - LFCP:[MD5.31F9B56745491CB92F7A3499CB5174A1] - 31/03/2012 - 09:54:06 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-4E0B06AE.pf

O45 - LFCP:[MD5.E972EBEAF2FD422D2F3F945D3DBA1256] - 31/03/2012 - 09:54:06 ---A- - C:\Windows\Prefetch\INSTALL_FLASH_PLAYER_AX_64BIT-2B1225D4.pf

O45 - LFCP:[MD5.420C2E048FEA9A6A7A1EC4551E26CB51] - 31/03/2012 - 10:02:56 ---A- - C:\Windows\Prefetch\GSAR.3XE-F59E1258.pf

O45 - LFCP:[MD5.2708392B420B184E344CF91E5E841FED] - 31/03/2012 - 10:02:56 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-812AD5F1.pf

O45 - LFCP:[MD5.8A08D49FBF58E7DFBE4E9B5549B1C7DA] - 31/03/2012 - 10:02:57 ---A- - C:\Windows\Prefetch\COMBOFIX.EXE-CE6CE69D.pf

O45 - LFCP:[MD5.08364D94F07024E54B4375DDDFE9E6E0] - 31/03/2012 - 10:02:57 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-0CECD92D.pf

O45 - LFCP:[MD5.D27F0A46B7B4872588BE5E967C44106D] - 31/03/2012 - 10:02:57 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-8F1B6CBC.pf

O45 - LFCP:[MD5.79E96F51A448E519D72F2478A604562C] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\CHCP.COM-198E8AEB.pf

O45 - LFCP:[MD5.6C75BF326B927D9F199DD82623236EF2] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-0FB3F22C.pf

O45 - LFCP:[MD5.04769E9D8A7C874B969A690093C57773] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\PEV.3XE-82BE176E.pf

O45 - LFCP:[MD5.163DEC77E468077012DE5DE4DF99F440] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\SWREG.3XE-1E942DC7.pf

O45 - LFCP:[MD5.A4A4F955B12469D2B74637C3BBFDEF98] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\ATTRIB.3XE-66C70E35.pf

O45 - LFCP:[MD5.714B92AF0070DC9F895329D3A7C812AA] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\GREP.3XE-E3BCD30D.pf

O45 - LFCP:[MD5.3FEC01AFBD045918935E75DC4274923A] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\HANDLE.3XE-5CA81953.pf

O45 - LFCP:[MD5.235B7CC6190E6593D1E60B5749AD27A9] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\HANDLE64.EXE-B98BED5F.pf

O45 - LFCP:[MD5.7CCF3434AD31F44E3D0AF191BDDC2BE4] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\RMBR.3XE-8E283306.pf

O45 - LFCP:[MD5.DEFDAAF1A9FEFA9EB2784FACB73D769A] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\SED.3XE-A9B5A7B3.pf

O45 - LFCP:[MD5.747842FFC8EC1DD58A308BF3B6A99070] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\SWSC.3XE-095C34C7.pf

O45 - LFCP:[MD5.AB133E13A87517B04052E2D0434102BE] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\SWXCACLS.3XE-B9DEC87F.pf

O45 - LFCP:[MD5.1DFD5B4323E3EFB9F2E54DAB362A6950] - 31/03/2012 - 10:03:00 ---A- - C:\Windows\Prefetch\HIDEC.3XE-C4B9CB00.pf

O45 - LFCP:[MD5.CE9DF9F59F4FF88CA04C937D923C9726] - 31/03/2012 - 10:03:00 ---A- - C:\Windows\Prefetch\NIRCMD.3XE-EFCBB560.pf

O45 - LFCP:[MD5.0AE5FAC7B75CCAE724BCE63B788C97F2] - 31/03/2012 - 10:03:09 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf

O45 - LFCP:[MD5.E3E227A10AAA36DBD7907937631E2904] - 31/03/2012 - 10:06:43 ---A- - C:\Windows\Prefetch\FINDSTR.EXE-6C611AA6.pf

O45 - LFCP:[MD5.A0F6E834F2E58317F472234768F4189C] - 31/03/2012 - 10:07:35 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf

O45 - LFCP:[MD5.D0AF5E3B35938435B888D0D0366EBBE1] - 31/03/2012 - 10:09:32 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf

O45 - LFCP:[MD5.383F29AD3B05B7480F692AA0CEABF555] - 31/03/2012 - 10:09:50 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin

O45 - LFCP:[MD5.A3944577D8A4C8EE41A0322CFFE8595A] - 31/03/2012 - 10:11:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C775D18D.pf

O45 - LFCP:[MD5.FAE270CFAA103F6B029B71583B6C60B7] - 31/03/2012 - 10:11:47 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf

O45 - LFCP:[MD5.FD4EBF765C0039FE4A18DA84B5ED5B6A] - 31/03/2012 - 10:12:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf

O45 - LFCP:[MD5.924FB0FCA2194B1D2CF8153EED6589C1] - 31/03/2012 - 10:12:02 ---A- - C:\Windows\Prefetch\TS3CLIENT_WIN64.EXE-2DCC7207.pf

O45 - LFCP:[MD5.F9C1B9E3C504246EDB35003960453C6A] - 31/03/2012 - 10:12:27 ---A- - C:\Windows\Prefetch\IPMGUI.EXE-F9CAB886.pf

O45 - LFCP:[MD5.445B4303B6E16B519D019B85DE4B8DCB] - 31/03/2012 - 10:13:08 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf

O45 - LFCP:[MD5.0D3EAEEC1D0B4F9BB29D73B70FDF60EA] - 31/03/2012 - 10:13:09 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf

O45 - LFCP:[MD5.07E469309C655321D5E676512F42EFAE] - 31/03/2012 - 10:13:16 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf

O45 - LFCP:[MD5.86DF185509B3309EFCA0BEE975DA5EAD] - 31/03/2012 - 10:13:20 ---A- - C:\Windows\Prefetch\LMS.EXE-8C70F87D.pf

O45 - LFCP:[MD5.A35C389E3AFC1AA7173294B99F7D3443] - 31/03/2012 - 10:13:21 ---A- - C:\Windows\Prefetch\DAEMONU.EXE-B668DD96.pf

O45 - LFCP:[MD5.EC7CC63E45EA6C427DAC3EC183539CEC] - 31/03/2012 - 10:13:31 ---A- - C:\Windows\Prefetch\SSCHK.EXE-E1678DC3.pf

O45 - LFCP:[MD5.35346B888944FC39F2531C7A8C57693B] - 31/03/2012 - 10:14:05 ---A- - C:\Windows\Prefetch\UNS.EXE-E6E49771.pf

O45 - LFCP:[MD5.2051FA219FBA06E0B2C3A19EAA322E47] - 31/03/2012 - 10:14:56 ---A- - C:\Windows\Prefetch\AVCENTER.EXE-FD66D2A7.pf

O45 - LFCP:[MD5.75699C70CF746358A4FFA573B8F1CE3C] - 31/03/2012 - 10:15:13 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf

O45 - LFCP:[MD5.1DE5E7CFC6FE3AA65EC4EFF9A7684EB2] - 31/03/2012 - 10:17:54 ---A- - C:\Windows\Prefetch\AVSCAN.EXE-EDA6668B.pf

O45 - LFCP:[MD5.C920FD85E92DD0FBE3F90DF0558A5CC5] - 31/03/2012 - 10:22:20 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1605FA5B.pf

O45 - LFCP:[MD5.6A4FF87DE4E9DFBF085D7ACD80DC766C] - 31/03/2012 - 10:24:00 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf

O45 - LFCP:[MD5.84AC91AF8307D8B6CD50DAA850C98AED] - 31/03/2012 - 10:25:24 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf

O45 - LFCP:[MD5.FA610FDB66B597F561EA727C2EF4BDE5] - 31/03/2012 - 10:25:24 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf

O45 - LFCP:[MD5.CFC22B2F31DCFEA79CA1C677CCDE1B47] - 31/03/2012 - 10:30:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf

O45 - LFCP:[MD5.F924479B56C114FEF8A7F979109AE7B1] - 31/03/2012 - 10:30:41 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf

O45 - LFCP:[MD5.71DCE53E0A7A261E128152C4173DDF02] - 31/03/2012 - 10:30:50 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf

O45 - LFCP:[MD5.44595D80271C9F9DDE81741244A77AA7] - 31/03/2012 - 10:31:09 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-E09A077A.pf

O45 - LFCP:[MD5.FCA1D66DB6AA136EBF623460A532AD44] - 31/03/2012 - 10:32:19 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf

O45 - LFCP:[MD5.537562514B7E0A96247B5AB83D3559BC] - 31/03/2012 - 10:32:52 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf

O45 - LFCP:[MD5.3D8CBDB0D906446B44A824D292690286] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db

O45 - LFCP:[MD5.648AA20450FFE378C228F5CB369A4D16] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db

O45 - LFCP:[MD5.EEE316F19220C21B92A23090E166B2E7] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db

O45 - LFCP:[MD5.A6E3E1E08B4A1463A02B5D8E683902EC] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgRobust.db

O45 - LFCP:[MD5.1798982D92D57B1DEE24E3C80FBA056C] - 31/03/2012 - 10:58:44 ---A- - C:\Windows\Prefetch\OPERA.EXE-55C580CF.pf

O45 - LFCP:[MD5.ADB4BC2B3C68883B6CEF317FC99D96F4] - 31/03/2012 - 11:05:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf

O45 - LFCP:[MD5.65B34B2FA2D60C1A589491689A52C723] - 31/03/2012 - 11:08:21 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf

O45 - LFCP:[MD5.BF90D6AB737A610286997E76BD4DC2E2] - 31/03/2012 - 11:08:26 ---A- - C:\Windows\Prefetch\MBAM.EXE-80210E2F.pf

O45 - LFCP:[MD5.84DB54BD8F9C0A5BC45090A60941D159] - 31/03/2012 - 11:10:20 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-86E0E9B9.pf

O45 - LFCP:[MD5.6D6F2E4EFAD841B4EBD61D68F8DC3A14] - 31/03/2012 - 11:15:03 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf

O45 - LFCP:[MD5.3D51A1A7A9009BA629849DB978B9FC22] - 31/03/2012 - 11:19:01 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf

O45 - LFCP:[MD5.D7F3A276A5198CB6A04EBBCAE1C71007] - 31/03/2012 - 11:19:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf

O45 - LFCP:[MD5.A966CD679E1FBDA9D7D4010F75F6EE84] - 31/03/2012 - 11:23:23 ---A- - C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf

O45 - LFCP:[MD5.F251DAE62EE86924B4D554064054D2A6] - 31/03/2012 - 11:24:32 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf

O45 - LFCP:[MD5.F9B3161A158F786AA3176195CC36D8AE] - 31/03/2012 - 11:26:17 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf

O45 - LFCP:[MD5.83D0916B1D24B508D4E16122A136707F] - 31/03/2012 - 11:26:19 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf

~ Scan Prefetcher in 00mn 00s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51) (None)

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\system32\frapsv64.dll

O52 - TDSD: \Drivers32\"VIDC.XFR1"="xfcodec64.dll" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll

O52 - TDSD: \Drivers32\"msacm.l3pacm"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \Drivers32\"msacm.aacacm"="AACACM.acm" . (.fccHandler - AAC ACM Codec.) -- C:\Windows\system32\AACACM.acm

O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\system32\lameACM.acm

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\system32\lagarith.dll

O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\system32\ff_vfw.dll

O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow ACM codec.) -- C:\Windows\system32\ff_acm.acm

O52 - TDSD: \Drivers32\"vidc.x264"="x264vfw.dll" . (...) -- C:\Windows\system32\x264vfw.dll

O52 - TDSD: \Drivers32\"msacm.ac3filter"="ac3filter.acm" . (...) -- C:\Windows\system32\ac3filter.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\system32\frapsv64.dll

O52 - TDSD: \drivers.desc\"xfcodec64.dll"="Xfire video codec [XFR1]" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll

O52 - TDSD: \drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec Professional" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \drivers.desc\"aacacm.acm"="AAC ACM Codec" . (.fccHandler - AAC ACM Codec.) -- C:\Windows\system32\aacacm.acm

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \drivers.desc\"lameacm.acm"="Lame MP3 CODEC v0.91" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\system32\lagarith.dll

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\system32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow ACM codec.) -- C:\Windows\system32\ff_acm.acm

O52 - TDSD: \drivers.desc\"x264vfw.dll"="x264 H.264 Video Codec" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"ac3filter.acm"="AC3Filter ACM codec" . (...) -- C:\Windows\system32\ac3filter.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\Advanced SystemCare 4 [Key] . (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\BootStartBRC [Key] . (.TODO: <Company name> - TODO: <File description>.) -- C:\Program Files (x86)\MSI\BiosRomCheck\BootStartBiosRomCheck.exe

O53 - SMSR:HKLM\...\startupreg\DelReg [Key] . (...) -- C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\EEventManager [Key] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

O53 - SMSR:HKLM\...\startupreg\Live Update 5 [Key] . (...) -- C:\Program Files (x86)\MSI\Live Update 5\LU5.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\LogMeIn Hamachi Ui [Key] . (...) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\NUSB3MON [Key] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

O53 - SMSR:HKLM\...\startupreg\Super-Charger [Key] . (...) -- C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (.not file.)

~ Scan SMSR Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.DBB487D09F56C674430AC454FD8BCAB9] - 06/06/2011 - 14:07:00 RSHAD . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW76.sys [231440]

O58 - SDL:[MD5.DCC8177244FE79C61C4E73C65E63922A] - 27/01/2011 - 23:37:22 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9085952]

O58 - SDL:[MD5.7FE67D107329DC2CF89136A8E19BCEB7] - 26/01/2011 - 22:13:34 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [299520]

O58 - SDL:[MD5.AA8F79A1BDFC03B3BC70C44AB00589B4] - 01/12/2011 - 16:55:27 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [97312]

O58 - SDL:[MD5.F1C9DB5F7B2A56A0B29667D22BA540FC] - 01/12/2011 - 16:55:27 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [130760]

O58 - SDL:[MD5.248DB59FC86DE44D2779F4C7FB1A567D] - 01/12/2011 - 16:55:27 RSHAD . (.Avira GmbH - Avira Manager Driver.) -- C:\Windows\system32\drivers\avkmgr.sys [27760]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.952AC62074718C8F04F053E5073EEB45] - 30/06/2011 - 10:07:26 RSHAD . (.Raxco Software, Inc. - Defragmentation Support Driver.) -- C:\Windows\system32\drivers\DefragFs.sys [140816]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 30/12/1899 - 16:35:42 RSHAD . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\system32\drivers\hamachi.sys [33856]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - 19/10/2010 - 09:34:26 RSHAD . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys [56344]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.79DA94B35371B9E7104460C7693DCB2C] - 10/12/2011 - 15:24:08 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [23152]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.BAA293F089077FE71F855BA5649648D9] - 14/03/2011 - 10:29:46 RSHAD . (.Marvell Semiconductor Inc. - Marvell 91xx Confige Device Driver.) -- C:\Windows\system32\drivers\mv91cons.sys [24880]

O58 - SDL:[MD5.A986DC81534582FA478C286E8F57A877] - 14/03/2011 - 10:29:46 RSHAD . (.Marvell Semiconductor, Inc. - Marvell magni Windows Driver.) -- C:\Windows\system32\drivers\mvs91xx.sys [313136]

O58 - SDL:[MD5.56447FC94ED202A0725AD1FBF0DA5655] - 14/03/2011 - 10:29:46 RSHAD . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\Windows\system32\drivers\mvxxmm.sys [14128]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.95A2AB418251A3B2A2571CDE880B80D0] - 17/12/2009 - 17:49:02 RSHAD . (.Pas de propriétaire - Generic USB Driver.) -- C:\Windows\system32\drivers\npusbio_x64.sys [45600]

O58 - SDL:[MD5.0EBC9D13CD96C15B1B18D8678A609E4B] - 10/02/2011 - 13:52:34 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\Windows\system32\drivers\nusb3hub.sys [82432]

O58 - SDL:[MD5.7BDEC000D56D485021D9C1E63C2F81CA] - 10/02/2011 - 13:52:34 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\Windows\system32\drivers\nusb3xhc.sys [181760]

O58 - SDL:[MD5.10204955027011E08A9DC27737A48A54] - 08/07/2011 - 00:21:28 RSHAD . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [174184]

O58 - SDL:[MD5.B15258B1F45F9571758AC6BB2F043B01] - 15/10/2011 - 09:53:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 285.62.) -- C:\Windows\system32\drivers\nvlddmkm.sys [12971840]

O58 - SDL:[MD5.A85B4F2EF3A7304A5399EF0526423040] - 10/06/2009 - 21:35:35 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm62x64.sys [408960]

O58 - SDL:[MD5.BD25E03EAD63AC3365F25175B4DBD56A] - 04/03/2010 - 17:26:58 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmf6264.sys [349416]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.71B6ECD3C56FBF12FB1968DA3953B703] - 09/04/2010 - 01:33:48 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor64.sys [244328]

O58 - SDL:[MD5.B51F48A4BC09F9E2CA9334BD9251051C] - 30/06/2011 - 10:08:24 RSHAD . (.Raxco Software, Inc. - PerfectDisk OptiWrite Filter Driver for Server.) -- C:\Windows\system32\drivers\PDFsFilter.sys [79888]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.9140DB0911DE035FED0A9A77A2D156EA] - 23/08/2011 - 21:57:24 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [565352]

O58 - SDL:[MD5.EB5FA493A4B6EA290200AE39EBA2FBC6] - 28/06/2011 - 18:15:22 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2905832]

O58 - SDL:[MD5.B3B86BE19A0CAF025F679C39FD21E735] - 10/08/2010 - 07:43:14 RSHAD . (.Saitek - Smart Technology Helpers.) -- C:\Windows\system32\drivers\SaiBus.sys [50056]

O58 - SDL:[MD5.248ABD858FF7DCC966E5A54529DDD225] - 01/05/2007 - 15:10:50 RSHAD . (.Saitek - Saitek Hid Driver.) -- C:\Windows\system32\drivers\SaiH075C.sys [171144]

O58 - SDL:[MD5.9E7E53891D1747A01F491AB25B95135D] - 10/08/2010 - 07:43:14 RSHAD . (.Saitek - Saitek Magic Mini Driver.) -- C:\Windows\system32\drivers\SaiMini.sys [22792]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - 14/07/2009 - 01:00:40 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\serial.sys [94208]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/03/2011 - 00:00:00 RSHAD . (...) -- C:\Windows\system32\drivers\sptd.sys [526392]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 28/03/2012 - 08:57:24 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\reflist.dta [756683]

O61 - LFC:Last File Created 28/03/2012 - 09:03:46 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist33.dta [20842]

O61 - LFC:Last File Created 28/03/2012 - 17:53:15 ---A- C:\Users\ianick\Documents\++Demonoid.me++-Humans_Vs_Zombies[uK_2012].torrent [17227]

O61 - LFC:Last File Created 28/03/2012 - 17:54:00 ---A- C:\Users\ianick\Documents\_-Demonoid.me-_The_Divide_2011_LIMITED_DVDRip_XviD_SPARKS.torrent [28521]

O61 - LFC:Last File Created 28/03/2012 - 17:54:43 ---A- C:\Users\ianick\Documents\The_Divide_2011_Limited_BRRip_XViD_DTRG_o-Demonoid.me-o.torrent [8623]

O61 - LFC:Last File Created 28/03/2012 - 17:59:19 ---A- C:\Users\ianick\AppData\Roaming\.BitTornado\datacache\92b5fb3b296fb6d8e7f35cea75f443ac6330dc29 [625]

O61 - LFC:Last File Created 28/03/2012 - 18:29:38 ---A- C:\Users\ianick\AppData\Roaming\.BitTornado\datacache\9687f1b7b58e4eb6c55e900be0533cd1d82c747f [369]

O61 - LFC:Last File Created 29/03/2012 - 08:54:30 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist5.dta [12313]

O61 - LFC:Last File Created 29/03/2012 - 08:57:10 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist3.dta [986753]

O61 - LFC:Last File Created 29/03/2012 - 08:57:28 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist2.dta [4896476]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\49280E749D7318EA369BC7E61369C34AD2D22859.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\76C30565F803F2587F156A8344E4091992D31B27.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\8F903698240FE799F61EEDA8595181137B996156.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\9A7DEE2B537712BEF484CBD9E4DDBF88C78F436C.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\9F67B1C289A5B5DB7B32844AF679E758541D101B.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 20:25:49 ---A- C:\Users\ianick\AppData\Local\ars.cache [100292]

O61 - LFC:Last File Created 29/03/2012 - 20:25:56 ---A- C:\Users\ianick\AppData\Local\census.cache [8702764]

O61 - LFC:Last File Created 29/03/2012 - 20:28:03 ---A- C:\Users\ianick\Documents\cc_20120329_212801.reg [4736]

O61 - LFC:Last File Created 29/03/2012 - 20:28:19 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\database.conf [432]

O61 - LFC:Last File Created 29/03/2012 - 20:28:19 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [6762931]

O61 - LFC:Last File Created 29/03/2012 - 21:39:14 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2012-03-29 (22-37-03).txt [2420]

O61 - LFC:Last File Created 29/03/2012 - 21:39:14 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\5400660434.data [827]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\381814F6F5270FFBB27E244D6138BC023AF911D5.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\440AE73B017A477382DEFF7C0DBE4896FED21079.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\6344DCC80A9A6A3676DCEA0C92C8C45EFD2F3220.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\6DDB94AE3365798230849FA0F931AC132FE417D1.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\871F12AF0853C06E4EB80A1CCAB295CEADBB817A.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\C3306B26751D6A80EB1FCB651912469AE18819AB.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:31:42 ---A- C:\Users\ianick\Documents\The_Darkest_Hour_2011_720p_BRRip_x264_AC3_26K-((Demonoid.me)).torrent [18490]

O61 - LFC:Last File Created 30/03/2012 - 17:32:47 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\icons\dummy.png [109]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_1177422720 [1214]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_1929163517 [554]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_2149473910 [864]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_2434057376 [1003]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_2823772069 [587]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_3099917632 [755]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_4197495538 [1036]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_633869308 [833]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_964440565 [795]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\remote\img75.xooimage.com\files\5\4\5\a10-petit-312b193.jpg [805]

O61 - LFC:Last File Created 30/03/2012 - 20:16:39 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\remote\img67.xooimage.com\files\a\b\b\banniere-ts-2-3165053.gif [614716]

O61 - LFC:Last File Created 30/03/2012 - 20:16:40 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\remote\img7.xooimage.com\files\6\5\5\a10-entete-312a8fe.jpg [37437]

O61 - LFC:Last File Created 30/03/2012 - 20:16:54 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\channel.txt [8987]

O61 - LFC:Last File Created 30/03/2012 - 20:43:45 ---A- C:\Users\ianick\Saved Games\DCS Warthog\ScreenShots\Screen_120330_214345.jpg [123408]

O61 - LFC:Last File Created 30/03/2012 - 21:18:03 ---A- C:\Users\ianick\Documents\Tacview\Tacview-20120330-211933.txt.acmi [12523746]

O61 - LFC:Last File Created 30/03/2012 - 21:18:05 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Tracks\Multiplayer\client-20120330-211855.trk [11177250]

O61 - LFC:Last File Created 30/03/2012 - 21:20:40 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Missions\on garde maykop.miz [888075]

O61 - LFC:Last File Created 30/03/2012 - 21:23:02 ---A- C:\Users\ianick\Saved Games\DCS Warthog\MissionEditor\layers.lua [277]

O61 - LFC:Last File Created 30/03/2012 - 21:23:25 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Missions\on garde maykop-jour.miz [891105]

O61 - LFC:Last File Created 30/03/2012 - 21:23:27 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Logs\me.log.old [9011]

O61 - LFC:Last File Created 30/03/2012 - 21:24:46 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Logs\dcs.log.old [5920]

O61 - LFC:Last File Created 30/03/2012 - 21:25:07 ---A- C:\Users\ianick\Saved Games\DCS Warthog\MissionEditor\temp_options.lua [2152]

O61 - LFC:Last File Created 30/03/2012 - 21:25:08 ---A- C:\Users\ianick\Saved Games\DCS Warthog\MissionEditor\gdoptions.v2.lua [768]

O61 - LFC:Last File Created 30/03/2012 - 22:42:52 ---A- C:\Users\ianick\Documents\Tacview\Tacview-20120330-222604.txt.acmi [109397397]

O61 - LFC:Last File Created 30/03/2012 - 22:42:54 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Config\network.cfg [1246]

O61 - LFC:Last File Created 30/03/2012 - 22:42:54 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Tracks\Multiplayer\server-20120330-222551.trk [13456481]

O61 - LFC:Last File Created 30/03/2012 - 22:43:24 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\server.html [512402]

O61 - LFC:Last File Created 30/03/2012 - 22:54:15 ---A- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Excel12.pip [1552]

O61 - LFC:Last File Created 30/03/2012 - 22:54:15 ---A- C:\Users\ianick\Documents\SYNTHESE MENSUELLE ACT VM MEDIFLOR .xls [27648]

O61 - LFC:Last File Created 30/03/2012 - 22:55:46 ---A- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Recent\Mes documents.LNK [590]

O61 - LFC:Last File Created 30/03/2012 - 22:55:46 ---A- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Recent\SYNTHESE MENSUELLE ACT VM MEDIFLOR .LNK [862]

O61 - LFC:Last File Created 30/12/1899 - 10:09:48 --HA- C:\Users\ianick\AppData\Local\IconCache.db [1602333]

O61 - LFC:Last File Created 30/12/1899 - 22:55:46 --H-- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Recent\index.dat [82]

O61 - LFC:Last File Created 31/03/2012 - 07:50:37 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\local.conf [538]

O61 - LFC:Last File Created 31/03/2012 - 07:53:31 ---A- C:\Users\ianick\Documents\trjsetup682.exe [10491128]

O61 - LFC:Last File Created 31/03/2012 - 07:55:15 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trweb1.dta [778]

O61 - LFC:Last File Created 31/03/2012 - 07:58:12 ---A- C:\Users\ianick\Documents\Simply Super Software\Trojan Remover Logfiles\UPDLOG.TXT [5023]

O61 - LFC:Last File Created 31/03/2012 - 08:01:58 ---A- C:\Users\ianick\AppData\Roaming\Simply Super Software\Trojan Remover\exclude.dta [93]

O61 - LFC:Last File Created 31/03/2012 - 08:03:36 ---A- C:\Users\ianick\Documents\Simply Super Software\Trojan Remover Logfiles\TRLOG.TXT [40399]

O61 - LFC:Last File Created 31/03/2012 - 08:27:29 ---A- C:\Users\ianick\Documents\avira_free_antivirus_fr.exe [86855160]

O61 - LFC:Last File Created 31/03/2012 - 08:30:01 ---A- C:\Users\All Users\NVIDIA\Resource.old [1071764]

O61 - LFC:Last File Created 31/03/2012 - 08:56:51 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\channels\cache.dat [4]

O61 - LFC:Last File Created 31/03/2012 - 08:56:51 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\perm.dat [79438]

O61 - LFC:Last File Created 31/03/2012 - 08:56:52 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\channel.html [71782]

O61 - LFC:Last File Created 31/03/2012 - 10:03:33 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\channels\cache.dat [4]

O61 - LFC:Last File Created 31/03/2012 - 10:03:33 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\perm.dat [79438]

O61 - LFC:Last File Created 31/03/2012 - 10:03:42 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\resolved.dat [188]

O61 - LFC:Last File Created 31/03/2012 - 10:03:42 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\subscribemode.dat [4]

O61 - LFC:Last File Created 31/03/2012 - 10:03:43 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\channel.html [48953]

O61 - LFC:Last File Created 31/03/2012 - 10:03:43 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\server.html [201367]

O61 - LFC:Last File Created 31/03/2012 - 10:09:41 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\0936043783.data [827]

O61 - LFC:Last File Created 31/03/2012 - 10:09:42 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2012-03-31 (11-08-53).txt [2360]

O61 - LFC:Last File Created 31/03/2012 - 10:09:50 ---A- C:\Users\All Users\NVIDIA\Updatus\updtConfig.xml [2376]

O61 - LFC:Last File Created 31/03/2012 - 10:09:53 ---A- C:\Users\All Users\NVIDIA\Updatus\updtclient.log.bak [205]

O61 - LFC:Last File Created 31/03/2012 - 10:10:47 ---A- C:\Users\All Users\NVIDIA\Resource.dat [1071764]

O61 - LFC:Last File Created 31/03/2012 - 10:11:00 ---A- C:\Users\All Users\EPSON\STM3\E_S40ST.LOG [29486]

O61 - LFC:Last File Created 31/03/2012 - 10:11:52 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\ts3clientui_qt.conf [6458]

O61 - LFC:Last File Created 31/03/2012 - 10:13:14 ---A- C:\Users\All Users\NVIDIA\Updatus\journalBS.jour.dat [0]

O61 - LFC:Last File Created 31/03/2012 - 10:32:17 ---A- C:\Users\ianick\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20120331_113213876-Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-MSP0.txt [359008]

O61 - LFC:Last File Created 31/03/2012 - 10:32:18 ---A- C:\Users\ianick\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20120331_113213876.html [77170]

O61 - LFC:Last File Created 31/03/2012 - 10:54:43 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\channel.txt [3196]

O61 - LFC:Last File Created 31/03/2012 - 11:08:22 ---A- C:\Users\ianick\AppData\Local\Temp\~DF9991803370E68161.TMP [180224]

~ Scan Files in 00mn 11s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 26/01/2011 - C:\Windows\system32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG

O64 - Services: CurCS - 01/12/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 01/12/2011 - C:\Windows\system32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - 01/12/2011 - C:\Windows\system32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira GmbH - Avira Manager Driver.) - LEGACY_AVKMGR

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\DefragFS.sys (DefragFS) .(.Raxco Software, Inc. - Defragmentation Support Driver.) - LEGACY_DEFRAGFS

O64 - Services: CurCS - 14/03/2011 - C:\Windows\system32\DRIVERS\mv91cons.sys (mv91cons) .(.Marvell Semiconductor Inc. - Marvell 91xx Confige Device Driver.) - LEGACY_MV91CONS

O64 - Services: CurCS - 06/10/2009 - C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys (NTIOLib_1_0_1) .(.MSI - NTIOLib.) - LEGACY_NTIOLIB_1_0_1

O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvstor.sys (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR

O64 - Services: CurCS - 09/04/2010 - C:\Windows\system32\DRIVERS\nvstor64.sys (nvstor64) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR64

O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\PDFsFilter.sys (PDFSFilter) .(.Raxco Software, Inc. - PerfectDisk OptiWrite Filter Driver for Ser.) - LEGACY_PDFSFILTER

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD

~ Scan Services in 00mn 00s

 

 

 

---\\ Liste des fichiers non signés (O65) (None)

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <Opera.HTML>[HKCR\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - Babylon Search

O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://isearch.avg.com

~ Scan Keys in 00mn 00s

 

 

 

---\\ Crack & Keygen Files (O82)

D:\dcs\cracked earth noise.rar

D:\programs\Adobe Premiere Pro CS3\Keygen-Activator\Free Full Downloads and MORE -- www.TheViperFiles.com.url

~ Scan Files in 00mn 50s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\system32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\system32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\system32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\system32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\system32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\system32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\system32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\system32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\system32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\system32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2420736]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\system32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\system32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\system32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\system32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\system32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\system32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\system32\bdesvc.dll [100864]

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\system32\appmgmts.dll [193536]

~ Scan Services in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.5FC9A9215F9265B199A282F584CAAADD] [sPRF][26/03/2012] (.Swearware - ComboFix NSIS Installer.) -- C:\Users\ianick\Desktop\ComboFix.exe [4445462]

[MD5.9C85B2AD333C2642C1906DB6A7CD5AA6] [sPRF][06/10/2011] (.Trend Micro Inc. - Trend Micro Application Launcher.) -- C:\Users\ianick\Desktop\HousecallLauncher64.exe [2405672]

~ Scan Files in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{ADADEB6C-6967-4D7E-9844-3DB3994482D9}" | In - Private - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{8D217B1C-EF8D-4E4F-AF14-A230668214F0}" | In - Private - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{9616693B-0345-4F55-A946-13DBDB6CCC47}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "{3909E8CA-2B0D-4117-9231-6716DCACAB99}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "TCP Query User{759D48F2-97D3-45AB-92CD-568202C9F7EF}C:\program files (x86)\bittornado\btdownloadgui.exe" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\BitTornado\btdownloadgui.exe

O87 - FAEL: "UDP Query User{DA8418E9-F256-45C4-AECC-816437A7DB5F}C:\program files (x86)\bittornado\btdownloadgui.exe" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\BitTornado\btdownloadgui.exe

O87 - FAEL: "TCP Query User{8DE6587A-7A87-4063-93CE-4A839206A2EB}C:\program files (x86)\steam\steam.exe" | In - Public - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "UDP Query User{7DFD28EA-14FC-48DA-A5FC-DA5E5248A6B0}C:\program files (x86)\steam\steam.exe" | In - Public - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "{8AC086F4-6CF8-4FF3-B80F-62D33F3A0F2C}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{2237D9E3-D494-4D78-90C5-E4976ED6B3EC}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{0F3884DD-3FE6-4C29-8A0E-187B1C84CF9D}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{ABF9E497-BADF-498A-9FF9-EDCFE3075C9F}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{4FBB4F5F-CB23-4B34-8BC8-22F692365121}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "{46A25C0C-9E46-4274-970B-8B2F19E4E932}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "TCP Query User{CF5951E8-9EC2-41C2-BA2C-B83FBDE712BF}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Public - P6 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEvent

O87 - FAEL: "UDP Query User{CBABAE23-8DBB-44E3-8171-A04972193FD8}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Public - P17 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEven

O87 - FAEL: "{25BDE866-3506-4309-8F58-E69E202A3F97}" | In - Public - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{E46BF626-7B1E-4627-B66A-4363DB2B32A8}" | In - Public - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "TCP Query User{FFCDCDE6-CA50-4FFB-B838-5CC26D5EBD3D}C:\program files (x86)\soulseekns\slsk.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - SoulSeek.) -- C:\Program Files (x86)\SoulseekNS\slsk.exe

O87 - FAEL: "UDP Query User{B0664460-9D68-4EDB-81F1-95FF9D02EAD0}C:\program files (x86)\soulseekns\slsk.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - SoulSeek.) -- C:\Program Files (x86)\SoulseekNS\slsk.exe

O87 - FAEL: "TCP Query User{8B25CE4B-B445-4315-8E8D-642DBFA315F2}C:\program files (x86)\xfire\xfire.exe" | In - Private - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "UDP Query User{B2479461-D8B3-4829-B28B-174183402309}C:\program files (x86)\xfire\xfire.exe" | In - Private - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "{F125AE5B-E106-4222-9A40-2AF51BFE0E86}" | In - Public - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "{81DD2A89-91AE-4473-93E7-8B8CAEDA4F29}" | In - Public - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "TCP Query User{8349179F-B2DF-4E0A-90BD-C62C8E303164}C:\dcs-a10c-warthog\dcs a-10c\bin\dcs.exe" | In - Public - P6 - TRUE | .(.Eagle Dynamics - DCS.) -- C:\dcs-a10c-warthog\DCS A-10C\bin\DCS.exe

O87 - FAEL: "UDP Query User{8C0D4968-3B7B-4A72-B08D-5389F51BF9C4}C:\dcs-a10c-warthog\dcs a-10c\bin\dcs.exe" | In - Public - P17 - TRUE | .(.Eagle Dynamics - DCS.) -- C:\dcs-a10c-warthog\DCS A-10C\bin\DCS.exe

O87 - FAEL: "{1E85E16E-C8D2-4461-BB7B-B948DA1A8498}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{A79F35E4-A757-4634-BDBC-7BE053053709}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "TCP Query User{097CCCD4-7AD0-43D6-9D54-9F5B1604D0E5}C:\program files (x86)\internet explorer\iexplore.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "UDP Query User{F8531A1D-3FB6-4542-894D-2C401ACD3199}C:\program files (x86)\internet explorer\iexplore.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "{7B8694CE-1A47-4CAA-A371-EB02AD35DAC5}" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "{31228E95-D94B-4165-8046-3AF59CCBDC2C}" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "{5A01694C-182A-4A92-A8B8-FC8B1BA2A305}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

O87 - FAEL: "{6ECDBB20-C149-4B21-9B7D-EC146FDAC403}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

O87 - FAEL: "{CA30AE99-CC9E-4A69-AF6D-16B4346D041D}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{711089A5-06A9-4D45-9419-A473945D671C}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{6CAB70DF-7733-496B-9ACE-789C646B78B1}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "TCP Query User{533EEBBA-66EF-4FD9-B7B2-AEA1CAC36A3A}D:\black shark 2 rep\dcs black shark 2\bin\dcs.exe" | In - Public - P6 - TRUE | .(.Eagle Dynamics - DCS.) -- D:\black shark 2 rep\DCS Black Shark 2\bin\DCS.exe

O87 - FAEL: "UDP Query User{99599376-AE91-4889-A9E8-44A478668179}D:\black shark 2 rep\dcs black shark 2\bin\dcs.exe" | In - Public - P17 - TRUE | .(.Eagle Dynamics - DCS.) -- D:\black shark 2 rep\DCS Black Shark 2\bin\DCS.exe

O87 - FAEL: "TCP Query User{4A2DB396-A712-4911-A815-F43FFBBF3E99}C:\program files\teamspeak 3 client\ts3client_win64.exe" | In - Public - P6 - TRUE | .(.TeamSpeak Systems GmbH.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

O87 - FAEL: "UDP Query User{B3C63154-3FC3-4626-8BD6-F510E6646D94}C:\program files\teamspeak 3 client\ts3client_win64.exe" | In - Public - P17 - TRUE | .(.TeamSpeak Systems GmbH.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

O87 - FAEL: "TCP Query User{1926223B-5901-401C-80E7-A1D1E2221136}D:\me3\binaries\win32\masseffect3.exe" | In - Public - P6 - TRUE | .(.BioWare - Mass Effect 3.) -- D:\me3\Binaries\Win32\MassEffect3.exe

O87 - FAEL: "UDP Query User{368E6F81-5D2C-4818-A8A4-D076174C8D7D}D:\me3\binaries\win32\masseffect3.exe" | In - Public - P17 - TRUE | .(.BioWare - Mass Effect 3.) -- D:\me3\Binaries\Win32\MassEffect3.exe

O87 - FAEL: "{B3808026-78EA-45DF-9B26-B54A6BBA1BFF}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

O87 - FAEL: "{555E1884-9B5C-40C1-945E-CE939C1C3CEB}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

~ Scan Firewall in 00mn 01s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 9067 - (06/03/2012)

Clés trouvées (Keys found) : 7

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 6

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Adware.Agent

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}] =>Toolbar.Babylon

[HKLM\Software\WOW6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent

[HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon

[HKCU\Software\SweetIM] =>Toolbar.SweetIM

[HKLM\Software\WOW6432Node\SweetIM] =>Toolbar.SweetIM

C:\ProgramData\Babylon =>Toolbar.Babylon

C:\Users\ianick\AppData\Roaming\Babylon =>Toolbar.Babylon

C:\Users\ianick\AppData\Roaming\OpenCandy =>Adware.OpenCandy

C:\Users\ianick\AppData\Roaming\pdfforge =>PUP.Dealio

C:\Users\ianick\AppData\Local\Babylon =>Toolbar.Babylon

~ Scan Additionnel in 00mn 03s

 

 

 

---\\ Recherche détournement de DNS routeur (O89)

Serveur : dns2.proxad.net

Address: 212.27.40.241

Nom : www-cctld.l.google.com

Addresses: 2a00:1450:4007:803::1017

173.194.66.94

Aliases: www.google.fr

~ Scan DNS in 00mn 02s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 03/01/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SS - | Demand 31/03/2012 253600 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SS - | Disabled 26/01/2011 203776 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 01/12/2011 86224 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 01/12/2011 110032 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SS - | Disabled 28/02/2006 229376 | ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

SR - | Auto 14/09/2009 166400 | (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe

SR - | Auto 14/09/2009 128512 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe

SS - | Demand 01/12/2006 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SR - | Auto 496232 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

SR - | Auto 22/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

SR - | Auto 209000 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

SR - | Auto 15/10/2011 1640768 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 15/10/2011 2253120 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

SS - | Disabled 07/07/2011 1754888 | (PDAgent) . (.Raxco Software, Inc..) - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe

SS - | Disabled 07/07/2011 3290888 | (PDEngine) . (.Raxco Software, Inc..) - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe

SS - | Demand 0 | (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe

SS - | Demand 08/12/2011 419624 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

SR - | Auto 15/10/2011 381248 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

SR - | Auto 22/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

SS - | Demand 1255736 | C:\Windows\system32\Wat\WatUX.exe (WatAdminSvc) . (...) - C:\Windows\system32\Wat\WatAdminSvc.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 02s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by ianick at 31/03/2012 12:30:09

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

~ Scan MBR in 00mn 02s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by ianick at 31/03/2012 12:30:11

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/03/2011 - 00:00:00 RSHAD . (...) -- C:\Windows\system32\drivers\sptd.sys [526392]

~ Scan Emulateurs in 00mn 04s

 

 

 

End of the scan (1686 lines in 03mn 54s)(2)

Lien vers le commentaire
Partager sur d’autres sites

Rapport de ZHPDiag v1.28.34 par Nicolas Coolman, Update du 06/03/2012

Run by ianick at 31/03/2012 12:26:17

Web site : ZHPDiag Outil de diagnostic

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

State : Nouvelle version disponible

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

OPIE: Opera v11.62

OPIE: Opera vv11.62

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : Absent (Not found)

Windows ID Activation : Inconnue (Unknown)

Windows Licence : Inconnue (Unknown)

Software Protection Service (Protection logicielle) : KO

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8159 MB (74% free)

System Restore: Activé (Enable)

System drive C: has 23 GB (32%) free of 69 GB

 

---\\ Logged in mode

~ Computer Name: IANICK-PC

~ User Name: ianick

~ All Users Names: UpdatusUser, ianick, HomeGroupUser$, Guest, Administrator,

~ Unselected Option: None

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\ianick\AppData\Roaming\

~ %Desktop% : C:\Users\ianick\Desktop\

~ %Favorites% : C:\Users\ianick\Favorites\

~ %LocalAppData% : C:\Users\ianick\AppData\Local\

~ %StartMenu% : C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 23 Go of 69 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 613 Go of 932 Go)

E:\ CD-ROM drive (Not Inserted)

I:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.B1AC85B6ADC005CF3F9EB4E28DFDCCE6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/12/2011 - 08:04:30.) -- C:\Windows\system32\wininet.dll [1390080]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.20/11/2010 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]

[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\drivers\rdpdr.sys [165888]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/29

~ Mes Videos (My Videos) : 1/6

~ Mes Favoris (My Favorites) : Non accessible (Not found)

~ Mes Documents (My Documents) : 2/801

~ Mon Bureau (My Desktop) : 1/28

~ Menu demarrer (Programs) : 7/33

~ Scan Hidden Files in 00mn 00s

 

 

 

---\\ Processus lancés

[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.1464]

[MD5.4405758C4569213F3CFAC20E495EDF4C] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [258512] [PID.3004]

[MD5.D4C073DB0B506852B35197069A1892C7] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe [949104] [PID.2116]

[MD5.B8F49232247D0825B2B82E08A9E10753] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [981680] [PID.4148]

[MD5.46AE705AC463F50AC714C8084A09A2A3] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [2211328] [PID.4068]

[MD5.9E1222C417291BC836210743624A8E5E] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [381248] [PID.]

[MD5.27C9A4E1EF31C7A64DE8FBC0AA568503] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224] [PID.]

[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.]

[MD5.E491888D529410D7BD8FBBAD825795C8] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032] [PID.]

[MD5.E7859BA062DB5E23C6DD34AD66B09F50] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [326168] [PID.]

[MD5.7E22DE30E222BFDFCEC7E77032BAF3CD] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120] [PID.]

[MD5.E91F8AFBD7FB96C94B266579D6BFA77A] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2656280] [PID.]

~ Scan Processes Running in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_31 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Les tueurs de chars :: Escadrille virtuelle sur DCSA 10 et Ka50

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 1

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Easy Photo Print [64Bits] - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Easy Photo Print [64Bits] - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL x64).) -- C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

~ Scan Toolbar in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

O4 - HKLM\..\Run: [ProfilerU] . (.Saitek - Saitek SST Profile Launcher.) -- C:\Program Files\Saitek\SD6\Software\ProfilerU.exe

O4 - HKLM\..\Run: [saiMfd] . (.Saitek - Saitek MFD File System Driver.) -- C:\Program Files\Saitek\SD6\Software\SaiMfd.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [TrojanScanner] . (.Simply Super Software - Trojan Scanner.) -- C:\Program Files (x86)\Trojan Remover\Trjscan.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\policies\Explorer\Run: [51158] C:\PROGRA~3\LOCALS~1\Temp\msaees.bat (.not file.)

O4 - HKUS\S-1-5-21-1413474751-2073566379-3662516970-1004-1413474751-2073566379-3662516970-1001\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\CDDSExplorer.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\TimeAdjuster.lnk . (...) -- C:\Program Files (x86)\TimeAdjuster\time_adjuster.exe

O4 - Global Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O4 - Global Startup: C:\Users\ianick\Desktop\Adobe Premiere Pro - Raccourci.lnk . (...) -- D:\Program Files (x86)\Adobe\Adobe Premiere Pro CS3\Adobe Premiere Pro.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.) -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe

O4 - Global Startup: C:\Users\ianick\Desktop\AVSVideoConverter - Raccourci.lnk . (.Online Media Technologies Ltd..) -- C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe

O4 - Global Startup: C:\Users\ianick\Desktop\CDDSExplorer.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Computer - Shortcut.lnk - Clé orpheline

O4 - Global Startup: C:\Users\ianick\Desktop\DarknessII - Raccourci.lnk . (.Digital Extremes.) -- D:\darkness\The Darkness II\DarknessII.exe

O4 - Global Startup: C:\Users\ianick\Desktop\DCS A-10C - Raccourci.lnk . (...) -- C:\dcs-a10c-warthog\DCS A-10C

O4 - Global Startup: C:\Users\ianick\Desktop\DCS Black Shark 2 - Raccourci.lnk . (...) -- D:\black shark 2 rep\DCS Black Shark 2

O4 - Global Startup: C:\Users\ianick\Desktop\Documents - Shortcut.lnk . (...) -- C:\Users\ianick\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms

O4 - Global Startup: C:\Users\ianick\Desktop\Editeur De Profil.lnk . (.Saitek.) -- C:\Windows\Installer\{4042812A-E4A4-47D2-8953-B3930CC89539}\ProfileEditor.exe

O4 - Global Startup: C:\Users\ianick\Desktop\films - Raccourci.lnk . (...) -- D:\films

O4 - Global Startup: C:\Users\ianick\Desktop\Fraps.lnk . (.Beepa P/L.) -- C:\Fraps\fraps.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Free PDF to Word Converterr.lnk . (.Free-PDF-to-Word.com.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe

O4 - Global Startup: C:\Users\ianick\Desktop\MassEffect3 - Raccourci.lnk . (.BioWare.) -- D:\me3\Binaries\Win32\MassEffect3.exe

O4 - Global Startup: C:\Users\ianick\Desktop\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

O4 - Global Startup: C:\Users\ianick\Desktop\mplayerc - Raccourci.lnk . (.Gabest.) -- C:\Users\ianick\Documents\mplayerc.exe

O4 - Global Startup: C:\Users\ianick\Desktop\photos - Raccourci.lnk . (...) -- D:\photos

O4 - Global Startup: C:\Users\ianick\Desktop\Profiler.lnk . (.Saitek.) -- C:\Windows\Installer\{4042812A-E4A4-47D2-8953-B3930CC89539}\Profiler.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Tacview 1.0.lnk . (.Stra Software.) -- C:\Program Files (x86)\Stra Software\Tacview 1.0\Tacview.exe

O4 - Global Startup: C:\Users\ianick\Desktop\Tacview 1.1.1.lnk . (.Stra Software.) -- C:\Program Files (x86)\Stra Software\Tacview 1.1.1\Tacview.exe

O4 - Global Startup: C:\Users\ianick\Desktop\TimeAdjuster.lnk . (...) -- C:\Program Files (x86)\TimeAdjuster\time_adjuster.exe

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free PDF to Word Converter.lnk . (.Free-PDF-to-Word.com.) -- C:\Program Files (x86)\Free PDF to Word Converter\PDF2Word.exe

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O4 - Global Startup: C:\Users\ianick\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ModMan.lnk . (...) -- C:\ModMan\lib\modman.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xport to Microsoft Excel - (.not file.) - C:\Program Files\MICROS~1\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{172C4B04-A154-47C6-89D0-889724917966}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CCS\Services\Tcpip\..\{74EE54C2-B679-4892-AE43-BA0785D4E879}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{172C4B04-A154-47C6-89D0-889724917966}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS1\Services\Tcpip\..\{74EE54C2-B679-4892-AE43-BA0785D4E879}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{172C4B04-A154-47C6-89D0-889724917966}: DhcpNameServer = 212.27.40.241 212.27.40.240

O17 - HKLM\System\CS2\Services\Tcpip\..\{74EE54C2-B679-4892-AE43-BA0785D4E879}: DhcpNameServer = 212.27.40.241 212.27.40.240

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe

O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe

O23 - Service: ForceWare Intelligent Application Manage (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 285.6.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Intel® Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (PDBoot.exe) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job

[MD5.0D4C486A24A711A45FD83ACDF4D18506] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[MD5.00000000000000000000000000000000] [APT] [{1703209F-DBDC-4F21-8577-2D29DBAD98D2}] (...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\Redist\vcredist_x86.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{8BDB5BEE-F30C-4751-B8DE-E9F521B26644}] (...) -- C:\Users\ianick\Documents\vcredist_x64.exe (.not file.)

[MD5.67384147DD005E54D2C0A20408E28579] [APT] [{9139E61C-415E-438B-B68D-F54343046215}] (.Valve Corporation.) -- C:\Program Files (x86)\Steam\steam.exe

[MD5.00000000000000000000000000000000] [APT] [{9B45FC8A-CB2B-43C8-8E53-DC06AB642F4D}] (...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{EBC86DA3-D57B-4256-AFC8-75CCA4C8CE0A}] (...) -- F:\FreeTrack_V2.2.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{F1D2633F-6D93-4C69-AE3B-26D325D1E2BB}] (...) -- C:\Users\ianick\Documents\epson326207eu.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{FF256623-1A13-4382-9F70-EB957243F2A0}] (...) -- D:\Games\Battlefield 3T\__Installer\vc\vc2008sp1\redist\vcredist_x64.exe (.not file.)

~ Scan Scheduled Task in 00mn 00s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\Windows\system32\DRIVERS\avkmgr.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\system32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

O41 - Driver: C:\Windows\system32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: AVS Video Converter 8 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1

O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1

O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}

O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}

O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}

O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

O42 - Logiciel: Adobe Flash Player 11 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}

O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {04AF207D-9A77-465A-8B76-991F6AB66245}

O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078}

O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_32fdd767b4383606e8168e834af5d90

O42 - Logiciel: Adobe Premiere Pro CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}

O42 - Logiciel: Adobe Premiere Pro CS3 Functional Content - (.Adobe Systems Incorporated.) [HKLM] -- {50F102CA-4BE2-41A9-9810-5BB05EB91B9A}

O42 - Logiciel: Adobe Premiere Pro CS3 Third Party Content - (.Adobe Systems Incorporated.) [HKLM] -- {485ACF57-F364-440A-8496-E1E81C8FA1AA}

O42 - Logiciel: Adobe Reader X (10.1.2) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {BB81360F-041C-4CF7-B15E-71380D154244}

O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}

O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}

O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {0224CACC-994D-45F8-B973-D65056EA9C2F}

O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1}

O42 - Logiciel: Audacity 1.3.14 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1

O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: BitTornado 0.3.17 - (.John Hoffman.) [HKLM] -- BitTornado

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: ControlCenter - (.MSI.) [HKLM] -- {698B7D8B-0F43-4A19-8B9B-47F1EFEB858F}_is1

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: DCS A-10C - (.Pas de propriétaire.) [HKLM] -- DCS A-10C_is1

O42 - Logiciel: DCS Black Shark - (.Pas de propriétaire.) [HKLM] -- DCS Black Shark

O42 - Logiciel: DCS Black Shark 2 - (.Pas de propriétaire.) [HKLM] -- DCS KA-50_is1

O42 - Logiciel: EPSON SX218 Series Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON SX218 Series Manual

O42 - Logiciel: EPSON SX218 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX218 Series

O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner

O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {39F58DDB-B2B8-4B86-AF20-4706A80EB30D}

O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}

O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {03B8AA32-F23C-4178-B8E6-09ECD07EAA47}

O42 - Logiciel: Fraps (remove only) - (.Pas de propriétaire.) [HKLM] -- Fraps

O42 - Logiciel: Free PDF to Word Converter 1.5 - (.Free-PDF-to-Word.com.) [HKLM] -- Free PDF to Word Converter_is1

O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}

O42 - Logiciel: Java 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216029FF}

O42 - Logiciel: Java 6 Update 31 (64-bit) - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F86416031FF}

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Malwarebytes Anti-Malware version 1.60.1.1000 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {86A4C6D9-29EE-4719-AFA1-BA3341862B83}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {1FDA5A37-B22D-43FF-B582-B8964050DC13}

O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0409-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0116-0409-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {EE936C7A-EA40-31D5-9B65-8E3E089C3828}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM] -- {820B6609-4C97-3A2B-B644-573B06A0F0CC}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

O42 - Logiciel: Mises à jour NVIDIA 1.5.20 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update

O42 - Logiciel: ModMan 7.3.0.0 - (.C6.) [HKLM] -- ModMan

O42 - Logiciel: Mumble 1.2.3 - (.Thorvald Natvig.) [HKLM] -- {E1019541-10A2-464F-A23E-A4F23DA65160}

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}

O42 - Logiciel: NVIDIA Logiciel système PhysX 9.11.0621 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}

O42 - Logiciel: NVIDIA Pilote 3D Vision 285.62 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision

O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.24.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver

O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 285.62 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB

O42 - Logiciel: NVIDIA Pilote graphique 285.62 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo

O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] -- Notepad++

O42 - Logiciel: Opera 11.62 - (.Opera Software ASA.) [HKLM] -- Opera 11.62.1347

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PerfectDisk 12 Professional - (.Raxco Software Inc..) [HKLM] -- {A3D5B54A-9792-404F-AE8B-BDA961EBA58E}

O42 - Logiciel: PunkBuster Services - (.Pas de propriétaire.) [HKLM] -- PunkBusterSvc

O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}

O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- {5442DAB8-7177-49E1-8B22-09A049EA5996}

O42 - Logiciel: Sar Updater 1.1 - (.N1bus-Experiences.) [HKLM] -- {C39EB3BE-AC00-411B-B6F1-44EF4F7036BC}_is1

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B243E9A5-ED77-4F1B-B338-2486FD82DC85}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{797AE457-BA17-4BBC-B501-25FB3A0103C7}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB960003) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F04F8702-18D0-458D-921E-146FB7CD38CF}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB959997) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9EAC3AEC-5C81-4856-A05B-DE9DC236D740}

O42 - Logiciel: Security Update for Microsoft Office OneNote 2007 (KB950130) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F1B2401C-B610-4BF2-AA1C-52C55827A8F4}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB951338) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{558B709B-821B-4FC5-90FC-9A8890641E77}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB950114) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB956358) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4551666D-0FD6-4C69-8A81-1C6F2E64517C}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5F7F6FFF-395D-480E-8450-64F385D82C5F}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB956828) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{885E081B-72BD-4E76-8E98-30B4BE468FAC}

O42 - Logiciel: Skype 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}

O42 - Logiciel: Smart Technology Programming Software 7.0.2.7 - (.Mad Catz.) [HKLM] -- {4042812A-E4A4-47D2-8953-B3930CC89539}

O42 - Logiciel: SoulSeek 157 NS 13e - (.Pas de propriétaire.) [HKLM] -- Soulseek2

O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}

O42 - Logiciel: TARS - (.TARS.) [HKLM] -- {674DA4F6-9418-4C4D-B3B0-7A9AAE3F1B93}

O42 - Logiciel: Tacview 1.0 - (.Stra Software.) [HKLM] -- {C5BE0D64-13C7-43BA-9964-5202572A646E}

O42 - Logiciel: Tacview 1.1.1 - (.Stra Software.) [HKLM] -- {15D4CBB9-EF84-4BC7-9AA4-DE1FFDFB3D49}

O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client

O42 - Logiciel: The Darkness II - (.Pas de propriétaire.) [HKLM] -- The Darkness II_is1

O42 - Logiciel: Time Adjuster STANDARD 3.1 - (.IrekSoftware.com.) [HKCU] -- TimeAdjuster

O42 - Logiciel: TortoiseSVN 1.7.3.22386 (64 bit) - (.TortoiseSVN.) [HKLM] -- {7095F86C-BB1A-4254-96A0-7C63A1F8D403}

O42 - Logiciel: TrackIR5 - (.Pas de propriétaire.) [HKLM] -- {F3CA05B7-B4C0-4C9B-AAA6-16B868B35DF2}

O42 - Logiciel: Trojan Remover 6.8.3 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1

O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM] -- {888F1505-C2B3-4FDE-835D-36353EBD4754}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{91E130AA-C37F-42D8-9D5D-397B3416A7F2}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB952142) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{4AD3A076-427C-491F-A5B7-7D1DE788A756}

O42 - Logiciel: Update for Microsoft Script Editor Help (KB957253) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{F21BF703-548C-47B2-B92A-6876E9566C42}

O42 - Logiciel: Update for Office 2007 (KB932080) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EDC9CA29-6BC1-471C-828C-7A36109005D7}

O42 - Logiciel: Update for Office 2007 (KB934391) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B3091818-7C56-4C45-BE7D-CA23027A5EA5}

O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}

O42 - Logiciel: Xfire (remove only) - (.Pas de propriétaire.) [HKLM] -- Xfire

O42 - Logiciel: dBpoweramp Music Converter - (.Illustrate.) [HKLM] -- dBpoweramp Music Converter

O42 - Logiciel: dBpoweramp Ogg Vorbis Codec - (.Illustrate.) [HKLM] -- dBpoweramp Ogg Vorbis Codec

O42 - Logiciel: marvell 91xx driver - (.Marvell.) [HKLM] -- MagniDriver

O42 - Logiciel: x64 Components v3.3.6 - (.Shark007.) [HKLM] -- x64 Components_is1

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ABBYY]

[HKCU\Software\AMD]

[HKCU\Software\ATI]

[HKCU\Software\AVAST Software]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Audacity]

[HKCU\Software\Avira]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\DT Soft]

[HKCU\Software\EPSON]

[HKCU\Software\Eagle Dynamics]

[HKCU\Software\Fraps3]

[HKCU\Software\Freetrack]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GameSpy]

[HKCU\Software\IGearSettings]

[HKCU\Software\Illustrate]

[HKCU\Software\InstallCore]

[HKCU\Software\IrekZielinskiSoft]

[HKCU\Software\JavaSoft]

[HKCU\Software\LAV64]

[HKCU\Software\LAV]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept (Adobe2)]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Minnetonka Audio Software]

[HKCU\Software\Mozilla]

[HKCU\Software\Mumble]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\NaturalPoint]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Opera Software]

[HKCU\Software\PDFCreator]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Raxco]

[HKCU\Software\Realtek]

[HKCU\Software\SCC]

[HKCU\Software\Saitek]

[HKCU\Software\Simply Super Software]

[HKCU\Software\Skype]

[HKCU\Software\SoulSeek]

[HKCU\Software\Soulseek2]

[HKCU\Software\SpoonInstall]

[HKCU\Software\Stra Software]

[HKCU\Software\SweetIM]

[HKCU\Software\Sysinternals]

[HKCU\Software\TCP Optimizer]

[HKCU\Software\TeamSpeak 3 Client]

[HKCU\Software\TortoiseSVN]

[HKCU\Software\Trolltech]

[HKCU\Software\Ubisoft]

[HKCU\Software\Valve]

[HKCU\Software\Volition]

[HKCU\Software\Wget]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\Xfire]

[HKLM\Software\ABBYY]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\AMD]

[HKLM\Software\AMI]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVAST Software]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Avira]

[HKLM\Software\Babylon]

[HKLM\Software\BioWare]

[HKLM\Software\CLSYSTEM]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\DT Soft]

[HKLM\Software\DTS]

[HKLM\Software\Dolby]

[HKLM\Software\EPSON]

[HKLM\Software\Eagle Dynamics]

[HKLM\Software\GNU]

[HKLM\Software\Gabest]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\IObit]

[HKLM\Software\Illustrate]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\Knowles]

[HKLM\Software\Licenses]

[HKLM\Software\MSI]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Marvell]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NaturalPoint]

[HKLM\Software\Netscape]

[HKLM\Software\Ntpad]

[HKLM\Software\ODBC]

[HKLM\Software\Opera Software]

[HKLM\Software\PDFCreator]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\Rainbow Technologies]

[HKLM\Software\Raxco]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SEIKO EPSON CORPORATION]

[HKLM\Software\SRS Labs]

[HKLM\Software\Saitek]

[HKLM\Software\Simply Super Software]

[HKLM\Software\Skype]

[HKLM\Software\SonicFocus]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Swearware]

[HKLM\Software\SweetIM]

[HKLM\Software\TARS]

[HKLM\Software\TortoiseOverlays]

[HKLM\Software\TortoiseSVN]

[HKLM\Software\Ubisoft]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volition]

[HKLM\Software\Waves Audio]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

[HKLM\Software\X-AVCSD]

[HKLM\Software\swearware]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 13/03/2011 - 15:52:10 - [0] ----D- C:\Program Files\AVAST Software

O43 - CFD: 29/03/2012 - 21:27:12 - [8,854] ----D- C:\Program Files\CCleaner

O43 - CFD: 31/03/2012 - 11:05:24 - [77,540] ----D- C:\Program Files\Common Files

O43 - CFD: 17/03/2011 - 18:50:54 - [86,144] ----D- C:\Program Files\DVD Maker

O43 - CFD: 19/05/2011 - 18:52:06 - [0,352] ----D- C:\Program Files\Epson Software

O43 - CFD: 15/02/2012 - 09:19:40 - [5,915] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 31/03/2012 - 10:52:58 - [98,537] ----D- C:\Program Files\Java

O43 - CFD: 14/07/2009 - 09:46:54 - [142,848] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 03/04/2011 - 20:41:48 - [0,567] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 07:32:40 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 26/10/2011 - 15:10:12 - [788,173] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 26/08/2011 - 20:05:00 - [40,370] ----D- C:\Program Files\Raxco

O43 - CFD: 13/03/2011 - 16:06:32 - [33,264] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [35,109] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 28/10/2011 - 23:06:28 - [64,346] ----D- C:\Program Files\Saitek

O43 - CFD: 30/12/2011 - 18:04:32 - [48,551] ----D- C:\Program Files\Shark007

O43 - CFD: 17/02/2012 - 17:59:32 - [58,301] ----D- C:\Program Files\TeamSpeak 3 Client

O43 - CFD: 21/12/2011 - 00:52:00 - [24,901] ----D- C:\Program Files\TortoiseSVN

O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 17/03/2011 - 18:50:52 - [3,945] ----D- C:\Program Files\Windows Defender

O43 - CFD: 17/03/2011 - 18:50:52 - [8,901] ----D- C:\Program Files\Windows Journal

O43 - CFD: 17/03/2011 - 18:50:54 - [6,858] ----D- C:\Program Files\Windows Mail

O43 - CFD: 17/03/2011 - 18:50:52 - [7,459] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [12,100] ----D- C:\Program Files\Windows NT

O43 - CFD: 17/03/2011 - 18:50:52 - [5,298] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 17/03/2011 - 18:50:52 - [0,233] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 17/03/2011 - 18:50:54 - [7,606] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 13/03/2011 - 16:05:26 - [4,315] ----D- C:\Program Files\WinRAR

O43 - CFD: 19/05/2011 - 19:05:40 - [0,281] ----D- C:\Program Files\Common Files\EPSON

O43 - CFD: 19/12/2011 - 17:55:10 - [55,078] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 26/08/2011 - 20:05:00 - [6,712] ----D- C:\Program Files\Common Files\Raxco

O43 - CFD: 14/07/2009 - 05:20:10 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [0,583] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 09/11/2011 - 18:43:34 - [11,890] ----D- C:\Program Files\Common Files\System

O43 - CFD: 21/12/2011 - 00:51:58 - [2,993] ----D- C:\Program Files\Common Files\TortoiseOverlays

O43 - CFD: 21/08/2011 - 19:11:42 - [0,058] ----D- C:\ProgramData\ABBYY

O43 - CFD: 23/06/2011 - 19:35:22 - [0,000] ----D- C:\ProgramData\Adobe

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 31/03/2012 - 09:28:54 - [0] ----D- C:\ProgramData\AVAST Software

O43 - CFD: 31/03/2012 - 09:32:14 - [28,912] ----D- C:\ProgramData\Avira

O43 - CFD: 26/07/2011 - 16:15:00 - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 20/11/2011 - 19:20:24 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 22/03/2012 - 20:21:04 - [0,000] --H-D- C:\ProgramData\Common Files

O43 - CFD: 25/03/2011 - 23:35:58 - [0,001] ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 17/09/2011 - 18:50:22 - [3,015] ----D- C:\ProgramData\Downloaded Installations

O43 - CFD: 19/05/2011 - 19:05:40 - [8,124] ----D- C:\ProgramData\EPSON

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 01/12/2006 - 20:46:44 - [0,018] ----D- C:\ProgramData\FLEXnet

O43 - CFD: 20/08/2011 - 15:09:58 - [0,007] ----D- C:\ProgramData\IObit

O43 - CFD: 23/03/2012 - 21:19:08 - [0] ----D- C:\ProgramData\Local Settings

O43 - CFD: 13/03/2011 - 23:10:32 - [16,548] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 24/09/2011 - 19:21:38 - [250,058] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 31/03/2012 - 11:32:48 - [0,143] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 01/01/2012 - 00:19:50 - [0] ----D- C:\ProgramData\Minnetonka Audio Software

O43 - CFD: 31/03/2012 - 11:10:48 - [2,658] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 26/10/2011 - 15:09:08 - [0,913] ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 26/08/2011 - 20:05:02 - [2,207] ----D- C:\ProgramData\Raxco

O43 - CFD: 28/10/2011 - 23:06:30 - [0,500] ----D- C:\ProgramData\Saitek

O43 - CFD: 30/12/2011 - 18:05:08 - [0,002] ----D- C:\ProgramData\Shark007

O43 - CFD: 31/03/2012 - 08:53:52 - [7,411] ----D- C:\ProgramData\Simply Super Software

O43 - CFD: 12/12/2011 - 01:08:08 - [17,984] ----D- C:\ProgramData\Skype

O43 - CFD: 10/09/2011 - 10:26:20 - [0,125] ----D- C:\ProgramData\Soulseek

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 20/11/2011 - 12:25:36 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 31/03/2012 - 09:04:02 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 04/12/2011 - 12:41:48 - [0] ----D- C:\ProgramData\Ubisoft

O43 - CFD: 19/05/2011 - 18:53:06 - [0,003] ----D- C:\ProgramData\UDL

O43 - CFD: 30/10/2011 - 10:48:00 - [3,494] ----D- C:\ProgramData\Xfire

O43 - CFD: 08/01/2012 - 20:17:26 - [0,116] ----D- C:\Users\ianick\AppData\Roaming\.BitTornado

O43 - CFD: 25/02/2012 - 21:11:10 - [0] ----D- C:\Users\ianick\AppData\Roaming\AccurateRip

O43 - CFD: 01/12/2006 - 20:49:44 - [6,689] ----D- C:\Users\ianick\AppData\Roaming\Adobe

O43 - CFD: 13/03/2011 - 15:55:42 - [0] ----D- C:\Users\ianick\AppData\Roaming\ATI

O43 - CFD: 24/03/2012 - 12:39:26 - [0,001] ----D- C:\Users\ianick\AppData\Roaming\Audacity

O43 - CFD: 31/03/2012 - 09:49:46 - [0] ----D- C:\Users\ianick\AppData\Roaming\Avira

O43 - CFD: 26/07/2011 - 16:15:00 - [0,002] ----D- C:\Users\ianick\AppData\Roaming\AVS4YOU

O43 - CFD: 20/11/2011 - 19:20:24 - [0,005] ----D- C:\Users\ianick\AppData\Roaming\Babylon

O43 - CFD: 10/03/2012 - 01:33:36 - [0] ----D- C:\Users\ianick\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 19/02/2012 - 00:11:52 - [0,025] ----D- C:\Users\ianick\AppData\Roaming\DarknessII

O43 - CFD: 24/06/2011 - 19:01:48 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\Day 1 Studios

O43 - CFD: 03/11/2011 - 11:02:02 - [0,050] ----D- C:\Users\ianick\AppData\Roaming\Dropbox

O43 - CFD: 29/08/2011 - 20:27:02 - [0] ----D- C:\Users\ianick\AppData\Roaming\dvdcss

O43 - CFD: 19/05/2011 - 18:18:36 - [0,007] ----D- C:\Users\ianick\AppData\Roaming\Epson

O43 - CFD: 23/03/2012 - 21:19:36 - [1,860] ----D- C:\Users\ianick\AppData\Roaming\gizza

O43 - CFD: 24/03/2012 - 12:01:22 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\gtk-2.0

O43 - CFD: 13/03/2011 - 15:12:32 - [0] ----D- C:\Users\ianick\AppData\Roaming\Identities

O43 - CFD: 19/05/2011 - 18:31:10 - [0] ----D- C:\Users\ianick\AppData\Roaming\InstallShield

O43 - CFD: 20/08/2011 - 15:13:12 - [0,251] ----D- C:\Users\ianick\AppData\Roaming\IObit

O43 - CFD: 13/03/2011 - 15:59:30 - [0,001] ----D- C:\Users\ianick\AppData\Roaming\Macromedia

O43 - CFD: 13/03/2011 - 23:12:48 - [0,059] ----D- C:\Users\ianick\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 09:45:16 - [0] ----D- C:\Users\ianick\AppData\Roaming\Media Center Programs

O43 - CFD: 28/01/2012 - 12:06:06 - [0] ----D- C:\Users\ianick\AppData\Roaming\Media Player Classic

O43 - CFD: 22/03/2012 - 20:18:02 - [3,110] -S--D- C:\Users\ianick\AppData\Roaming\Microsoft

O43 - CFD: 26/02/2012 - 10:44:38 - [0,113] ----D- C:\Users\ianick\AppData\Roaming\Mumble

O43 - CFD: 18/12/2011 - 14:13:34 - [0,242] ----D- C:\Users\ianick\AppData\Roaming\Notepad++

O43 - CFD: 06/10/2011 - 18:33:24 - [2,249] ----D- C:\Users\ianick\AppData\Roaming\NVIDIA

O43 - CFD: 22/03/2012 - 20:20:56 - [14,358] ----D- C:\Users\ianick\AppData\Roaming\OpenCandy

O43 - CFD: 13/03/2011 - 15:15:16 - [1,766] ----D- C:\Users\ianick\AppData\Roaming\Opera

O43 - CFD: 22/03/2012 - 20:20:56 - [0,002] ----D- C:\Users\ianick\AppData\Roaming\pdfforge

O43 - CFD: 10/04/2011 - 00:37:28 - [0,797] ----D- C:\Users\ianick\AppData\Roaming\PunkBuster

O43 - CFD: 30/12/2011 - 18:04:32 - [0,001] ----D- C:\Users\ianick\AppData\Roaming\Shark007

O43 - CFD: 31/03/2012 - 08:53:52 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\Simply Super Software

O43 - CFD: 21/03/2012 - 22:59:42 - [1,486] ----D- C:\Users\ianick\AppData\Roaming\Skype

O43 - CFD: 21/12/2011 - 00:52:28 - [0,018] ----D- C:\Users\ianick\AppData\Roaming\Subversion

O43 - CFD: 30/03/2012 - 18:32:48 - [3,076] ----D- C:\Users\ianick\AppData\Roaming\TS3Client

O43 - CFD: 29/01/2012 - 15:12:20 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\ts3overlay

O43 - CFD: 01/12/2006 - 23:20:32 - [1,425] ----D- C:\Users\ianick\AppData\Roaming\vlc

O43 - CFD: 13/03/2011 - 16:05:34 - [0,000] ----D- C:\Users\ianick\AppData\Roaming\WinRAR

O43 - CFD: 19/11/2011 - 15:48:32 - [0,003] ----D- C:\Users\ianick\AppData\Roaming\Xfire

O43 - CFD: 05/04/2011 - 19:03:48 - [0,004] ----D- C:\Users\ianick\AppData\Local\3DMGAME

O43 - CFD: 19/05/2011 - 18:00:02 - [0] ----D- C:\Users\ianick\AppData\Local\ABBYY

O43 - CFD: 13/03/2011 - 17:42:52 - [0] ----D- C:\Users\ianick\AppData\Local\Activision

O43 - CFD: 01/01/2012 - 13:57:06 - [15,122] ----D- C:\Users\ianick\AppData\Local\Adobe

O43 - CFD: 11/06/2011 - 21:44:22 - [0,190] ----D- C:\Users\ianick\AppData\Local\ALI213

O43 - CFD: 13/03/2011 - 15:12:18 - [0] -SH-D- C:\Users\ianick\AppData\Local\Application Data

O43 - CFD: 13/03/2011 - 15:55:42 - [0,069] ----D- C:\Users\ianick\AppData\Local\ATI

O43 - CFD: 20/11/2011 - 19:20:24 - [3,668] ----D- C:\Users\ianick\AppData\Local\Babylon

O43 - CFD: 25/04/2011 - 17:13:54 - [0] ----D- C:\Users\ianick\AppData\Local\Diagnostics

O43 - CFD: 20/06/2011 - 15:19:32 - [0] ----D- C:\Users\ianick\AppData\Local\ElevatedDiagnostics

O43 - CFD: 13/03/2011 - 15:12:18 - [0] -SH-D- C:\Users\ianick\AppData\Local\History

O43 - CFD: 31/10/2011 - 13:48:02 - [39,587] ----D- C:\Users\ianick\AppData\Local\Microsoft

O43 - CFD: 14/06/2011 - 17:34:04 - [0,152] ----D- C:\Users\ianick\AppData\Local\Microsoft Games

O43 - CFD: 03/04/2011 - 20:41:18 - [0] ----D- C:\Users\ianick\AppData\Local\Microsoft Help

O43 - CFD: 13/03/2011 - 15:15:16 - [50,868] ----D- C:\Users\ianick\AppData\Local\Opera

O43 - CFD: 14/10/2011 - 17:52:58 - [0,001] ----D- C:\Users\ianick\AppData\Local\RAGELauncher

O43 - CFD: 03/03/2012 - 10:23:54 - [1,268] ----D- C:\Users\ianick\AppData\Local\SKIDROW

O43 - CFD: 29/01/2012 - 15:44:46 - [0,001] ----D- C:\Users\ianick\AppData\Local\TARS

O43 - CFD: 31/03/2012 - 12:25:00 - [0,589] ----D- C:\Users\ianick\AppData\Local\Temp

O43 - CFD: 13/03/2011 - 15:12:18 - [0] -SH-D- C:\Users\ianick\AppData\Local\Temporary Internet Files

O43 - CFD: 31/03/2012 - 11:11:30 - [0] ----D- C:\Users\ianick\AppData\Local\TSVNCache

O43 - CFD: 04/12/2011 - 13:54:02 - [0,000] ----D- C:\Users\ianick\AppData\Local\Ubisoft Game Launcher

O43 - CFD: 13/03/2011 - 15:12:26 - [0] ----D- C:\Users\ianick\AppData\Local\VirtualStore

O43 - CFD: 31/12/2011 - 20:10:32 - [0] ----D- C:\Users\ianick\AppData\Local\WMTools Downloaded Files

O43 - CFD: 01/12/2006 - 20:45:02 - [176,181] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 24/03/2012 - 12:28:46 - [40,720] ----D- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)

O43 - CFD: 31/03/2012 - 09:32:14 - [169,875] ----D- C:\Program Files (x86)\Avira

O43 - CFD: 26/07/2011 - 16:30:38 - [62,927] ----D- C:\Program Files (x86)\AVS4YOU

O43 - CFD: 11/05/2011 - 09:19:12 - [16,333] ----D- C:\Program Files (x86)\BitTornado

O43 - CFD: 01/12/2006 - 20:44:44 - [0,309] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 18/08/2011 - 21:20:58 - [0] ----D- C:\Program Files (x86)\Codemasters

O43 - CFD: 31/03/2012 - 11:05:24 - [686,952] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 25/03/2011 - 23:37:56 - [16,359] ----D- C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 25/03/2011 - 23:42:48 - [0] ----D- C:\Program Files (x86)\Electronic Arts

O43 - CFD: 19/05/2011 - 18:51:32 - [14,375] ----D- C:\Program Files (x86)\epson

O43 - CFD: 19/05/2011 - 18:52:28 - [160,427] ----D- C:\Program Files (x86)\Epson Software

O43 - CFD: 19/05/2011 - 16:56:26 - [1,447] ----D- C:\Program Files (x86)\Free PDF to Word Converter

O43 - CFD: 28/01/2012 - 20:15:26 - [107,900] ----D- C:\Program Files (x86)\GIMP-2.0

O43 - CFD: 25/02/2012 - 21:11:08 - [16,866] ----D- C:\Program Files (x86)\Illustrate

O43 - CFD: 26/12/2011 - 22:49:20 - [39,251] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 17/09/2011 - 18:50:06 - [9,003] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 31/03/2012 - 08:58:38 - [4,915] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 20/11/2011 - 12:25:20 - [84,496] ----D- C:\Program Files (x86)\Java

O43 - CFD: 04/02/2012 - 00:21:14 - [11,464] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 17/09/2011 - 18:47:46 - [0,746] ----D- C:\Program Files (x86)\Marvell

O43 - CFD: 30/04/2011 - 10:21:42 - [8,905] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

O43 - CFD: 03/04/2011 - 20:43:04 - [284,361] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 25/04/2011 - 16:03:06 - [7,789] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 31/10/2011 - 13:47:40 - [8,904] ----D- C:\Program Files (x86)\Movie Maker 2.6

O43 - CFD: 14/07/2009 - 07:32:40 - [0,025] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 24/12/2011 - 13:31:46 - [75,023] ----D- C:\Program Files (x86)\MSI

O43 - CFD: 20/08/2011 - 12:36:12 - [31,043] ----D- C:\Program Files (x86)\Mumble

O43 - CFD: 21/06/2011 - 18:35:26 - [24,518] ----D- C:\Program Files (x86)\N1bus Softwares

O43 - CFD: 18/12/2011 - 14:13:26 - [10,911] ----D- C:\Program Files (x86)\Notepad++

O43 - CFD: 26/10/2011 - 15:10:30 - [125,471] ----D- C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 28/03/2012 - 22:15:26 - [34,180] ----D- C:\Program Files (x86)\Opera

O43 - CFD: 22/03/2012 - 20:21:10 - [34,641] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 26/08/2011 - 20:04:24 - [275,952] ----D- C:\Program Files (x86)\Raxco

O43 - CFD: 24/12/2011 - 13:21:00 - [5,886] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [37,345] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 17/09/2011 - 18:50:36 - [0,987] ----D- C:\Program Files (x86)\Renesas Electronics

O43 - CFD: 20/08/2011 - 20:26:02 - [1,728] ----D- C:\Program Files (x86)\Setup Files

O43 - CFD: 12/12/2011 - 01:08:12 - [16,555] R---D- C:\Program Files (x86)\Skype

O43 - CFD: 28/07/2011 - 19:04:16 - [3,591] ----D- C:\Program Files (x86)\SoulseekNS

O43 - CFD: 23/03/2012 - 22:07:38 - [343,889] ----D- C:\Program Files (x86)\Steam

O43 - CFD: 18/12/2011 - 21:28:58 - [227,614] ----D- C:\Program Files (x86)\Stra Software

O43 - CFD: 10/02/2012 - 11:42:16 - [3,588] ----D- C:\Program Files (x86)\TARS

O43 - CFD: 24/12/2011 - 13:22:34 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 20/11/2011 - 19:33:26 - [1,951] ----D- C:\Program Files (x86)\TimeAdjuster

O43 - CFD: 31/03/2012 - 08:58:02 - [9,783] ----D- C:\Program Files (x86)\Trojan Remover

O43 - CFD: 10/04/2011 - 00:36:54 - [37,350] ----D- C:\Program Files (x86)\Ubisoft

O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 28/03/2011 - 18:13:54 - [78,938] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 24/06/2011 - 18:00:16 - [0,403] ----D- C:\Program Files (x86)\WB Games

O43 - CFD: 17/03/2011 - 08:25:56 - [0,549] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 17/03/2011 - 18:50:54 - [6,395] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 17/03/2011 - 18:50:54 - [4,878] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [11,690] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 17/03/2011 - 18:50:54 - [4,251] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 17/03/2011 - 18:50:54 - [0,181] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 17/03/2011 - 18:50:54 - [6,604] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 29/10/2011 - 14:41:40 - [19,271] ----D- C:\Program Files (x86)\Xfire

O43 - CFD: 31/03/2012 - 12:26:20 - [10,096] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 01/12/2006 - 20:44:50 - [396,409] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 26/07/2011 - 16:30:36 - [89,664] ----D- C:\Program Files (x86)\Common Files\AVSMedia

O43 - CFD: 03/04/2011 - 20:43:02 - [0,089] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 31/10/2011 - 21:11:34 - [0,501] --H-D- C:\Program Files (x86)\Common Files\EAInstaller

O43 - CFD: 23/12/2011 - 20:40:36 - [3,282] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 20/11/2011 - 12:25:36 - [1,201] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 01/12/2006 - 20:41:56 - [0,625] ----D- C:\Program Files (x86)\Common Files\Macrovision Shared

O43 - CFD: 19/12/2011 - 17:55:10 - [85,488] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 17/09/2011 - 18:50:08 - [0,155] ----D- C:\Program Files (x86)\Common Files\postureAgent

O43 - CFD: 14/07/2009 - 05:20:10 - [0,003] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [39,202] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 10/12/2011 - 22:13:50 - [0,400] ----D- C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 09/11/2011 - 18:43:34 - [41,914] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 21/12/2011 - 00:52:00 - [0,372] ----D- C:\Program Files (x86)\Common Files\TortoiseOverlays

O43 - CFD: 26/01/2011 - 00:28:58 - [27,647] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 00mn 00s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.CB53A9D66257254B4C9C0948ACE73391] - 31/03/2012 - 10:34:00 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1476845]

O44 - LFC:[MD5.5FBACB0ED34A051B0281843896BE087C] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549936]

O44 - LFC:[MD5.F4809C83AD3DC9D57E26AA5ED2ADCDA9] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106412]

O44 - LFC:[MD5.D8EC22E797EFEECB7C1672290EF72D38] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130290]

O44 - LFC:[MD5.88BBE8851D6F2461F63C22243C29B5ED] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616032]

O44 - LFC:[MD5.A15042AA45C81CC9F50015E782B45860] - 31/03/2012 - 10:16:29 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [702584]

O44 - LFC:[MD5.5FBACB0ED34A051B0281843896BE087C] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549936]

O44 - LFC:[MD5.F4809C83AD3DC9D57E26AA5ED2ADCDA9] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106412]

O44 - LFC:[MD5.D8EC22E797EFEECB7C1672290EF72D38] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130290]

O44 - LFC:[MD5.88BBE8851D6F2461F63C22243C29B5ED] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [616032]

O44 - LFC:[MD5.A15042AA45C81CC9F50015E782B45860] - 31/03/2012 - 10:16:29 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [702584]

O44 - LFC:[MD5.E570239983AA75E89B105CE43F92F21F] - 31/03/2012 - 10:10:49 ---A- . (...) -- C:\Windows\setupact.log [448]

O44 - LFC:[MD5.7094C280B401A241A3E0D7C0D93879FB] - 31/03/2012 - 10:10:44 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.412E01340EBCC92704EF2DDDD8BAC489] - 31/03/2012 - 10:10:40 ---A- . (...) -- C:\Windows\PFRO.log [82356]

O44 - LFC:[MD5.F9746B4ED3A71C80D4AA5C2D4B05D5EC] - 31/03/2012 - 10:07:35 ---A- . (...) -- C:\ComboFix.txt [29736]

O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 31/03/2012 - 10:06:22 ---A- . (...) -- C:\Windows\system.ini [215]

O44 - LFC:[MD5.0A3D815042644E048068635A421145E7] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [525544]

O44 - LFC:[MD5.ECE8A00251257396ECDBA84537C3A24D] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\java.exe [172320]

O44 - LFC:[MD5.36BB463CFDC39FCE5B1A13FA29BAE1BB] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [172320]

O44 - LFC:[MD5.0A3D815042644E048068635A421145E7] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [525544]

O44 - LFC:[MD5.ECE8A00251257396ECDBA84537C3A24D] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [172320]

O44 - LFC:[MD5.36BB463CFDC39FCE5B1A13FA29BAE1BB] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [172320]

O44 - LFC:[MD5.DE8EC7BA7E0BF239D5C2922D042B56A4] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [191264]

O44 - LFC:[MD5.DE8EC7BA7E0BF239D5C2922D042B56A4] - 31/03/2012 - 09:52:57 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [191264]

O44 - LFC:[MD5.F1C9DB5F7B2A56A0B29667D22BA540FC] - 31/03/2012 - 08:32:13 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [130760]

O44 - LFC:[MD5.248DB59FC86DE44D2779F4C7FB1A567D] - 31/03/2012 - 08:32:13 RSHAD . (.Avira GmbH - Avira Manager Driver.) -- C:\Windows\system32\drivers\avkmgr.sys [27760]

O44 - LFC:[MD5.AA8F79A1BDFC03B3BC70C44AB00589B4] - 31/03/2012 - 08:32:13 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [97312]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/03/2012 - 21:40:12 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.EF10AD3C98A06E6A502B19A8B71513D1] - 29/03/2012 - 21:35:59 ---A- . (...) -- C:\Windows\ntbtlog.txt [191326]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 RSHAD . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.E40BD09F9125CBB3EACD147786FF8F8D] - 28/03/2012 - 14:17:13 RSHAD . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [14224]

O44 - LFC:[MD5.A777C82BCF8B47BA1F6AD2290DF73A79] - 14/03/2012 - 17:57:36 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [2287664]

O44 - LFC:[MD5.A777C82BCF8B47BA1F6AD2290DF73A79] - 14/03/2012 - 17:57:36 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [2287664]

O44 - LFC:[MD5.9664BCBA769FACE40013A493BBEB47E1] - 14/03/2012 - 17:23:22 ---A- . (.pdfforge GbR - pdfcmon.) -- C:\Windows\SysNative\pdfcmon.dll [65024]

O44 - LFC:[MD5.9664BCBA769FACE40013A493BBEB47E1] - 14/03/2012 - 17:23:22 RSHAD . (.pdfforge GbR - pdfcmon.) -- C:\Windows\system32\pdfcmon.dll [65024]

~ Scan Files in 00mn 06s

 

 

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:[MD5.A2988EE32FA554B9023347E78E107FB8] - 28/03/2012 - 19:31:08 ---A- - C:\Windows\Prefetch\VLC.EXE-CC6F4A79.pf

O45 - LFCP:[MD5.8B884121814BCA8AB2DB60F7E86BC94C] - 30/03/2012 - 17:17:45 ---A- - C:\Windows\Prefetch\MPAS-D_BD1.EXE-97E29C40.pf

O45 - LFCP:[MD5.B68A1F95E718C846A598829849A93401] - 30/03/2012 - 17:17:45 ---A- - C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf

O45 - LFCP:[MD5.AA9A302A111A87E60541A230A7BD88A1] - 30/03/2012 - 19:06:29 ---A- - C:\Windows\Prefetch\Layout.ini

O45 - LFCP:[MD5.7C15FD7CE49F7677F85A33F144C043C9] - 30/03/2012 - 19:09:36 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf

O45 - LFCP:[MD5.8F88107E2F2A1D22405D6ECF91387335] - 30/03/2012 - 19:10:53 ---A- - C:\Windows\Prefetch\SF.BIN-0C95A5A6.pf

O45 - LFCP:[MD5.0319A703DB1D206473B1BE98992EDE14] - 30/03/2012 - 20:10:54 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1413474751-2073566379-3662516970-1001.db

O45 - LFCP:[MD5.CCFF018F8D948498071BAEA2EF046C99] - 30/03/2012 - 20:10:54 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1413474751-2073566379-3662516970-1001.db

O45 - LFCP:[MD5.FF64DACA4A5F91498D7678474FC3247D] - 30/03/2012 - 20:16:16 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf

O45 - LFCP:[MD5.9307C80BB0D847CBBD77947887533165] - 30/03/2012 - 20:16:23 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf

O45 - LFCP:[MD5.EBC8E040E6C70B934489730785F2C116] - 30/03/2012 - 20:17:52 ---A- - C:\Windows\Prefetch\TRACKIR5.EXE-BC0F8E38.pf

O45 - LFCP:[MD5.D33CDCEE570E47E95668231186C77B10] - 30/03/2012 - 21:24:57 ---A- - C:\Windows\Prefetch\LAUNCHER.EXE-FAEB250F.pf

O45 - LFCP:[MD5.D993C5D6E31A7BC994755F0E29CBA622] - 30/03/2012 - 21:25:11 ---A- - C:\Windows\Prefetch\PROTECT.EXE-F1F63AF2.pf

O45 - LFCP:[MD5.47FEC8EDF515E46D05D6C2EB05AB2C6C] - 30/03/2012 - 21:25:20 ---A- - C:\Windows\Prefetch\DCS.EXE-05137D8F.pf

O45 - LFCP:[MD5.AAF35A92709624703A5B78D45683900E] - 30/03/2012 - 22:55:48 ---A- - C:\Windows\Prefetch\EXCEL.EXE-16800A1F.pf

O45 - LFCP:[MD5.70AE6CD8A9D2179267C554C23D9AA4AC] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\E_S50RPB.EXE-74C1409B.pf

O45 - LFCP:[MD5.367459B4A8EF39487AB495B6A1E25985] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\NSVCAPPFLT.EXE-81337C33.pf

O45 - LFCP:[MD5.C8CC66A40B6EFBC247D315DF26423347] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf

O45 - LFCP:[MD5.F8D5341801E28171926ED2317513B03A] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf

O45 - LFCP:[MD5.FBF621F4566F3F95A27CDDA5B50A4F62] - 31/03/2012 - 07:46:09 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-61AE5AB6.pf

O45 - LFCP:[MD5.20823DBCBE87DFD26D34673D2940887A] - 31/03/2012 - 07:53:45 ---A- - C:\Windows\Prefetch\TRJSETUP682.EXE-82BE3D8F.pf

O45 - LFCP:[MD5.03C0DA089B10E9D290848027BEAF28D9] - 31/03/2012 - 07:53:45 ---A- - C:\Windows\Prefetch\TRJSETUP682.TMP-FB884462.pf

O45 - LFCP:[MD5.13B7146BD766F4D41F9B48FDA692C064] - 31/03/2012 - 07:57:28 ---A- - C:\Windows\Prefetch\LPKSETUP.EXE-90F505D8.pf

O45 - LFCP:[MD5.42119464BF43BBB33C7F17EA298CDFFA] - 31/03/2012 - 07:58:13 ---A- - C:\Windows\Prefetch\TRUPD.EXE-985F863A.pf

O45 - LFCP:[MD5.8C50B1D29DE7AC95BCD6AABF1F291263] - 31/03/2012 - 07:58:25 ---A- - C:\Windows\Prefetch\RMVTRJAN.EXE-B1391503.pf

O45 - LFCP:[MD5.4695E2ABDBBE513DCEACCC3F4E4B4437] - 31/03/2012 - 08:04:23 ---A- - C:\Windows\Prefetch\SF.BIN-E33A7813.pf

O45 - LFCP:[MD5.94EA782F9815F4868D9922E496E0A4AD] - 31/03/2012 - 08:04:23 ---A- - C:\Windows\Prefetch\TRJSCAN.EXE-7B2812D8.pf

O45 - LFCP:[MD5.A8A10AB38692877F1E0CCDCE19BB0B04] - 31/03/2012 - 08:28:39 ---A- - C:\Windows\Prefetch\ASWRUNDLL.EXE-08C9C8CB.pf

O45 - LFCP:[MD5.AB867BE291B54EA8017A96E0909497E3] - 31/03/2012 - 08:28:39 ---A- - C:\Windows\Prefetch\AVAST.SETUP-B1D66586.pf

O45 - LFCP:[MD5.904618FF591069F1F693C5D94AD7FE53] - 31/03/2012 - 08:28:39 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-97F6A314.pf

O45 - LFCP:[MD5.454A1BB39EEC509831B6567A53A1FE66] - 31/03/2012 - 08:28:41 ---A- - C:\Windows\Prefetch\CTFMON.EXE-5E5138CF.pf

O45 - LFCP:[MD5.47750DAE430399C9EF9A3A3BD7A0E6D1] - 31/03/2012 - 08:28:50 ---A- - C:\Windows\Prefetch\ASWREGSVR.EXE-AD27A91B.pf

O45 - LFCP:[MD5.71F01A7A2C3950212E61DF8EB2FF51ED] - 31/03/2012 - 08:28:50 ---A- - C:\Windows\Prefetch\ASWREGSVR64.EXE-9CD9EB4D.pf

O45 - LFCP:[MD5.2D7CBD182CEB15FCE7E8EEF5F21B7E7D] - 31/03/2012 - 08:28:50 ---A- - C:\Windows\Prefetch\VISTHAUX.EXE-E83618CB.pf

O45 - LFCP:[MD5.04F65F15378F2164BD69A8AC7CE51F60] - 31/03/2012 - 08:29:00 ---A- - C:\Windows\Prefetch\SIDEBAR.EXE-FA75EA61.pf

O45 - LFCP:[MD5.3549970F3FAC0CBABDE5C9C7530E2513] - 31/03/2012 - 08:31:43 ---A- - C:\Windows\Prefetch\AVIRA_FREE_ANTIVIRUS_FR.EXE-AD6DBE0D.pf

O45 - LFCP:[MD5.F9FD0533C6050C23C1CEB4A1EA4A9CAD] - 31/03/2012 - 08:31:49 ---A- - C:\Windows\Prefetch\PRESETUP.EXE-10CD3CD6.pf

O45 - LFCP:[MD5.DC2FC4749DDE8A2E85AF482A52D409CE] - 31/03/2012 - 08:31:49 ---A- - C:\Windows\Prefetch\VCREDIST_X86.EXE-079BBD13.pf

O45 - LFCP:[MD5.4E2241ECAE326FA4C413219E1D2EAC91] - 31/03/2012 - 08:31:50 ---A- - C:\Windows\Prefetch\SETUP.EXE-79651DD2.pf

O45 - LFCP:[MD5.68DE4BF0F26EB0EC5EF64A23CEB9BD0B] - 31/03/2012 - 08:32:00 ---A- - C:\Windows\Prefetch\APNSTUB.EXE-8B52B9C7.pf

O45 - LFCP:[MD5.92F7CD6A9758DE9F50D7C3B9BC9AA2A4] - 31/03/2012 - 08:32:07 ---A- - C:\Windows\Prefetch\SETUP.EXE-D00F1C0B.pf

O45 - LFCP:[MD5.6170209E9D58091C8461104E92F89ED4] - 31/03/2012 - 08:32:18 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf

O45 - LFCP:[MD5.301AE1221394D586037D0B72870A6CE5] - 31/03/2012 - 08:32:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F8A8DFEA.pf

O45 - LFCP:[MD5.3EE0A2BC1989147B5EDB11A35F06C66D] - 31/03/2012 - 08:32:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1095AF20.pf

O45 - LFCP:[MD5.0E50192A4C5E6CA6A1C23F5A4EAD37CD] - 31/03/2012 - 08:32:23 ---A- - C:\Windows\Prefetch\GRPCONV.EXE-B823222B.pf

O45 - LFCP:[MD5.EF45901D54FAA5D9C22A5B6C990E90CC] - 31/03/2012 - 08:32:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6B7884DC.pf

O45 - LFCP:[MD5.28B2A6C6FD31CE73AB16C5B4C391F8E5] - 31/03/2012 - 08:32:23 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-D0649312.pf

O45 - LFCP:[MD5.14A754BC9A745207B288998EA830C0BD] - 31/03/2012 - 08:32:24 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf

O45 - LFCP:[MD5.FE3FE01D7531D1CA9DB89BDEEFE85753] - 31/03/2012 - 08:32:42 ---A- - C:\Windows\Prefetch\SCHED.EXE-CD2C25D2.pf

O45 - LFCP:[MD5.A2C2FC1A6E30A06637EA76AB5734302B] - 31/03/2012 - 08:32:44 ---A- - C:\Windows\Prefetch\AVGNT.EXE-DB62B80F.pf

O45 - LFCP:[MD5.0039D571028B3A1CD1B6C03CA8D080F2] - 31/03/2012 - 08:32:47 ---A- - C:\Windows\Prefetch\AVCONFIG.EXE-1AA497F0.pf

O45 - LFCP:[MD5.3134538E6DE5F00048B0282B43700A09] - 31/03/2012 - 08:49:09 ---A- - C:\Windows\Prefetch\UPDATE.EXE-0D8A637E.pf

O45 - LFCP:[MD5.BE5482EB2C0E77738C3A6BCF863A5B25] - 31/03/2012 - 08:49:14 ---A- - C:\Windows\Prefetch\AVGUARD.EXE-6F6E0A09.pf

O45 - LFCP:[MD5.0EEBA31C4CF4430BF251528DDAC4839D] - 31/03/2012 - 08:49:27 ---A- - C:\Windows\Prefetch\AVSHADOW.EXE-04DD2548.pf

O45 - LFCP:[MD5.BC26C90B8F649A6BE0D619130C5BAA21] - 31/03/2012 - 08:57:18 ---A- - C:\Windows\Prefetch\AVNOTIFY.EXE-377AF47F.pf

O45 - LFCP:[MD5.AD3CBFD58DC1BBD94A037B13B7FEFCEA] - 31/03/2012 - 09:00:06 ---A- - C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf

O45 - LFCP:[MD5.218768090C58E96274776C3B869B97B8] - 31/03/2012 - 09:42:46 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf

O45 - LFCP:[MD5.80DE8F3CA4BFF93A6F58CAB1387DED70] - 31/03/2012 - 09:46:42 ---A- - C:\Windows\Prefetch\HOUSECALLLAUNCHER64.EXE-2D53FB76.pf

O45 - LFCP:[MD5.73CDB6B1134244A7D78780F4D7CA34EB] - 31/03/2012 - 09:46:42 ---A- - C:\Windows\Prefetch\SETUP.EXE-748742C3.pf

O45 - LFCP:[MD5.7E4B5CEA47B1222EEA647C79D6077A14] - 31/03/2012 - 09:52:42 ---A- - C:\Windows\Prefetch\MSIEEE4.TMP-69EBD6B3.pf

O45 - LFCP:[MD5.EF5FDBD27DAB87B42AEC651296582F2E] - 31/03/2012 - 09:52:43 ---A- - C:\Windows\Prefetch\JRE-6U31-WINDOWS-X64.EXE-F988C4A1.pf

O45 - LFCP:[MD5.625B4F2715C4D56F157D3220A9806ABE] - 31/03/2012 - 09:52:59 ---A- - C:\Windows\Prefetch\ZIPPER.EXE-45D9BE29.pf

O45 - LFCP:[MD5.F95A0CE2F0C8057150249CC64267CDBE] - 31/03/2012 - 09:53:07 ---A- - C:\Windows\Prefetch\UNPACK200.EXE-FB3B322C.pf

O45 - LFCP:[MD5.D7FEA64BAE2B9AD8E948D9B06DD986CD] - 31/03/2012 - 09:53:13 ---A- - C:\Windows\Prefetch\WMIC.EXE-A7D06383.pf

O45 - LFCP:[MD5.65BE07B42F21690B3D8B60BA4EBA758E] - 31/03/2012 - 09:53:15 ---A- - C:\Windows\Prefetch\JAVAW.EXE-91B81925.pf

O45 - LFCP:[MD5.36E3F74D624F488977589420C795ECA3] - 31/03/2012 - 09:53:15 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-5FA6EB7C.pf

O45 - LFCP:[MD5.47CC512319A0A0E6B359B2DF0F4E8689] - 31/03/2012 - 09:53:46 ---A- - C:\Windows\Prefetch\INSTALL_FLASHPLAYER11X64AX_CH-586643E0.pf

O45 - LFCP:[MD5.962EBE9E71900E8734A3038F214A1D8A] - 31/03/2012 - 09:53:49 ---A- - C:\Windows\Prefetch\GCCHECK.EXE-CE23CD34.pf

O45 - LFCP:[MD5.6207A87C6FA23E5BCDE4FC1DD0E23DDC] - 31/03/2012 - 09:53:56 ---A- - C:\Windows\Prefetch\INSTALL_FLASHPLAYER11X64AX_CH-D2CD7A77.pf

O45 - LFCP:[MD5.31F9B56745491CB92F7A3499CB5174A1] - 31/03/2012 - 09:54:06 ---A- - C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-4E0B06AE.pf

O45 - LFCP:[MD5.E972EBEAF2FD422D2F3F945D3DBA1256] - 31/03/2012 - 09:54:06 ---A- - C:\Windows\Prefetch\INSTALL_FLASH_PLAYER_AX_64BIT-2B1225D4.pf

O45 - LFCP:[MD5.420C2E048FEA9A6A7A1EC4551E26CB51] - 31/03/2012 - 10:02:56 ---A- - C:\Windows\Prefetch\GSAR.3XE-F59E1258.pf

O45 - LFCP:[MD5.2708392B420B184E344CF91E5E841FED] - 31/03/2012 - 10:02:56 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-812AD5F1.pf

O45 - LFCP:[MD5.8A08D49FBF58E7DFBE4E9B5549B1C7DA] - 31/03/2012 - 10:02:57 ---A- - C:\Windows\Prefetch\COMBOFIX.EXE-CE6CE69D.pf

O45 - LFCP:[MD5.08364D94F07024E54B4375DDDFE9E6E0] - 31/03/2012 - 10:02:57 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-0CECD92D.pf

O45 - LFCP:[MD5.D27F0A46B7B4872588BE5E967C44106D] - 31/03/2012 - 10:02:57 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-8F1B6CBC.pf

O45 - LFCP:[MD5.79E96F51A448E519D72F2478A604562C] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\CHCP.COM-198E8AEB.pf

O45 - LFCP:[MD5.6C75BF326B927D9F199DD82623236EF2] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-0FB3F22C.pf

O45 - LFCP:[MD5.04769E9D8A7C874B969A690093C57773] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\PEV.3XE-82BE176E.pf

O45 - LFCP:[MD5.163DEC77E468077012DE5DE4DF99F440] - 31/03/2012 - 10:02:58 ---A- - C:\Windows\Prefetch\SWREG.3XE-1E942DC7.pf

O45 - LFCP:[MD5.A4A4F955B12469D2B74637C3BBFDEF98] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\ATTRIB.3XE-66C70E35.pf

O45 - LFCP:[MD5.714B92AF0070DC9F895329D3A7C812AA] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\GREP.3XE-E3BCD30D.pf

O45 - LFCP:[MD5.3FEC01AFBD045918935E75DC4274923A] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\HANDLE.3XE-5CA81953.pf

O45 - LFCP:[MD5.235B7CC6190E6593D1E60B5749AD27A9] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\HANDLE64.EXE-B98BED5F.pf

O45 - LFCP:[MD5.7CCF3434AD31F44E3D0AF191BDDC2BE4] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\RMBR.3XE-8E283306.pf

O45 - LFCP:[MD5.DEFDAAF1A9FEFA9EB2784FACB73D769A] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\SED.3XE-A9B5A7B3.pf

O45 - LFCP:[MD5.747842FFC8EC1DD58A308BF3B6A99070] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\SWSC.3XE-095C34C7.pf

O45 - LFCP:[MD5.AB133E13A87517B04052E2D0434102BE] - 31/03/2012 - 10:02:59 ---A- - C:\Windows\Prefetch\SWXCACLS.3XE-B9DEC87F.pf

O45 - LFCP:[MD5.1DFD5B4323E3EFB9F2E54DAB362A6950] - 31/03/2012 - 10:03:00 ---A- - C:\Windows\Prefetch\HIDEC.3XE-C4B9CB00.pf

O45 - LFCP:[MD5.CE9DF9F59F4FF88CA04C937D923C9726] - 31/03/2012 - 10:03:00 ---A- - C:\Windows\Prefetch\NIRCMD.3XE-EFCBB560.pf

O45 - LFCP:[MD5.0AE5FAC7B75CCAE724BCE63B788C97F2] - 31/03/2012 - 10:03:09 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf

O45 - LFCP:[MD5.E3E227A10AAA36DBD7907937631E2904] - 31/03/2012 - 10:06:43 ---A- - C:\Windows\Prefetch\FINDSTR.EXE-6C611AA6.pf

O45 - LFCP:[MD5.A0F6E834F2E58317F472234768F4189C] - 31/03/2012 - 10:07:35 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf

O45 - LFCP:[MD5.D0AF5E3B35938435B888D0D0366EBBE1] - 31/03/2012 - 10:09:32 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf

O45 - LFCP:[MD5.383F29AD3B05B7480F692AA0CEABF555] - 31/03/2012 - 10:09:50 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin

O45 - LFCP:[MD5.A3944577D8A4C8EE41A0322CFFE8595A] - 31/03/2012 - 10:11:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C775D18D.pf

O45 - LFCP:[MD5.FAE270CFAA103F6B029B71583B6C60B7] - 31/03/2012 - 10:11:47 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf

O45 - LFCP:[MD5.FD4EBF765C0039FE4A18DA84B5ED5B6A] - 31/03/2012 - 10:12:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf

O45 - LFCP:[MD5.924FB0FCA2194B1D2CF8153EED6589C1] - 31/03/2012 - 10:12:02 ---A- - C:\Windows\Prefetch\TS3CLIENT_WIN64.EXE-2DCC7207.pf

O45 - LFCP:[MD5.F9C1B9E3C504246EDB35003960453C6A] - 31/03/2012 - 10:12:27 ---A- - C:\Windows\Prefetch\IPMGUI.EXE-F9CAB886.pf

O45 - LFCP:[MD5.445B4303B6E16B519D019B85DE4B8DCB] - 31/03/2012 - 10:13:08 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf

O45 - LFCP:[MD5.0D3EAEEC1D0B4F9BB29D73B70FDF60EA] - 31/03/2012 - 10:13:09 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-57D17DAF.pf

O45 - LFCP:[MD5.07E469309C655321D5E676512F42EFAE] - 31/03/2012 - 10:13:16 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf

O45 - LFCP:[MD5.86DF185509B3309EFCA0BEE975DA5EAD] - 31/03/2012 - 10:13:20 ---A- - C:\Windows\Prefetch\LMS.EXE-8C70F87D.pf

O45 - LFCP:[MD5.A35C389E3AFC1AA7173294B99F7D3443] - 31/03/2012 - 10:13:21 ---A- - C:\Windows\Prefetch\DAEMONU.EXE-B668DD96.pf

O45 - LFCP:[MD5.EC7CC63E45EA6C427DAC3EC183539CEC] - 31/03/2012 - 10:13:31 ---A- - C:\Windows\Prefetch\SSCHK.EXE-E1678DC3.pf

O45 - LFCP:[MD5.35346B888944FC39F2531C7A8C57693B] - 31/03/2012 - 10:14:05 ---A- - C:\Windows\Prefetch\UNS.EXE-E6E49771.pf

O45 - LFCP:[MD5.2051FA219FBA06E0B2C3A19EAA322E47] - 31/03/2012 - 10:14:56 ---A- - C:\Windows\Prefetch\AVCENTER.EXE-FD66D2A7.pf

O45 - LFCP:[MD5.75699C70CF746358A4FFA573B8F1CE3C] - 31/03/2012 - 10:15:13 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf

O45 - LFCP:[MD5.1DE5E7CFC6FE3AA65EC4EFF9A7684EB2] - 31/03/2012 - 10:17:54 ---A- - C:\Windows\Prefetch\AVSCAN.EXE-EDA6668B.pf

O45 - LFCP:[MD5.C920FD85E92DD0FBE3F90DF0558A5CC5] - 31/03/2012 - 10:22:20 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-1605FA5B.pf

O45 - LFCP:[MD5.6A4FF87DE4E9DFBF085D7ACD80DC766C] - 31/03/2012 - 10:24:00 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf

O45 - LFCP:[MD5.84AC91AF8307D8B6CD50DAA850C98AED] - 31/03/2012 - 10:25:24 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf

O45 - LFCP:[MD5.FA610FDB66B597F561EA727C2EF4BDE5] - 31/03/2012 - 10:25:24 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf

O45 - LFCP:[MD5.CFC22B2F31DCFEA79CA1C677CCDE1B47] - 31/03/2012 - 10:30:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf

O45 - LFCP:[MD5.F924479B56C114FEF8A7F979109AE7B1] - 31/03/2012 - 10:30:41 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf

O45 - LFCP:[MD5.71DCE53E0A7A261E128152C4173DDF02] - 31/03/2012 - 10:30:50 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf

O45 - LFCP:[MD5.44595D80271C9F9DDE81741244A77AA7] - 31/03/2012 - 10:31:09 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-E09A077A.pf

O45 - LFCP:[MD5.FCA1D66DB6AA136EBF623460A532AD44] - 31/03/2012 - 10:32:19 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf

O45 - LFCP:[MD5.537562514B7E0A96247B5AB83D3559BC] - 31/03/2012 - 10:32:52 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf

O45 - LFCP:[MD5.3D8CBDB0D906446B44A824D292690286] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db

O45 - LFCP:[MD5.648AA20450FFE378C228F5CB369A4D16] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db

O45 - LFCP:[MD5.EEE316F19220C21B92A23090E166B2E7] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db

O45 - LFCP:[MD5.A6E3E1E08B4A1463A02B5D8E683902EC] - 31/03/2012 - 10:51:51 ---A- - C:\Windows\Prefetch\AgRobust.db

O45 - LFCP:[MD5.1798982D92D57B1DEE24E3C80FBA056C] - 31/03/2012 - 10:58:44 ---A- - C:\Windows\Prefetch\OPERA.EXE-55C580CF.pf

O45 - LFCP:[MD5.ADB4BC2B3C68883B6CEF317FC99D96F4] - 31/03/2012 - 11:05:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf

O45 - LFCP:[MD5.65B34B2FA2D60C1A589491689A52C723] - 31/03/2012 - 11:08:21 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf

O45 - LFCP:[MD5.BF90D6AB737A610286997E76BD4DC2E2] - 31/03/2012 - 11:08:26 ---A- - C:\Windows\Prefetch\MBAM.EXE-80210E2F.pf

O45 - LFCP:[MD5.84DB54BD8F9C0A5BC45090A60941D159] - 31/03/2012 - 11:10:20 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-86E0E9B9.pf

O45 - LFCP:[MD5.6D6F2E4EFAD841B4EBD61D68F8DC3A14] - 31/03/2012 - 11:15:03 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf

O45 - LFCP:[MD5.3D51A1A7A9009BA629849DB978B9FC22] - 31/03/2012 - 11:19:01 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-216D9C35.pf

O45 - LFCP:[MD5.D7F3A276A5198CB6A04EBBCAE1C71007] - 31/03/2012 - 11:19:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf

O45 - LFCP:[MD5.A966CD679E1FBDA9D7D4010F75F6EE84] - 31/03/2012 - 11:23:23 ---A- - C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf

O45 - LFCP:[MD5.F251DAE62EE86924B4D554064054D2A6] - 31/03/2012 - 11:24:32 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf

O45 - LFCP:[MD5.F9B3161A158F786AA3176195CC36D8AE] - 31/03/2012 - 11:26:17 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf

O45 - LFCP:[MD5.83D0916B1D24B508D4E16122A136707F] - 31/03/2012 - 11:26:19 ---A- - C:\Windows\Prefetch\CMD.EXE-AC113AA8.pf

~ Scan Prefetcher in 00mn 00s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51) (None)

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\system32\frapsv64.dll

O52 - TDSD: \Drivers32\"VIDC.XFR1"="xfcodec64.dll" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll

O52 - TDSD: \Drivers32\"msacm.l3pacm"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \Drivers32\"msacm.aacacm"="AACACM.acm" . (.fccHandler - AAC ACM Codec.) -- C:\Windows\system32\AACACM.acm

O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\system32\lameACM.acm

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\system32\lagarith.dll

O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\system32\ff_vfw.dll

O52 - TDSD: \Drivers32\"msacm.avis"="ff_acm.acm" . (.Pas de propriétaire - ffdshow ACM codec.) -- C:\Windows\system32\ff_acm.acm

O52 - TDSD: \Drivers32\"vidc.x264"="x264vfw.dll" . (...) -- C:\Windows\system32\x264vfw.dll

O52 - TDSD: \Drivers32\"msacm.ac3filter"="ac3filter.acm" . (...) -- C:\Windows\system32\ac3filter.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\system32\frapsv64.dll

O52 - TDSD: \drivers.desc\"xfcodec64.dll"="Xfire video codec [XFR1]" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll

O52 - TDSD: \drivers.desc\"l3codecp.acm"="Fraunhofer IIS MPEG Layer-3 Codec Professional" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm

O52 - TDSD: \drivers.desc\"aacacm.acm"="AAC ACM Codec" . (.fccHandler - AAC ACM Codec.) -- C:\Windows\system32\aacacm.acm

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm

O52 - TDSD: \drivers.desc\"lameacm.acm"="Lame MP3 CODEC v0.91" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\system32\lagarith.dll

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\system32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"ff_acm.acm"="ffdshow ACM codec" . (.Pas de propriétaire - ffdshow ACM codec.) -- C:\Windows\system32\ff_acm.acm

O52 - TDSD: \drivers.desc\"x264vfw.dll"="x264 H.264 Video Codec" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"ac3filter.acm"="AC3Filter ACM codec" . (...) -- C:\Windows\system32\ac3filter.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\Advanced SystemCare 4 [Key] . (...) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\BootStartBRC [Key] . (.TODO: <Company name> - TODO: <File description>.) -- C:\Program Files (x86)\MSI\BiosRomCheck\BootStartBiosRomCheck.exe

O53 - SMSR:HKLM\...\startupreg\DelReg [Key] . (...) -- C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\EEventManager [Key] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

O53 - SMSR:HKLM\...\startupreg\Live Update 5 [Key] . (...) -- C:\Program Files (x86)\MSI\Live Update 5\LU5.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\LogMeIn Hamachi Ui [Key] . (...) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\NUSB3MON [Key] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

O53 - SMSR:HKLM\...\startupreg\Super-Charger [Key] . (...) -- C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (.not file.)

~ Scan SMSR Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.DBB487D09F56C674430AC454FD8BCAB9] - 06/06/2011 - 14:07:00 RSHAD . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW76.sys [231440]

O58 - SDL:[MD5.DCC8177244FE79C61C4E73C65E63922A] - 27/01/2011 - 23:37:22 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9085952]

O58 - SDL:[MD5.7FE67D107329DC2CF89136A8E19BCEB7] - 26/01/2011 - 22:13:34 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [299520]

O58 - SDL:[MD5.AA8F79A1BDFC03B3BC70C44AB00589B4] - 01/12/2011 - 16:55:27 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [97312]

O58 - SDL:[MD5.F1C9DB5F7B2A56A0B29667D22BA540FC] - 01/12/2011 - 16:55:27 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [130760]

O58 - SDL:[MD5.248DB59FC86DE44D2779F4C7FB1A567D] - 01/12/2011 - 16:55:27 RSHAD . (.Avira GmbH - Avira Manager Driver.) -- C:\Windows\system32\drivers\avkmgr.sys [27760]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.952AC62074718C8F04F053E5073EEB45] - 30/06/2011 - 10:07:26 RSHAD . (.Raxco Software, Inc. - Defragmentation Support Driver.) -- C:\Windows\system32\drivers\DefragFs.sys [140816]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 30/12/1899 - 16:35:42 RSHAD . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\system32\drivers\hamachi.sys [33856]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - 19/10/2010 - 09:34:26 RSHAD . (.Intel Corporation - Intel® Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys [56344]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.79DA94B35371B9E7104460C7693DCB2C] - 10/12/2011 - 15:24:08 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [23152]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.BAA293F089077FE71F855BA5649648D9] - 14/03/2011 - 10:29:46 RSHAD . (.Marvell Semiconductor Inc. - Marvell 91xx Confige Device Driver.) -- C:\Windows\system32\drivers\mv91cons.sys [24880]

O58 - SDL:[MD5.A986DC81534582FA478C286E8F57A877] - 14/03/2011 - 10:29:46 RSHAD . (.Marvell Semiconductor, Inc. - Marvell magni Windows Driver.) -- C:\Windows\system32\drivers\mvs91xx.sys [313136]

O58 - SDL:[MD5.56447FC94ED202A0725AD1FBF0DA5655] - 14/03/2011 - 10:29:46 RSHAD . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\Windows\system32\drivers\mvxxmm.sys [14128]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.95A2AB418251A3B2A2571CDE880B80D0] - 17/12/2009 - 17:49:02 RSHAD . (.Pas de propriétaire - Generic USB Driver.) -- C:\Windows\system32\drivers\npusbio_x64.sys [45600]

O58 - SDL:[MD5.0EBC9D13CD96C15B1B18D8678A609E4B] - 10/02/2011 - 13:52:34 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\Windows\system32\drivers\nusb3hub.sys [82432]

O58 - SDL:[MD5.7BDEC000D56D485021D9C1E63C2F81CA] - 10/02/2011 - 13:52:34 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\Windows\system32\drivers\nusb3xhc.sys [181760]

O58 - SDL:[MD5.10204955027011E08A9DC27737A48A54] - 08/07/2011 - 00:21:28 RSHAD . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [174184]

O58 - SDL:[MD5.B15258B1F45F9571758AC6BB2F043B01] - 15/10/2011 - 09:53:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 285.62.) -- C:\Windows\system32\drivers\nvlddmkm.sys [12971840]

O58 - SDL:[MD5.A85B4F2EF3A7304A5399EF0526423040] - 10/06/2009 - 21:35:35 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm62x64.sys [408960]

O58 - SDL:[MD5.BD25E03EAD63AC3365F25175B4DBD56A] - 04/03/2010 - 17:26:58 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmf6264.sys [349416]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.71B6ECD3C56FBF12FB1968DA3953B703] - 09/04/2010 - 01:33:48 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor64.sys [244328]

O58 - SDL:[MD5.B51F48A4BC09F9E2CA9334BD9251051C] - 30/06/2011 - 10:08:24 RSHAD . (.Raxco Software, Inc. - PerfectDisk OptiWrite Filter Driver for Server.) -- C:\Windows\system32\drivers\PDFsFilter.sys [79888]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.9140DB0911DE035FED0A9A77A2D156EA] - 23/08/2011 - 21:57:24 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [565352]

O58 - SDL:[MD5.EB5FA493A4B6EA290200AE39EBA2FBC6] - 28/06/2011 - 18:15:22 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2905832]

O58 - SDL:[MD5.B3B86BE19A0CAF025F679C39FD21E735] - 10/08/2010 - 07:43:14 RSHAD . (.Saitek - Smart Technology Helpers.) -- C:\Windows\system32\drivers\SaiBus.sys [50056]

O58 - SDL:[MD5.248ABD858FF7DCC966E5A54529DDD225] - 01/05/2007 - 15:10:50 RSHAD . (.Saitek - Saitek Hid Driver.) -- C:\Windows\system32\drivers\SaiH075C.sys [171144]

O58 - SDL:[MD5.9E7E53891D1747A01F491AB25B95135D] - 10/08/2010 - 07:43:14 RSHAD . (.Saitek - Saitek Magic Mini Driver.) -- C:\Windows\system32\drivers\SaiMini.sys [22792]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - 14/07/2009 - 01:00:40 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\serial.sys [94208]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/03/2011 - 00:00:00 RSHAD . (...) -- C:\Windows\system32\drivers\sptd.sys [526392]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 28/03/2012 - 08:57:24 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\reflist.dta [756683]

O61 - LFC:Last File Created 28/03/2012 - 09:03:46 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist33.dta [20842]

O61 - LFC:Last File Created 28/03/2012 - 17:53:15 ---A- C:\Users\ianick\Documents\++Demonoid.me++-Humans_Vs_Zombies[uK_2012].torrent [17227]

O61 - LFC:Last File Created 28/03/2012 - 17:54:00 ---A- C:\Users\ianick\Documents\_-Demonoid.me-_The_Divide_2011_LIMITED_DVDRip_XviD_SPARKS.torrent [28521]

O61 - LFC:Last File Created 28/03/2012 - 17:54:43 ---A- C:\Users\ianick\Documents\The_Divide_2011_Limited_BRRip_XViD_DTRG_o-Demonoid.me-o.torrent [8623]

O61 - LFC:Last File Created 28/03/2012 - 17:59:19 ---A- C:\Users\ianick\AppData\Roaming\.BitTornado\datacache\92b5fb3b296fb6d8e7f35cea75f443ac6330dc29 [625]

O61 - LFC:Last File Created 28/03/2012 - 18:29:38 ---A- C:\Users\ianick\AppData\Roaming\.BitTornado\datacache\9687f1b7b58e4eb6c55e900be0533cd1d82c747f [369]

O61 - LFC:Last File Created 29/03/2012 - 08:54:30 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist5.dta [12313]

O61 - LFC:Last File Created 29/03/2012 - 08:57:10 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist3.dta [986753]

O61 - LFC:Last File Created 29/03/2012 - 08:57:28 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trjlist2.dta [4896476]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\49280E749D7318EA369BC7E61369C34AD2D22859.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\76C30565F803F2587F156A8344E4091992D31B27.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\8F903698240FE799F61EEDA8595181137B996156.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\9A7DEE2B537712BEF484CBD9E4DDBF88C78F436C.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 10:20:40 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\9F67B1C289A5B5DB7B32844AF679E758541D101B.heu [150]

O61 - LFC:Last File Created 29/03/2012 - 20:25:49 ---A- C:\Users\ianick\AppData\Local\ars.cache [100292]

O61 - LFC:Last File Created 29/03/2012 - 20:25:56 ---A- C:\Users\ianick\AppData\Local\census.cache [8702764]

O61 - LFC:Last File Created 29/03/2012 - 20:28:03 ---A- C:\Users\ianick\Documents\cc_20120329_212801.reg [4736]

O61 - LFC:Last File Created 29/03/2012 - 20:28:19 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\database.conf [432]

O61 - LFC:Last File Created 29/03/2012 - 20:28:19 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [6762931]

O61 - LFC:Last File Created 29/03/2012 - 21:39:14 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2012-03-29 (22-37-03).txt [2420]

O61 - LFC:Last File Created 29/03/2012 - 21:39:14 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\5400660434.data [827]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\381814F6F5270FFBB27E244D6138BC023AF911D5.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\440AE73B017A477382DEFF7C0DBE4896FED21079.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\6344DCC80A9A6A3676DCEA0C92C8C45EFD2F3220.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\6DDB94AE3365798230849FA0F931AC132FE417D1.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\871F12AF0853C06E4EB80A1CCAB295CEADBB817A.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:28:52 ---A- C:\Users\ianick\AppData\Roaming\Adobe\Flash Player\AssetCache\HHKU6394\C3306B26751D6A80EB1FCB651912469AE18819AB.heu [149]

O61 - LFC:Last File Created 30/03/2012 - 17:31:42 ---A- C:\Users\ianick\Documents\The_Darkest_Hour_2011_720p_BRRip_x264_AC3_26K-((Demonoid.me)).torrent [18490]

O61 - LFC:Last File Created 30/03/2012 - 17:32:47 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\icons\dummy.png [109]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_1177422720 [1214]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_1929163517 [554]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_2149473910 [864]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_2434057376 [1003]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_2823772069 [587]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_3099917632 [755]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_4197495538 [1036]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_633869308 [833]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\icons\icon_964440565 [795]

O61 - LFC:Last File Created 30/03/2012 - 20:16:38 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\remote\img75.xooimage.com\files\5\4\5\a10-petit-312b193.jpg [805]

O61 - LFC:Last File Created 30/03/2012 - 20:16:39 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\remote\img67.xooimage.com\files\a\b\b\banniere-ts-2-3165053.gif [614716]

O61 - LFC:Last File Created 30/03/2012 - 20:16:40 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\remote\img7.xooimage.com\files\6\5\5\a10-entete-312a8fe.jpg [37437]

O61 - LFC:Last File Created 30/03/2012 - 20:16:54 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\channel.txt [8987]

O61 - LFC:Last File Created 30/03/2012 - 20:43:45 ---A- C:\Users\ianick\Saved Games\DCS Warthog\ScreenShots\Screen_120330_214345.jpg [123408]

O61 - LFC:Last File Created 30/03/2012 - 21:18:03 ---A- C:\Users\ianick\Documents\Tacview\Tacview-20120330-211933.txt.acmi [12523746]

O61 - LFC:Last File Created 30/03/2012 - 21:18:05 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Tracks\Multiplayer\client-20120330-211855.trk [11177250]

O61 - LFC:Last File Created 30/03/2012 - 21:20:40 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Missions\on garde maykop.miz [888075]

O61 - LFC:Last File Created 30/03/2012 - 21:23:02 ---A- C:\Users\ianick\Saved Games\DCS Warthog\MissionEditor\layers.lua [277]

O61 - LFC:Last File Created 30/03/2012 - 21:23:25 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Missions\on garde maykop-jour.miz [891105]

O61 - LFC:Last File Created 30/03/2012 - 21:23:27 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Logs\me.log.old [9011]

O61 - LFC:Last File Created 30/03/2012 - 21:24:46 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Logs\dcs.log.old [5920]

O61 - LFC:Last File Created 30/03/2012 - 21:25:07 ---A- C:\Users\ianick\Saved Games\DCS Warthog\MissionEditor\temp_options.lua [2152]

O61 - LFC:Last File Created 30/03/2012 - 21:25:08 ---A- C:\Users\ianick\Saved Games\DCS Warthog\MissionEditor\gdoptions.v2.lua [768]

O61 - LFC:Last File Created 30/03/2012 - 22:42:52 ---A- C:\Users\ianick\Documents\Tacview\Tacview-20120330-222604.txt.acmi [109397397]

O61 - LFC:Last File Created 30/03/2012 - 22:42:54 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Config\network.cfg [1246]

O61 - LFC:Last File Created 30/03/2012 - 22:42:54 ---A- C:\Users\ianick\Saved Games\DCS Warthog\Tracks\Multiplayer\server-20120330-222551.trk [13456481]

O61 - LFC:Last File Created 30/03/2012 - 22:43:24 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\server.html [512402]

O61 - LFC:Last File Created 30/03/2012 - 22:54:15 ---A- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Excel12.pip [1552]

O61 - LFC:Last File Created 30/03/2012 - 22:54:15 ---A- C:\Users\ianick\Documents\SYNTHESE MENSUELLE ACT VM MEDIFLOR .xls [27648]

O61 - LFC:Last File Created 30/03/2012 - 22:55:46 ---A- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Recent\Mes documents.LNK [590]

O61 - LFC:Last File Created 30/03/2012 - 22:55:46 ---A- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Recent\SYNTHESE MENSUELLE ACT VM MEDIFLOR .LNK [862]

O61 - LFC:Last File Created 30/12/1899 - 10:09:48 --HA- C:\Users\ianick\AppData\Local\IconCache.db [1602333]

O61 - LFC:Last File Created 30/12/1899 - 22:55:46 --H-- C:\Users\ianick\AppData\Roaming\Microsoft\Office\Recent\index.dat [82]

O61 - LFC:Last File Created 31/03/2012 - 07:50:37 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\local.conf [538]

O61 - LFC:Last File Created 31/03/2012 - 07:53:31 ---A- C:\Users\ianick\Documents\trjsetup682.exe [10491128]

O61 - LFC:Last File Created 31/03/2012 - 07:55:15 ---A- C:\Users\All Users\Simply Super Software\Trojan Remover\Data\trweb1.dta [778]

O61 - LFC:Last File Created 31/03/2012 - 07:58:12 ---A- C:\Users\ianick\Documents\Simply Super Software\Trojan Remover Logfiles\UPDLOG.TXT [5023]

O61 - LFC:Last File Created 31/03/2012 - 08:01:58 ---A- C:\Users\ianick\AppData\Roaming\Simply Super Software\Trojan Remover\exclude.dta [93]

O61 - LFC:Last File Created 31/03/2012 - 08:03:36 ---A- C:\Users\ianick\Documents\Simply Super Software\Trojan Remover Logfiles\TRLOG.TXT [40399]

O61 - LFC:Last File Created 31/03/2012 - 08:27:29 ---A- C:\Users\ianick\Documents\avira_free_antivirus_fr.exe [86855160]

O61 - LFC:Last File Created 31/03/2012 - 08:30:01 ---A- C:\Users\All Users\NVIDIA\Resource.old [1071764]

O61 - LFC:Last File Created 31/03/2012 - 08:56:51 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\channels\cache.dat [4]

O61 - LFC:Last File Created 31/03/2012 - 08:56:51 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\perm.dat [79438]

O61 - LFC:Last File Created 31/03/2012 - 08:56:52 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\Q3p6TTVXRVdQd3I1VTErYVBHc0NIVWptQ2NnPQ==\channel.html [71782]

O61 - LFC:Last File Created 31/03/2012 - 10:03:33 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\channels\cache.dat [4]

O61 - LFC:Last File Created 31/03/2012 - 10:03:33 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\cache\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\perm.dat [79438]

O61 - LFC:Last File Created 31/03/2012 - 10:03:42 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\resolved.dat [188]

O61 - LFC:Last File Created 31/03/2012 - 10:03:42 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\subscribemode.dat [4]

O61 - LFC:Last File Created 31/03/2012 - 10:03:43 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\channel.html [48953]

O61 - LFC:Last File Created 31/03/2012 - 10:03:43 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\server.html [201367]

O61 - LFC:Last File Created 31/03/2012 - 10:09:41 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\0936043783.data [827]

O61 - LFC:Last File Created 31/03/2012 - 10:09:42 ---A- C:\Users\ianick\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2012-03-31 (11-08-53).txt [2360]

O61 - LFC:Last File Created 31/03/2012 - 10:09:50 ---A- C:\Users\All Users\NVIDIA\Updatus\updtConfig.xml [2376]

O61 - LFC:Last File Created 31/03/2012 - 10:09:53 ---A- C:\Users\All Users\NVIDIA\Updatus\updtclient.log.bak [205]

O61 - LFC:Last File Created 31/03/2012 - 10:10:47 ---A- C:\Users\All Users\NVIDIA\Resource.dat [1071764]

O61 - LFC:Last File Created 31/03/2012 - 10:11:00 ---A- C:\Users\All Users\EPSON\STM3\E_S40ST.LOG [29486]

O61 - LFC:Last File Created 31/03/2012 - 10:11:52 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\ts3clientui_qt.conf [6458]

O61 - LFC:Last File Created 31/03/2012 - 10:13:14 ---A- C:\Users\All Users\NVIDIA\Updatus\journalBS.jour.dat [0]

O61 - LFC:Last File Created 31/03/2012 - 10:32:17 ---A- C:\Users\ianick\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20120331_113213876-Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-MSP0.txt [359008]

O61 - LFC:Last File Created 31/03/2012 - 10:32:18 ---A- C:\Users\ianick\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20120331_113213876.html [77170]

O61 - LFC:Last File Created 31/03/2012 - 10:54:43 ---A- C:\Users\ianick\AppData\Roaming\TS3Client\chats\R3BSMkxZR2pXeDBwTkY5YmhsL3VqVVE2UFZvPQ==\channel.txt [3196]

O61 - LFC:Last File Created 31/03/2012 - 11:08:22 ---A- C:\Users\ianick\AppData\Local\Temp\~DF9991803370E68161.TMP [180224]

~ Scan Files in 00mn 11s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 26/01/2011 - C:\Windows\system32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG

O64 - Services: CurCS - 01/12/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 01/12/2011 - C:\Windows\system32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - 01/12/2011 - C:\Windows\system32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira GmbH - Avira Manager Driver.) - LEGACY_AVKMGR

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\DefragFS.sys (DefragFS) .(.Raxco Software, Inc. - Defragmentation Support Driver.) - LEGACY_DEFRAGFS

O64 - Services: CurCS - 14/03/2011 - C:\Windows\system32\DRIVERS\mv91cons.sys (mv91cons) .(.Marvell Semiconductor Inc. - Marvell 91xx Confige Device Driver.) - LEGACY_MV91CONS

O64 - Services: CurCS - 06/10/2009 - C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys (NTIOLib_1_0_1) .(.MSI - NTIOLib.) - LEGACY_NTIOLIB_1_0_1

O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvstor.sys (nvstor) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR

O64 - Services: CurCS - 09/04/2010 - C:\Windows\system32\DRIVERS\nvstor64.sys (nvstor64) .(.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) - LEGACY_NVSTOR64

O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\PDFsFilter.sys (PDFSFilter) .(.Raxco Software, Inc. - PerfectDisk OptiWrite Filter Driver for Ser.) - LEGACY_PDFSFILTER

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD

~ Scan Services in 00mn 00s

 

 

 

---\\ Liste des fichiers non signés (O65) (None)

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <Opera.HTML>[HKCR\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (.not file.)

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - Babylon Search

O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://isearch.avg.com

~ Scan Keys in 00mn 00s

 

 

 

---\\ Crack & Keygen Files (O82)

D:\dcs\cracked earth noise.rar

D:\programs\Adobe Premiere Pro CS3\Keygen-Activator\Free Full Downloads and MORE -- www.TheViperFiles.com.url

~ Scan Files in 00mn 50s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\system32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\system32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\system32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\system32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\system32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\system32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\system32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\system32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\system32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\system32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2420736]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\system32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\system32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\system32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\system32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\system32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\system32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\system32\bdesvc.dll [100864]

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\system32\appmgmts.dll [193536]

~ Scan Services in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.5FC9A9215F9265B199A282F584CAAADD] [sPRF][26/03/2012] (.Swearware - ComboFix NSIS Installer.) -- C:\Users\ianick\Desktop\ComboFix.exe [4445462]

[MD5.9C85B2AD333C2642C1906DB6A7CD5AA6] [sPRF][06/10/2011] (.Trend Micro Inc. - Trend Micro Application Launcher.) -- C:\Users\ianick\Desktop\HousecallLauncher64.exe [2405672]

~ Scan Files in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{ADADEB6C-6967-4D7E-9844-3DB3994482D9}" | In - Private - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{8D217B1C-EF8D-4E4F-AF14-A230668214F0}" | In - Private - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{9616693B-0345-4F55-A946-13DBDB6CCC47}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "{3909E8CA-2B0D-4117-9231-6716DCACAB99}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "TCP Query User{759D48F2-97D3-45AB-92CD-568202C9F7EF}C:\program files (x86)\bittornado\btdownloadgui.exe" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\BitTornado\btdownloadgui.exe

O87 - FAEL: "UDP Query User{DA8418E9-F256-45C4-AECC-816437A7DB5F}C:\program files (x86)\bittornado\btdownloadgui.exe" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\BitTornado\btdownloadgui.exe

O87 - FAEL: "TCP Query User{8DE6587A-7A87-4063-93CE-4A839206A2EB}C:\program files (x86)\steam\steam.exe" | In - Public - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "UDP Query User{7DFD28EA-14FC-48DA-A5FC-DA5E5248A6B0}C:\program files (x86)\steam\steam.exe" | In - Public - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "{8AC086F4-6CF8-4FF3-B80F-62D33F3A0F2C}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{2237D9E3-D494-4D78-90C5-E4976ED6B3EC}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{0F3884DD-3FE6-4C29-8A0E-187B1C84CF9D}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{ABF9E497-BADF-498A-9FF9-EDCFE3075C9F}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{4FBB4F5F-CB23-4B34-8BC8-22F692365121}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "{46A25C0C-9E46-4274-970B-8B2F19E4E932}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "TCP Query User{CF5951E8-9EC2-41C2-BA2C-B83FBDE712BF}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Public - P6 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEvent

O87 - FAEL: "UDP Query User{CBABAE23-8DBB-44E3-8171-A04972193FD8}C:\program files (x86)\epson software\event manager\eeventmanager.exe" | In - Public - P17 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEven

O87 - FAEL: "{25BDE866-3506-4309-8F58-E69E202A3F97}" | In - Public - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "{E46BF626-7B1E-4627-B66A-4363DB2B32A8}" | In - Public - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe

O87 - FAEL: "TCP Query User{FFCDCDE6-CA50-4FFB-B838-5CC26D5EBD3D}C:\program files (x86)\soulseekns\slsk.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - SoulSeek.) -- C:\Program Files (x86)\SoulseekNS\slsk.exe

O87 - FAEL: "UDP Query User{B0664460-9D68-4EDB-81F1-95FF9D02EAD0}C:\program files (x86)\soulseekns\slsk.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - SoulSeek.) -- C:\Program Files (x86)\SoulseekNS\slsk.exe

O87 - FAEL: "TCP Query User{8B25CE4B-B445-4315-8E8D-642DBFA315F2}C:\program files (x86)\xfire\xfire.exe" | In - Private - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "UDP Query User{B2479461-D8B3-4829-B28B-174183402309}C:\program files (x86)\xfire\xfire.exe" | In - Private - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "{F125AE5B-E106-4222-9A40-2AF51BFE0E86}" | In - Public - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "{81DD2A89-91AE-4473-93E7-8B8CAEDA4F29}" | In - Public - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- C:\Program Files (x86)\Xfire\Xfire.exe

O87 - FAEL: "TCP Query User{8349179F-B2DF-4E0A-90BD-C62C8E303164}C:\dcs-a10c-warthog\dcs a-10c\bin\dcs.exe" | In - Public - P6 - TRUE | .(.Eagle Dynamics - DCS.) -- C:\dcs-a10c-warthog\DCS A-10C\bin\DCS.exe

O87 - FAEL: "UDP Query User{8C0D4968-3B7B-4A72-B08D-5389F51BF9C4}C:\dcs-a10c-warthog\dcs a-10c\bin\dcs.exe" | In - Public - P17 - TRUE | .(.Eagle Dynamics - DCS.) -- C:\dcs-a10c-warthog\DCS A-10C\bin\DCS.exe

O87 - FAEL: "{1E85E16E-C8D2-4461-BB7B-B948DA1A8498}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{A79F35E4-A757-4634-BDBC-7BE053053709}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "TCP Query User{097CCCD4-7AD0-43D6-9D54-9F5B1604D0E5}C:\program files (x86)\internet explorer\iexplore.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "UDP Query User{F8531A1D-3FB6-4542-894D-2C401ACD3199}C:\program files (x86)\internet explorer\iexplore.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "{7B8694CE-1A47-4CAA-A371-EB02AD35DAC5}" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "{31228E95-D94B-4165-8046-3AF59CCBDC2C}" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\internet explorer\iexplore.exe (.not file.)

O87 - FAEL: "{5A01694C-182A-4A92-A8B8-FC8B1BA2A305}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

O87 - FAEL: "{6ECDBB20-C149-4B21-9B7D-EC146FDAC403}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

O87 - FAEL: "{CA30AE99-CC9E-4A69-AF6D-16B4346D041D}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{711089A5-06A9-4D45-9419-A473945D671C}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

O87 - FAEL: "{6CAB70DF-7733-496B-9ACE-789C646B78B1}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "TCP Query User{533EEBBA-66EF-4FD9-B7B2-AEA1CAC36A3A}D:\black shark 2 rep\dcs black shark 2\bin\dcs.exe" | In - Public - P6 - TRUE | .(.Eagle Dynamics - DCS.) -- D:\black shark 2 rep\DCS Black Shark 2\bin\DCS.exe

O87 - FAEL: "UDP Query User{99599376-AE91-4889-A9E8-44A478668179}D:\black shark 2 rep\dcs black shark 2\bin\dcs.exe" | In - Public - P17 - TRUE | .(.Eagle Dynamics - DCS.) -- D:\black shark 2 rep\DCS Black Shark 2\bin\DCS.exe

O87 - FAEL: "TCP Query User{4A2DB396-A712-4911-A815-F43FFBBF3E99}C:\program files\teamspeak 3 client\ts3client_win64.exe" | In - Public - P6 - TRUE | .(.TeamSpeak Systems GmbH.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

O87 - FAEL: "UDP Query User{B3C63154-3FC3-4626-8BD6-F510E6646D94}C:\program files\teamspeak 3 client\ts3client_win64.exe" | In - Public - P17 - TRUE | .(.TeamSpeak Systems GmbH.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

O87 - FAEL: "TCP Query User{1926223B-5901-401C-80E7-A1D1E2221136}D:\me3\binaries\win32\masseffect3.exe" | In - Public - P6 - TRUE | .(.BioWare - Mass Effect 3.) -- D:\me3\Binaries\Win32\MassEffect3.exe

O87 - FAEL: "UDP Query User{368E6F81-5D2C-4818-A8A4-D076174C8D7D}D:\me3\binaries\win32\masseffect3.exe" | In - Public - P17 - TRUE | .(.BioWare - Mass Effect 3.) -- D:\me3\Binaries\Win32\MassEffect3.exe

O87 - FAEL: "{B3808026-78EA-45DF-9B26-B54A6BBA1BFF}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

O87 - FAEL: "{555E1884-9B5C-40C1-945E-CE939C1C3CEB}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 3\iw5sp.exe

~ Scan Firewall in 00mn 01s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 9067 - (06/03/2012)

Clés trouvées (Keys found) : 7

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 6

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Adware.Agent

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}] =>Toolbar.Babylon

[HKLM\Software\WOW6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent

[HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon

[HKCU\Software\SweetIM] =>Toolbar.SweetIM

[HKLM\Software\WOW6432Node\SweetIM] =>Toolbar.SweetIM

C:\ProgramData\Babylon =>Toolbar.Babylon

C:\Users\ianick\AppData\Roaming\Babylon =>Toolbar.Babylon

C:\Users\ianick\AppData\Roaming\OpenCandy =>Adware.OpenCandy

C:\Users\ianick\AppData\Roaming\pdfforge =>PUP.Dealio

C:\Users\ianick\AppData\Local\Babylon =>Toolbar.Babylon

~ Scan Additionnel in 00mn 03s

 

 

 

---\\ Recherche détournement de DNS routeur (O89)

Serveur : dns2.proxad.net

Address: 212.27.40.241

Nom : www-cctld.l.google.com

Addresses: 2a00:1450:4007:803::1017

173.194.66.94

Aliases: www.google.fr

~ Scan DNS in 00mn 02s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 03/01/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SS - | Demand 31/03/2012 253600 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SS - | Disabled 26/01/2011 203776 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 01/12/2011 86224 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 01/12/2011 110032 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SS - | Disabled 28/02/2006 229376 | ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

SR - | Auto 14/09/2009 166400 | (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe

SR - | Auto 14/09/2009 128512 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe

SS - | Demand 01/12/2006 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SR - | Auto 496232 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

SR - | Auto 22/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

SR - | Auto 209000 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

SR - | Auto 15/10/2011 1640768 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 15/10/2011 2253120 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

SS - | Disabled 07/07/2011 1754888 | (PDAgent) . (.Raxco Software, Inc..) - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe

SS - | Disabled 07/07/2011 3290888 | (PDEngine) . (.Raxco Software, Inc..) - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe

SS - | Demand 0 | (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe

SS - | Demand 08/12/2011 419624 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

SR - | Auto 15/10/2011 381248 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

SR - | Auto 22/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

SS - | Demand 1255736 | C:\Windows\system32\Wat\WatUX.exe (WatAdminSvc) . (...) - C:\Windows\system32\Wat\WatAdminSvc.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 02s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by ianick at 31/03/2012 12:30:09

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

~ Scan MBR in 00mn 02s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by ianick at 31/03/2012 12:30:11

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/03/2011 - 00:00:00 RSHAD . (...) -- C:\Windows\system32\drivers\sptd.sys [526392]

~ Scan Emulateurs in 00mn 04s

 

 

 

End of the scan (1686 lines in 03mn 54s)(2)

Lien vers le commentaire
Partager sur d’autres sites

Invité
Ce sujet ne peut plus recevoir de nouvelles réponses.
  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...