[Réglé]Pb accent circonflexe • page 2

[Sushis]

RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion- ... ntees.html

Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode normal
Utilisateur: Alexis [Droits d'admin]
Mode: Recherche -- Date : 18/09/2011 18:38:08

Processus malicieux: 1
[HJ NAME] SVCHOST.exe -- c:\users\alexis\appdata\roaming\svchost.exe -> KILLED [TermProc]

Entrees de registre: 4
[SUSP PATH] HKCU\[...]\Run : Startup Name (C:\Users\Alexis\AppData\Roaming\servi_juju.exe) -> FOUND
[SUSP PATH] HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000[...]\Run : Startup Name (C:\Users\Alexis\AppData\Roaming\servi_juju.exe) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Fichiers / Dossiers particuliers:

Fichier HOSTS:


Termine : << RKreport[1].txt >>
RKreport[1].txt

C'est re bon pour l'accent circonflexe tout à l'heure alt+^ ça ne marchait pas la ça a fonctionné !

[Del-crosseur]

Bonsoir ,

Nous avons de la résistance je vois...

Relance RogueKiller puis cette fois-ci tapé la touche "2"

Bonne soirée !!

[Sushis]

RogueKiller V5.3.4 [30/08/2011] par Tigzy
contact sur http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion- ... ntees.html

Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode normal
Utilisateur: Alexis [Droits d'admin]
Mode: Suppression -- Date : 18/09/2011 20:19:31

Processus malicieux: 0

Entrees de registre: 4
[SUSP PATH] HKCU\[...]\Run : Startup Name (C:\Users\Alexis\AppData\Roaming\servi_juju.exe) -> DELETED
[SUSP PATH] HPSA Upgrade.job : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Fichiers / Dossiers particuliers:

Fichier HOSTS:


Termine : << RKreport[1].txt >>
RKreport[1].txt

Voilà ! ^^

[Del-crosseur]

Re ,

Ou en est le problème d'accent circonflexe ?.
Peut tu stp refaire un Scan ZHPDiag comme tu la fais au début ...

Bonne soirée !

[Sushis]

Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011
Run by Alexis at 18/09/2011 21:12:12
Web site : http://www.premiumorange.com/zeb-help-p ... pdiag.html


---\\ Web Browser
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 5.0 v5.0

---\\ Windows Product Information
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4092 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 461 GB (79%) free of 582 GB

---\\ Logged in mode
~ Computer Name: ALESKYPC
~ User Name: Alexis
~ All Users Names: HomeGroupUser$, Alexis, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Alexis\AppData\Roaming\
~ %Desktop% : C:\Users\Alexis\Desktop\
~ %Favorites% : C:\Users\Alexis\Favorites\
~ %LocalAppData% : C:\Users\Alexis\AppData\Local\
~ %StartMenu% : C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 461 Go of 582 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
F:\ CD-ROM drive (Not Inserted)
H:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.28/04/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]
[MD5.463302B41295A7FCAAC655CCB5DE79F8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/08/2011 - 07:20:48.) -- C:\Windows\system32\wininet.dll [1197056]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29/07/2010 - 07:24:40.) -- C:\Windows\system32\Winlogon.exe [389632]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]
[MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.28/04/2011 - 07:23:06.) -- C:\Windows\system32\drivers\ntfs.sys [1657216]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\system32\sppcomapi.dll [231936]
[MD5.F2521C3173E6027B3FBD5E44272BDF6C] - (....) (.14/11/2009 - 18:42:26.) -- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 133/1198
~ Mes musiques (My Musics) : 1175/3790
~ Mes Videos (My Videos) : 12/98
~ Mes Favoris (My Favorites) : 2/3
~ Mes Documents (My Documents) : 15/693
~ Mon Bureau (My Desktop) : 1/24
~ Menu demarrer (Programs) : 6/34
~ Scan Hidden Files in 00mn 05s



---\\ Processus lancés
[MD5.6F8B727CBC4EB8198ED7C1D9E2FBAD55] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3507088] [PID.1028]
[MD5.6C1B31F5C16E03153F0037AC6C451FFD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2838912] [PID.2220]
[MD5.01804FECFF485199032AD666542E42A9] - (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe [1030200] [PID.3664]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- C:\Windows\SysWOW64\rundll32.exe [44544] [PID.4652]
[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.4492]
[MD5.ACB544D7254F366DFB48F380BC36CD25] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384] [PID.]
[MD5.8408B80B5D1927D5063E1250EA5D9A78] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe [119200] [PID.]
[MD5.F55442690A70A0278A7EED4FAAEBF576] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.]
[MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]
[MD5.831883B107684301F48ACE752C963984] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [66872] [PID.]
[MD5.E24106A5EAECDDFF00B25497049DD65F] - (...) -- C:\Windows\SysWOW64\PnkBstrB.exe [107832] [PID.]
[MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.]
[MD5.640E51DB253265C3EAC075866B3D2B33] - (.Hewlett-Packard Company - hpqwmiex Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [791608] [PID.]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Alexis\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [afpbkpjjkfakdcakapanjoeijlphieei] RapidShare DownloadHelper v.1.1.1 (Activé)
G2 - GCE: Preference [User Data\Default] [bakedkcpfklpfjhlblihbddnlebmfkfc] Megaupload Super Search (french version) v.2.5 (Activé)
G2 - GCE: Preference [User Data\Default] [kcdpddllhkgmdfdeccgkjofpegkdmnhp] Chrome OGame (fr) v.1.2.37 (Désactivé)
G2 - GCE: Preference [User Data\Default] [leekjckogogidfhpejjmaaekecplpdcg] MegaUpload DownloadHelper v.1.2 (Activé)
G2 - GCE: Preference [User Data\Default] [lloijicenboemlbkenhgoncndgfecbhc] Megaupload Super Search v.2.5 (Activé)
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\prefs.js
C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\user.js
M3 - MFPP: Plugins - [Alexis] -- C:\Users\Alexis\AppData\Roaming\Mozilla\Firefox\Profiles\s2nten56.default\searchplugins\ShareazaWebSearch.xml
M0 - MFSP: prefs.js [Alexis - s2nten56.default] http://google.fr
M2 - MFEP: prefs.js [Alexis - s2nten56.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.9.11 (.Aaron Boodman; http://youngpup.net/.)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Alexis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Alexis\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class [64Bits] - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-21-1034220312-1961313254-1996914020-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Alexis.lnk . (...) -- C:\Users\Alexis
O4 - Global Startup: C:\Users\Alexis\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Free Download Manager.lnk . (.FreeDownloadManager.ORG.) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Guitar Pro 5.lnk . (.Arobas Music.) -- C:\Program Files (x86)\Guitar Pro 5\GP5.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Ma musique.lnk . (...) -- C:\Users\Alexis\Music
O4 - Global Startup: C:\Users\Alexis\Desktop\Mes documents.lnk . (...) -- C:\Users\Alexis\Documents
O4 - Global Startup: C:\Users\Alexis\Desktop\Mes images.lnk . (...) -- C:\Users\Alexis\Pictures
O4 - Global Startup: C:\Users\Alexis\Desktop\Microsoft Office.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O4 - Global Startup: C:\Users\Alexis\Desktop\NBA 2K11.lnk . (.2K Sports.) -- C:\Program Files (x86)\2K Sports\NBA 2K11\nba2k11.exe
O4 - Global Startup: C:\Users\Alexis\Desktop\Ordinateur.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Alexis\Desktop\Panneau de configuration.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Alexis\Desktop\Rainbow Six Vegas 2.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Alexis\Desktop\Téléchargement.lnk . (...) -- C:\Users\Alexis\Downloads
O4 - Global Startup: C:\Users\Alexis\Desktop\Vidéos.lnk . (...) -- C:\Users\Alexis\Videos
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Alexis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.Samsung.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
~ Scan Global Startup in 00mn 00s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~4\Office12\EXCEL.exe
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{89E5E81C-9E05-4798-990F-F7C90DF621E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{89E5E81C-9E05-4798-990F-F7C90DF621E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{89E5E81C-9E05-4798-990F-F7C90DF621E7}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard - HpService.) - C:\Windows\system32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: PnkBstrB (PnkBstrB) . (...) - C:\Windows\SysWOW64\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000UA.job
[MD5.4510E7A22B82BB99FFEE43953292BAD0] [APT] [CapSchedInst] (.CL.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe
[MD5.60747E27A2767B96E4A70DEAF73A30D7] [APT] [CapSvcInst] (.CL.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe
[MD5.86BA18FC1681C3274DA50BC6B07FAECD] [APT] [CapUninst] (.CL.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe
[MD5.C6331D11F80B3AFFD91A9B3858E00F23] [APT] [CLMLSvc] (.CyberLink.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
[MD5.00000000000000000000000000000000] [APT] [DVDAgent] (...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (.not file.)
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000Core] (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1034220312-1961313254-1996914020-1000UA] (.Google Inc..) -- C:\Users\Alexis\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
[MD5.3103FE27C967675B019E880AA6DA3D6D] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.5516C26A6AF8EB4E2CAB48EC98A74398] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
[MD5.2F407AA24101E4678B110A1FFA13F587] [APT] [Programme de mise … jour en ligne de Sun Microsystems] (.Sun Microsystems, Inc..) -- C:\Program Files\Java\jre6\bin\jusched.exe
[MD5.FAB4D03FB9DCC995C5B0F30164183CFA] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (.TuneUp Software.) -- C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe
[MD5.1CE55AE7E57826457FD56EB3C50E4E54] [APT] [TVAgent] (.CyberLink Corp..) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
[MD5.00000000000000000000000000000000] [APT] [{CC5C3F17-D933-40A3-A3EC-B10D4E2701C6}] (...) -- C:\Program Files (x86)\TrackMania United\unins000.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{E6A93FE1-308B-4E76-BF6C-7FA9E5ECFF56}] (...) -- C:\Windows\CSS Pack\uninstall.exe (.not file.)
[MD5.68C59AE507B11FE5185EB183B55ACE63] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
[MD5.68C59AE507B11FE5185EB183B55ACE63] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
~ Scan Scheduled Task in 00mn 04s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys
O41 - Driver: (LUMDriver) . (.IBM - LUM Runtime.) - C:\Windows\system32\drivers\LUMDriver.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}
O42 - Logiciel: ENE CIR Receiver Driver - (.ENE.) [HKLM] -- FFE7D41DF3C645075BB149E21988B63996C34187
O42 - Logiciel: Free Download Manager 3.0 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}
O42 - Logiciel: HP MediaSmart Internet TV - (.Hewlett-Packard.) [HKLM] -- InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}
O42 - Logiciel: HP MediaSmart Internet TV - (.Hewlett-Packard.) [HKLM] -- {E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}
O42 - Logiciel: HP MediaSmart Live TV - (.Hewlett-Packard.) [HKLM] -- InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart Live TV - (.Hewlett-Packard.) [HKLM] -- {67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP Quick Launch Buttons - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {17B4760F-334B-475D-829F-1A3E94A6A4E6}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {E92D47A1-D27D-430A-8368-0BAFD956507D}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2461678
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}
O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)
O42 - Logiciel: NetWorkingWizard_ICM - (.Samsung.) [HKLM] -- {4CFFAEC0-1F2A-4D38-8D95-3995A936ADD9}
O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: Rapture3D 2.3.22 Game - (.Blue Ripple Sound.) [HKLM] -- {D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1
O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870
O42 - Logiciel: Tom Clancy's Rainbow Six Vegas 2 - (.Ubisoft.) [HKLM] -- {FD416706-875C-4B0B-A23A-9E740DAE029E}
O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011
O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974631) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}
O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) - (.Garmin.) [HKLM] -- 49CF605F02C7954F4E139D18828DE298CD59217C
O42 - Logiciel: avast! Internet Security - (.Alwil Software.) [HKLM] -- avast5

---\\ HKCU & HKLM Software Keys
[HKCU\Software\(null)]
[HKCU\Software\2K Sports]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Badoo]
[HKCU\Software\Battle.net]
[HKCU\Software\BlueRippleSound]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DT Soft]
[HKCU\Software\DownloadManager]
[HKCU\Software\EPSON]
[HKCU\Software\ESET]
[HKCU\Software\EasyBits]
[HKCU\Software\Electronic Arts]
[HKCU\Software\Emulators]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Garmin]
[HKCU\Software\Google]
[HKCU\Software\Gravity]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\Informer Technologies, Inc.]
[HKCU\Software\JavaSoft]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MirAIConf]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nadeo]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\SAMSUNG]
[HKCU\Software\SecuROM]
[HKCU\Software\Shareaza]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\TeamSpeak 3 Client]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Ubisoft]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Yahoo]
[HKCU\Software\mIRC]
[HKCU\Software\perforce]
[HKCU\Software\remote]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Agere]
[HKLM\Software\Arobas Music]
[HKLM\Software\Atheros]
[HKLM\Software\Aureal]
[HKLM\Software\AutoClickerTyper]
[HKLM\Software\BlueRippleSound]
[HKLM\Software\CXT]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cyberlink]
[HKLM\Software\DT Soft]
[HKLM\Software\Digital River]
[HKLM\Software\EasyBits]
[HKLM\Software\Eset]
[HKLM\Software\Even Balance]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\Gamigo Games]
[HKLM\Software\Garmin]
[HKLM\Software\Google]
[HKLM\Software\Gradient]
[HKLM\Software\Gravity Soft]
[HKLM\Software\HPQLOG]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IBM]
[HKLM\Software\IDT]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Internet Download Manager]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LSI]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\MCCI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Matrox]
[HKLM\Software\Messenger Plus!]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PDR_Upgrade]
[HKLM\Software\Pando Networks]
[HKLM\Software\Policies]
[HKLM\Software\Product_Upgrade]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\Samsung]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TrendMicro]
[HKLM\Software\TuneUp]
[HKLM\Software\Ubisoft]
[HKLM\Software\Valve]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wondershare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\asoftwareplus]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/07/2010 - 15:14:06 - [186531024] ----D- C:\Program Files\Alwil Software
O43 - CFD: 11/04/2010 - 02:24:24 - [19031379] ----D- C:\Program Files\ATI
O43 - CFD: 14/07/2009 - 05:20:10 - [40708767] ----D- C:\Program Files\Common Files
O43 - CFD: 06/03/2011 - 15:59:02 - [2518312] ----D- C:\Program Files\DIFX
O43 - CFD: 11/04/2010 - 11:15:14 - [90257428] ----D- C:\Program Files\DVD Maker
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\Program Files\Fichiers communs
O43 - CFD: 11/04/2010 - 02:43:30 - [17006923] ----D- C:\Program Files\Hewlett-Packard
O43 - CFD: 05/03/2011 - 15:35:38 - [44113108] ----D- C:\Program Files\IDT
O43 - CFD: 11/08/2011 - 12:07:12 - [5176332] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 14/11/2009 - 13:34:58 - [262140554] ----D- C:\Program Files\Java
O43 - CFD: 11/04/2010 - 11:15:14 - [149236786] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 14/11/2009 - 12:00:30 - [1141526] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 11/04/2010 - 02:26:54 - [38665055] ----D- C:\Program Files\Synaptics
O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 14/11/2009 - 19:46:42 - [4039168] ----D- C:\Program Files\Windows Defender
O43 - CFD: 16/12/2010 - 23:49:50 - [6667264] ----D- C:\Program Files\Windows Mail
O43 - CFD: 16/10/2010 - 12:14:32 - [7687085] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 28/07/2010 - 14:59:32 - [12627124] ----D- C:\Program Files\Windows NT
O43 - CFD: 14/11/2009 - 19:46:42 - [5516568] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 28/07/2010 - 15:01:16 - [11755355] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 24/09/2010 - 22:56:40 - [4356726] ----D- C:\Program Files\WinRAR
O43 - CFD: 16/06/2011 - 03:26:22 - [28087326] ----D- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 14/11/2009 - 19:46:42 - [12009971] ----D- C:\Program Files\Common Files\System
O43 - CFD: 17/06/2011 - 13:15:28 - [62265499] ----D- C:\ProgramData\Adobe
O43 - CFD: 28/07/2010 - 15:14:06 - [68501164] ----D- C:\ProgramData\Alwil Software
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 11/04/2010 - 02:28:50 - [8972] ----D- C:\ProgramData\Atheros
O43 - CFD: 11/04/2010 - 03:04:12 - [188] ----D- C:\ProgramData\ATI
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 31/03/2011 - 01:46:02 - [0] ----D- C:\ProgramData\Codemasters
O43 - CFD: 18/09/2010 - 22:01:04 - [140515] ----D- C:\ProgramData\CyberLink
O43 - CFD: 29/07/2010 - 02:10:22 - [1520] ----D- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 19/06/2011 - 19:52:40 - [0] ----D- C:\ProgramData\DassaultSystemes
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 04/03/2011 - 15:51:56 - [144] ----D- C:\ProgramData\Driver Whiz
O43 - CFD: 02/12/2010 - 02:01:14 - [0] ----D- C:\ProgramData\EA Core
O43 - CFD: 18/12/2010 - 21:54:34 - [21433] ----D- C:\ProgramData\Electronic Arts
O43 - CFD: 11/10/2010 - 00:49:28 - [475038] ----D- C:\ProgramData\EPSON
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 01/05/2011 - 16:30:46 - [2796] ----D- C:\ProgramData\FreeDownloadManager.ORG
O43 - CFD: 11/04/2011 - 15:13:04 - [0] ----D- C:\ProgramData\Google
O43 - CFD: 12/02/2011 - 17:10:56 - [46363625] ----D- C:\ProgramData\Hewlett-Packard
O43 - CFD: 16/09/2011 - 18:19:08 - [7367383] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Menu Démarrer
O43 - CFD: 05/03/2011 - 16:30:28 - [657377469] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 15/09/2011 - 18:49:32 - [57688] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 28/07/2010 - 14:59:32 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 29/07/2010 - 00:09:36 - [336] ----D- C:\ProgramData\Norton
O43 - CFD: 11/04/2010 - 02:46:14 - [10083708] ----D- C:\ProgramData\NortonInstaller
O43 - CFD: 04/03/2011 - 15:57:02 - [144] ----D- C:\ProgramData\PC Drivers HeadQuarters
O43 - CFD: 06/06/2011 - 16:06:08 - [438] ----D- C:\ProgramData\PMB Files
O43 - CFD: 29/07/2010 - 01:04:08 - [67070] ----D- C:\ProgramData\Recovery
O43 - CFD: 11/09/2011 - 15:18:02 - [9342083] ----D- C:\ProgramData\Samsung
O43 - CFD: 04/08/2010 - 16:42:46 - [92144] -SH-D- C:\ProgramData\SecuROM
O43 - CFD: 24/08/2011 - 17:07:36 - [56321175] ----D- C:\ProgramData\Skype
O43 - CFD: 27/08/2011 - 14:12:14 - [18644] ----D- C:\ProgramData\Sports Interactive
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 29/07/2010 - 20:53:18 - [294] ----D- C:\ProgramData\Sun
O43 - CFD: 11/04/2010 - 02:46:00 - [745827] ----D- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 11/01/2011 - 23:00:38 - [10531734] ----D- C:\ProgramData\TmForever
O43 - CFD: 20/09/2010 - 20:36:36 - [114628] ----D- C:\ProgramData\TrackMania United
O43 - CFD: 11/12/2010 - 21:01:22 - [9490315] ----D- C:\ProgramData\TuneUp Software
O43 - CFD: 18/01/2011 - 20:23:02 - [747] ----D- C:\ProgramData\Ubisoft
O43 - CFD: 29/07/2010 - 02:24:26 - [9261247] ----D- C:\ProgramData\WildTangent
O43 - CFD: 12/02/2011 - 17:16:40 - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 11/12/2010 - 20:56:08 - [18441216] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
O43 - CFD: 11/04/2010 - 02:49:00 - [21397340] ----D- C:\ProgramData\{44AFD825-9603-4521-9447-A6E1C5CA2F3D}
O43 - CFD: 30/07/2010 - 21:26:32 - [21219164] ----D- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
O43 - CFD: 26/06/2011 - 19:38:24 - [36484086] ----D- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
O43 - CFD: 01/12/2010 - 20:31:40 - [889715067] ----D- C:\Users\Alexis\AppData\Roaming\2K Sports
O43 - CFD: 13/09/2011 - 13:45:32 - [6770712] ----D- C:\Users\Alexis\AppData\Roaming\Adobe
O43 - CFD: 28/07/2010 - 15:06:30 - [0] ----D- C:\Users\Alexis\AppData\Roaming\ATI
O43 - CFD: 17/09/2010 - 18:01:22 - [2065802] ----D- C:\Users\Alexis\AppData\Roaming\BlackBean
O43 - CFD: 18/09/2010 - 22:01:10 - [365826] ----D- C:\Users\Alexis\AppData\Roaming\CyberLink
O43 - CFD: 29/07/2010 - 13:22:08 - [6077] ----D- C:\Users\Alexis\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 22/10/2010 - 00:21:50 - [81641] ----D- C:\Users\Alexis\AppData\Roaming\DassaultSystemes
O43 - CFD: 01/05/2011 - 16:07:26 - [0] ----D- C:\Users\Alexis\AppData\Roaming\DMCache
O43 - CFD: 13/04/2011 - 22:13:48 - [0] ----D- C:\Users\Alexis\AppData\Roaming\dvdcss
O43 - CFD: 31/08/2011 - 23:40:10 - [20000] ----D- C:\Users\Alexis\AppData\Roaming\Free Download Manager
O43 - CFD: 06/03/2011 - 16:02:00 - [76918] ----D- C:\Users\Alexis\AppData\Roaming\GARMIN
O43 - CFD: 12/02/2011 - 17:36:56 - [132309] ----D- C:\Users\Alexis\AppData\Roaming\Hewlett-Packard
O43 - CFD: 30/07/2010 - 21:15:44 - [278] ----D- C:\Users\Alexis\AppData\Roaming\HP Support Assistant
O43 - CFD: 12/02/2011 - 17:21:54 - [32193] ----D- C:\Users\Alexis\AppData\Roaming\hpqlog
O43 - CFD: 30/07/2010 - 21:15:44 - [882] ----D- C:\Users\Alexis\AppData\Roaming\HpUpdate
O43 - CFD: 28/07/2010 - 15:04:56 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Identities
O43 - CFD: 11/04/2011 - 05:14:50 - [4362610] ----D- C:\Users\Alexis\AppData\Roaming\IDM
O43 - CFD: 28/07/2010 - 15:09:48 - [2960] ----D- C:\Users\Alexis\AppData\Roaming\Macromedia
O43 - CFD: 16/09/2011 - 18:19:16 - [1335282] ----D- C:\Users\Alexis\AppData\Roaming\Malwarebytes
O43 - CFD: 11/04/2010 - 11:15:12 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Media Center Programs
O43 - CFD: 16/02/2011 - 02:11:28 - [90098683] -S--D- C:\Users\Alexis\AppData\Roaming\Microsoft
O43 - CFD: 31/03/2011 - 01:40:38 - [39884] ----D- C:\Users\Alexis\AppData\Roaming\mIRC
O43 - CFD: 26/12/2010 - 22:21:16 - [18679139] ----D- C:\Users\Alexis\AppData\Roaming\Mozilla
O43 - CFD: 04/12/2010 - 20:22:04 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Need for Speed World
O43 - CFD: 11/09/2011 - 15:17:12 - [154232562] ----D- C:\Users\Alexis\AppData\Roaming\SAMSUNG
O43 - CFD: 29/07/2010 - 13:50:56 - [8645] R-H-D- C:\Users\Alexis\AppData\Roaming\SecuROM
O43 - CFD: 24/08/2011 - 18:20:38 - [9540996] ----D- C:\Users\Alexis\AppData\Roaming\Skype
O43 - CFD: 04/03/2011 - 17:15:04 - [15119] ----D- C:\Users\Alexis\AppData\Roaming\SpeedSim
O43 - CFD: 27/08/2011 - 14:11:42 - [33727033] ----D- C:\Users\Alexis\AppData\Roaming\Sports Interactive
O43 - CFD: 06/10/2010 - 11:40:12 - [13824] ----D- C:\Users\Alexis\AppData\Roaming\Template
O43 - CFD: 23/05/2011 - 01:01:58 - [2381789] ----D- C:\Users\Alexis\AppData\Roaming\TS3Client
O43 - CFD: 11/12/2010 - 20:59:32 - [69388] ----D- C:\Users\Alexis\AppData\Roaming\TuneUp Software
O43 - CFD: 18/01/2011 - 20:35:00 - [180573] ----D- C:\Users\Alexis\AppData\Roaming\Ubisoft
O43 - CFD: 30/06/2011 - 12:49:08 - [2405237] ----D- C:\Users\Alexis\AppData\Roaming\vlc
O43 - CFD: 14/09/2011 - 15:23:46 - [0] ----D- C:\Users\Alexis\AppData\Roaming\WinBatch
O43 - CFD: 24/09/2010 - 22:56:46 - [12] ----D- C:\Users\Alexis\AppData\Roaming\WinRAR
O43 - CFD: 04/08/2010 - 20:53:46 - [0] ----D- C:\Users\Alexis\AppData\Roaming\Yahoo!
O43 - CFD: 29/07/2010 - 02:20:10 - [9968] ----D- C:\Users\Alexis\AppData\Roaming\_MDLogs
O43 - CFD: 24/09/2010 - 20:02:54 - [485907] ----D- C:\Users\Alexis\AppData\Local\Adobe
O43 - CFD: 28/07/2010 - 14:59:38 - [0] -SH-D- C:\Users\Alexis\AppData\Local\Application Data
O43 - CFD: 28/07/2010 - 15:06:30 - [60480] ----D- C:\Users\Alexis\AppData\Local\ATI
O43 - CFD: 31/07/2010 - 01:34:52 - [0] ----D- C:\Users\Alexis\AppData\Local\CyberLink
O43 - CFD: 21/10/2010 - 14:41:58 - [191426] ----D- C:\Users\Alexis\AppData\Local\DassaultSystemes
O43 - CFD: 22/08/2011 - 02:14:30 - [3191491] ----D- C:\Users\Alexis\AppData\Local\Diagnostics
O43 - CFD: 11/09/2011 - 15:16:08 - [336083558] ----D- C:\Users\Alexis\AppData\Local\Downloaded Installations
O43 - CFD: 04/12/2010 - 18:01:02 - [2710] ----D- C:\Users\Alexis\AppData\Local\Electronic_Arts_Inc
O43 - CFD: 11/09/2011 - 04:28:24 - [1193587] ----D- C:\Users\Alexis\AppData\Local\ElevatedDiagnostics
O43 - CFD: 11/04/2011 - 14:37:36 - [670820019] ----D- C:\Users\Alexis\AppData\Local\Google
O43 - CFD: 06/10/2010 - 11:28:46 - [17610466] ----D- C:\Users\Alexis\AppData\Local\Hewlett-Packard
O43 - CFD: 28/07/2010 - 14:59:38 - [0] -SH-D- C:\Users\Alexis\AppData\Local\Historique
O43 - CFD: 05/03/2011 - 15:43:08 - [1029944434] ----D- C:\Users\Alexis\AppData\Local\Microsoft
O43 - CFD: 10/09/2011 - 03:19:46 - [412608] ----D- C:\Users\Alexis\AppData\Local\Microsoft Games
O43 - CFD: 16/10/2010 - 19:44:38 - [203852] ----D- C:\Users\Alexis\AppData\Local\Microsoft Help
O43 - CFD: 28/07/2010 - 15:17:28 - [36099295] ----D- C:\Users\Alexis\AppData\Local\Mozilla
O43 - CFD: 28/12/2010 - 12:03:28 - [17881370] ----D- C:\Users\Alexis\AppData\Local\NFS Underground 2
O43 - CFD: 26/12/2010 - 22:19:58 - [0] ----D- C:\Users\Alexis\AppData\Local\PackageAware
O43 - CFD: 06/06/2011 - 22:58:16 - [152119] ----D- C:\Users\Alexis\AppData\Local\PMB Files
O43 - CFD: 31/07/2010 - 01:34:50 - [0] ----D- C:\Users\Alexis\AppData\Local\PowerCinema
O43 - CFD: 11/09/2011 - 15:19:32 - [17100] ----D- C:\Users\Alexis\AppData\Local\Samsung
O43 - CFD: 26/12/2010 - 23:02:18 - [35311163] ----D- C:\Users\Alexis\AppData\Local\Shareaza
O43 - CFD: 18/09/2011 - 21:12:18 - [21089766] ----D- C:\Users\Alexis\AppData\Local\Temp
O43 - CFD: 28/07/2010 - 14:59:38 - [0] -SH-D- C:\Users\Alexis\AppData\Local\Temporary Internet Files
O43 - CFD: 13/09/2011 - 21:31:34 - [2962140279] ----D- C:\Users\Alexis\AppData\Local\VirtualStore
O43 - CFD: 05/03/2011 - 15:43:28 - [0] ----D- C:\Users\Alexis\AppData\Local\Windows Live
O43 - CFD: 30/11/2010 - 18:53:32 - [6597219736] ----D- C:\Program Files (x86)\2K Sports
O43 - CFD: 14/11/2009 - 12:35:36 - [685906709] ----D- C:\Program Files (x86)\Adobe
O43 - CFD: 11/04/2010 - 02:28:04 - [76515] ----D- C:\Program Files (x86)\AMD
O43 - CFD: 11/04/2010 - 02:28:46 - [1511498] ----D- C:\Program Files (x86)\Atheros
O43 - CFD: 11/04/2010 - 02:26:28 - [84649253] ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 25/09/2010 - 01:20:02 - [10006012] ----D- C:\Program Files (x86)\BRS
O43 - CFD: 04/08/2010 - 20:53:50 - [2961016] ----D- C:\Program Files (x86)\CCleaner
O43 - CFD: 20/06/2011 - 19:08:40 - [703158043] ----D- C:\Program Files (x86)\Common Files
O43 - CFD: 14/11/2009 - 13:02:02 - [1035625562] ----D- C:\Program Files (x86)\CyberLink
O43 - CFD: 29/07/2010 - 02:11:32 - [12086938] ----D- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 19/06/2011 - 20:01:34 - [0] ----D- C:\Program Files (x86)\Dassault Systemes
O43 - CFD: 18/09/2011 - 14:14:50 - [4156712] ----D- C:\Program Files (x86)\ESET
O43 - CFD: 30/10/2010 - 22:59:46 - [2422304] ----D- C:\Program Files (x86)\Feedback Tool
O43 - CFD: 01/05/2011 - 16:30:52 - [19482296] ----D- C:\Program Files (x86)\Free Download Manager
O43 - CFD: 06/03/2011 - 15:59:00 - [127329] ----D- C:\Program Files (x86)\Garmin
O43 - CFD: 06/03/2011 - 15:59:06 - [12259984] ----D- C:\Program Files (x86)\Garmin GPS Plugin
O43 - CFD: 11/04/2011 - 15:13:04 - [0] ----D- C:\Program Files (x86)\Google
O43 - CFD: 06/02/2011 - 16:07:16 - [374766183] ----D- C:\Program Files (x86)\Guitar Pro 5
O43 - CFD: 26/06/2011 - 19:39:30 - [1485331653] ----D- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 14/11/2009 - 14:01:28 - [4631546] ----D- C:\Program Files (x86)\Hp
O43 - CFD: 29/07/2010 - 02:24:32 - [15403205] ----D- C:\Program Files (x86)\HP Games
O43 - CFD: 11/09/2011 - 15:18:30 - [257859552] --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 11/08/2011 - 12:07:12 - [4479504] ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 20/06/2011 - 19:07:56 - [88550939] ----D- C:\Program Files (x86)\Java
O43 - CFD: 11/04/2010 - 02:27:10 - [1929643] ----D- C:\Program Files (x86)\JMicron
O43 - CFD: 16/09/2011 - 19:38:16 - [7019001] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 21/11/2010 - 00:45:06 - [2530872] ----D- C:\Program Files (x86)\MarkAny
O43 - CFD: 14/11/2009 - 11:08:24 - [628088] ----D- C:\Program Files (x86)\Microsoft
O43 - CFD: 25/09/2010 - 01:19:00 - [12316016] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 21/10/2010 - 14:16:14 - [377330086] ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 14/11/2009 - 12:02:58 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 16/06/2011 - 13:15:14 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 14/11/2009 - 11:09:12 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 11/04/2010 - 02:54:54 - [2188837] ----D- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 16/12/2010 - 21:30:50 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 12/03/2011 - 23:23:32 - [979309] ----D- C:\Program Files (x86)\Microsoft WSE
O43 - CFD: 03/10/2010 - 12:33:04 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 18/07/2011 - 03:13:28 - [34777930] ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild
O43 - CFD: 30/07/2010 - 01:24:28 - [0] ----D- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 28/07/2010 - 15:01:18 - [21107901] R---D- C:\Program Files (x86)\Online Services
O43 - CFD: 25/09/2010 - 01:18:32 - [809560] ----D- C:\Program Files (x86)\OpenAL
O43 - CFD: 06/06/2011 - 16:05:32 - [7466286] ----D- C:\Program Files (x86)\Pando Networks
O43 - CFD: 11/09/2011 - 15:17:10 - [0] ----D- C:\Program Files (x86)\PC Connectivity Solution
O43 - CFD: 05/03/2011 - 17:04:56 - [802065] ----D- C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/11/2010 - 01:06:36 - [282961300] ----D- C:\Program Files (x86)\Samsung
O43 - CFD: 24/08/2011 - 17:07:42 - [17361122] R---D- C:\Program Files (x86)\Skype
O43 - CFD: 27/08/2011 - 14:02:34 - [544768] ----D- C:\Program Files (x86)\Sports Interactive
O43 - CFD: 05/03/2011 - 17:04:56 - [0] --H-D- C:\Program Files (x86)\Temp
O43 - CFD: 27/08/2011 - 22:26:06 - [61952145] ----D- C:\Program Files (x86)\TuneUp Utilities 2011
O43 - CFD: 31/03/2011 - 01:49:10 - [6919590743] ----D- C:\Program Files (x86)\Ubisoft
O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 28/07/2010 - 15:24:58 - [83362831] ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD: 14/11/2009 - 19:46:42 - [524800] ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD: 31/03/2011 - 01:43:30 - [4706405] ----D- C:\Program Files (x86)\Windows Live
O43 - CFD: 14/11/2009 - 11:08:08 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 16/12/2010 - 23:49:50 - [6180864] ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD: 16/10/2010 - 12:14:32 - [5336849] ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT
O43 - CFD: 14/11/2009 - 19:46:42 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 28/07/2010 - 15:01:16 - [6375414] ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 27/08/2011 - 14:07:08 - [175] --H-D- C:\Program Files (x86)\Zero G Registry
O43 - CFD: 18/09/2011 - 21:12:24 - [4015041] ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD: 17/06/2011 - 00:09:16 - [16437159] ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 14/11/2009 - 12:35:32 - [31787256] ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 21/10/2010 - 14:16:14 - [196160] ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 08/12/2010 - 20:11:44 - [9106637] ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 20/06/2011 - 19:08:40 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 11/04/2010 - 02:34:08 - [36759139] ----D- C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 21/11/2010 - 02:43:50 - [248134663] ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 11/09/2011 - 14:43:06 - [305152] ----D- C:\Program Files (x86)\Common Files\Samsung
O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 14/11/2009 - 19:46:42 - [44114543] ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD: 14/11/2009 - 11:06:50 - [273951898] ----D- C:\Program Files (x86)\Common Files\Windows Live
~ Scan Program Folder in 00mn 43s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.69FA28877AD5E6244F2C1FCDCE5D2B02] - 18/09/2011 - 20:12:06 ---A- . (...) -- C:\Windows\setupact.log [7336]
O44 - LFC:[MD5.75409A71DCB9848C1F9B9BB6512E9270] - 18/09/2011 - 19:13:08 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1134442]
O44 - LFC:[MD5.097BF1F88CCBFE6272C6856D323930A5] - 18/09/2011 - 12:53:15 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9905FE4CEE6F9BB12CB02F1355A4189A] - 18/09/2011 - 02:30:22 ---A- . (...) -- C:\Windows\PFRO.log [1072]
O44 - LFC:[MD5.6ECBCEFFEAF02B5AC18D223FB0A7F113] - 18/09/2011 - 02:26:27 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1571554]
O44 - LFC:[MD5.7C220B981E3E12B8ABE320F4E6F689A9] - 18/09/2011 - 02:26:27 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106388]
O44 - LFC:[MD5.9DE1C35E715E7EA7525C57A439D416CE] - 18/09/2011 - 02:26:27 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130754]
O44 - LFC:[MD5.1E57496C0646B54B4784A3842DB71777] - 18/09/2011 - 02:26:27 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616008]
O44 - LFC:[MD5.FCBCA685756D2AD2B0CD804A570A881C] - 18/09/2011 - 02:26:27 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704480]
O44 - LFC:[MD5.6ECBCEFFEAF02B5AC18D223FB0A7F113] - 18/09/2011 - 02:26:27 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1571554]
O44 - LFC:[MD5.7C220B981E3E12B8ABE320F4E6F689A9] - 18/09/2011 - 02:26:27 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106388]
O44 - LFC:[MD5.9DE1C35E715E7EA7525C57A439D416CE] - 18/09/2011 - 02:26:27 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130754]
O44 - LFC:[MD5.1E57496C0646B54B4784A3842DB71777] - 18/09/2011 - 02:26:27 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [616008]
O44 - LFC:[MD5.FCBCA685756D2AD2B0CD804A570A881C] - 18/09/2011 - 02:26:27 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704480]
O44 - LFC:[MD5.E51B04761F2DC1702D31D709EAF4BD97] - 18/09/2011 - 01:03:45 ---A- . (...) -- C:\AdwCleaner[R1].txt [1151]
O44 - LFC:[MD5.43EAACFD11ADC0D45EFBCF6A1AF726A1] - 16/09/2011 - 21:38:28 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.43EAACFD11ADC0D45EFBCF6A1AF726A1] - 14/09/2011 - 22:27:11 ---A- . (...) -- C:\PhysicalMBR.bin [512]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 13/09/2011 - 23:02:49 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.DB504EF6D73F6B8AB5CF8A18560C4E2A] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem Diagnostic Serial Port.) -- C:\Windows\system32\drivers\ssceserd.sys [129024]
O44 - LFC:[MD5.82732B391EFD69B0548044BE9CB37BFC] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 Filter Driver.) -- C:\Windows\system32\drivers\sscemdfl.sys [18944]
O44 - LFC:[MD5.43D56ACE4469D90F9790E8352D87D9B5] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 WDM.) -- C:\Windows\system32\drivers\sscemdm.sys [161280]
O44 - LFC:[MD5.F74634F46692C8315E7F37F698AF3225] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - SAMSUNG USB Composite Device V2 Driver.) -- C:\Windows\system32\drivers\sscebus.sys [127488]
O44 - LFC:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecm.sys [15360]
O44 - LFC:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecmnt.sys [15360]
O44 - LFC:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewh.sys [15872]
O44 - LFC:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 13:47:50 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewhnt.sys [15872]
O44 - LFC:[MD5.1667A0F0E7161176DB6AB4ECACF4E307] - 11/09/2011 - 13:42:46 ---A- . (...) -- C:\aqua_bitmap.cpp [2006]
O44 - LFC:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 31/08/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O44 - LFC:[MD5.C6FC67BF9F2340E2EBB5388BB20B9C0C] - 27/08/2011 - 21:26:21 ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\SysNative\TURegOpt.exe [34624]
O44 - LFC:[MD5.C6FC67BF9F2340E2EBB5388BB20B9C0C] - 27/08/2011 - 21:26:21 RSHAD . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\system32\TURegOpt.exe [34624]
O44 - LFC:[MD5.BA082E8441F59186932E9DB3AF3EEA00] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\SysNative\uxtuneup.dll [36160]
O44 - LFC:[MD5.BA082E8441F59186932E9DB3AF3EEA00] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\system32\uxtuneup.dll [36160]
O44 - LFC:[MD5.933FCBF49759C9AB8E9E49C0D2574B54] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\SysNative\authuitu.dll [25920]
O44 - LFC:[MD5.933FCBF49759C9AB8E9E49C0D2574B54] - 27/08/2011 - 21:26:06 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\system32\authuitu.dll [25920]
~ Scan Files in 00mn 09s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\HPADVISOR [Key] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O53 - SMSR:HKLM\...\startupreg\NortonOnlineBackupReminder [Key] . (...) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\QlbCtrl.exe [Key] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O53 - SMSR:HKLM\...\startupreg\RGSC [Key] . (...) -- C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SmartMenu [Key] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O53 - SMSR:HKLM\...\startupreg\WirelessAssistant [Key] . (.Hewlett-Packard - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.1CFFE9C06E66A57DAE1452E449A58240] - 11/04/2010 - 12:48:50 ---A- . (.Hewlett-Packard - HP Accelerometer.) -- C:\Windows\system32\drivers\Accelerometer.sys [41272]
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]
O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]
O58 - SDL:[MD5.98022774D9930ECBB292E70DB7601DF6] - 10/06/2009 - 22:01:06 RSHAD . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\system32\drivers\agrsm64.sys [1146880]
O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]
O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 28/04/2011 - 07:22:41 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]
O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]
O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 28/04/2011 - 07:22:40 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]
O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]
O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]
O58 - SDL:[MD5.B76182F203E0BD5EB6A5F6538F0FAEE4] - 25/12/2010 - 16:47:10 RSHAD . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20048]
O58 - SDL:[MD5.DD281CFC996D71553A4185CE424B5C45] - 25/12/2010 - 16:54:22 RSHAD . (.AVAST Software - avast! Filtering TDI driver.) -- C:\Windows\system32\drivers\aswFW.sys [125520]
O58 - SDL:[MD5.A88E9544EDDA1CE83825DD22D6A8B5F9] - 25/12/2010 - 16:47:33 RSHAD . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [61008]
O58 - SDL:[MD5.518B8D447A1975AB46DA093A2E743256] - 07/09/2010 - 16:24:46 RSHAD . (.ALWIL Software - avast! Filtering NDIS driver.) -- C:\Windows\system32\drivers\aswNdis.sys [12368]
O58 - SDL:[MD5.B14A130C09AB3DB6697F9E9DF44AD7DE] - 25/12/2010 - 16:53:40 RSHAD . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\system32\drivers\aswNdis2.sys [250448]
O58 - SDL:[MD5.CFAD2FB33B22E7039C9DC233BAACBF8B] - 25/12/2010 - 16:47:49 RSHAD . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [28752]
O58 - SDL:[MD5.9638A3064B642410011B43A210276F55] - 25/12/2010 - 16:54:10 RSHAD . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [472656]
O58 - SDL:[MD5.594365E887F4A5AD3970870B352EB887] - 25/12/2010 - 16:52:09 RSHAD . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [121936]
O58 - SDL:[MD5.4BA0A0E1D36F88F536180FFE5EFD8B7C] - 25/12/2010 - 16:52:29 RSHAD . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [51280]
O58 - SDL:[MD5.38562A6A9CB10844759EAF2B01A7FCD3] - 11/04/2010 - 18:47:14 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1484800]
O58 - SDL:[MD5.3B9014FB7CE9E20FD726321C7DB7D8B0] - 24/07/2009 - 08:49:00 RSHAD . (.ATI Technologies, Inc. - ATI High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtiHdmi.sys [119312]
O58 - SDL:[MD5.A29087680A1C3B049E3C05438E8FF2B8] - 05/08/2009 - 06:23:00 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [6038016]
O58 - SDL:[MD5.7C5D273E29DCC5505469B299C6F29163] - 05/05/2009 - 06:30:28 RSHAD . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys [16440]
O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]
O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]
O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]
O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]
O58 - SDL:[MD5.867FA8B9E9E3078F68C4089904BBF4B0] - 11/09/2011 - 07:45:38 RSHAD . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\system32\drivers\dgderdrv.sys [20568]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]
O58 - SDL:[MD5.524C79054636D2E5751169005006460B] - 29/06/2009 - 19:17:00 RSHAD . (.ENE TECHNOLOGY INC. - ENE CIR Driver for eHome(64).) -- C:\Windows\system32\drivers\enecir.sys [70656]
O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.05712FDDBD45A5864EB326FAABC6A4E3] - 11/04/2010 - 12:49:08 RSHAD . (.Hewlett-Packard - HP Disk Filter - SATA/RAID.) -- C:\Windows\system32\drivers\hpdskflt.sys [30008]
O58 - SDL:[MD5.9AF482D058BE59CC28BCE52E7C4B747C] - 14/11/2009 - 08:48:32 RSHAD . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\system32\drivers\HpqKbFiltr.sys [18432]
O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 13/07/2009 - 02:47:48 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]
O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 28/04/2011 - 07:23:00 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]
O58 - SDL:[MD5.A87261EF1546325B559374F5689CF5BC] - 10/06/2009 - 21:37:05 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys [6108416]
O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]
O58 - SDL:[MD5.2F9F76349BB8C578873A58C840BA0589] - 10/03/2010 - 08:16:36 RSHAD . (.Initio Corporation - Initio Default Vendor Specific Device Driver.) -- C:\Windows\system32\drivers\ivusb.sys [29720]
O58 - SDL:[MD5.F8844B00C10E386C704C610E95A9847D] - 21/07/2009 - 04:39:22 RSHAD . (.JMicron Technology Corporation - JMicron JMB38X Flash Media Controller Driver.) -- C:\Windows\system32\drivers\jmcr.sys [140712]
O58 - SDL:[MD5.07071C1E3CD8F0F9114AAC8B072CA1E5] - 29/04/2009 - 15:28:30 RSHAD . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\system32\drivers\KMWDFILTER.sys [30208]
O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]
O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]
O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]
O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]
O58 - SDL:[MD5.701223C663019B62029FAB1A2385EE81] - 21/10/2010 - 12:11:50 RSHAD . (.IBM - LUM Runtime.) -- C:\Windows\system32\drivers\LUMDriver.sys [24848]
O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 16/09/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]
O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]
O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]
O58 - SDL:[MD5.64428DFDAF6E88366CB51F45A79C5F69] - 10/06/2009 - 21:35:28 RSHAD . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\netw5v64.sys [5434368]
O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]
O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 28/04/2011 - 07:23:06 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]
O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 28/04/2011 - 07:23:06 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]
O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]
O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]
O58 - SDL:[MD5.B49DC435AE3695BAC5623DD94B05732D] - 11/04/2010 - 07:52:30 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [215040]
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]
O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]
O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/07/2010 - 00:00:00 RSHAD . (...) -- C:\Windows\system32\drivers\sptd.sys [834544]
O58 - SDL:[MD5.F74634F46692C8315E7F37F698AF3225] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG USB Composite Device V2 Driver.) -- C:\Windows\system32\drivers\sscebus.sys [127488]
O58 - SDL:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecm.sys [15360]
O58 - SDL:[MD5.51D15EC1D9DD10C1C8FEF1253BFCB561] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscecmnt.sys [15360]
O58 - SDL:[MD5.82732B391EFD69B0548044BE9CB37BFC] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 Filter Driver.) -- C:\Windows\system32\drivers\sscemdfl.sys [18944]
O58 - SDL:[MD5.43D56ACE4469D90F9790E8352D87D9B5] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem V2 WDM.) -- C:\Windows\system32\drivers\sscemdm.sys [161280]
O58 - SDL:[MD5.DB504EF6D73F6B8AB5CF8A18560C4E2A] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - SAMSUNG Mobile Modem Diagnostic Serial Port V2 Device Driver.) -- C:\Windows\system32\drivers\ssceserd.sys [129024]
O58 - SDL:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewh.sys [15872]
O58 - SDL:[MD5.4B53B267F7979EE3733B90CBBE1A0697] - 11/09/2011 - 03:25:22 RSHAD . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\sscewhnt.sys [15872]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]
O58 - SDL:[MD5.DFFBC024DFC7BB05B2129E05CBC7A201] - 05/03/2011 - 07:53:06 RSHAD . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt64.sys [505344]
O58 - SDL:[MD5.3A706A967295E16511E40842B1A2761D] - 27/05/2010 - 22:32:56 RSHAD . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [320560]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 21/11/2010 - 07:45:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\system32\drivers\TFsExDisk.sys [16392]
O58 - SDL:[MD5.44D9C773FEBFF10593B50DDFC2D6BC27] - 11/04/2010 - 05:49:08 RSHAD . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [36408]
O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]
O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]
O58 - SDL:[MD5.0C4540311E11664B245A263E1154CEF8] - 14/07/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL6.SYS [292864]
O58 - SDL:[MD5.18E40C245DBFAF36FD0134A7EF2DF396] - 14/07/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT6.SYS [740864]
O58 - SDL:[MD5.02071D207A9858FBE3A48CBFD59C4A04] - 14/07/2009 - 22:01:11 RSHAD . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV6.SYS [1485312]
O58 - SDL:[MD5.AD12F5C7251BB8D575D560894E73CBBA] - 30/03/2011 - 10:43:40 RSHAD . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys [29288]
O58 - SDL:[MD5.B3EEACF62445E24FBB2CD4B0FB4DB026] - 10/06/2009 - 21:35:33 RSHAD . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk62x64.sys [389120]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 21/11/2010 - 07:45:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
~ Scan Drivers in 00mn 16s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adp94xx.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpahci.sys - No object(No service) .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\adpu320.sys - No object(No service) .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - LEGACY_ADPU320
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\aliide.sys - No object(No service) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\amdsata.sys - No object(No service) .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMDSATA
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\amdsbs.sys - No object(No service) .(.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) - LEGACY_AMDSBS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arc.sys - No object(No service) .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\arcsas.sys - No object(No service) .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS
O64 - Services: CurCS - 07/09/2010 - C:\Windows\system32\drivers\aswMonFlt.sys - No object(No service) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\cmdide.sys - No object(No service) .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE
O64 - Services: CurCS - 25/05/2010 - C:\Windows\system32\drivers\dgderdrv.sys - No object(No service) .(.Devguru Co., Ltd - Device Error Recovery SDK(x64).) - LEGACY_DGDERDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\elxstor.sys - No object(No service) .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\HpSAMD.sys - No object(No service) .(.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) - LEGACY_HPSAMD
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\iaStorV.sys - No object(No service) .(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) - LEGACY_IASTORV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\iirsp.sys - No object(No service) .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_fc.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_sas2.sys - No object(No service) .(.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) - LEGACY_LSI_SAS2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\lsi_scsi.sys - No object(No service) .(.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI
O64 - Services: CurCS - 02/01/2008 - C:\Windows\system32\drivers\LUMDriver.sys - No object(No service) .(.IBM - LUM Runtime.) - LEGACY_LUMDRIVER
O64 - Services: CurCS - 31/08/2011 - C:\Windows\system32\drivers\mbam.sys - No object(No service) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\megasas.sys - No object(No service) .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\MegaSR.sys - No object(No service) .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\nfrd960.sys - No object(No service) .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvraid.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 11/03/2011 - C:\Windows\system32\drivers\nvstor.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql2300.sys - No object(No service) .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\ql40xx.sys - No object(No service) .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\SiSRaid2.sys - No object(No service) .(.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) - LEGACY_SISRAID2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\sisraid4.sys - No object(No service) .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4
O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - No object (No service) .(...) - LEGACY_SPTD
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\stexstor.sys - No object(No service) .(.Promise Technology - Promise SuperTrak EX Series Driver for Win.) - LEGACY_STEXSTOR
O64 - Services: CurCS - 25/05/2010 - C:\Windows\system32\Drivers\TFsExDisk.sys - No object(No service) .(.Teruten Inc - File System Mini Filter Drvier.) - LEGACY_TFSEXDISK
O64 - Services: CurCS - 31/05/2011 - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys - No object(No service) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\viaide.sys - No object(No service) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\DRIVERS\vsmraid.sys - No object(No service) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID
~ Scan Services in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Alexis\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {40200BBB-5A78-4A46-8301-408406BE7FBF} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {9D623E26-6AC0-490B-AABE-B5A54EC0846B} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.CCF4A4B7594D6E87ACD3FA2C106345DC] [SPRF][18/09/2011] (.Hewlett-Packard - Pas de description.) -- C:\Users\Alexis\AppData\Local\Temp\sp54373.exe [18427232]
[MD5.14125ACE451DE474374803CF4B6A3EA0] [SPRF][10/09/2011] (...) -- C:\Users\Alexis\AppData\Roaming\serveur.exe [5576]
[MD5.02D468949BB4129FC6B40B1387F35834] [SPRF][10/09/2011] (.Mozilla Corporation - Firefox.) -- C:\Users\Alexis\AppData\Roaming\servi_juju.exe [48414208]
[MD5.14125ACE451DE474374803CF4B6A3EA0] [SPRF][18/09/2011] (...) -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe [5576]
[MD5.DAEE914ABCF0081AAF23689E4A8C27DD] [SPRF][14/09/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r85.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2826192]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{C3EF2FF0-5B01-4EB5-83AA-71AEEBD774D2}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{DFB21798-1679-423B-A492-528591A6D9A0}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.)
O87 - FAEL: "{4DF15576-ED71-4700-9C28-D0B0392F1007}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.)
O87 - FAEL: "{C99B6F47-1375-40E1-95DC-CE8C568ED18F}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.)
O87 - FAEL: "{5BFA094F-B5F2-4030-B6CC-DAA2E16AA68B}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.)
O87 - FAEL: "{92273048-9A64-425F-855C-01B06679363A}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{3720CFC1-D6C1-4FB9-9055-DAF1300577F6}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
O87 - FAEL: "{A1D47B9B-FB2A-476B-8828-2B86CAA54A03}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
O87 - FAEL: "{835B7022-2BAF-4E77-A6BE-1D688E0FE2A7}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
O87 - FAEL: "{CB86DC63-7890-40BE-A7F6-FF6741633F22}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video Main Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
O87 - FAEL: "{BB688602-CDF4-47C5-98A9-DD41F8644DA6}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O87 - FAEL: "{642A07C5-2243-4BD7-8CB7-D8955DF673F3}" | In - None - P6 - TRUE | .(.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O87 - FAEL: "{9523F524-2218-4F3F-A230-714E0DBDCCDA}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QP.exe (.not file.)
O87 - FAEL: "{350A1FDB-3E09-4CC9-AF03-612DD78968B1}" |In - None - P6 - TRUE | .(...) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QPService.exe (.not file.)
O87 - FAEL: "TCP Query User{8642DCDC-1350-4617-B393-344FE480FC5C}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe (.not
O87 - FAEL: "UDP Query User{F28E84DD-A15A-4DC6-B7E6-6E1B6A029F33}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\orbixd.exe (.no
O87 - FAEL: "TCP Query User{BDE116A8-21CB-4573-B7FF-2E92AF0D36FA}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not f
O87 - FAEL: "UDP Query User{AA170657-F948-41BD-846C-F22DECC49415}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not
O87 - FAEL: "TCP Query User{8E2F6065-358C-42DA-9A8E-9BCC1AAD1CB9}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemon.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemon
O87 - FAEL: "UDP Query User{94B223AD-A71B-406F-9A0E-57390ACF9F86}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemon.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catsysdemo
O87 - FAEL: "TCP Query User{B0A8ABCF-4B09-468F-9F9C-36EFDFB2EDDE}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe (.n
O87 - FAEL: "UDP Query User{DB434189-4D85-4CD2-8B53-2A44387BF117}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\catutil.exe (.
O87 - FAEL: "TCP Query User{44F372B8-CBE8-42AD-93F5-B5C9E2816968}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not
O87 - FAEL: "UDP Query User{161C4045-693D-4098-B7AB-91BEAD029A35}C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\dassault systemes\b19\intel_a\code\bin\cnext.exe (.not
O87 - FAEL: "{A4BEF1A5-2434-4FC4-B7C2-F6B46A492862}" | In - Public - P6 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\Program Files (x86)\2K Sports\NBA 2K11\nba2k11.exe
O87 - FAEL: "{3DEE81FE-C101-4B77-AA2D-6DF8B49AD239}" | In - Public - P17 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\Program Files (x86)\2K Sports\NBA 2K11\nba2k11.exe
O87 - FAEL: "TCP Query User{AD960642-8CA0-4AF4-9686-7D995EFCB479}C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe" | In - Private - P6 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe
O87 - FAEL: "UDP Query User{534AA8D0-510D-4C13-910C-C431C3E5B0BC}C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe" | In - Private - P17 - TRUE | .(.2K Sports - 2K Sports NBA 2K11.) -- C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe
O87 - FAEL: "{1867BACE-B8FD-48F1-A8B8-8C0DC44D2575}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{6BF3B60E-C2B8-4413-A827-84F8649D0331}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{893B88DE-527D-4C1E-B37B-9FB32E3F6E09}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{06FCC042-1053-4C20-8EA2-FB546D5B1472}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{0A09AFD0-B708-4ABE-8A19-A5A556902A28}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
O87 - FAEL: "{04D56040-A753-4544-B611-55749D4A96A6}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
O87 - FAEL: "{F4A21FA2-EEBC-45B9-A4F3-92134E27A90B}" | In - Private - P6 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
O87 - FAEL: "{4A798658-411C-4D1C-B662-DF9D59FB9147}" | In - Private - P17 - TRUE | .(.Ubisoft - Autopatch system.) -- C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
O87 - FAEL: "{A019DB5D-7BE1-4165-9AAC-B86F4FF3BF32}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\Shareaza Applications\Shareaza\Shareaza.exe (.not file.)
O87 - FAEL: "{8BB15935-A67F-432A-A145-BD638DEED17F}" |In - Domain - P17 - TRUE | .(...) -- C:\Program Files (x86)\Shareaza Applications\Shareaza\Shareaza.exe (.not file.)
O87 - FAEL: "{7C11EDE8-6888-4176-95F5-B58E904D0497}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{929FDE88-E81D-4EA9-9D3D-079A84FED215}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\ubisoft\tom clancy's rainbow six veg
O87 - FAEL: "UDP Query User{3C5573AD-6B69-4E46-81B9-8223A2263FE6}C:\program files (x86)\ubisoft\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\ubisoft\tom clancy's rainbow six ve
O87 - FAEL: "{5CCA388F-7DE5-4AAA-8E58-3662244A1E46}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{62BC6376-18A9-4C05-8E87-ABB0DA7323D8}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{2E8A563F-E73E-4741-B23E-2E244A2F0B7B}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{029B3572-C8EB-4FBD-A70E-E2AA909BF6A0}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{8C59A3FF-DFC4-487E-B28A-37CA990F801C}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{E227B2D2-5105-4209-812A-B4C10D2F8A99}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
O87 - FAEL: "{0CE8CE03-D126-4C50-8017-675D0EEEBA78}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Sports Interactive\Football Manager 2010\fm.exe (.not file.)
O87 - FAEL: "{DCEEB31D-6B75-4128-92F3-082FFAEB1150}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
O87 - FAEL: "{B0A18913-823B-434D-8324-218497462CE2}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
~ Scan Firewall in 00mn 01s



---\\ Recherche détournement de DNS routeur (O89)
Serveur : livebox.home
Address: 192.168.1.1
Nom : www.l.google.com
Addresses: 209.85.148.105
209.85.148.106
209.85.148.104
209.85.148.103
209.85.148.147
209.85.148.99
Aliases: www.google.fr
www.google.com
~ Scan DNS in 00mn 02s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 05/03/2011 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
SR - | Auto 05/08/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe
SR - | Auto 07/09/2010 40384 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 07/09/2010 119200 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe
SR - | Demand 07/09/2010 40384 | (avast! Mail Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 07/09/2010 40384 | (avast! Web Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Demand 14/11/2009 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 26/06/2011 125496 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 26/06/2011 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 26/06/2011 791608 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 11/04/2010 30520 | (hpsrv) . (.Hewlett-Packard.) - C:\Windows\system32\Hpservice.exe
SS - | Demand 16/02/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SR - | Auto 11/04/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SS - | Auto 16/09/2011 366152 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 0 | (PnkBstrB) . (...) - C:\Windows\system32\PnkBstrB.exe
SR - | Auto 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 05/03/2011 247808 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
SR - | Auto 27/08/2011 2027840 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe
~ Scan Services in 00mn 03s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Alexis at 18/09/2011 21:13:58

device: opened successfully
user: error reading MBR

Disk trace:
error: Read Descripteur non valide
kernel: error reading MBR
~ Scan MBR in 00mn 05s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Alexis at 18/09/2011 21:14:00

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 07s



End of the scan (1313 lines in 01mn 47s)(0)

Voilà !

[Del-crosseur]

Bonsoir ,

note: ZHPFix peut être activé soit à partir de ZHPDiag en cliquant sur l'icône
soit à partir du raccourci sur le Bureau
Il se lance par double clic sous Xp, par clic droit et "exécuter en tant qu'administrateur" sous Vista et Seven.
/!\Fermer toutes applications en cours/!\

• Lance ZHPFix en fonction de ton système d'exploitation.
• Copie/colle toutes les lignes en Bleu que tu vois ici:
  
  

  [MD5.14125ACE451DE474374803CF4B6A3EA0] [SPRF][18/09/2011] (...) -- C:\Users\Alexis\AppData\Roaming\SVCHOST.exe [5576]
  [MD5.14125ACE451DE474374803CF4B6A3EA0] [SPRF][10/09/2011] (...) -- C:\Users\Alexis\AppData\Roaming\serveur.exe [5576]
  EmptyFlash
  Emptytemp
  

  
  (Ctrl+A pour tout sélectionner, Ctrl+C pour copier) ou avec la souris tout sélectionner, clic droit =>copier
• Clique sur l'icône représentant la lettre (« coller les lignes Helper »)
  les lignes se placent dans la fenêtre de ZHPFix => tu ne dois voir que celles-là
• Valide par "OK"
• Clique sur « Tous », puis sur « Nettoyer » Ne touche pas au pc pendants la suppression(Risque de plantage) Le temps varie en fonctions des lignes à supprimer
• Héberge le sur cijoint.fr et poste moi le lien fourni

Puis :::

*/* Vérification */*

Télécharge TDSSKiller sur ton Bureau.

Cet outil est conçu pour automatiser différentes tâches proposées par TDSSKiller, un fix de Kaspersky.
Lance load_tdsskiller en double-cliquant dessus.
Clic droit et"exécuter en tant qu'administrateur" avec Vista/Seven

A cette fenêtre lance le scan.



-Récupérer le rapport en validant Report
Poste-le moi

-Si une détection est faite valide Cure puis



redémarres le pc pour confirmer la suppression de celle-ci.


info supplémentaire -> http://support.kaspersky.com/viruses/so ... =208280684

Bonne soirée !

[Sushis]

Rapport de ZHPFix 1.12.3360 par Nicolas Coolman, Update du 29/08/2011
Fichier d'export Registre :
Run by Alexis at 19/09/2011 20:52:55
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-p ... hpfix.html

========== Dossier(s) ==========
SUPPRIME Flash Cookies: 2
SUPPRIME Temporaires Windows: : 0

========== Fichier(s) ==========
ABSENT Folder/File: c:\users\alexis\appdata\roaming\svchost.exe
ABSENT Folder/File: c:\users\alexis\appdata\roaming\serveur.exe
SUPPRIME Flash Cookies: 1
SUPPRIME Temporaires Windows: : 0


========== Récapitulatif ==========
2 : Dossier(s)
4 : Fichier(s)


End of the scan in 00mn 00s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 18/09/2011 01:00:39 [2807]
C:\ZHP\ZHPFix[R2].txt - 19/09/2011 19:52:10 [1053]
C:\ZHP\ZHPFix[R3].txt - 19/09/2011 20:52:55 [850]

Pour les fichiers marqués absents j'ai fait deux fois la manip mais la première fois les fichiers ont bien été supprimés.

Et TDSSKiller n'a rien trouvé !

[Del-crosseur]

Re ,

OkOk comment se comporte le pc ?

[Sushis]

Nikel nikel ! Il se comportait déjà bien avant mais apparemment y'avait de quoi nettoyer !

J'ai même un message d'erreur qui apparaissait systématiquement qui a disparu !

[Del-crosseur]

Bonjour ,

Parfait !
Nous allons maintenant procéder au nettoyage des outils servis pour la désinfection !

Télécharge ->> DelFix <<- de Xplode

* Lance le.

* Choisit l'option "Suppression"

* Un rapport va s'ouvrir à la fin, colle le dans la réponse ...

Ensuite pour le désinstaller ; tu relances et tu passes à l'option "Désinstallation"

Puis :::


1) Créer un point de restauration

Télécharge OneClick2RestorePoint de Laddy sur ton Bureau

• Double-cliquez dessus pour l'exécuter (Sous Vista/Seven, fais un clic droit et choisir Exécuter en tant qu'administrateur).
  
• Entrez la description suivante : "Pc-Propre"
  
• Cliquez sur le bouton "Créer", puis sur le bouton OK.
  
• Cliquez sur le bouton "Quitter" pour fermez l'application.
  

2) Purge de la restauration système

• Double-cliquez sur One Click 2 Restor Point pour l'exécuter (Sous Vista/Seven, fais un clic droit et choisir Exécuter en tant qu'administrateur).
• Cliquez sur le bouton "Purger", l'outil de nettoyage de Windows va ensuite s'ouvrir.
• Choisissez votre disque dur principal (en général C:\), puis patientez durant le scan.
• Rendez-vous dans l'onglet "Autres options".
• Dans la zone restauration système, cliquez sur le bouton "Nettoyer" puis sur le bouton "Supprimer".
• Les points de restauration système seront purgés sauf le dernier créé.

Bonne soirée !

[Sushis]

# DelFix v8.1 - Rapport créé le 20/09/2011 à 18:18
# Mis à jour le 20/06/11 à 19h par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits) [version 6.1.7600]
# Nom d'utilisateur : Alexis - ALESKYPC (Administrateur)
# Exécuté depuis : C:\Users\Alexis\Downloads\DelFix-8.1.exe
# Option [Suppression]


~~~~~~ Dossier(s) ~~~~~~

Supprimé : C:\_OTL
Supprimé : C:\Program Files (x86)\ZHPDiag

~~~~~~ Fichier(s) ~~~~~~

Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\TDSSKiller.2.5.22.0_19.09.2011_20.55.37_log.txt

~~~~~~ Registre ~~~~~~

Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\TrendMicro\Hijackthis
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe

~~~~~~ Autre ~~~~~~

-> Prefetch vidé

########## EOF - "C:\DelFixSuppr.txt" - [916 octets] ##########

J'avais déjà supprimé les icones et désinstallé malware anti malware.

[Del-crosseur]

Bonsoir ,

Ok , je vois sa ...
Par contre je te conseil vivement de garder Malwarebytes Antimalware...

Bonne soirée !

[Sushis]

Merci bien en tout cas !

Bonne continuation !