[Réglé]Pb accent circonflexe

Sushis · le 13 Sep 2011 20:34

Bonsoir !

J'ai un soucis avec ma touche d'accent circonflexe. Dès que j'appuie dessus une seule fois j'obtiens "^^" . Pas moyen de mettre un accent sur une voyelle.
J'étais pas trop inquiet étant donné que c'est pas très dérangeant mais après quelques recherches sur internet pour résoudre le problème j'ai lu que ça pouvait etre un virus (meme lu qu'il désactivait l'antivirus mais je suis septique) de type Badtrans ou Bugwear.
Du coup j'ai utilisé les outils sur ce site http://www.inoculer.com/antivirus.php3 pour rechercher une trace d'un de ces virus.
Mais sans succès je n'ai eu aucun résultat.
Pareil pour l'analyse antivirus.

Mon ordinateur est un hp pavillon dv6 et mon antivirus avast internet security.

Rapport Hijackthis renommé "Jean" meme si je sais pas si c'est utile :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:54, on 13/09/2011
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Alexis\AppData\Roaming\SVCHOST.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\Downloads\AntiBugbear-fr.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alexis\Downloads\HiJackThis.exe
C:\Users\Alexis\Desktop\Jean.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [HKCU] C:\Users\Alexis\AppData\Roaming\install\server.exe
O4 - HKCU\..\Run: [Startup Name] C:\Users\Alexis\AppData\Roaming\servi_juju.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www4.tellmemorecampus.com
O15 - Trusted Zone: http://www4.tellmemorecampus.com (HKLM)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10487 bytes

Le logiciel a pas pu observer C:\\windows\system32\drivers\etc\hosts

Merci et bonne soirée.

Sushis · le 14 Sep 2011 18:44

Personne pour m'aider ?

reg35 · le 14 Sep 2011 19:08

salut
il existe un site pour analyser les rapports hyjack:
http://www.hijackthis.de/fr#anl

jai fait un test de ton rapport, il me dit:

en mechant:
C:\Users\Alexis\AppData\Roaming\SVCHOST.exe

et en douteux:
O4 - HKCU\..\Run: [HKCU] C:\Users\Alexis\AppData\Roaming\install\server.exe
O4 - HKCU\..\Run: [Startup Name] C:\Users\Alexis\AppData\Roaming\servi_juju.exe
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx

donc tu peut deja virer la ligne mechante et voir s'il y a du mieux...
tu peut aussi passer un coup de ccleaner, logiciel gratuit.

Del-crosseur · le 14 Sep 2011 20:36

Hello vous ,

@Reg

@Sushis

Fais ceci pour voir exactement quelle infection est présente dans ton pc ,

Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
NetSvcs
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
/md5start
dwm.exe
taskhost.exe
taskeng.exe
wscntfy.exe
ctfmon.exe
rdpclip.exe
volsnap.sys
sptd.sys
explorer.exe
userinit.exe
winlogon.exe
wininit.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL[/quote]

Bonne soirée

Sushis · le 14 Sep 2011 22:50

Merci pour ton aide !

Voilà le otl.txt :

OTL logfile created on: 14/09/2011 23:26:14 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Alexis\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 68,13% Memory free
7,99 Gb Paging File | 6,54 Gb Available in Paging File | 81,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,17 Gb Total Space | 463,58 Gb Free Space | 79,63% Space Free | Partition Type: NTFS
Drive D: | 13,70 Gb Total Space | 2,26 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 92,75 Mb Free Space | 93,37% Space Free | Partition Type: FAT32

Computer Name: ALESKYPC | User Name: Alexis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Alexis\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)

========== Modules (No Company Name) ==========

MOD - C:\Users\Alexis\AppData\Roaming\SVCHOST.exe ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

========== Driver Services (SafeList) ==========

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (WsAudioDevice_383S(1)) WsAudioDevice_383S(1) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys (Wondershare)
DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (sscemdm) -- C:\Windows\SysNative\drivers\sscemdm.sys (MCCI Corporation)
DRV:64bit: - (ssceserd) SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM) -- C:\Windows\SysNative\drivers\ssceserd.sys (MCCI Corporation)
DRV:64bit: - (sscebus) SAMSUNG USB Composite Device V2 driver (WDM) -- C:\Windows\SysNative\drivers\sscebus.sys (MCCI Corporation)
DRV:64bit: - (sscemdfl) -- C:\Windows\SysNative\drivers\sscemdfl.sys (MCCI Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (LUMDriver) -- C:\Windows\SysNative\drivers\LUMDriver.sys (IBM)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/3

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/3
IE - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Shareaza Web Search"
FF - prefs.js..browser.search.order.1: "Shareaza Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://google.fr"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {b66bc4c3-6d25-4a10-8c59-01daa9063051}:1.5.5
FF - prefs.js..keyword.URL: "http://search.shareazaweb.com/web?src=ffb&systemid=3&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alexis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alexis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/18 03:13:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/16 01:44:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Alexis\AppData\Roaming\IDM\idmmzcc3

[2010/09/25 16:07:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexis\AppData\Roaming\mozilla\Extensions
[2010/09/25 16:07:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexis\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011/07/29 21:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alexis\AppData\Roaming\mozilla\Firefox\Profiles\s2nten56.default\extensions
[2010/08/12 10:21:06 | 000,002,510 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\searchplugins\ShareazaWebSearch.xml
[2011/06/20 19:08:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/12 16:17:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/17 21:21:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/22 01:16:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/20 19:08:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ALEXIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S2NTEN56.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
() (No name found) -- C:\USERS\ALEXIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S2NTEN56.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2011/07/18 03:13:26 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2010/08/12 10:21:06 | 000,002,510 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ShareazaWebSearch.xml
[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3:64bit: - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000..\Run: [HKCU] C:\Users\Alexis\AppData\Roaming\install\server.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000..\Run: [Startup Name] C:\Users\Alexis\AppData\Roaming\servi_juju.exe (Mozilla Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: tellmemorecampus.com ([www4] http in Trusted sites)
O15 - HKU\S-1-5-21-1034220312-1961313254-1996914020-1000\..Trusted Domains: tellmemorecampus.com ([www4] http in Sites de confiance)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89E5E81C-9E05-4798-990F-F7C90DF621E7}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{11528fe2-f119-11df-a99e-c80aa966016f}\Shell - "" = AutoRun
O33 - MountPoints2\{11528fe2-f119-11df-a99e-c80aa966016f}\Shell\AutoRun\command - "" = I:\ICM_ML.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

MsConfig:64bit - StartUpReg: HPADVISOR - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: NortonOnlineBackupReminder - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: QlbCtrl.exe - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
MsConfig:64bit - StartUpReg: RGSC - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: SmartMenu - hkey= - key= - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
MsConfig:64bit - StartUpReg: WirelessAssistant - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

========== Files/Folders - Created Within 30 Days ==========

[2011/09/14 20:14:40 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Alexis\Desktop\Jean.exe
[2011/09/14 15:23:44 | 000,000,000 | ---D | C] -- C:\Users\Alexis\AppData\Roaming\WinBatch
[2011/09/11 15:29:34 | 000,000,000 | ---D | C] -- C:\Temp
[2011/09/11 15:18:37 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2011/09/11 14:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2011/09/11 14:47:50 | 000,161,280 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscemdm.sys
[2011/09/11 14:47:50 | 000,129,024 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssceserd.sys
[2011/09/11 14:47:50 | 000,127,488 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscebus.sys
[2011/09/11 14:47:50 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscemdfl.sys
[2011/09/11 14:47:50 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscewhnt.sys
[2011/09/11 14:47:50 | 000,015,872 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscewh.sys
[2011/09/11 14:47:50 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscecmnt.sys
[2011/09/11 14:47:50 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscecm.sys
[2011/09/11 03:56:55 | 000,000,000 | ---D | C] -- C:\Users\Alexis\AppData\Local\Samsung
[2011/09/11 03:56:26 | 000,000,000 | ---D | C] -- C:\Users\Alexis\Documents\samsung
[2011/09/11 03:54:40 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2011/09/10 14:53:52 | 048,414,208 | ---- | C] (Mozilla Corporation) -- C:\Users\Alexis\AppData\Roaming\servi_juju.exe
[2011/08/27 22:26:21 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011/08/27 22:26:06 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011/08/27 22:26:06 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011/08/27 22:26:06 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011/08/27 22:26:06 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011/08/27 22:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011/08/27 22:25:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011/08/27 14:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2011/08/27 14:11:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2011/08/27 14:11:44 | 000,000,000 | ---D | C] -- C:\Users\Alexis\Documents\Sports Interactive
[2011/08/27 14:11:40 | 000,000,000 | ---D | C] -- C:\Users\Alexis\AppData\Roaming\Sports Interactive
[2011/08/27 14:02:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2011/08/27 14:02:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sports Interactive
[2011/08/27 14:01:47 | 000,000,000 | -H-D | C] -- C:\Users\Alexis\InstallAnywhere
[2011/08/24 17:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/22 02:14:36 | 000,000,000 | ---D | C] -- C:\Users\Alexis\AppData\Local\ElevatedDiagnostics
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/14 23:27:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/09/14 23:26:15 | 000,064,894 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\prolog
[2011/09/14 23:05:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000UA.job
[2011/09/14 20:14:40 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Alexis\Desktop\Jean.exe
[2011/09/14 20:05:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000Core.job
[2011/09/14 19:36:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/14 13:51:55 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/14 13:51:55 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/14 13:44:10 | 3218,235,392 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/11 20:54:09 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/11 20:54:09 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/09/11 20:54:09 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/11 20:54:09 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/09/11 20:54:09 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/11 15:19:13 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011/09/11 15:18:53 | 000,001,941 | ---- | M] () -- C:\Users\Alexis\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/09/11 14:42:46 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2011/09/10 14:53:53 | 048,414,208 | ---- | M] (Mozilla Corporation) -- C:\Users\Alexis\AppData\Roaming\servi_juju.exe
[2011/09/10 14:53:53 | 000,005,576 | -H-- | M] () -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe
[2011/09/10 14:53:53 | 000,005,576 | -H-- | M] () -- C:\Users\Alexis\AppData\Roaming\serveur.exe
[2011/09/05 22:00:13 | 000,002,406 | ---- | M] () -- C:\Users\Alexis\Desktop\Google Chrome.lnk
[2011/08/27 22:26:05 | 000,002,189 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk
[2011/08/27 22:26:05 | 000,002,153 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011/08/24 17:07:40 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/14 23:27:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/09/11 15:19:13 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2011/09/11 15:18:53 | 000,001,941 | ---- | C] () -- C:\Users\Alexis\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2011/09/10 14:54:26 | 000,064,894 | ---- | C] () -- C:\Users\Alexis\AppData\Roaming\prolog
[2011/09/10 14:53:53 | 000,005,576 | -H-- | C] () -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe
[2011/09/10 14:53:53 | 000,005,576 | -H-- | C] () -- C:\Users\Alexis\AppData\Roaming\serveur.exe
[2011/08/27 22:26:05 | 000,002,189 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk
[2011/08/27 22:26:05 | 000,002,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011/08/27 22:26:05 | 000,002,153 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2011/08/24 17:07:40 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/06/07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/06/07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/06/07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/06/07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/06/07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/05/29 19:32:07 | 000,001,854 | ---- | C] () -- C:\Users\Alexis\AppData\Roaming\GhostObjGAFix.xml
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/12/08 19:06:13 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/08 19:06:11 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/12/08 19:06:11 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/21 01:07:42 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/10/06 11:40:09 | 000,000,074 | ---- | C] () -- C:\Users\Alexis\AppData\Roaming\wklnhst.dat
[2010/08/15 12:07:01 | 000,063,041 | ---- | C] () -- C:\Users\Alexis\AppData\Local\tmpMIDGARD.JPG
[2010/07/29 02:20:15 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/04/11 02:23:44 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/04/11 02:23:44 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/04/11 02:19:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/11/14 13:12:35 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009/09/29 16:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2005/10/29 00:00:28 | 000,016,971 | -H-- | C] () -- C:\Users\Alexis\AppData\Roaming\Alexislog.dat

========== LOP Check ==========

[2010/12/01 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\2K Sports
[2010/09/17 18:01:20 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\BlackBean
[2010/07/29 13:22:06 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\DAEMON Tools Lite
[2010/10/22 00:21:48 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\DassaultSystemes
[2011/05/01 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\DMCache
[2011/08/31 23:40:09 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Free Download Manager
[2011/03/06 16:01:59 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\GARMIN
[2011/04/11 05:14:48 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\IDM
[2005/10/27 06:15:04 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\install
[2010/10/01 20:38:59 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\moovida-1
[2010/12/04 20:22:02 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Need for Speed World
[2011/09/11 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\SAMSUNG
[2011/03/04 17:15:02 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\SpeedSim
[2011/08/27 14:11:40 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Sports Interactive
[2010/10/06 11:40:11 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Template
[2011/05/23 01:01:57 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\TS3Client
[2010/12/11 20:59:31 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\TuneUp Software
[2011/01/18 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Ubisoft
[2011/09/14 15:23:44 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\WinBatch
[2010/07/29 02:20:08 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\_MDLogs
[2011/07/03 22:52:24 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %temp%\smtmp\1\*.* /s >

< %temp%\smtmp\2\*.* /s >

< %temp%\smtmp\4\*.* /s >

< nslookup http://www.google.fr /c >
Serveur : livebox.home
Address: 192.168.1.1
DNS request timed out.
timeout was 2 seconds.

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/12/01 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\2K Sports
[2011/09/13 13:45:30 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Adobe
[2010/07/28 15:06:28 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\ATI
[2010/09/17 18:01:20 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\BlackBean
[2010/09/18 22:01:08 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\CyberLink
[2010/07/29 13:22:06 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\DAEMON Tools Lite
[2010/10/22 00:21:48 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\DassaultSystemes
[2011/05/01 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\DMCache
[2011/04/13 22:13:46 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\dvdcss
[2011/08/31 23:40:09 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Free Download Manager
[2011/03/06 16:01:59 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\GARMIN
[2011/02/12 17:36:55 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Hewlett-Packard
[2010/07/30 21:15:42 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\HP Support Assistant
[2011/02/12 17:21:52 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\hpqlog
[2010/07/30 21:15:42 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\HpUpdate
[2010/07/28 15:04:54 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Identities
[2011/04/11 05:14:48 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\IDM
[2005/10/27 06:15:04 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\install
[2010/07/28 15:09:46 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Macromedia
[2010/04/11 11:15:11 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Media Center Programs
[2011/02/16 02:11:27 | 000,000,000 | --SD | M] -- C:\Users\Alexis\AppData\Roaming\Microsoft
[2011/03/31 01:40:36 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\mIRC
[2010/10/01 20:38:59 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\moovida-1
[2010/12/26 22:21:15 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Mozilla
[2010/12/04 20:22:02 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Need for Speed World
[2011/09/11 15:17:11 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\SAMSUNG
[2010/07/29 13:50:55 | 000,000,000 | RH-D | M] -- C:\Users\Alexis\AppData\Roaming\SecuROM
[2011/08/24 18:20:36 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Skype
[2011/03/04 17:15:02 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\SpeedSim
[2011/08/27 14:11:40 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Sports Interactive
[2010/10/06 11:40:11 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Template
[2011/05/23 01:01:57 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\TS3Client
[2010/12/11 20:59:31 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\TuneUp Software
[2011/01/18 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Ubisoft
[2011/06/30 12:49:07 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\vlc
[2011/09/14 15:23:44 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\WinBatch
[2010/09/24 22:56:45 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\WinRAR
[2010/08/04 20:53:44 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\Yahoo!
[2010/07/29 02:20:08 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\_MDLogs

< %APPDATA%\*.exe /s >
[2011/09/10 14:53:53 | 000,005,576 | -H-- | M] () -- C:\Users\Alexis\AppData\Roaming\serveur.exe
[2011/09/10 14:53:53 | 048,414,208 | ---- | M] (Mozilla Corporation) -- C:\Users\Alexis\AppData\Roaming\servi_juju.exe
[2011/09/10 14:53:53 | 000,005,576 | -H-- | M] () -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe
[2011/03/26 18:28:02 | 004,352,552 | ---- | M] (Tonec Inc.) -- C:\Users\Alexis\AppData\Roaming\IDM\idmupdt.exe
[2006/02/26 00:51:25 | 001,169,224 | ---- | M] (Microsoft Corporation) -- C:\Users\Alexis\AppData\Roaming\install\server.exe
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_BCB4A930B9F04A2480525A437423D92B.exe
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut4_A414E067513C43BA8786F3DC788BC961.exe
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_F4EE65F1A6CD4124B059E9FA9A98EBF7.exe
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_206049A8CD534D8B87D5F66190F05AB3.exe
[2011/03/05 14:54:52 | 000,010,134 | R--- | M] () -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
[2011/03/12 23:23:31 | 000,010,134 | R--- | M] () -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/06/28 07:32:22 | 081,122,288 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Templates\SamsungKiesSetup.exe
[2011/06/24 15:54:30 | 000,941,968 | ---- | M] (Samsung) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\Kies.exe
[2011/06/24 15:54:38 | 000,278,928 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011/06/24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011/06/07 11:14:06 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2011/06/07 11:14:04 | 000,284,160 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011/06/09 18:45:38 | 000,660,992 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011/06/24 15:54:40 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011/06/07 11:13:54 | 000,100,352 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011/06/07 11:13:54 | 000,095,232 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011/06/24 15:54:44 | 000,131,984 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011/06/24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011/06/24 15:54:48 | 004,661,464 | ---- | M] () -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011/06/20 10:33:24 | 020,677,600 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011/06/24 15:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\temp\Kies.Update.exe
[2011/08/01 05:32:24 | 000,362,384 | ---- | M] (ml) -- C:\Users\Alexis\AppData\Roaming\SAMSUNG\Kies\UpdateTemp\Updater\Kies.Update.exe

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CTFMON.EXE >
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\SysNative\ctfmon.exe
[2009/07/14 03:39:02 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=42B6A94DD747DF2B5F628A2752E62A98 -- C:\Windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\SysWOW64\ctfmon.exe
[2009/07/14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: DISK.SYS >
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: DWM.EXE >
[2009/07/14 03:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\SysNative\dwm.exe
[2009/07/14 03:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_e99885bbd6e301de\dwm.exe
[2009/07/14 03:39:08 | 000,120,320 | ---- | M] (Microsoft Corporation) MD5=F162D5F5E845B9DC352DD1BAD8CEF1BC -- C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe

< MD5 for: EVENTLOG.DLL >
[2007/05/17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

< MD5 for: EXPLORER.EXE >
[2010/04/11 11:17:06 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/04/11 11:17:06 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/04/11 11:17:06 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/04/11 11:17:06 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: IASTORV.SYS >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NDIS.SYS >
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: RASACD.SYS >
[2009/07/14 02:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys
[2009/07/14 02:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

< MD5 for: RDPCLIP.EXE >
[2010/11/20 15:25:05 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=25D284EB2F12254C001AFE9A82575A81 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_5ffc161221c1b4f6\rdpclip.exe
[2009/07/14 03:39:28 | 000,209,408 | ---- | M] (Microsoft Corporation) MD5=798F5E39068FD3BC9D999A401FAB5F62 -- C:\Windows\winsxs\amd64_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_5dcb024a24d3315c\rdpclip.exe

< MD5 for: RDPWD.SYS >
[2010/11/20 13:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys
[2009/07/14 02:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\SysNative\drivers\rdpwd.sys
[2009/07/14 02:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SFLOPPY.SYS >
[2009/07/14 02:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys
[2009/07/14 02:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys
[2009/07/14 02:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys

< MD5 for: SPTD.SYS >
[2010/07/29 02:11:07 | 000,834,544 | ---- | M] () Unable to obtain MD5 -- C:\Windows\SysNative\drivers\sptd.sys

< MD5 for: TASKENG.EXE >
[2010/11/02 06:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe
[2010/11/20 14:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe
[2010/11/02 07:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=60CAE1FA4888ED41B41AEE91C774E4A2 -- C:\Windows\SysNative\taskeng.exe
[2010/11/02 07:10:47 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=60CAE1FA4888ED41B41AEE91C774E4A2 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_419a75c3d88fecc0\taskeng.exe
[2010/11/20 15:25:23 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=65EA57712340C09B1B0C427B4848AE05 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_43d2529dd579f798\taskeng.exe
[2010/11/02 07:16:39 | 000,464,384 | ---- | M] (Microsoft Corporation) MD5=84343003E0E6716B3E782FF781B92815 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_425bf162f184fdfc\taskeng.exe
[2009/07/14 03:39:47 | 000,463,872 | ---- | M] (Microsoft Corporation) MD5=C1BDC97E8C9404245DE87F1EF08D1764 -- C:\Windows\winsxs\amd64_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_41a13ed5d88b73fe\taskeng.exe
[2009/07/14 03:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe
[2010/11/02 06:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\SysWOW64\taskeng.exe
[2010/11/02 06:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe

< MD5 for: TASKHOST.EXE >
[2009/07/14 03:39:47 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=3EEFB971D61EF9638FD21F14C703CA11 -- C:\Windows\SysNative\taskhost.exe
[2009/07/14 03:39:47 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=3EEFB971D61EF9638FD21F14C703CA11 -- C:\Windows\winsxs\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_84339a007406dfa0\taskhost.exe
[2010/11/20 15:25:23 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=517110BD83835338C037269E603DB55D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_8664adc870f5633a\taskhost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: TDPIPE.SYS >
[2009/07/14 02:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys
[2009/07/14 02:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys

< MD5 for: TDTCP.SYS >
[2009/07/14 02:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys
[2009/07/14 02:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys

< MD5 for: USBPRINT.SYS >
[2009/07/14 02:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys
[2009/07/14 02:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys
[2009/07/14 02:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys

< MD5 for: USBSCAN.SYS >
[2009/07/14 02:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys
[2009/07/14 02:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2010/11/20 15:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\SysNative\drivers\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_1b1a512d99c5b72c\volsnap.sys
[2009/07/14 03:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 03:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\msvbvm60.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< End of report >

Et le extra.txt ;

OTL Extras logfile created on: 14/09/2011 23:26:14 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Alexis\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 68,13% Memory free
7,99 Gb Paging File | 6,54 Gb Available in Paging File | 81,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 582,17 Gb Total Space | 463,58 Gb Free Space | 79,63% Space Free | Partition Type: NTFS
Drive D: | 13,70 Gb Total Space | 2,26 Gb Free Space | 16,46% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 92,75 Mb Free Space | 93,37% Space Free | Partition Type: FAT32

Computer Name: ALESKYPC | User Name: Alexis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java(TM) 6 Update 15 (64-bit)
"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{8FCDACA0-E090-4A9A-AC71-A96E7371DC6E}" = HP 3D DriveGuard
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}" = ATI Catalyst Install Manager
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E787AC54-0E56-A6DF-7BDB-AAC360813B6C}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0868BCEA-C983-1450-3ACB-79411138ACB0}" = Catalyst Control Center Core Implementation
"{0FA359BD-666B-5135-B712-852F21504E96}" = Catalyst Control Center Graphics Previews Vista
"{152C18DA-4270-FAF2-DE48-8A7286BD1FB1}" = CCC Help Japanese
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{21B5704D-788D-F083-A5E0-94B0390889F5}" = Catalyst Control Center InstallProxy
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FC32740-5BF8-F11E-1257-80A41497B9F1}" = Catalyst Control Center Graphics Light
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{337E0592-9B00-AF1D-B10C-16225B981C96}" = CCC Help Thai
"{33899F97-411C-4759-BDAA-26ECAE715B9C}" = TuneUp Utilities Language Pack (fr-FR)
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{36214841-EA3C-DA47-7F29-E6A16231702E}" = CCC Help Dutch
"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works
"{3BC080DE-CF23-E18E-0678-47CA2E70C1CD}" = Catalyst Control Center Graphics Full New
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{47365A91-7A32-5C08-927C-17F27D9F0E50}" = Catalyst Control Center Graphics Previews Common
"{47BD6184-519F-C649-6A5C-58234406B62C}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B57F6F3-5577-7158-A8F7-9E71547F8B7C}" = CCC Help Finnish
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CFFAEC0-1F2A-4D38-8D95-3995A936ADD9}" = NetWorkingWizard_ICM
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{5708788D-EC95-7D4A-C0D8-CB393C9E90AC}" = CCC Help Hungarian
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{675ABEBC-DBA1-FF26-52BF-697FF5012CA1}" = CCC Help Spanish
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{68910580-F9FF-91E0-8AFE-86D49DD07AE4}" = CCC Help Russian
"{6B57CF04-5182-9DED-CCD4-84DAC76784D4}" = CCC Help Swedish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B7E1DE-4913-5E2E-2B83-B90C3BB308BA}" = ccc-core-static
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DA2FB1E-31A5-54A6-91AC-9EDCA6258F40}" = CCC Help French
"{81DD0597-29EB-4FA0-8223-4F41362B2E72}" = NBA 2K11
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DF8417C-07F9-22AA-019E-7F761437BFAC}" = CCC Help Polish
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90E03F32-42EC-A16D-8146-A4E2F0FC9588}" = CCC Help English
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91B36C7F-0796-5A98-D1BA-C29C8D24396F}" = CCC Help Portuguese
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A0A47CD2-749A-97BD-C4AE-862EFA38CAC1}" = CCC Help Danish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A44CD09A-6D0F-08EC-8B80-6FD5EF62598B}" = CCC Help Czech
"{A5786D80-1FAE-577A-C448-9C61274E9F7B}" = CCC Help Turkish
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AF6B5CC8-55F5-55BC-2E2A-2B192EA79E16}" = CCC Help Greek
"{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}" = Garmin Communicator Plugin
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{C2AFB298-CD06-BCF0-16CD-FB506E07B262}" = CCC Help Norwegian
"{C2FFBCE8-3A0D-154C-EE84-47B189E79D60}" = CCC Help German
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB71B7E6-3156-2DB6-3800-6B853D5D6EF6}" = Catalyst Control Center Graphics Full Existing
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D8029B62-C3D6-E02D-A98E-07AFEA8CDF79}" = Catalyst Control Center Localization All
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E0897770-46C9-4322-AD44-8BFA6BE217B2}" = Catalyst Control Center - Branding
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{EC1F6690-DE55-4B9E-C556-EE1558EAB7A5}" = CCC Help Chinese Standard
"{EC83C809-3943-830A-ED5C-C569267E4804}" = CCC Help Korean
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F696BBD9-A383-4F54-155B-451A15482C89}" = CCC Help Chinese Traditional
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Internet Security
"CCleaner" = CCleaner
"Free Download Manager_is1" = Free Download Manager 3.0
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Mozilla Firefox 5.0 (x86 fr)" = Mozilla Firefox 5.0 (x86 fr)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VLC media player" = VLC media player 1.1.9

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1034220312-1961313254-1996914020-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21/08/2011 16:09:56 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 16:09:56 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 16:09:59 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 16:09:59 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 16:09:59 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 16:10:00 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 16:10:00 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 16:10:00 | Computer Name = AleskyPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 21/08/2011 20:12:39 | Computer Name = AleskyPC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante svchost.exe_SysMain, version : 6.1.7600.16385,
horodatage : 0x4a5bc3c1 Nom du module défaillant : sysmain.dll, version : 6.1.7600.16385,
horodatage : 0x4a5be07e Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000004c63
ID
du processus défaillant : 0x3e8 Heure de début de l’application défaillante : 0x01cc6005381e9233
Chemin
d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès
du module défaillant: c:\windows\system32\sysmain.dll ID de rapport : 71d405a5-cc53-11e0-9cb8-c80aa966016f

Error - 21/08/2011 20:14:23 | Computer Name = AleskyPC | Source = Application Error | ID = 1000
Description = Nom de l’application défaillante CLMLSvc.exe, version : 4.3.3318.0,
horodatage : 0x4ab36502 Nom du module défaillant : CLMediaLibrary.dll, version :
4.3.3318.0, horodatage : 0x4ab36541 Code d’exception : 0xc0000005 Décalage d’erreur
: 0x00040ef3 ID du processus défaillant : 0x3f0 Heure de début de l’application défaillante
: 0x01cc606069721431 Chemin d’accès de l’application défaillante : c:\Program Files
(x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe Chemin d’accès du
module défaillant: c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
ID
de rapport : afbf9c0e-cc53-11e0-9cb8-c80aa966016f

[ Hewlett-Packard Events ]
Error - 31/07/2010 08:03:44 | Computer Name = AleskyPC | Source = Hewlett-Packard | ID = 0
Description = fr-FR La référence d'objet n'est pas définie à une instance d'un objet.
Configurator

à Configurator.ConfiguratorClass.loadXML() à Configurator.ConfiguratorClass..ctor(Boolean
loadxml) à HPSFConfigReader.ConfigHelper..ctor() à HPAssistant.csSettings.loadApplicationResources(Boolean
isOnAppLoad)

Error - 04/08/2010 19:04:30 | Computer Name = AleskyPC | Source = Hewlett-Packard | ID = 0
Description = fr-FR Impossible de trouver le fichier 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoAA.xml'. mscorlib à System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) à System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode, FileAccess
access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath,
Boolean bFromProxy) à System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) à System.IO.StreamReader..ctor(String
path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks, Int32 bufferSize)

à System.IO.StreamReader..ctor(String path, Encoding encoding) à System.IO.File.ReadAllText(String
path, Encoding encoding) à n.a()

[ Media Center Events ]
Error - 02/01/2011 22:15:45 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 03:15:40 - Erreur de connexion à Internet. 03:15:40 - Impossible
de contacter le service..

Error - 11/01/2011 14:41:03 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 19:41:02 - Erreur de connexion à Internet. 19:41:03 - Impossible
de contacter le service..

Error - 11/01/2011 14:41:17 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 19:41:08 - Erreur de connexion à Internet. 19:41:08 - Impossible
de contacter le service..

Error - 11/01/2011 15:42:45 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 20:42:45 - Erreur de connexion à Internet. 20:42:45 - Impossible
de contacter le service..

Error - 11/01/2011 15:43:31 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 20:43:18 - Erreur de connexion à Internet. 20:43:18 - Impossible
de contacter le service..

Error - 11/01/2011 16:44:34 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 21:44:34 - Erreur de connexion à Internet. 21:44:34 - Impossible
de contacter le service..

Error - 11/01/2011 16:45:08 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 21:45:06 - Erreur de connexion à Internet. 21:45:06 - Impossible
de contacter le service..

Error - 15/01/2011 22:00:14 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 03:00:14 - Erreur de connexion à Internet. 03:00:14 - Impossible
de contacter le service..

Error - 15/01/2011 22:00:21 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 03:00:19 - Erreur de connexion à Internet. 03:00:19 - Impossible
de contacter le service..

Error - 14/09/2011 11:18:16 | Computer Name = AleskyPC | Source = MCUpdate | ID = 0
Description = 17:18:15 - Échec de la récupération de MCEClientUX (Erreur : La connexion
sous-jacente a été fermée : Impossible d'établir une relation de confiance pour
le canal sécurisé SSL/TLS.)

[ System Events ]
Error - 13/09/2011 13:12:54 | Computer Name = AleskyPC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk2\DR2.

Error - 13/09/2011 15:01:33 | Computer Name = AleskyPC | Source = Service Control Manager | ID = 7001
Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur
de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

Error - 14/09/2011 07:44:16 | Computer Name = AleskyPC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 14/09/2011 07:45:53 | Computer Name = AleskyPC | Source = Service Control Manager | ID = 7001
Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur
de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

Error - 14/09/2011 11:15:02 | Computer Name = AleskyPC | Source = Service Control Manager | ID = 7001
Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur
de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

Error - 14/09/2011 11:22:20 | Computer Name = AleskyPC | Source = Service Control Manager | ID = 7001
Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur
de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

Error - 14/09/2011 13:36:46 | Computer Name = AleskyPC | Source = Service Control Manager | ID = 7001
Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur
de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

Error - 14/09/2011 14:26:23 | Computer Name = AleskyPC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 14/09/2011 14:26:24 | Computer Name = AleskyPC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 14/09/2011 14:26:24 | Computer Name = AleskyPC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

< End of report >

Del-crosseur · le 15 Sep 2011 21:30

Bonsoir ,

Il y a du monde...

Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
[2011/09/10 14:53:53 | 000,005,576 | -H-- | M] () -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe
[2011/09/10 14:53:53 | 000,005,576 | -H-- | C] () -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe
[2010/10/01 20:38:59 | 000,000,000 | ---D | M] -- C:\Users\Alexis\AppData\Roaming\moovida-1
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_BCB4A930B9F04A2480525A437423D92B.exe
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut4_A414E067513C43BA8786F3DC788BC961.exe
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_F4EE65F1A6CD4124B059E9FA9A98EBF7.exe
[2010/10/01 20:37:45 | 000,102,400 | R--- | M] (Acresso Software Inc.) -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_206049A8CD534D8B87D5F66190F05AB3.exe
[2011/03/05 14:54:52 | 000,010,134 | R--- | M] () -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
[2011/03/12 23:23:31 | 000,010,134 | R--- | M] () -- C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

:Files
c:\users\alexis\appdata\roaming\svchost.exe
c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut3_bcb4a930b9f04a2480525a437423d92b.exe
c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut4_a414e067513c43ba8786f3dc788bc961.exe
c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut5_f4ee65f1a6cd4124b059e9fa9a98ebf7.exe
c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut6_206049a8cd534d8b87d5f66190f05ab3.exe
c:\users\alexis\appdata\roaming\microsoft\installer\{cae7d1d9-3794-4169-b4dd-964adbc534ee}\arpproducticon.exe
c:\users\alexis\appdata\roaming\microsoft\installer\{e3e71d07-cd27-46cb-8448-16d4fb29aa13}\arpproducticon.exe
O33 - MountPoints2\{11528fe2-f119-11df-a99e-c80aa966016f}\Shell - "" = AutoRun
O33 - MountPoints2\{11528fe2-f119-11df-a99e-c80aa966016f}\Shell\AutoRun\command - "" = I:\ICM_ML.exe

:Commands
[emptytemp]
[emptyflash]

* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.log"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Puis ::

Télécharge puis installe :

par Marcin Kleczynski

*** Met-le à jour(très important ) , puis coche, "Exécuter un examen complet"

*** Si une infection est trouvée, coche la case à coté et valide avec l’Onglet Supprimer la sélection

*** Après la suppression , l'outil va surement te demander de redémarrer l'ordinateur -->accepte<--

*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.

Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) ? cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.

Poste le rapport final.

Ps:Au cas ou tu n'a pas le rapport suite à une erreur de manipulation ; relance Malwarebytes puis rends toi dans l'onglet "rapports/Logs" selectionne le dernier puis Copier/Coller dans ta réponse

Bonne nuit !

Sushis · le 16 Sep 2011 17:02

Rapport OTL

All processes killed
========== OTL ==========
C:\Users\Alexis\AppData\Roaming\SVCHOST.exe moved successfully.
File C:\Users\Alexis\AppData\Roaming\SVCHOST.exe not found.
C:\Users\Alexis\AppData\Roaming\moovida-1\addin-db-001\hosts folder moved successfully.
C:\Users\Alexis\AppData\Roaming\moovida-1\addin-db-001\addin-dir-data folder moved successfully.
C:\Users\Alexis\AppData\Roaming\moovida-1\addin-db-001\addin-data\1 folder moved successfully.
C:\Users\Alexis\AppData\Roaming\moovida-1\addin-db-001\addin-data folder moved successfully.
C:\Users\Alexis\AppData\Roaming\moovida-1\addin-db-001 folder moved successfully.
C:\Users\Alexis\AppData\Roaming\moovida-1 folder moved successfully.
C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut3_BCB4A930B9F04A2480525A437423D92B.exe moved successfully.
C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut4_A414E067513C43BA8786F3DC788BC961.exe moved successfully.
C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut5_F4EE65F1A6CD4124B059E9FA9A98EBF7.exe moved successfully.
C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\NewShortcut6_206049A8CD534D8B87D5F66190F05AB3.exe moved successfully.
C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe moved successfully.
C:\Users\Alexis\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe moved successfully.
========== FILES ==========
File\Folder c:\users\alexis\appdata\roaming\svchost.exe not found.
File\Folder c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut3_bcb4a930b9f04a2480525a437423d92b.exe not found.
File\Folder c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut4_a414e067513c43ba8786f3dc788bc961.exe not found.
File\Folder c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut5_f4ee65f1a6cd4124b059e9fa9a98ebf7.exe not found.
File\Folder c:\users\alexis\appdata\roaming\microsoft\installer\{6084c211-01a1-464e-97a0-09772e122b50}\newshortcut6_206049a8cd534d8b87d5f66190f05ab3.exe not found.
File\Folder c:\users\alexis\appdata\roaming\microsoft\installer\{cae7d1d9-3794-4169-b4dd-964adbc534ee}\arpproducticon.exe not found.
File\Folder c:\users\alexis\appdata\roaming\microsoft\installer\{e3e71d07-cd27-46cb-8448-16d4fb29aa13}\arpproducticon.exe not found.
File\Folder O33 - MountPoints2\{11528fe2-f119-11df-a99e-c80aa966016f}\Shell - "" = AutoRun not found.
File\Folder O33 - MountPoints2\{11528fe2-f119-11df-a99e-c80aa966016f}\Shell\AutoRun\command - "" = I:\ICM_ML.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Alexis
->Temp folder emptied: 593470 bytes
->Temporary Internet Files folder emptied: 50102 bytes
->Java cache emptied: 15450906 bytes
->FireFox cache emptied: 43636433 bytes
->Google Chrome cache emptied: 349704819 bytes
->Flash cache emptied: 9148 bytes

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6770 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68227 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 392,00 mb

[EMPTYFLASH]

User: Alexis
->Flash cache emptied: 0 bytes

User: All Users

User: AppData

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.28.0 log created on 09162011_174127

Files\Folders moved on Reboot...
C:\Users\Alexis\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Sushis · le 16 Sep 2011 19:08

Rapport Maam :

Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org

Version de la base de données: 7727

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16/09/2011 19:38:15
mbam-log-2011-09-16 (19-38-10).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 421793
Temps écoulé: 1 heure(s), 15 minute(s), 36 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
c:\Users\Alexis\AppData\Roaming\SVCHOST.exe (Trojan.Agent) -> 3600 -> No action taken.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Backdoor.Bot.M) -> Value: HKCU -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\Users\Alexis\logiciels\guitar pro_5.2\guitar pro_5.2.0&add-ons\guitar pro_5.2.0\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
c:\Users\Alexis\logiciels\tune up utilities 2011\KeyGen\keygen.exe (RiskWare.Tool.CK) -> No action taken.
c:\Users\Alexis\AppData\Roaming\SVCHOST.exe (Trojan.Agent) -> No action taken.
c:\Users\Alexis\AppData\Roaming\install\server.exe (Backdoor.Bot.M) -> No action taken.

Evidemment j'ai tout supprimé ! :wink:

Del-crosseur · le 16 Sep 2011 21:20

Bonsoir ,

Content pour vous que le soucis d'accent est réglé !!
Concernant Malwarebytes , êtes-vous sûr d'avoir "Supprimer la sélection" ???

Continuons...

Télécharge ZHPDiag par Nicolas Coolman et sauvegarde-le sur le Bureau.

• Laisse toi guider lors de l'installation, le programme se lancera automatiquement à la fin.
• /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »/!\
• Cliquer sur l'icône représentant une loupe (« Lancer le diagnostic »)
• Enregistrer le rapport sur le Bureau à l'aide de l'icône représentant une disquette
• Héberger le rapport ZHPDiag.txt sur un site tel que cijoint.fr, puis copier/coller dans ta prochaine réponse

Bonne soirée/nuit

Sushis · le 16 Sep 2011 21:43

Voilà le rapport ZHPDiag :

Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by Alexis at 16/09/2011 22:36:17
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html

---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 5.0 v5.0

---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4092 MB (72% free)
System Restore: Activé (Enable)
System drive C: has 462 GB (79%) free of 582 GB

---\\ Logged in mode
~ Computer Name: ALESKYPC
~ User Name: Alexis
~ All Users Names: HomeGroupUser$, Alexis, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Alexis\AppData\Roaming\
~ %Desktop% : C:\Users\Alexis\Desktop\
~ %Favorites% : C:\Users\Alexis\Favorites\
~ %LocalAppData% : C:\Users\Alexis\AppData\Local\
~ %StartMenu% : C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 462 Go of 582 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
F:\ CD-ROM drive (Not Inserted)
H:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.28/04/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.463302B41295A7FCAAC655CCB5DE79F8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/08/2011 - 07:20:48.) -- C:\Windows\system32\wininet.dll [1197056]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29/07/2010 - 07:24:40.) -- C:\Windows\system32\Winlogon.exe [389632]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.28/04/2011 - 07:23:06.) -- C:\Windows\system32\drivers\ntfs.sys [1657216]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\system32\sppcomapi.dll [231936]
[MD5.F2521C3173E6027B3FBD5E44272BDF6C] - (....) (.14/11/2009 - 18:42:26.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 133/1196
~ Mes musiques (My Musics) : 1175/3790
~ Mes Videos (My Videos) : 12/96
~ Mes Favoris (My Favorites) : 2/3
~ Mes Documents (My Documents) : 15/693
~ Mon Bureau (My Desktop) : 1/18
~ Menu demarrer (Programs) : 7/35
~ Scan Hidden Files in 00mn 06s

---\\ Processus lancés
[MD5.6F8B727CBC4EB8198ED7C1D9E2FBAD55] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3507088] [PID.3300]
[MD5.6C1B31F5C16E03153F0037AC6C451FFD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2838912] [PID.3468]
[MD5.026423673B8563E9975BDA97ED6273C7] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [449608] [PID.3496]
[MD5.14125ACE451DE474374803CF4B6A3EA0] - (...) -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe [5576] [PID.]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.4060]
[MD5.ACB544D7254F366DFB48F380BC36CD25] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384] [PID.]
[MD5.8408B80B5D1927D5063E1250EA5D9A78] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe [119200] [PID.]
[MD5.F55442690A70A0278A7EED4FAAEBF576] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.]
[MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.831883B107684301F48ACE752C963984] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [66872] [PID.]
[MD5.E24106A5EAECDDFF00B25497049DD65F] - (...) -- C:\Windows\SysWOW64\PnkBstrB.exe [107832] [PID.]
[MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.]
[MD5.94E920BE59B9AB65D95E582DBAA136AC] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [366152] [PID.]
~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Alexis\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [afpbkpjjkfakdcakapanjoeijlphieei] RapidShare DownloadHelper v.1.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [bakedkcpfklpfjhlblihbddnlebmfkfc] Megaupload Super Search (french version) v.2.5 (Activé)
G2 - GCE: Preference [User Data\Default] [kcdpddllhkgmdfdeccgkjofpegkdmnhp] Chrome OGame (fr) v.1.2.37 (Désactivé)
G2 - GCE: Preference [User Data\Default] [leekjckogogidfhpejjmaaekecplpdcg] MegaUpload DownloadHelper v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [lloijicenboemlbkenhgoncndgfecbhc] Megaupload Super Search v.2.5 (Activé)
~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\prefs.js
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\user.js
M3 - MFPP: Plugins - [Alexis] -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\searchplugins\ShareazaWebSearch.xml
M0 - MFSP: prefs.js [Alexis - s2nten56.default] http://google.fr
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Alexis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Alexis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class [64Bits] - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKCU\..\Run: [Startup Name] . (.Mozilla Corporation - Firefox.) -- C:\Users\Alexis\AppData\Roaming\servi_juju.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Run: [Startup Name] . (.Mozilla Corporation - Firefox.) -- C:\Users\Alexis\AppData\Roaming\servi_juju.exe
O4 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Alexis.lnk . (...) -- C:\Users\Alexis
O4 - Global Startup: C:\Users\Alexis\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Free Download Manager.lnk . (.FreeDownloadManager.ORG.) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Guitar Pro 5.lnk . (.Arobas Music.) -- C:\Program Files (x86)\Guitar Pro 5\GP5.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Ma musique.lnk . (...) -- C:\Users\Alexis\Music
O4 - Global Startup: C:\Users\Alexis\Desktop\Mes documents.lnk . (...) -- C:\Users\Alexis\Documents
O4 - Global Startup: C:\Users\Alexis\Desktop\Mes images.lnk . (...) -- C:\Users\Alexis\Pictures
O4 - Global Startup: C:\Users\Alexis\Desktop\Microsoft Office.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O4 - Global Startup: C:\Users\Alexis\Desktop\NBA 2K11.lnk . (.2K Sports.) -- C:\Program Files (x86)\2K Sports\NBA 2K11\nba2k11.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Ordinateur.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Alexis\Desktop\Panneau de configuration.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Alexis\Desktop\Rainbow Six Vegas 2.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Alexis\Desktop\Téléchargement.lnk . (...) -- C:\Users\Alexis\Downloads
O4 - Global Startup: C:\Users\Alexis\Desktop\Vidéos.lnk . (...) -- C:\Users\Alexis\Videos
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.Samsung.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~4\Office12\EXCEL.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
~ Scan Winsock in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{89E5E81C-9E05-4798-990F-F7C90DF621E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{89E5E81C-9E05-4798-990F-F7C90DF621E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{89E5E81C-9E05-4798-990F-F7C90DF621E7}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: PnkBstrB (PnkBstrB) . (...) - C:\Windows\SysWOW64\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000UA.job
[MD5.4510E7A22B82BB99FFEE43953292BAD0] [APT] [CapSchedInst] (.CL.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe
[MD5.60747E27A2767B96E4A70DEAF73A30D7] [APT] [CapSvcInst] (.CL.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe
[MD5.86BA18FC1681C3274DA50BC6B07FAECD] [APT] [CapUninst] (.CL.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe
[MD5.C6331D11F80B3AFFD91A9B3858E00F23] [APT] [CLMLSvc] (.CyberLink.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
[MD5.00000000000000000000000000000000] [APT] [DVDAgent] (...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (.not file.)
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000Core] (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000UA] (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[MD5.3103FE27C967675B019E880AA6DA3D6D] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
[MD5.2F407AA24101E4678B110A1FFA13F587] [APT] [Programme de mise … jour en ligne de Sun Microsystems] (.Sun Microsystems, Inc..) -- C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.FAB4D03FB9DCC995C5B0F30164183CFA] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (.TuneUp Software.) -- C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe
[MD5.1CE55AE7E57826457FD56EB3C50E4E54] [APT] [TVAgent] (.CyberLink Corp..) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
[MD5.00000000000000000000000000000000] [APT] [{CC5C3F17-D933-40A3-A3EC-B10D4E2701C6}] (...) -- C:\Program Files (x86)\TrackMania United\unins000.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E6A93FE1-308B-4E76-BF6C-7FA9E5ECFF56}] (...) -- C:\Windows\CSS Pack\uninstall.exe (.not file.)
[MD5.68C59AE507B11FE5185EB183B55ACE63] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.68C59AE507B11FE5185EB183B55ACE63] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
~ Scan Scheduled Task in 00mn 04s

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (LUMDriver) . (.IBM - LUM Runtime.) - C:\Windows\system32\drivers\LUMDriver.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: ENE CIR Receiver Driver - (.ENE.) [HKLM] -- FFE7D41DF3C645075BB149E21988B63996C34187
O42 - Logiciel: Free Download Manager 3.0 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Internet TV - (.Hewlett-Packard.) [HKLM] -- InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}
O42 - Logiciel: HP MediaSmart Internet TV - (.Hewlett-Packard.) [HKLM] -- {E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}
O42 - Logiciel: HP MediaSmart Live TV - (.Hewlett-Packard.) [HKLM] -- InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart Live TV - (.Hewlett-Packard.) [HKLM] -- {67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP Quick Launch Buttons - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {17B4760F-334B-475D-829F-1A3E94A6A4E6}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {E92D47A1-D27D-430A-8368-0BAFD956507D}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2461678
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)
O42 - Logiciel: NetWorkingWizard_ICM - (.Samsung.) [HKLM] -- {4CFFAEC0-1F2A-4D38-8D95-3995A936ADD9}
O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Rapture3D 2.3.22 Game - (.Blue Ripple Sound.) [HKLM] -- {D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1
O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Tom Clancy's Rainbow Six Vegas 2 - (.Ubisoft.) [HKLM] -- {FD416706-875C-4B0B-A23A-9E740DAE029E}
O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}
O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) - (.Garmin.) [HKLM] -- 49CF605F02C7954F4E139D18828DE298CD59217C
O42 - Logiciel: avast! Internet Security - (.Alwil Software.) [HKLM] -- avast5

---\\ HKCU & HKLM Software Keys
[HKCU\Software\(null)]
[HKCU\Software\2K Sports]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Badoo]
[HKCU\Software\Battle.net]
[HKCU\Software\BlueRippleSound]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DT Soft]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\EasyBits]
[HKCU\Software\Electronic Arts]
[HKCU\Software\Emulators]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Garmin]
[HKCU\Software\Google]
[HKCU\Software\Gravity]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\Informer Technologies, Inc.]
[HKCU\Software\JavaSoft]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MirAIConf]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nadeo]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SAMSUNG]
[HKCU\Software\SecuROM]
[HKCU\Software\Shareaza]
[HKCU\Software\Skype]
[HKCU\Software\Spointer]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamSpeak 3 Client]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Ubisoft]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\mIRC]
[HKCU\Software\perforce]
[HKCU\Software\remote]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\Arobas Music]
[HKLM\Software\Atheros]
[HKLM\Software\Aureal]
[HKLM\Software\AutoClickerTyper]
[HKLM\Software\BlueRippleSound]
[HKLM\Software\CXT]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\DT Soft]
[HKLM\Software\Digital River]
[HKLM\Software\EasyBits]
[HKLM\Software\Even Balance]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\Gamigo Games]
[HKLM\Software\Garmin]
[HKLM\Software\Google]
[HKLM\Software\Gradient]
[HKLM\Software\Gravity Soft]
[HKLM\Software\HPQLOG]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IBM]
[HKLM\Software\IDT]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LSI]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Matrox]
[HKLM\Software\Messenger Plus!]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\OpenCandy NSIS SDK]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PDR_Upgrade]
[HKLM\Software\Pando Networks]
[HKLM\Software\Policies]
[HKLM\Software\Product_Upgrade]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\Samsung]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\Ubisoft]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wondershare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\asoftwareplus]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/07/2010 - 15:14:06 - [185963315] ----D- C:\Program Files\Alwil Software
O43 - CFD: 11/04/2010 - 02:24:24 - [19031379] ----D- C:\Program Files\ATI
O43 - CFD: 14/07/2009 - 05:20:10 - [40708767] ----D- C:\Program Files\Common Files
O43 - CFD: 06/03/2011 - 15:59:02 - [2518312] ----D- C:\Program Files\DIFX
O43 - CFD: 11/04/2010 - 11:15:14 - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 11/04/2010 - 02:43:30 - [17006923] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 05/03/2011 - 15:35:38 - [44113108] ----D- C:\Program Files\IDT
O43 - CFD: 11/08/2011 - 12:07:12 - [5176332] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/11/2009 - 13:34:58 - [262140554] ----D- C:\Program Files\Java
O43 - CFD: 11/04/2010 - 11:15:14 - [149236786] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/11/2009 - 12:00:30 - [1141526] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 11/04/2010 - 02:26:54 - [38665055] ----D- C:\Program Files\Synaptics
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/11/2009 - 19:46:42 - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 16/12/2010 - 23:49:50 - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 16/10/2010 - 12:14:32 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 28/07/2010 - 14:59:32 - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/11/2009 - 19:46:42 - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 28/07/2010 - 15:01:16 - [11755355] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 24/09/2010 - 22:56:40 - [4356726] ----D- C:\Program Files\WinRAR
O43 - CFD: 16/06/2011 - 03:26:22 - [28087326] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/11/2009 - 19:46:42 - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 26/12/2010 - 22:36:22 - [3172] ----D- C:\ProgramData\141D1
O43 - CFD: 17/06/2011 - 13:15:28 - [62265499] ----D- C:\ProgramData\Adobe
O43 - CFD: 28/07/2010 - 15:14:06 - [68138754] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 11/04/2010 - 02:28:50 - [8972] ----D- C:\ProgramData\Atheros
O43 - CFD: 11/04/2010 - 03:04:12 - [188] ----D- C:\ProgramData\ATI
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 31/03/2011 - 01:46:02 - [0] ----D- C:\ProgramData\Codemasters
O43 - CFD: 18/09/2010 - 22:01:04 - [140515] ----D- C:\ProgramData\CyberLink
O43 - CFD: 29/07/2010 - 02:10:22 - [1520] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 19/06/2011 - 19:52:40 - [0] ----D- C:\ProgramData\DassaultSystemes
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 04/03/2011 - 15:51:56 - [144] ----D- C:\ProgramData\Driver Whiz
O43 - CFD: 02/12/2010 - 02:01:14 - [0] ----D- C:\ProgramData\EA Core
O43 - CFD: 18/12/2010 - 21:54:34 - [21433] ----D- C:\ProgramData\Electronic Arts
O43 - CFD: 11/10/2010 - 00:49:28 - [475038] ----D- C:\ProgramData\EPSON
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 01/05/2011 - 16:30:46 - [2796] ----D- C:\ProgramData\FreeDownloadManager.ORG
O43 - CFD: 11/04/2011 - 15:13:04 - [0] ----D- C:\ProgramData\Google
O43 - CFD: 12/02/2011 - 17:10:56 - [46355549] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 16/09/2011 - 18:19:08 - [7364724] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 05/03/2011 - 16:30:28 - [501597799] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 15/09/2011 - 18:49:32 - [57688] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 29/07/2010 - 00:09:36 - [336] ----D- C:\ProgramData\Norton
O43 - CFD: 11/04/2010 - 02:46:14 - [10083708] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 04/03/2011 - 15:57:02 - [144] ----D- C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD: 06/06/2011 - 16:06:08 - [438] ----D- C:\ProgramData\PMB Files
O43 - CFD: 29/07/2010 - 01:04:08 - [67070] ----D- C:\ProgramData\Recovery
O43 - CFD: 11/09/2011 - 15:18:02 - [9342083] ----D- C:\ProgramData\Samsung
O43 - CFD: 04/08/2010 - 16:42:46 - [92144] -SH-D- C:\ProgramData\SecuROM
O43 - CFD: 24/08/2011 - 17:07:36 - [56321175] ----D- C:\ProgramData\Skype
O43 - CFD: 27/08/2011 - 14:12:14 - [18644] ----D- C:\ProgramData\Sports Interactive
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 29/07/2010 - 20:53:18 - [294] ----D- C:\ProgramData\Sun
O43 - CFD: 11/04/2010 - 02:46:00 - [745827] ----D- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 11/01/2011 - 23:00:38 - [10531734] ----D- C:\ProgramData\TmForever
O43 - CFD: 20/09/2010 - 20:36:36 - [114628] ----D- C:\ProgramData\TrackMania United
O43 - CFD: 11/12/2010 - 21:01:22 - [9359243] ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 18/01/2011 - 20:23:02 - [747] ----D- C:\ProgramData\Ubisoft
O43 - CFD: 29/07/2010 - 02:24:26 - [9261247] ----D- C:\ProgramData\WildTangent
O43 - CFD: 12/02/2011 - 17:16:40 - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 11/12/2010 - 20:56:08 - [18441216] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
O43 - CFD: 11/04/2010 - 02:49:00 - [21397340] ----D- C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
O43 - CFD: 30/07/2010 - 21:26:32 - [21219164] ----D- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
O43 - CFD: 26/06/2011 - 19:38:24 - [36484086] ----D- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
O43 - CFD: 01/12/2010 - 20:31:40 - [889715067] ----D- C:\Users\Alexis\AppData\Roaming\2K Sports
O43 - CFD: 13/09/2011 - 13:45:32 - [5273681] ----D- C:\Users\Alexis\AppData\Roaming\Adobe
O43 - CFD: 28/07/2010 - 15:06:30 - [0] ----D- C:\Users\Alexis\AppData\Roaming\ATI
O43 - CFD: 17/09/2010 - 18:01:22 - [2065802] ----D- C:\Users\Alexis\AppData\Roaming\BlackBean
O43 - CFD: 18/09/2010 - 22:01:10 - [365826] ----D- C:\Users\Alexis\AppData\Roaming\CyberLink
O43 - CFD: 29/07/2010 - 13:22:08 - [6077] ----D- C:\Users\Alexis\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 22/10/2010 - 00:21:50 - [81641] ----D- C:\Users\Alexis\AppData\Roaming\DassaultSystemes
O43 - CFD: 01/05/2011 - 16:07:26 - [0] ----D- C:\Users\Alexis\AppData\Roaming\DMCache
O43 - CFD: 13/04/2011 - 22:13:48 - [0] ----D- C:\Users\Alexis\AppData\Roaming\dvdcss
O43 - CFD: 31/08/2011 - 23:40:10 - [20000] ----D- C:\Users\Alexis\AppData\Roaming\Free Download Manager
O43 - CFD: 06/03/2011 - 16:02:00 - [76918] ----D- C:\Users\Alexis\AppData\Roaming\GARMIN
O43 - CFD: 12/02/2011 - 17:36:56 - [131006] ----D- C:\Users\Alexis\AppData\Roaming\Hewlett-Packard
O43 - CFD: 30/07/2010 - 21:15:44 - [278] ----D- C:\Users\Alexis\AppData\Roaming\HP Support Assistant
O43 - CFD: 12/02/2011 - 17:21:54 - [32193] ----D- C:\Users\Alexis\AppData\Roaming\hpqlog
O43 - CFD: 30/07/2010 - 21:15:44 - [882] ----D- C:\Users\Alexis\AppData\Roaming\HpUpdate
O43 - CFD: 28/07/2010 - 15:04:56 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Identities
O43 - CFD: 11/04/2011 - 05:14:50 - [4362610] ----D- C:\Users\Alexis\AppData\Roaming\IDM
O43 - CFD: 16/09/2011 - 19:38:22 - [0] ----D- C:\Users\Alexis\AppData\Roaming\install
O43 - CFD: 28/07/2010 - 15:09:48 - [966] ----D- C:\Users\Alexis\AppData\Roaming\Macromedia
O43 - CFD: 16/09/2011 - 18:19:16 - [1325996] ----D- C:\Users\Alexis\AppData\Roaming\Malwarebytes
O43 - CFD: 11/04/2010 - 11:15:12 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Media Center Programs
O43 - CFD: 16/02/2011 - 02:11:28 - [89985885] -S--D- C:\Users\Alexis\AppData\Roaming\Microsoft
O43 - CFD: 31/03/2011 - 01:40:38 - [39884] ----D- C:\Users\Alexis\AppData\Roaming\mIRC
O43 - CFD: 26/12/2010 - 22:21:16 - [17976250] ----D- C:\Users\Alexis\AppData\Roaming\Mozilla
O43 - CFD: 04/12/2010 - 20:22:04 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Need for Speed World
O43 - CFD: 11/09/2011 - 15:17:12 - [154232562] ----D- C:\Users\Alexis\AppData\Roaming\SAMSUNG
O43 - CFD: 29/07/2010 - 13:50:56 - [8645] R-H-D- C:\Users\Alexis\AppData\Roaming\SecuROM
O43 - CFD: 24/08/2011 - 18:20:38 - [9540996] ----D- C:\Users\Alexis\AppData\Roaming\Skype
O43 - CFD: 04/03/2011 - 17:15:04 - [15119] ----D- C:\Users\Alexis\AppData\Roaming\SpeedSim
O43 - CFD: 27/08/2011 - 14:11:42 - [33727033] ----D- C:\Users\Alexis\AppData\Roaming\Sports Interactive
O43 - CFD: 06/10/2010 - 11:40:12 - [13824] ----D- C:\Users\Alexis\AppData\Roaming\Template
O43 - CFD: 23/05/2011 - 01:01:58 - [2381789] ----D- C:\Users\Alexis\AppData\Roaming\TS3Client
O43 - CFD: 11/12/2010 - 20:59:32 - [69388] ----D- C:\Users\Alexis\AppData\Roaming\TuneUp Software
O43 - CFD: 18/01/2011 - 20:35:00 - [180573] ----D- C:\Users\Alexis\AppData\Roaming\Ubisoft
O43 - CFD: 30/06/2011 - 12:49:08 - [2405236] ----D- C:\Users\Alexis\AppData\Roaming\vlc
O43 - CFD: 14/09/2011 - 15:23:46 - [0] ----D- C:\Users\Alexis\AppData\Roaming\WinBatch
O43 - CFD: 24/09/2010 - 22:56:46 - [12] ----D- C:\Users\Alexis\AppData\Roaming\WinRAR
O43 - CFD: 04/08/2010 - 20:53:46 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Yahoo!
O43 - CFD: 29/07/2010 - 02:20:10 - [9968] ----D- C:\Users\Alexis\AppData\Roaming\_MDLogs
O43 - CFD: 24/09/2010 - 20:02:54 - [485907] ----D- C:\Users\Alexis\AppData\Local\Adobe
O43 - CFD: 28/07/2010 - 14:59:38 - [0] -SH-D- C:\Users\Alexis\AppData\Local\Application Data
O43 - CFD: 28/07/2010 - 15:06:30 - [60480] ----D- C:\Users\Alexis\AppData\Local\ATI
O43 - CFD: 31/07/2010 - 01:34:52 - [0] ----D- C:\Users\Alexis\AppData\Local\CyberLink
O43 - CFD: 21/10/2010 - 14:41:58 - [191426] ----D- C:\Users\Alexis\AppData\Local\DassaultSystemes
O43 - CFD: 22/08/2011 - 02:14:30 - [3191491] ----D- C:\Users\Alexis\AppData\Local\Diagnostics
O43 - CFD: 11/09/2011 - 15:16:08 - [336083558] ----D- C:\Users\Alexis\AppData\Local\Downloaded Installations
O43 - CFD: 04/12/2010 - 18:01:02 - [2710] ----D- C:\Users\Alexis\AppData\Local\Electronic_Arts_Inc
O43 - CFD: 11/09/2011 - 04:28:24 - [1193587] ----D- C:\Users\Alexis\AppData\Local\ElevatedDiagnostics
O43 - CFD: 11/04/2011 - 14:37:36 - [572464733] ----D- C:\Users\Alexis\AppData\Local\Google
O43 - CFD: 06/10/2010 - 11:28:46 - [17210994] ----D- C:\Users\Alexis\AppData\Local\Hewlett-Packard
O43 - CFD: 28/07/2010 - 14:59:38 - [0] -SH-D- C:\Users\Alexis\AppData\Local\Historique
O43 - CFD: 05/03/2011 - 15:43:08 - [1021353342] ----D- C:\Users\Alexis\AppData\Local\Microsoft
O43 - CFD: 10/09/2011 - 03:19:46 - [412608] ----D- C:\Users\Alexis\AppData\Local\Microsoft Games
O43 - CFD: 16/10/2010 - 19:44:38 - [203852] ----D- C:\Users\Alexis\AppData\Local\Microsoft Help
O43 - CFD: 01/10/2010 - 20:38:54 - [127554] ----D- C:\Users\Alexis\AppData\Local\moovida Air
O43 - CFD: 28/07/2010 - 15:17:28 - [178108] ----D- C:\Users\Alexis\AppData\Local\Mozilla
O43 - CFD: 28/12/2010 - 12:03:28 - [17881370] ----D- C:\Users\Alexis\AppData\Local\NFS Underground 2
O43 - CFD: 26/12/2010 - 22:19:58 - [0] ----D- C:\Users\Alexis\AppData\Local\PackageAware
O43 - CFD: 06/06/2011 - 22:58:16 - [152119] ----D- C:\Users\Alexis\AppData\Local\PMB Files
O43 - CFD: 31/07/2010 - 01:34:50 - [0] ----D- C:\Users\Alexis\AppData\Local\PowerCinema
O43 - CFD: 11/09/2011 - 15:19:32 - [17100] ----D- C:\Users\Alexis\AppData\Local\Samsung
O43 - CFD: 26/12/2010 - 23:02:18 - [35311163] ----D- C:\Users\Alexis\AppData\Local\Shareaza
O43 - CFD: 16/09/2011 - 22:36:48 - [980215] ----D- C:\Users\Alexis\AppData\Local\Temp
O43 - CFD: 28/07/2010 - 14:59:38 - [0] -SH-D- C:\Users\Alexis\AppData\Local\Temporary Internet Files
O43 - CFD: 13/09/2011 - 21:31:34 - [2962140279] ----D- C:\Users\Alexis\AppData\Local\VirtualStore
O43 - CFD: 05/03/2011 - 15:43:28 - [0] ----D- C:\Users\Alexis\AppData\Local\Windows Live
O43 - CFD: 30/11/2010 - 18:53:32 - [6597219736] ----D- C:\Program Files (x86)\2K Sports
O43 - CFD: 14/11/2009 - 12:35:36 - [685906709] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 11/04/2010 - 02:28:04 - [76515] ----D- C:\Program Files (x86)\AMD
O43 - CFD: 11/04/2010 - 02:28:46 - [1511498] ----D- C:\Program Files (x86)\Atheros
O43 - CFD: 11/04/2010 - 02:26:28 - [84649253] ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 25/09/2010 - 01:20:02 - [10006012] ----D- C:\Program Files (x86)\BRS
O43 - CFD: 04/08/2010 - 20:53:50 - [2961016] ----D- C:\Program Files (x86)\CCleaner
O43 - CFD: 20/06/2011 - 19:08:40 - [703158043] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 14/11/2009 - 13:02:02 - [1035625562] ----D- C:\Program Files (x86)\CyberLink
O43 - CFD: 29/07/2010 - 02:11:32 - [12086938] ----D- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 19/06/2011 - 20:01:34 - [0] ----D- C:\Program Files (x86)\Dassault Systemes
O43 - CFD: 30/10/2010 - 22:59:46 - [2422304] ----D- C:\Program Files (x86)\Feedback Tool
O43 - CFD: 01/05/2011 - 16:30:52 - [19482296] ----D- C:\Program Files (x86)\Free Download Manager
O43 - CFD: 06/03/2011 - 15:59:00 - [127329] ----D- C:\Program Files (x86)\Garmin
O43 - CFD: 06/03/2011 - 15:59:06 - [12259984] ----D- C:\Program Files (x86)\Garmin GPS Plugin
O43 - CFD: 11/04/2011 - 15:13:04 - [0] ----D- C:\Program Files (x86)\Google
O43 - CFD: 06/02/2011 - 16:07:16 - [374766183] ----D- C:\Program Files (x86)\Guitar Pro 5
O43 - CFD: 26/06/2011 - 19:39:30 - [1484001375] ----D- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 14/11/2009 - 14:01:28 - [4631546] ----D- C:\Program Files (x86)\Hp
O43 - CFD: 29/07/2010 - 02:24:32 - [15403205] ----D- C:\Program Files (x86)\HP Games
O43 - CFD: 11/09/2011 - 15:18:30 - [257859552] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/08/2011 - 12:07:12 - [4479504] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 20/06/2011 - 19:07:56 - [88550939] ----D- C:\Program Files (x86)\Java
O43 - CFD: 11/04/2010 - 02:27:10 - [1929643] ----D- C:\Program Files (x86)\JMicron
O43 - CFD: 16/09/2011 - 19:38:16 - [7019001] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 21/11/2010 - 00:45:06 - [2530872] ----D- C:\Program Files (x86)\MarkAny
O43 - CFD: 14/11/2009 - 11:08:24 - [628088] ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 25/09/2010 - 01:19:00 - [12316016] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 21/10/2010 - 14:16:14 - [377330086] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 14/11/2009 - 12:02:58 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 16/06/2011 - 13:15:14 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 14/11/2009 - 11:09:12 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 11/04/2010 - 02:54:54 - [2188837] ----D- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 16/12/2010 - 21:30:50 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 12/03/2011 - 23:23:32 - [979309] ----D- C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 03/10/2010 - 12:33:04 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 18/07/2011 - 03:13:28 - [34777930] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 30/07/2010 - 01:24:28 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 28/07/2010 - 15:01:18 - [21107901] R---D- C:\Program Files (x86)\Online Services
O43 - CFD: 25/09/2010 - 01:18:32 - [809560] ----D- C:\Program Files (x86)\OpenAL
O43 - CFD: 06/06/2011 - 16:05:32 - [7466286] ----D- C:\Program Files (x86)\Pando Networks
O43 - CFD: 11/09/2011 - 15:17:10 - [0] ----D- C:\Program Files (x86)\PC Connectivity Solution
O43 - CFD: 05/03/2011 - 17:04:56 - [802065] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/11/2010 - 01:06:36 - [282961300] ----D- C:\Program Files (x86)\Samsung
O43 - CFD: 24/08/2011 - 17:07:42 - [17361122] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 27/08/2011 - 14:02:34 - [544768] ----D- C:\Program Files (x86)\Sports Interactive
O43 - CFD: 05/03/2011 - 17:04:56 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 27/08/2011 - 22:26:06 - [61952145] ----D- C:\Program Files (x86)\TuneUp Utilities 2011
O43 - CFD: 31/03/2011 - 01:49:10 - [6919590743] ----D- C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 28/07/2010 - 15:24:58 - [83362831] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 14/11/2009 - 19:46:42 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 31/03/2011 - 01:43:30 - [4706405] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 14/11/2009 - 11:08:08 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 16/12/2010 - 23:49:50 - [6180864] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 16/10/2010 - 12:14:32 - [5336849] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/11/2009 - 19:46:42 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 28/07/2010 - 15:01:16 - [6375414] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 27/08/2011 - 14:07:08 - [175] --H-D- C:\Program Files (x86)\Zero G Registry
O43 - CFD: 16/09/2011 - 22:36:32 - [4014799] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 17/06/2011 - 00:09:16 - [16437159] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 14/11/2009 - 12:35:32 - [31787256] ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 21/10/2010 - 14:16:14 - [196160] ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 08/12/2010 - 20:11:44 - [9106637] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 20/06/2011 - 19:08:40 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 11/04/2010 - 02:34:08 - [36759139] ----D- C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 21/11/2010 - 02:43:50 - [248134663] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 11/09/2011 - 14:43:06 - [305152] ----D- C:\Program Files (x86)\Common Files\Samsung
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/11/2009 - 19:46:42 - [44114543] ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 14/11/2009 - 11:06:50 - [273951898] ----D- C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 01mn 10s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2B9CDC4F93FDDB2D08D1A83120AC7E04] - 16/09/2011 - 21:36:09 ---A- . (...) -- C:\Windows\setupact.log [5040]
O44 - LFC:[MD5.45CE015B410E1B94A924A4064BEC60CA] - 16/09/2011 - 21:35:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2067767]
O44 - LFC:[MD5.54B1B7AAC4AAD5817147B133895A2F42] - 16/09/2011 - 21:24:57 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.31771DF1B38E88E82B63D6AEA2F86133] - 16/09/2011 - 18:39:33 ---A- . (...) -- C:\Windows\PFRO.log [440]
O44 - LFC:[MD5.756EE1F4F8DEC98F7747C1DEB77A33EB] - 16/09/2011 - 16:39:30 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.86BA72DC1A08E65F02D47E28961AF83C] - 16/09/2011 - 16:39:30 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106388]
O44 - LFC:[MD5.B7CE0E41E516B973CDA929ED2FE077DA] - 16/09/2011 - 16:39:30 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130754]
O44 - LFC:[MD5.5966F1F18064AD939C0DB6F032340517] - 16/09/2011 - 16:39:30 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616008]
O44 - LFC:[MD5.B66E859EA71CE9C48A8E29AAE322B6E3] - 16/09/2011 - 16:39:30 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704480]
O44 - LFC:[MD5.756EE1F4F8DEC98F7747C1DEB77A33EB] - 16/09/2011 - 16:39:30 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700]
O44 - LFC:[MD5.86BA72DC1A08E65F02D47E28961AF83C] - 16/09/2011 - 16:39:30 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106388]
O44 - LFC:[MD5.B7CE0E41E516B973CDA929ED2FE077DA] - 16/09/2011 - 16:39:30 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130754]
O44 - LFC:[MD5.5966F1F18064AD939C0DB6F032340517] - 16/09/2011 - 16:39:30 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [616008]
O44 - LFC:[MD5.B66E859EA71CE9C48A8E29AAE322B6E3] - 16/09/2011 - 16:39:30 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704480]
O44 - LFC:[MD5.43EAACFD11ADC0D45EFBCF6A1AF726A1] - 14/09/2011 - 22:27:11 ---A- . (...) -- C:\PhysicalMBR.bin [512]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 13/09/2011 - 23:02:49 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.DB504EF6D73F6B8AB5CF8A18560C4E2A] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem Diagnostic Serial Port.) -- C:\Windows\system32\drivers\ssceserd.sys [129024]
O44 - LFC:[MD5.82732B391EFD69B0548044BE9CB37BFC] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 Filter Driver.) -- C:\Windows\system32\drivers\sscemdfl.sys [18944]
O44 - LFC:[MD5.43D56ACE4469D90F9790E8352D87D9B5] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 WDM.) -- C:\Windows\system32\drivers\sscemdm.sys [161280]
O44 - LFC:[MD5.F74634F46692C8315E7F37F698AF3225] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG USB Composite Device V2 Driver.) -- C:\Windows\system32\drivers\sscebus.sys [127488]
O44 - LFC:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecm.sys [15360]
O44 - LFC:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecmnt.sys [15360]
O44 - LFC:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewh.sys [15872]
O44 - LFC:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewhnt.sys [15872]
O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 11/09/2011 - 13:42:46 ---A- . (...) -- C:\aqua_bitmap.cpp [2006]
O44 - LFC:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 31/08/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O44 - LFC:[MD5.C6FC67BF9F2340E2EBB5388BB20B9C0C] - 27/08/2011 - 21:26:21 ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\SysNative\TURegOpt.exe [34624]
O44 - LFC:[MD5.C6FC67BF9F2340E2EBB5388BB20B9C0C] - 27/08/2011 - 21:26:21 RSHAD . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\system32\TURegOpt.exe [34624]
O44 - LFC:[MD5.BA082E8441F59186932E9DB3AF3EEA00] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\SysNative\uxtuneup.dll [36160]
O44 - LFC:[MD5.BA082E8441F59186932E9DB3AF3EEA00] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\system32\uxtuneup.dll [36160]
O44 - LFC:[MD5.933FCBF49759C9AB8E9E49C0D2574B54] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\SysNative\authuitu.dll [25920]
O44 - LFC:[MD5.933FCBF49759C9AB8E9E49C0D2574B54] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\system32\authuitu.dll [25920]
~ Scan Files in 00mn 09s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{11528fe2-f119-11df-a99e-c80aa966016f}\AutoRun\command. (...) -- I:\ICM_ML.exe (.not file.)
~ Scan Keys in 00mn 00s

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\HPADVISOR [Key] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O53 - SMSR:HKLM\...\startupreg\NortonOnlineBackupReminder [Key] . (...) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\QlbCtrl.exe [Key] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O53 - SMSR:HKLM\...\startupreg\RGSC [Key] . (...) -- C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SmartMenu [Key] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O53 - SMSR:HKLM\...\startupreg\WirelessAssistant [Key] . (.Hewlett-Packard - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.1CFFE9C06E66A57DAE1452E449A58240] - 11/04/2010 - 12:48:50 ---A- . (.Hewlett-Packard - HP Accelerometer.) -- C:\Windows\system32\drivers\Accelerometer.sys [41272]
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]
O58 - SDL:[MD5.98022774D9930ECBB292E70DB7601DF6] - 10/06/2009 - 22:01:06 RSHAD . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\system32\drivers\agrsm64.sys [1146880]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]
O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 28/04/2011 - 07:22:41 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 28/04/2011 - 07:22:40 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]
O58 - SDL:[MD5.B76182F203E0BD5EB6A5F6538F0FAEE4] - 25/12/2010 - 16:47:10 RSHAD . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20048]
O58 - SDL:[MD5.DD281CFC996D71553A4185CE424B5C45] - 25/12/2010 - 16:54:22 RSHAD . (.AVAST Software - avast! Filtering TDI driver.) -- C:\Windows\system32\drivers\aswFW.sys [125520]
O58 - SDL:[MD5.A88E9544EDDA1CE83825DD22D6A8B5F9] - 25/12/2010 - 16:47:33 RSHAD . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [61008]
O58 - SDL:[MD5.518B8D447A1975AB46DA093A2E743256] - 07/09/2010 - 16:24:46 RSHAD . (.ALWIL Software - avast! Filtering NDIS driver.) -- C:\Windows\system32\drivers\aswNdis.sys [12368]
O58 - SDL:[MD5.B14A130C09AB3DB6697F9E9DF44AD7DE] - 25/12/2010 - 16:53:40 RSHAD . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\system32\drivers\aswNdis2.sys [250448]
O58 - SDL:[MD5.CFAD2FB33B22E7039C9DC233BAACBF8B] - 25/12/2010 - 16:47:49 RSHAD . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [28752]
O58 - SDL:[MD5.9638A3064B642410011B43A210276F55] - 25/12/2010 - 16:54:10 RSHAD . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [472656]
O58 - SDL:[MD5.594365E887F4A5AD3970870B352EB887] - 25/12/2010 - 16:52:09 RSHAD . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [121936]
O58 - SDL:[MD5.4BA0A0E1D36F88F536180FFE5EFD8B7C] - 25/12/2010 - 16:52:29 RSHAD . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [51280]
O58 - SDL:[MD5.38562A6A9CB10844759EAF2B01A7FCD3] - 11/04/2010 - 18:47:14 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1484800]
O58 - SDL:[MD5.3B9014FB7CE9E20FD726321C7DB7D8B0] - 24/07/2009 - 08:49:00 RSHAD . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [119312]
O58 - SDL:[MD5.A29087680A1C3B049E3C05438E8FF2B8] - 05/08/2009 - 06:23:00 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [6038016]
O58 - SDL:[MD5.7C5D273E29DCC5505469B299C6F29163] - 05/05/2009 - 06:30:28 RSHAD . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys [16440]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]
O58 - SDL:[MD5.867FA8B9E9E3078F68C4089904BBF4B0] - 11/09/2011 - 07:45:38 RSHAD . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\system32\drivers\dgderdrv.sys [20568]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]
O58 - SDL:[MD5.524C79054636D2E5751169005006460B] - 29/06/2009 - 19:17:00 RSHAD . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\system32\drivers\enecir.sys [70656]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.05712FDDBD45A5864EB326FAABC6A4E3] - 11/04/2010 - 12:49:08 RSHAD . (.Hewlett-Packard - HP Disk Filter - SATA/RAID.) -- C:\Windows\system32\drivers\hpdskflt.sys [30008]
O58 - SDL:[MD5.9AF482D058BE59CC28BCE52E7C4B747C] - 14/11/2009 - 08:48:32 RSHAD . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys [18432]
O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 13/07/2009 - 02:47:48 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]
O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 28/04/2011 - 07:23:00 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.A87261EF1546325B559374F5689CF5BC] - 10/06/2009 - 21:37:05 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys [6108416]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]
O58 - SDL:[MD5.2F9F76349BB8C578873A58C840BA0589] - 10/03/2010 - 08:16:36 RSHAD . (.Initio Corporation - Initio Default Vendor Specific Device Driver.) -- C:\Windows\system32\drivers\ivusb.sys [29720]
O58 - SDL:[MD5.F8844B00C10E386C704C610E95A9847D] - 21/07/2009 - 04:39:22 RSHAD . (.JMicron Technology Corporation - JMicron JMB38X Flash Media Controller Driver.) -- C:\Windows\system32\drivers\jmcr.sys [140712]
O58 - SDL:[MD5.07071C1E3CD8F0F9114AAC8B072CA1E5] - 29/04/2009 - 15:28:30 RSHAD . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\system32\drivers\KMWDFILTER.sys [30208]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.701223C663019B62029FAB1A2385EE81] - 21/10/2010 - 12:11:50 RSHAD . (.IBM - LUM Runtime.) -- C:\Windows\system32\drivers\LUMDriver.sys [24848]
O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 16/09/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]
O58 - SDL:[MD5.64428DFDAF6E88366CB51F45A79C5F69] - 10/06/2009 - 21:35:28 RSHAD . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\netw5v64.sys [5434368]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]
O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 28/04/2011 - 07:23:06 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]
O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 28/04/2011 - 07:23:06 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]
O58 - SDL:[MD5.B49DC435AE3695BAC5623DD94B05732D] - 11/04/2010 - 07:52:30 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [215040]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/07/2010 - 00:00:00 RSHAD . (...) -- C:\Windows\system32\drivers\sptd.sys [834544]
O58 - SDL:[MD5.F74634F46692C8315E7F37F698AF3225] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG USB Composite Device V2 Driver.) -- C:\Windows\system32\drivers\sscebus.sys [127488]
O58 - SDL:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecm.sys [15360]
O58 - SDL:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecmnt.sys [15360]
O58 - SDL:[MD5.82732B391EFD69B0548044BE9CB37BFC] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 Filter Driver.) -- C:\Windows\system32\drivers\sscemdfl.sys [18944]
O58 - SDL:[MD5.43D56ACE4469D90F9790E8352D87D9B5] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 WDM.) -- C:\Windows\system32\drivers\sscemdm.sys [161280]
O58 - SDL:[MD5.DB504EF6D73F6B8AB5CF8A18560C4E2A] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem Diagnostic Serial Port V2 Device Driver.) -- C:\Windows\system32\drivers\ssceserd.sys [129024]
O58 - SDL:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewh.sys [15872]
O58 - SDL:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewhnt.sys [15872]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]
O58 - SDL:[MD5.DFFBC024DFC7BB05B2129E05CBC7A201] - 05/03/2011 - 07:53:06 RSHAD . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt64.sys [505344]
O58 - SDL:[MD5.3A706A967295E16511E40842B1A2761D] - 27/05/2010 - 22:32:56 RSHAD . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [320560]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 21/11/2010 - 07:45:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\system32\drivers\TFsExDisk.sys [16392]
O58 - SDL:[MD5.44D9C773FEBFF10593B50DDFC2D6BC27] - 11/04/2010 - 05:49:08 RSHAD . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [36408]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]
O58 - SDL:[MD5.0C4540311E11664B245A263E1154CEF8] - 14/07/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL6.SYS [292864]
O58 - SDL:[MD5.18E40C245DBFAF36FD0134A7EF2DF396] - 14/07/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT6.SYS [740864]
O58 - SDL:[MD5.02071D207A9858FBE3A48CBFD59C4A04] - 14/07/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV6.SYS [1485312]
O58 - SDL:[MD5.AD12F5C7251BB8D575D560894E73CBBA] - 30/03/2011 - 10:43:40 RSHAD . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys [29288]
O58 - SDL:[MD5.B3EEACF62445E24FBB2CD4B0FB4DB026] - 10/06/2009 - 21:35:33 RSHAD . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk62x64.sys [389120]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 21/11/2010 - 07:45:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
~ Scan Drivers in 00mn 08s

---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: OTL - (.OldTimer.)
~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adp94xx.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpahci.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpu320.sys - No object(No service) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - LEGACY_ADPU320
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\aliide.sys - No object(No service) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\amdsata.sys - No object(No service) .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMDSATA
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\amdsbs.sys - No object(No service) .(.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) - LEGACY_AMDSBS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arc.sys - No object(No service) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arcsas.sys - No object(No service) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS
O64 - Services: CurCS - 07/09/2010 - C:\Windows\system32\drivers\aswMonFlt.sys - No object(No service) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\cmdide.sys - No object(No service) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE
O64 - Services: CurCS - 25/05/2010 - C:\Windows\system32\drivers\dgderdrv.sys - No object(No service) .(.Devguru Co., Ltd - Device Error Recovery SDK(x64).) - LEGACY_DGDERDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\elxstor.sys - No object(No service) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\HpSAMD.sys - No object(No service) .(.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) - LEGACY_HPSAMD
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\iaStorV.sys - No object(No service) .(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) - LEGACY_IASTORV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\iirsp.sys - No object(No service) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_fc.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas2.sys - No object(No service) .(.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) - LEGACY_LSI_SAS2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_scsi.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI
O64 - Services: CurCS - 02/01/2008 - C:\Windows\system32\drivers\LUMDriver.sys - No object(No service) .(.IBM - LUM Runtime.) - LEGACY_LUMDRIVER
O64 - Services: CurCS - 31/08/2011 - C:\Windows\system32\drivers\mbam.sys - No object(No service) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\megasas.sys - No object(No service) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\MegaSR.sys - No object(No service) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\nfrd960.sys - No object(No service) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvraid.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvstor.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql2300.sys - No object(No service) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql40xx.sys - No object(No service) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\SiSRaid2.sys - No object(No service) .(.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) - LEGACY_SISRAID2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\sisraid4.sys - No object(No service) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4
O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - No object (No service) .(...) - LEGACY_SPTD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\stexstor.sys - No object(No service) .(.Promise Technology - Promise SuperTrak EX Series Driver for Win.) - LEGACY_STEXSTOR
O64 - Services: CurCS - 25/05/2010 - C:\Windows\system32\Drivers\TFsExDisk.sys - No object(No service) .(.Teruten Inc - File System Mini Filter Drvier.) - LEGACY_TFSEXDISK
O64 - Services: CurCS - 31/05/2011 - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys - No object(No service) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\viaide.sys - No object(No service) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\vsmraid.sys - No object(No service) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID
~ Scan Services in 00mn 01s

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {40200BBB-5A78-4A46-8301-408406BE7FBF} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {71C63272-91A7-436a-843D-A1C641D1C626} [DefaultScope] - (Web Search) - http://search.shareazaweb.com
O69 - SBI: SearchScopes [HKCU] {9D623E26-6AC0-490B-AABE-B5A54EC0846B} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.14125ACE451DE474374803CF4B6A3EA0] [SPRF][10/09/2011] (...) -- C:\Users\Alexis\AppData\Roaming\serveur.exe [5576]
[MD5.02D468949BB4129FC6B40B1387F35834] [SPRF][10/09/2011] (.Mozilla Corporation - Firefox.) -- C:\Users\Alexis\AppData\Roaming\servi_juju.exe [48414208]
[MD5.14125ACE451DE474374803CF4B6A3EA0] [SPRF][16/09/2011] (...) -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe [5576]
[MD5.E8269245566BE948F6A219135B434160] [SPRF][14/09/2011] (.Trend Micro Inc. - HijackThis.) -- C:\Users\Alexis\Desktop\Jean.exe [401720]
[MD5.B4D59B517C87833EA3E283E14556E778] [SPRF][16/09/2011] (.OldTimer Tools - Pas de description.) -- C:\Users\Alexis\Desktop\OTL.exe [581632]
[MD5.DAEE914ABCF0081AAF23689E4A8C27DD] [SPRF][14/09/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r85.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2826192]
~ Scan Files in 00mn 01s

---\\ Recherche d'infection Rogue (O86)
C:\ProgramData\141D1
~ Scan Files in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{C3EF2FF0-5B01-4EB5-83AA-71AEEBD774D2}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{DFB21798-1679-423B-A492-528591A6D9A0}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.)
O87 - FAEL: "{4DF15576-ED71-4700-9C28-D0B0392F1007}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.)
O87 - FAEL: "{C99B6F47-1375-40E1-95DC-CE8C568ED18F}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.)
O87 - FAEL: "{5BFA094F-B5F2-4030-B6CC-DAA2E16AA68B}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.)
O87 - FAEL: "{92273048-9A64-425F-855C-01B06679363A}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{3720CFC1-D6C1-4FB9-9055-DAF1300577F6}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
O87 - FAEL: "{A1D47B9B-FB2A-476B-8828-2B86CAA54A03}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
O87 - FAEL: "{835B7022-2BAF-4E77-A6BE-1D688E0FE2A7}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
O87 - FAEL: "{CB86DC63-7890-40BE-A7F6-FF6741633F22}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
O87 - FAEL: "{BB688602-CDF4-47C5-98A9-DD41F8644DA6}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O87 - FAEL: "{642A07C5-2243-4BD7-8CB7-D8955DF673F3}" | In - None - P6 - TRUE | .(.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O87 - FAEL: "{9523F524-2218-4F3F-A230-714E0DBDCCDA}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QP.exe (.not file.)
O87 - FAEL: "{350A1FDB-3E09-4CC9-AF03-612DD78968B1}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QPService.exe (.not file.)
O87 - FAEL: "TCP Query User{8642DCDC-1350-4617-B393-344FE480FC5C}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe (.not
O87 - FAEL: "UDP Query User{F28E84DD-A15A-4DC6-B7E6-6E1B6A029F33}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe (.no
O87 - FAEL: "TCP Query User{BDE116A8-21CB-4573-B7FF-2E92AF0D36FA}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not f
O87 - FAEL: "UDP Query User{AA170657-F948-41BD-846C-F22DECC49415}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not
O87 - FAEL: "TCP Query User{8E2F6065-358C-42DA-9A8E-9BCC1AAD1CB9}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemon.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemon
O87 - FAEL: "UDP Query User{94B223AD-A71B-406F-9A0E-57390ACF9F86}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemon.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemo
O87 - FAEL: "TCP Query User{B0A8ABCF-4B09-468F-9F9C-36EFDFB2EDDE}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe (.n
O87 - FAEL: "UDP Query User{DB434189-4D85-4CD2-8B53-2A44387BF117}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe (.
O87 - FAEL: "TCP Query User{44F372B8-CBE8-42AD-93F5-B5C9E2816968}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not
O87 - FAEL: "UDP Query User{161C4045-693D-4098-B7AB-91BEAD029A35}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not
O87 - FAEL: "{A4BEF1A5-2434-4FC4-B7C2-F6B46A492862}" | In - Public - P6 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\Program Files (x86)\2K Sports\NBA 2K11\nba2k11.exe
O87 - FAEL: "{3DEE81FE-C101-4B77-AA2D-6DF8B49AD239}" | In - Public - P17 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\Program Files (x86)\2K Sports\NBA 2K11\nba2k11.exe
O87 - FAEL: "TCP Query User{AD960642-8CA0-4AF4-9686-7D995EFCB479}C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe" | In - Private - P6 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe
O87 - FAEL: "UDP Query User{534AA8D0-510D-4C13-910C-C431C3E5B0BC}C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe" | In - Private - P17 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe
O87 - FAEL: "{1867BACE-B8FD-48F1-A8B8-8C0DC44D2575}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{6BF3B60E-C2B8-4413-A827-84F8649D0331}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{893B88DE-527D-4C1E-B37B-9FB32E3F6E09}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{06FCC042-1053-4C20-8EA2-FB546D5B1472}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{0A09AFD0-B708-4ABE-8A19-A5A556902A28}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
O87 - FAEL: "{04D56040-A753-4544-B611-55749D4A96A6}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
O87 - FAEL: "{F4A21FA2-EEBC-45B9-A4F3-92134E27A90B}" | In - Private - P6 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
O87 - FAEL: "{4A798658-411C-4D1C-B662-DF9D59FB9147}" | In - Private - P17 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
O87 - FAEL: "{A019DB5D-7BE1-4165-9AAC-B86F4FF3BF32}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\Shareaza Applications\Shareaza\Shareaza.exe (.not file.)
O87 - FAEL: "{8BB15935-A67F-432A-A145-BD638DEED17F}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\Shareaza Applications\Shareaza\Shareaza.exe (.not file.)
O87 - FAEL: "{7C11EDE8-6888-4176-95F5-B58E904D0497}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{929FDE88-E81D-4EA9-9D3D-079A84FED215}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\ubisoft\tom clancy's rainbow six veg
O87 - FAEL: "UDP Query User{3C5573AD-6B69-4E46-81B9-8223A2263FE6}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\ubisoft\tom clancy's rainbow six ve
O87 - FAEL: "{5CCA388F-7DE5-4AAA-8E58-3662244A1E46}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{62BC6376-18A9-4C05-8E87-ABB0DA7323D8}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{2E8A563F-E73E-4741-B23E-2E244A2F0B7B}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{029B3572-C8EB-4FBD-A70E-E2AA909BF6A0}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{8C59A3FF-DFC4-487E-B28A-37CA990F801C}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{E227B2D2-5105-4209-812A-B4C10D2F8A99}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
O87 - FAEL: "{0CE8CE03-D126-4C50-8017-675D0EEEBA78}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
O87 - FAEL: "{DCEEB31D-6B75-4128-92F3-082FFAEB1150}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
O87 - FAEL: "{B0A18913-823B-434D-8324-218497462CE2}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
~ Scan Firewall in 00mn 01s

---\\ Scan Additionnel (O88)
Database Version : 8634 - (29/08/2011)
Clés trouvées (Keys found) : 17
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 0

[HKLM\Software\Wow6432Node\Messenger Plus!\OpenCandy] =>Adware.OpenCandy
[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar
[HKLM\Software\WOW6432Node\Classes\CLSID\{761f6a83-f007-49e4-8eac-cdb6808ef06f}] =>PUP.Eorezo
[HKLM\Software\WOW6432Node\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}] =>PUP.Eorezo
[HKLM\Software\WOW6432Node\Classes\CLSID\{7cd74aff-3433-4e34-92e2-d98dfdb30754}] =>PUP.Eorezo
[HKLM\Software\WOW6432Node\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}] =>PUP.Eorezo
[HKLM\Software\WOW6432Node\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}] =>PUP.Eorezo
[HKLM\Software\WOW6432Node\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}] =>PUP.Eorezo
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\WOW6432Node\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}] =>PUP.Eorezo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b9e20919-fa55-471f-989b-b107bf8de785}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b9e20919-fa55-471f-989b-b107bf8de785}] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\WOW6432Node\OpenCandy NSIS SDK] =>Adware.OpenCandy
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Spointer] =>Adware.SPointer
C:\Users\Alexis\AppData\Local\moovida air =>Adware.SPointer
C:\Users\Alexis\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Alexis\AppData\LocalLow\PriceGong =>Adware.PriceGong
~ Scan Additionnel in 00mn 07s

---\\ Recherche détournement de DNS routeur (O89)
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.google.fr
Address: 209.85.148.105
~ Scan DNS in 00mn 02s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 05/03/2011 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
SR - | Auto 05/08/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
SR - | Auto 07/09/2010 40384 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 07/09/2010 119200 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe
SR - | Demand 07/09/2010 40384 | (avast! Mail Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 07/09/2010 40384 | (avast! Web Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Demand 14/11/2009 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 26/06/2011 125496 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 26/06/2011 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SS - | Demand 26/06/2011 791608 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 11/04/2010 30520 | (hpsrv) . (.Hewlett-Packard.) - C:\Windows\system32\Hpservice.exe
SS - | Demand 16/02/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SR - | Auto 11/04/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 16/09/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 0 | (PnkBstrB) . (...) - C:\Windows\system32\PnkBstrB.exe
SR - | Auto 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 05/03/2011 247808 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
SR - | Auto 27/08/2011 2027840 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 04s

---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Alexis at 16/09/2011 22:38:28

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 06s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Alexis at 16/09/2011 22:38:30

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 08s

End of the scan (1351 lines in 02mn 12s)(0)

Mon pb d'accent était réglé mais ça a recommencé. Pour malware j'ai un doute maintenant je vais recommencer une analyse lol.

Del-crosseur · le 16 Sep 2011 21:55

re ,

Ok , c'est très important vu les infections trouvé par Malwarebytes... Il reste tous de même du monde à viré donc on continue...

***Dans "Programmes" tu as ZHPDiag , cliques dessus pour le lancer
Lorsque la fenêtre de l'interface sera ouverte clique sur cette icône -->

Une nouvelle interface va se présenter (tu seras sur ZHPFix), dans celle-ci applique cette procédure :

• Dans la fenêtre d'application (blanche et vierge) copie et colle ceci dedans :

[MD5.14125ACE451DE474374803CF4B6A3EA0] - (...) -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe [5576] [PID.]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\Spointer]
[HKLM\Software\OpenCandy NSIS SDK]
O43 - CFD: 26/12/2010 - 22:36:22 - [3172] ----D- C:\ProgramData\141D1
O43 - CFD: 01/10/2010 - 20:38:54 - [127554] ----D- C:\Users\Alexis\AppData\Local\moovida Air
[MD5.14125ACE451DE474374803CF4B6A3EA0] [SPRF][16/09/2011] (...) -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe [5576]
C:\ProgramData\141D1
[HKLM\Software\Wow6432Node\Messenger Plus!\OpenCandy]
[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{761f6a83-f007-49e4-8eac-cdb6808ef06f}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{7cd74aff-3433-4e34-92e2-d98dfdb30754}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}]
[HKLM\Software\WOW6432Node\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}]
[HKLM\Software\WOW6432Node\OpenCandy NSIS SDK]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\Spointer]
C:\Users\Alexis\AppData\Local\moovida air
C:\Users\Alexis\AppData\LocalLow\PriceGong
O43 - CFD: 16/09/2011 - 19:38:22 - [0] ----D- C:\Users\Alexis\AppData\Roaming\install
O51 - MPSK:{11528fe2-f119-11df-a99e-c80aa966016f}\AutoRun\command. (...) -- I:\ICM_ML.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {71C63272-91A7-436a-843D-A1C641D1C626} [DefaultScope] - (Web Search) - http://search.shareazaweb.com
[HKCU\Software\AppDataLow\Software\Conduit]
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b9e20919-fa55-471f-989b-b107bf8de785}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b9e20919-fa55-471f-989b-b107bf8de785}]
[HKCU\Software\AppDataLow\Software\Conduit]
C:\Users\Alexis\AppData\LocalLow\Conduit
EmptyFlash
Emptytemp

• En haut dans la barre de commandes clique sur --> H
pour activer les lignes Helpers.

***Clique sur "OK", puis sur "Tous", et pour terminer le lancement sur "Nettoyer".
/!\Ne touche pas au pc pendant que ZHPFix travail , risque de plantage du logiciel./!\
Une fois le Scan terminer , tu obtiendras un rapport de nettoyage.
Poste-moi le rapport.

Puis :::

INSTALLATION
- Télécharges AdwCleaner de Xplode
- Lance AdwCleaner.exe
- accepter l'avertissement qui suit
- Clic sur Recherche
- Patientes le temps de la recherche
- Postes le rapport qui apparait à la fin .
- Clic sur Quitter

A toutes !

Sushis · le 18 Sep 2011 01:01

Rapport ZPH :

Rapport de ZHPFix 1.12.3360 par Nicolas Coolman, Update du 29/08/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-18-09-2011-02-00-39.txt
Run by Alexis at 18/09/2011 02:00:39
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html

========== Processus mémoire ==========
SUPPRIME Reboot Memory Process: C:\Users\Alexis\AppData\Roaming\SVCHOST.exe

========== Clé(s) du Registre ==========
SUPPRIME Key: HKCU\Software\AppDataLow\Software\PriceGong
SUPPRIME Key: HKCU\Software\Spointer
ABSENT Key: HKLM\Software\OpenCandy NSIS SDK
SUPPRIME Key: HKLM\Software\Wow6432Node\Messenger Plus!\OpenCandy
SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{761f6a83-f007-49e4-8eac-cdb6808ef06f}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{7cd74aff-3433-4e34-92e2-d98dfdb30754}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}
SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}
SUPPRIME Key: HKLM\Software\WOW6432Node\OpenCandy NSIS SDK
SUPPRIME CLSID MPSK: {11528fe2-f119-11df-a99e-c80aa966016f}
SUPPRIME Key: SearchScopes :{71C63272-91A7-436a-843D-A1C641D1C626}
SUPPRIME Key: HKCU\Software\AppDataLow\Software\Conduit
SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b9e20919-fa55-471f-989b-b107bf8de785}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b9e20919-fa55-471f-989b-b107bf8de785}

========== Dossier(s) ==========
SUPPRIME Folder: C:\ProgramData\141D1
SUPPRIME Folder: C:\Users\Alexis\AppData\Local\moovida Air
SUPPRIME Folder: c:\users\alexis\appdata\locallow\pricegong
SUPPRIME Folder: C:\Users\Alexis\AppData\Roaming\install
SUPPRIME Folder: c:\users\alexis\appdata\locallow\conduit
SUPPRIME Flash Cookies: 8
SUPPRIME Temporaires Windows: : 4

========== Fichier(s) ==========
ABSENT Folder/File: c:\programdata\141d1
ABSENT Folder/File: c:\users\alexis\appdata\local\moovida air
SUPPRIME Flash Cookies: 6
SUPPRIME Temporaires Windows: : 12

========== Récapitulatif ==========
1 : Processus mémoire
19 : Clé(s) du Registre
7 : Dossier(s)
4 : Fichier(s)

End of the scan in 00mn 04s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 18/09/2011 02:00:39 [2755]

Rapport ADWCleaner

# AdwCleaner v1.306 - Rapport créé le 18/09/2011 à 02:03:39
# Mis à jour le 14/09/11 à 13h par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits)
# Nom d'utilisateur : Alexis - ALESKYPC (Administrateur)
# Exécuté depuis : C:\Users\Alexis\Downloads\adwcleaner.exe
# Option [Recherche]

***** [Processus] *****

***** [Services] *****

***** [Fichiers / Dossiers] *****

***** [Registre] *****

***** [Registre (64 bits)] *****

***** [Navigateurs] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v5.0 (fr)

Profil : s2nten56.default
Fichier : C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\\ Google Chrome v13.0.782.220

Fichier : C:\Users\Alexis\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [1022 octets] - [18/09/2011 02:03:39]

########## EOF - C:\AdwCleaner[R1].txt - [1150 octets] ##########

Del-crosseur · le 18 Sep 2011 09:07

Bonjour ,

Parfait....
Toujours le problème d'accent .?
Essayer cela:

Appuies simultanément les Touches >> Alt + Circonflexe , tu relâches et appuies sur " e "

Nous allons maintenant vérifier que plus rien ne traine avec un Antivirus en Ligne...

Nous allons effectuer un Scan avec NOD32

*** Scan en ligne ->

_->Cliquez sur le bouton

_->Accepter les conditions d’utilisation, pour cela, cochez la case « Oui, j’accepte les termes du contrat de licence »
_->Cliquez ensuite sur le bouton Start
_->Acceptez l’installation de l’ActiveX NOD32
_->Le téléchargement des définitions virales s’effectuent, cela peut prendre du temps selon la vitesse de connexion.
_->Cocher la case "Supprimer les menaces détectées"
_->Clique sur le bouton Démarrer pour lancer le scan
_->Le scan du PC se lance, les menaces détectées apparaissent dans la liste en dessous de la barre de progression.
_->Laissez l’analyse s’effectuer entièrement
_->Cliquer sur le bouton « liste des menaces » permettant d’exporter la liste dans un fichier texte
_->Enregistrer celui-ci sur votre bureau par exemple

Poste moi le rapport

Bonne journée !!

Sushis · le 18 Sep 2011 15:22

J'ai fais ce que tu m'as demandé avec ESET et rien à signaler. Il m'a pas proposé de rapport mais il n'a rien trouvé.

Et tj le problème d'accent circonflexe ! :-?

Merci pour m'avoir aidé à nettoyer mon ordi en tout cas !

Del-crosseur · le 18 Sep 2011 17:22

Bonsoir ,

Ok pour NOD32
A tu essayer ceci

Appuies simultanément les Touches >> Alt + Circonflexe , tu relâches et appuies sur " e "

* Télécharger sur le bureau RogueKiller
* Quitter tous les programmes en cours
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lancer simplement RogueKiller.exe
* Une fois ouvert , taper "1" et valider
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), poste moi le rapport...
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe

Bonne soirée !

[Réglé]Pb accent circonflexe

[Réglé]Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Re: Pb accent circonflexe

Sujets similaires

Qui est en ligne