~ Rapport de ZHPDiag v2014.2.23.20 - Nicolas Coolman  (23/02/2014)
~ Lancé par Admin (27/02/2014 21:00:12)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.2180
GCIE: Google Chrome v33.0.1750.117 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2013

---\\ Logiciels d'optimisation du système
CCleaner v4.10 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader XI
Java 7 Update 51

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 511 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 175 GB (93%) free of 186 GB

---\\ Mode de connexion au système
~ Computer Name: XPSP2-D111B5EA1
~ User Name: Admin
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur, Admin, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Admin\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\Admin\Application Data\
~ %Desktop% : C:\Documents and Settings\Admin\Bureau\
~ %Favorites% : C:\Documents and Settings\Admin\Favoris\
~ %LocalAppData% : C:\Documents and Settings\Admin\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\Admin\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 175 Go of 186 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: CD-ROM drive (Not Inserted)
I: CD-ROM drive (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
~ Security Center: 41 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0BEE3B07ACE3303EE57698808E1D2DE3] - (.Microsoft Corporation - Explorateur Windows.) (.26/07/2005 - 14:01:30.) -- C:\WINDOWS\Explorer.exe [1036288]
[MD5.E41E8FDF62CF20F2E2B16D800D96EB51] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/12/2005 - 12:12:00.) -- C:\WINDOWS\system32\wininet.dll [662528]
[MD5.123EEA158F74D0F67A51DCDF065D1091] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.19/08/2004 - 15:10:06.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.03/08/2004 - 22:14:16.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.03/08/2004 - 21:59:44.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360]
[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.03/08/2004 - 22:14:12.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.03/08/2004 - 21:59:54.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536]
[MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.02/10/2001 - 17:16:24.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072]
[MD5.CBC3DEF409549672B915FB9403D63F74] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.27/10/2004 - 15:21:36.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [138240]
[MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.19/08/2004 - 14:56:40.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400]
[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.03/08/2004 - 22:00:16.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856]
[MD5.E2168CBC7098FFE963C6F23F472A3593] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2005 - 14:01:32.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912]
[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.03/08/2004 - 22:14:30.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752]
[MD5.5DDC9A1B2EB5A4BF010CE8C019A18C1F] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/07/2005 - 14:01:33.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451584]
[MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.03/08/2004 - 22:14:38.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.03/08/2004 - 22:15:10.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592]
[MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.12/10/2005 - 09:33:32.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.03/08/2004 - 22:14:24.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.26/07/2005 - 13:44:02.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864]
[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.26/07/2005 - 14:44:00.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496]
[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/08/2004 - 14:59:14.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/5
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/189
~ Mon Bureau (My Desktop) : 0/533
~ Menu demarrer (Programs) : 1/26
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [50344] [PID.1264]
[MD5.B9436A665A8621073A12338B16D7BFD4] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe   [182696] [PID.492]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [3767096] [PID.2012]
[MD5.6E6656C6618C4B0B000267D9AF9EF743] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   [859464] [PID.3084]
[MD5.42FEDBCB3ED926F6F529E0FDDF750BE0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8339968] [PID.2328]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.51.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.51.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.51.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Firefox Browser: 5 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.06.) (No version) -- (.not file.)
~ IE Browser: 13 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ BHO: 4 Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: ABBYY FineReader 5.0 Sprint Plus.lnk . (.ABBYY (BIT Software) - FineReader Shell.)  -- C:\Program Files\ABBYY FineReader 5.0 Sprint\Sprint.exe 
O4 - GS\Program [AllUsers]: Adobe Reader XI.lnk . (...)  -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico 
O4 - GS\Program [AllUsers]: SumatraPDF.lnk . (.Krzysztof Kowalczyk - SumatraPDF.)  -- C:\Program Files\SumatraPDF\SumatraPDF.exe 
O4 - GS\Program [Administrateur]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.)  -- C:\WINDOWS\system32\rcimlby.exe  =>.Microsoft Corporation
O4 - GS\Program [Administrateur]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Admin]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.)  -- C:\WINDOWS\system32\rcimlby.exe  =>.Microsoft Corporation
O4 - GS\Program [Admin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\IEXPLORE.exe 
O4 - GS\Program [Admin]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files\Windows Media Player\wmplayer.exe  =>.Microsoft Corporation
O4 - GS\Program [Admin]: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.)  -- C:\Program Files\Outlook Express\msimn.exe  =>.Microsoft Corporation
~ Global Startup: 9 Scanned in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe 
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (.not file.) 
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] . (...) -- C:\WINDOWS\system32\run.cmd 
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe  =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe 
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] . (...) -- C:\WINDOWS\system32\run.cmd 
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] . (...) -- C:\WINDOWS\system32\run.cmd 
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] . (.Microsoft Corporation - DLL d'action personnalisée d'installation.) -- C:\WINDOWS\system32\tscupgrd.exe 
O4 - HKUS\S-1-5-21-343818398-963894560-839522115-1003\..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (.not file.) 
~ Application:  Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll  =>.Microsoft Corporation
~ Winsock: 3 Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1364481647937
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8DC828B-7540-48D6-8644-F21AE91B68FA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B8DC828B-7540-48D6-8644-F21AE91B68FA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B8DC828B-7540-48D6-8644-F21AE91B68FA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
~ SSODL: 4 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe
~ Services: 3 Scanned in 00mn 02s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: (no name) - file:http://capmosaique.com/wp-content/uploads/2012/11/modele.jpg
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job   [1002]
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\At1.job   [408]
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\avast! Emergency Update.job   [364]
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\BitGuard.job   [280] =>PUP.BitGuard
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job   [1050]
O39 - APT:Automatic Planified Task  - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job   [1054]
[MD5.F7AB315A4D400CA876381D1E188A2E20] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe   [257928]
[MD5.00000000000000000000000000000000] [APT] [At1] (...) -- C:\DOCUME~1\Admin\APPLIC~1\Dealply\UPDATE~1\UPDATE~1.exe (.not file.)   [0]  =>PUP.DealPly
[MD5.F82F374417148CF545221DD88876219F] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe   [783728]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [116648]
~ Scheduled Task: 14 Scanned in 00mn 00s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe
O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe  =>.Microsoft Corporation
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe  =>.Microsoft Corporation
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf
O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf  =>.Microsoft Corporation
O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe  =>.Microsoft Corporation
O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'installation individualisée de Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll
O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_12_0_0_70.ocx
O40 - ASIC: Installed Component - S-1-5-21-343818398-963894560-839522115-1003 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID
~ Active Setup: 18 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver:  (AswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\WINDOWS\system32\drivers\aswRdr.sys
O41 - Driver:  (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\WINDOWS\system32\drivers\aswSnx.sys
O41 - Driver:  (aswSP) . (.AVAST Software - avast! self protection module.) - C:\WINDOWS\system32\drivers\aswSP.sys
O41 - Driver:  (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\WINDOWS\system32\drivers\aswTdi.sys
O41 - Driver:  (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver:  (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver:  (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver:  (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver:  (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver:  (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver:  (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver:  (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver:  (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver:  (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver:  (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Drivers: 69 Scanned in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: ABBYY FineReader 5.0 Sprint Plus - (.ABBYY Software House.) [HKLM] -- {D1696920-9794-4BBC-8A30-7A88763DE5A2}
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader XI (11.0.06) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd
O42 - Logiciel: EPSON CardMonitor - (...) [HKLM] -- {109D28C7-FB38-483A-9C91-001CB59E2699}
O42 - Logiciel: EPSON Copy Utility - (...) [HKLM] -- {B69CC1A5-0404-11D6-ABCB-005004C21D30}
O42 - Logiciel: EPSON Logiciel imprimante - (...) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: EPSON PRINT Image Framer Tool2.1 - (...) [HKLM] -- {23B59ED4-C360-11D7-875B-0090CC005647}
O42 - Logiciel: EPSON Photo Print - (...) [HKLM] -- {057B1FBC-DA65-4FE3-ADC7-C1476E19F392}
O42 - Logiciel: EPSON PhotoQuicker3.5 - (...) [HKLM] -- {65F5B7AF-3363-11D7-BB6B-00018021113F}
O42 - Logiciel: EPSON PhotoStarter3.1 - (...) [HKLM] -- {C48817E7-AA05-4151-A99D-1E1E550CE801}
O42 - Logiciel: EPSON Scan - (...) [HKLM] -- {0E0131B2-CF18-40D9-A331-60A3746C1204}
O42 - Logiciel: EPSON Smart Panel - (...) [HKLM] -- {6C11D561-620B-47DA-A693-4C597F3CDF40}
O42 - Logiciel: ESPRX500 Guide de référence - (...) [HKLM] -- ESPRX500 Guide de référence
O42 - Logiciel: ESPRX500 Guide des logiciels - (...) [HKLM] -- ESPRX500 Guide des logiciels
O42 - Logiciel: ESPRX500 Guide fonctionnement - (...) [HKLM] -- ESPRX500 Guide fonctionnement
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.DealPly Technologies Ltd.) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.DealPly
O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: OpenOffice.org 3.4 - (.OpenOffice.org.) [HKLM] -- {2F90A789-DD1E-41CE-BFCA-BD78213BABC7}
O42 - Logiciel: SumatraPDF 2.4 - (.Krzysztof Kowalczyk.) [HKLM] -- SumatraPDF
O42 - Logiciel: Windows Genuine Advantage v1.3.0254.0 - (.Microsoft.) [HKLM] -- {63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
O42 - Logiciel: WordBiz 1.8.7 - (...) [HKLM] -- WordBiz_0
O42 - Logiciel: avast! Free Antivirus v9.0.2013 - (.Avast Software.) [HKLM] -- avast
~ Logic: 27 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\77-Zip]
[HKCU\Software\ABBYY]
[HKCU\Software\AVAST Software]
[HKCU\Software\Adobe]
[HKCU\Software\Aurigma]
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\DealPlyLive] =>PUP.DealPly
[HKCU\Software\EPSON]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Gr]
[HKCU\Software\Intel]
[HKCU\Software\Internet Scrabble Club]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RG]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Smart Panel]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Software]
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\Torch]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\USyndication] =>Trojan.Trojan.USyndication
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\eSupport.com]
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\iMesh] =>PUP.iMesh
[HKCU\Software\kde.org]
[HKCU\Software\mozilla]
[HKCU\Software\telecharger-gratuit]
[HKCU\Software\usyndication.com] =>Trojan.Trojan.USyndication
[HKLM\Software\ABBYY]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\C07ft5Y]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Dofus2Beta]
[HKLM\Software\Dofus2]
[HKLM\Software\EPSON Photo Print]
[HKLM\Software\EPSON]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\MusicNet]
[HKLM\Software\NewSoft]
[HKLM\Software\ODBC]
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SEIKO EPSON CORP.]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Schlumberger]
[HKLM\Software\Smart Panel]
[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Speedchecker Limited]
[HKLM\Software\Torch]
[HKLM\Software\TuneUp]
[HKLM\Software\VBMZ] =>PUP.Duuqu
[HKLM\Software\Vittalia] =>Adware.PUP.Vittalia
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Wow6432Node]
[HKLM\Software\mozilla]
~ Key Software: 142 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/10/2013 - 22:16:44 - [0] ----D C:\Program Files\7-Zip
O43 - CFD: 16/03/2013 - 21:43:44 - [31,805] ----D C:\Program Files\ABBYY FineReader 5.0 Sprint
O43 - CFD: 23/10/2013 - 22:17:20 - [120,874] ----D C:\Program Files\Adobe
O43 - CFD: 16/03/2013 - 21:56:24 - [337,082] ----D C:\Program Files\AVAST Software
O43 - CFD: 07/02/2014 - 22:36:36 - [0] ----D C:\Program Files\BearShare Applications =>PUP.BearShare
O43 - CFD: 01/02/2014 - 21:57:57 - [6,612] ----D C:\Program Files\CCleaner =>Piriform Ltd
O43 - CFD: 16/03/2013 - 21:24:58 - [0] ----D C:\Program Files\ComPlus Applications
O43 - CFD: 04/10/2013 - 21:09:10 - [0,851] ----D C:\Program Files\DealPly =>PUP.DealPly
O43 - CFD: 04/10/2013 - 22:05:25 - [0] ----D C:\Program Files\DealPlyLive =>PUP.DealPly
O43 - CFD: 19/11/2013 - 17:01:20 - [85,075] ----D C:\Program Files\EPSON
O43 - CFD: 26/06/2013 - 12:17:29 - [1,810] ----D C:\Program Files\eSupport.com
O43 - CFD: 28/01/2014 - 15:41:17 - [27,792] ----D C:\Program Files\Fichiers communs
O43 - CFD: 13/09/2013 - 22:23:02 - [483,748] ----D C:\Program Files\Google
O43 - CFD: 16/03/2013 - 22:04:53 - [0] ----D C:\Program Files\GUMD3.tmp
O43 - CFD: 19/11/2013 - 17:01:19 - [25,343] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/09/2013 - 20:15:30 - [1,353] ----D C:\Program Files\Internet Explorer
O43 - CFD: 24/01/2014 - 11:38:20 - [123,110] ----D C:\Program Files\Java
O43 - CFD: 26/02/2014 - 20:37:18 - [0,024] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 16/04/2013 - 17:42:06 - [91,436] ----D C:\Program Files\Metin2
O43 - CFD: 16/03/2013 - 21:28:46 - [0] ----D C:\Program Files\microsoft frontpage
O43 - CFD: 13/05/2013 - 10:18:49 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 28/11/2013 - 17:08:51 - [1,584] ----D C:\Program Files\Mobogenie =>PUP.Mobogenie
O43 - CFD: 16/03/2013 - 21:28:46 - [0] ----D C:\Program Files\movie maker
O43 - CFD: 13/05/2013 - 10:14:47 - [0] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 26/06/2013 - 16:21:09 - [26,600] ----D C:\Program Files\MSECache
O43 - CFD: 16/03/2013 - 21:28:46 - [0] ----D C:\Program Files\msn gaming zone
O43 - CFD: 16/03/2013 - 21:26:06 - [3,133] ----D C:\Program Files\NetMeeting
O43 - CFD: 09/07/2013 - 21:06:19 - [285,319] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 16/03/2013 - 21:30:27 - [4,173] ----D C:\Program Files\Outlook Express  =>.Microsoft Corporation
O43 - CFD: 16/03/2013 - 21:26:45 - [0,001] ----D C:\Program Files\Services en ligne
O43 - CFD: 16/03/2013 - 21:42:41 - [62,348] ----D C:\Program Files\Smart Panel
O43 - CFD: 04/10/2013 - 20:56:38 - [0] ----D C:\Program Files\Software
O43 - CFD: 27/02/2014 - 20:44:21 - [0,259] ----D C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 17/09/2013 - 20:15:16 - [9,642] ----D C:\Program Files\SumatraPDF
O43 - CFD: 01/10/2013 - 20:12:30 - [7,204] ----D C:\Program Files\TuneUp Utilities 2014
O43 - CFD: 21/07/2013 - 16:53:38 - [1,389] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 17/09/2013 - 20:31:09 - [0,047] ----D C:\Program Files\Uninstaller
O43 - CFD: 16/03/2013 - 21:28:13 - [3,084] ----D C:\Program Files\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 16/03/2013 - 21:28:46 - [0,742] ----D C:\Program Files\Windows NT
O43 - CFD: 16/03/2013 - 21:26:48 - [0] --H-D C:\Program Files\WindowsUpdate
O43 - CFD: 19/03/2013 - 17:38:32 - [66,883] ----D C:\Program Files\WordBiz
O43 - CFD: 16/03/2013 - 21:28:46 - [0] ----D C:\Program Files\xerox
O43 - CFD: 27/02/2014 - 20:59:35 - [17,259] ----D C:\Program Files\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 17/03/2013 - 11:00:28 - [6,238] ----D C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 02/10/2013 - 20:04:54 - [1,305] ----D C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 17/09/2013 - 16:04:04 - [1,191] ----D C:\Program Files\Fichiers communs\Java
O43 - CFD: 17/09/2013 - 20:15:32 - [8,683] ----D C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 16/03/2013 - 21:26:01 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 16/03/2013 - 22:19:50 - [0] ----D C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 16/03/2013 - 21:26:04 - [0,008] ----D C:\Program Files\Fichiers communs\Services
O43 - CFD: 16/03/2013 - 22:19:47 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 16/03/2013 - 21:25:38 - [6,485] ----D C:\Program Files\Fichiers communs\System
O43 - CFD: 17/03/2013 - 12:43:29 - [147,185] ----D C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 02/12/2013 - 20:52:15 - [86,200] ----D C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 28/09/2013 - 17:25:39 - [0] --H-D C:\Documents and Settings\All Users\Application Data\Common Files
O43 - CFD: 04/10/2013 - 21:00:29 - [0,057] ----D C:\Documents and Settings\All Users\Application Data\DealPlyLive =>PUP.DealPly
O43 - CFD: 25/02/2014 - 21:02:38 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\Malwarebytes
O43 - CFD: 27/02/2014 - 20:42:48 - [1,437] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 28/01/2014 - 15:41:17 - [0] ----D C:\Documents and Settings\All Users\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 26/02/2014 - 21:55:23 - [0,559] ----D C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
O43 - CFD: 17/09/2013 - 16:04:07 - [0] ----D C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 17/09/2013 - 20:14:38 - [0] ----D C:\Documents and Settings\All Users\Application Data\TEMP
O43 - CFD: 28/09/2013 - 17:32:15 - [0,168] ----D C:\Documents and Settings\All Users\Application Data\TuneUp Software
O43 - CFD: 16/03/2013 - 21:44:10 - [3,070] ----D C:\Documents and Settings\All Users\Application Data\UDL
O43 - CFD: 28/09/2013 - 17:44:08 - [0] -SH-D C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 17/03/2013 - 12:43:29 - [2,033] ----D C:\Documents and Settings\Admin\Application Data\Adobe
O43 - CFD: 17/03/2013 - 17:13:34 - [0,004] ----D C:\Documents and Settings\Admin\Application Data\AnkamaCertificates
O43 - CFD: 17/03/2013 - 13:19:29 - [0,005] ----D C:\Documents and Settings\Admin\Application Data\app
O43 - CFD: 15/10/2013 - 10:08:53 - [0] ----D C:\Documents and Settings\Admin\Application Data\ArchiFacile
O43 - CFD: 17/03/2013 - 12:32:54 - [0] ----D C:\Documents and Settings\Admin\Application Data\ATI
O43 - CFD: 05/12/2013 - 17:22:05 - [6,981] ----D C:\Documents and Settings\Admin\Application Data\AVAST Software
O43 - CFD: 04/10/2013 - 21:00:03 - [0] ----D C:\Documents and Settings\Admin\Application Data\Dealply =>PUP.DealPly
O43 - CFD: 28/06/2013 - 12:17:59 - [0] ----D C:\Documents and Settings\Admin\Application Data\Dofus
O43 - CFD: 28/06/2013 - 13:28:53 - [0] ----D C:\Documents and Settings\Admin\Application Data\Dofus-2
O43 - CFD: 28/06/2013 - 13:56:19 - [0] ----D C:\Documents and Settings\Admin\Application Data\Dofus-3
O43 - CFD: 13/07/2013 - 10:05:21 - [0] ----D C:\Documents and Settings\Admin\Application Data\Dofus-4
O43 - CFD: 08/08/2013 - 15:52:50 - [13,929] ----D C:\Documents and Settings\Admin\Application Data\Dofus2
O43 - CFD: 08/08/2013 - 16:25:44 - [1,406] ----D C:\Documents and Settings\Admin\Application Data\Dofus2Beta
O43 - CFD: 02/08/2013 - 18:08:41 - [0] ----D C:\Documents and Settings\Admin\Application Data\DofusBeta
O43 - CFD: 06/08/2013 - 07:52:07 - [0] ----D C:\Documents and Settings\Admin\Application Data\DofusBeta-2
O43 - CFD: 17/03/2013 - 15:57:20 - [0] ----D C:\Documents and Settings\Admin\Application Data\DofusTesting
O43 - CFD: 17/03/2013 - 13:19:27 - [0] ----D C:\Documents and Settings\Admin\Application Data\DofusTesting-2
O43 - CFD: 04/05/2013 - 15:53:44 - [0] ----D C:\Documents and Settings\Admin\Application Data\DofusTesting-3
O43 - CFD: 19/05/2013 - 10:43:17 - [0] ----D C:\Documents and Settings\Admin\Application Data\DofusTesting-4
O43 - CFD: 28/01/2014 - 15:37:08 - [0] ----D C:\Documents and Settings\Admin\Application Data\DriverCure =>PUP.DriverCure
O43 - CFD: 17/06/2013 - 10:29:57 - [0] ----D C:\Documents and Settings\Admin\Application Data\EPSON
O43 - CFD: 30/07/2013 - 21:39:59 - [0] ----D C:\Documents and Settings\Admin\Application Data\Google
O43 - CFD: 23/04/2013 - 20:35:23 - [0] ----D C:\Documents and Settings\Admin\Application Data\Help
O43 - CFD: 16/03/2013 - 21:37:15 - [0] ----D C:\Documents and Settings\Admin\Application Data\Identities
O43 - CFD: 13/09/2013 - 22:14:31 - [0] ----D C:\Documents and Settings\Admin\Application Data\LiveCAD3
O43 - CFD: 16/03/2013 - 22:15:52 - [0,001] ----D C:\Documents and Settings\Admin\Application Data\Macromedia
O43 - CFD: 25/02/2014 - 21:03:47 - [0] ----D C:\Documents and Settings\Admin\Application Data\Malwarebytes
O43 - CFD: 09/12/2013 - 19:01:39 - [8,325] -S--D C:\Documents and Settings\Admin\Application Data\Microsoft
O43 - CFD: 21/07/2013 - 16:53:35 - [0,840] ----D C:\Documents and Settings\Admin\Application Data\Mozilla
O43 - CFD: 25/02/2014 - 20:42:56 - [0,004] ----D C:\Documents and Settings\Admin\Application Data\newnext.me =>PUP.NextLive
O43 - CFD: 04/10/2013 - 20:57:13 - [0,286] ----D C:\Documents and Settings\Admin\Application Data\OfferBox =>PUP.OfferBox
O43 - CFD: 28/09/2013 - 17:22:44 - [31,497] ----D C:\Documents and Settings\Admin\Application Data\OpenCandy =>Adware.OpenCandy
O43 - CFD: 04/05/2013 - 09:11:59 - [21,422] ----D C:\Documents and Settings\Admin\Application Data\OpenOffice.org
O43 - CFD: 31/07/2013 - 10:05:30 - [0] ----D C:\Documents and Settings\Admin\Application Data\Reg
O43 - CFD: 17/03/2013 - 13:19:29 - [0] ----D C:\Documents and Settings\Admin\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 02/08/2013 - 18:08:52 - [0] ----D C:\Documents and Settings\Admin\Application Data\RegBeta
O43 - CFD: 17/03/2013 - 17:12:54 - [0] ----D C:\Documents and Settings\Admin\Application Data\RegBeta.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 21/07/2013 - 16:54:26 - [0,001] ----D C:\Documents and Settings\Admin\Application Data\RocketPDF
O43 - CFD: 28/01/2014 - 14:27:17 - [0] ----D C:\Documents and Settings\Admin\Application Data\SFR
O43 - CFD: 03/06/2013 - 19:24:06 - [0,116] ----D C:\Documents and Settings\Admin\Application Data\Smart Panel
O43 - CFD: 17/09/2013 - 15:27:42 - [0,121] ----D C:\Documents and Settings\Admin\Application Data\SpeedAnalysis3 =>PUP.SpeedAnalysis
O43 - CFD: 28/01/2014 - 15:37:07 - [0] ----D C:\Documents and Settings\Admin\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 04/11/2013 - 10:42:24 - [0,287] ----D C:\Documents and Settings\Admin\Application Data\SumatraPDF
O43 - CFD: 17/09/2013 - 16:00:47 - [76,003] ----D C:\Documents and Settings\Admin\Application Data\Sun
O43 - CFD: 17/09/2013 - 16:31:20 - [0] ----D C:\Documents and Settings\Admin\Application Data\TFP
O43 - CFD: 28/09/2013 - 17:30:58 - [0,068] ----D C:\Documents and Settings\Admin\Application Data\TuneUp Software
O43 - CFD: 17/09/2013 - 16:45:25 - [0] ----D C:\Documents and Settings\Admin\Application Data\WinRAR
O43 - CFD: 27/02/2014 - 21:00:17 - [0,079] ----D C:\Documents and Settings\Admin\Application Data\ZHP  =>.Nicolas Coolman
O43 - CFD: 24/07/2013 - 21:28:51 - [0,055] ----D C:\Documents and Settings\Admin\Application Data\zulagames
O43 - CFD: 26/06/2013 - 10:20:43 - [0,121] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\ABBYY
O43 - CFD: 01/02/2014 - 21:13:16 - [11,690] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Adobe
O43 - CFD: 17/03/2013 - 12:32:54 - [0,061] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\ATI
O43 - CFD: 15/11/2013 - 10:26:25 - [6,825] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\cache
O43 - CFD: 04/10/2013 - 21:00:29 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\DealPlyLive =>PUP.DealPly
O43 - CFD: 04/10/2013 - 20:57:35 - [0,029] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\emaze
O43 - CFD: 25/02/2014 - 20:48:10 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\genienext
O43 - CFD: 30/07/2013 - 21:39:59 - [488,061] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Google
O43 - CFD: 23/04/2013 - 20:35:23 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Help
O43 - CFD: 23/03/2013 - 16:56:53 - [0,289] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Identities
O43 - CFD: 25/12/2013 - 21:03:42 - [10,155] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft
O43 - CFD: 28/11/2013 - 17:08:51 - [125,784] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Mobogenie =>PUP.Mobogenie
O43 - CFD: 04/10/2013 - 20:55:36 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Software =>Adware.Boxore
O43 - CFD: 17/09/2013 - 19:57:30 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Sun
O43 - CFD: 23/12/2013 - 20:59:38 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\temp
O43 - CFD: 17/09/2013 - 16:38:28 - [27,944] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Torch
O43 - CFD: 15/10/2013 - 08:49:00 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\VisualBeeExe =>Adware.VisualBeeToolbar
O43 - CFD: 16/03/2013 - 21:37:17 - [0,013] R---D C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 17/09/2013 - 20:34:31 - [0] R---D C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 16/03/2013 - 21:44:39 - [0,005] ----D C:\Documents and Settings\Admin\Menu Démarrer\Programmes\EPSON
O43 - CFD: 22/10/2013 - 19:58:49 - [0] R---D C:\Documents and Settings\Admin\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 19/03/2013 - 17:38:13 - [0,001] ----D C:\Documents and Settings\Admin\Menu Démarrer\Programmes\WordBiz
~ Program Folder: 136 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.0245D0889C3443F5DC9194558583FE59] - 13/02/2014 - 20:43:28 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\WINDOWS\avastSS.scr   [43152]
O44 - LFC:[MD5.CF915E66756D84260F92BB9016F155A1] - 13/02/2014 - 20:43:28 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\WINDOWS\system32\aswBoot.exe   [270240]
O44 - LFC:[MD5.E6390554DCB2A730702188547267093C] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\Drivers\aswTdi.sys   [57672]
O44 - LFC:[MD5.98C18C78B0C3E7EFBDDA7BD0C35F5903] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\WINDOWS\system32\Drivers\aswRdr.sys   [54832]
O44 - LFC:[MD5.8CD8710457FCC1CDE88CBFA3AA119B92] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\Drivers\aswSnx.sys   [775952]
O44 - LFC:[MD5.C1F95C9481F46B96E23A276639C55AC9] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\Drivers\aswSP.sys   [410784]
O44 - LFC:[MD5.7021F01CCAC1538CCF9AE004723AF033] - 13/02/2014 - 20:43:52 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\WINDOWS\system32\Drivers\aswmonflt.sys   [67824]
O44 - LFC:[MD5.147F614063F599875E8B76F0505D6E13] - 21/02/2014 - 17:52:32 ---A- . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\FlashPlayerInstaller.exe   [17268616]
O44 - LFC:[MD5.72F76B12C09B36F26219920D0B2E7EF3] - 21/02/2014 - 17:52:49 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerApp.exe   [692616]
O44 - LFC:[MD5.FD38EBD137378FE594E7EFEBB5B3E096] - 21/02/2014 - 17:52:49 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl   [71048]
O44 - LFC:[MD5.41BAF6A0CD8CA835FA7A55D6494D94DD] - 25/02/2014 - 20:41:41 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl   [2206]
O44 - LFC:[MD5.0DB7527DB188C7D967A37BB51BBF3963] - 25/02/2014 - 21:07:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\Drivers\mbamswissarmy.sys   [40776]
O44 - LFC:[MD5.DF614AEA27276759CDB22FFD845D444B] - 26/02/2014 - 21:45:23 -SH-- . (...) -- C:\boot.ini   [246]
O44 - LFC:[MD5.73FE8285D075FE7F0CD980870A09AF3D] - 27/02/2014 - 20:42:51 ---A- . (...) -- C:\WINDOWS\WININIT.INI   [79]
O44 - LFC:[MD5.7BB3C128D9BD4960FF2FDDE48EADE01D] - 27/02/2014 - 20:43:48 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt   [32608]
O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 27/02/2014 - 20:44:27 -S-A- . (...) -- C:\WINDOWS\bootstat.dat   [2048]
O44 - LFC:[MD5.E3897A6124018F25E61E9140B9F4687D] - 27/02/2014 - 20:44:46 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [159]
O44 - LFC:[MD5.ED265D58850725CDCA8E0387C1042EC6] - 27/02/2014 - 20:44:54 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 27/02/2014 - 20:45:27 ---A- . (...) -- C:\WINDOWS\0.log   [0]
O44 - LFC:[MD5.9E2C5D3B9B92B1FBF917670D933F91B0] - 27/02/2014 - 20:47:18 ---A- . (...) -- C:\WINDOWS\system32\d3d9caps.dat   [664]
O44 - LFC:[MD5.9907CF536C1B53E660DE07A72E155B80] - 27/02/2014 - 20:51:00 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log   [439917]
~ Files: 22 Scanned in 00mn 03s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.05E16A3D32E282AA5D0CB28972C515E1] - 01/02/2014 - 20:59:59 ---A- - C:\WINDOWS\Prefetch\18852707-FAAC-4780-80BC-82E19-11FE76AD.pf
O45 - LFCP:[MD5.539E24F00B40F0557A08C30014D11FB9] - 01/02/2014 - 20:59:59 ---A- - C:\WINDOWS\Prefetch\37D6372D-62D2-40E2-BE47-9A128-1E2F2D07.pf
O45 - LFCP:[MD5.99633BE4CD6DD433A4308FD8E4169183] - 01/02/2014 - 21:01:05 ---A- - C:\WINDOWS\Prefetch\HELPCTR.EXE-3862B6F5.pf
O45 - LFCP:[MD5.C6F7A1D55AB2AC48E048EC019098964C] - 01/02/2014 - 21:12:04 ---A- - C:\WINDOWS\Prefetch\INSTALL_FLASHPLAYER12X32AX_MS-2BFBD249.pf
O45 - LFCP:[MD5.9CFC2D8E19FFF2E44AF17EA8F2B86731] - 01/02/2014 - 21:12:09 ---A- - C:\WINDOWS\Prefetch\INSTALL_FLASHPLAYER12X32AX_MS-130062AC.pf
O45 - LFCP:[MD5.03EFCFA8E5808C6276F61924D19B6570] - 01/02/2014 - 21:12:18 ---A- - C:\WINDOWS\Prefetch\GTBCHECK.EXE-0359DC13.pf
O45 - LFCP:[MD5.B4D2845FE7AE82B63E8C59A11BB44A00] - 01/02/2014 - 21:12:20 ---A- - C:\WINDOWS\Prefetch\GCCHECK.EXE-2F45300B.pf
O45 - LFCP:[MD5.14C14ECE54F2CF5484DAEEBCFBB7DA09] - 01/02/2014 - 21:36:35 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-2297B145.pf
O45 - LFCP:[MD5.36EA495092643A80660180FC5B679FE0] - 01/02/2014 - 21:47:43 ---A- - C:\WINDOWS\Prefetch\MEDIACENTER.EXE-02EB80DA.pf
O45 - LFCP:[MD5.4984A69269FD0ABCAB3812BA0C0BE4F1] - 01/02/2014 - 21:49:01 ---A- - C:\WINDOWS\Prefetch\9LAUNCH.EXE-1CFF14BB.pf
O45 - LFCP:[MD5.46C11400D71500971E28521727E1B001] - 03/02/2014 - 20:43:32 ---A- - C:\WINDOWS\Prefetch\WMPLAYER.EXE-18DDEF9C.pf
O45 - LFCP:[MD5.5990B3169DC25DB05F4A792438DAE8E1] - 05/02/2014 - 20:46:11 ---A- - C:\WINDOWS\Prefetch\BROWSERCLEANUP.EXE-1A1409BD.pf
O45 - LFCP:[MD5.8D8C3123AF7FC980E92634D9296EAD38] - 05/02/2014 - 20:46:27 ---A- - C:\WINDOWS\Prefetch\AVASTBCL-SFX.EXE-09C8D5DC.pf
O45 - LFCP:[MD5.BC2F6263F927C1F2286E1011574A2733] - 05/02/2014 - 20:46:27 ---A- - C:\WINDOWS\Prefetch\BROWSERCLEANUP.EXE-088BEBEF.pf
O45 - LFCP:[MD5.A19867680107875E9D95CD3CBA5A4309] - 05/02/2014 - 20:51:26 ---A- - C:\WINDOWS\Prefetch\UNINSTALL.EXE-36258B8B.pf
O45 - LFCP:[MD5.DF848BD5D9B280DE83754FBD715ED166] - 05/02/2014 - 20:51:29 ---A- - C:\WINDOWS\Prefetch\9CONF.EXE-25F0D459.pf
O45 - LFCP:[MD5.C68040070E5D7C44F10C1378CFF28CF4] - 05/02/2014 - 20:51:30 ---A- - C:\WINDOWS\Prefetch\9DIAGS.EXE-2F86E66A.pf
O45 - LFCP:[MD5.4494E6394D48D2AE5B36F43E3FC11722] - 05/02/2014 - 20:51:30 ---A- - C:\WINDOWS\Prefetch\9PROPS.EXE-2DF7AAF6.pf
O45 - LFCP:[MD5.7F28A43B265E673B23CDA5B4088EA7DF] - 05/02/2014 - 20:51:31 ---A- - C:\WINDOWS\Prefetch\9WIFI.EXE-231ED265.pf
O45 - LFCP:[MD5.DDC12A0A089DFFD5FD4DA7812AC130A0] - 06/02/2014 - 20:42:00 ---A- - C:\WINDOWS\Prefetch\DRWTSN32.EXE-2B4B52AC.pf
O45 - LFCP:[MD5.1E9D44C21104B60AD62C4DC081FD6CC3] - 06/02/2014 - 23:04:06 ---A- - C:\WINDOWS\Prefetch\JAVAW.EXE-021F87DA.pf
O45 - LFCP:[MD5.6073255A37F671FC9D2733EE97347B35] - 06/02/2014 - 23:04:08 ---A- - C:\WINDOWS\Prefetch\JAVAWS.EXE-1EEF33AA.pf
O45 - LFCP:[MD5.433CDA098E9B4D694C4F069E8626FF70] - 07/02/2014 - 20:46:01 ---A- - C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-28839C5E.pf
O45 - LFCP:[MD5.2EF1FC107CB5B544AB38005C2F381402] - 07/02/2014 - 20:46:02 ---A- - C:\WINDOWS\Prefetch\ADOBEARM.EXE-1095AC0A.pf
O45 - LFCP:[MD5.38968109323B9B27C9DBECB5CD5C4A29] - 07/02/2014 - 20:46:02 ---A- - C:\WINDOWS\Prefetch\JUSCHED.EXE-0173BDFB.pf
O45 - LFCP:[MD5.D32064BA3D61A419F19EFF25DBE3FB1D] - 07/02/2014 - 20:46:02 ---A- - C:\WINDOWS\Prefetch\READER_SL.EXE-089975CC.pf
O45 - LFCP:[MD5.F09EA3BB3506E40E47C3E56BD85ADE6B] - 07/02/2014 - 21:38:01 ---A- - C:\WINDOWS\Prefetch\JAVA.EXE-1E21D4DA.pf
O45 - LFCP:[MD5.2D012EDD4F516F85999834C17521AC52] - 07/02/2014 - 22:29:18 ---A- - C:\WINDOWS\Prefetch\NETSH.EXE-085CFFDE.pf
O45 - LFCP:[MD5.6D6068565D58CC5CA615F4F225D58065] - 07/02/2014 - 22:36:17 ---A- - C:\WINDOWS\Prefetch\AU_.EXE-34E9686B.pf
O45 - LFCP:[MD5.904562FFBFD1D514DDCFEE967F83E92A] - 10/02/2014 - 21:56:56 ---A- - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
O45 - LFCP:[MD5.390DC0358F2BFF0C51C9D8D7A944628A] - 10/02/2014 - 22:09:21 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-22E35C38.pf
O45 - LFCP:[MD5.D6D7CCC8A4A7916570A8CC81AC50C721] - 13/02/2014 - 20:42:23 ---A- - C:\WINDOWS\Prefetch\INSTUP.EXE-01E50626.pf
O45 - LFCP:[MD5.5A0C5651746BFD28C5DD68860ECF6B65] - 14/02/2014 - 21:37:15 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-EED5A24F.pf
O45 - LFCP:[MD5.99CF1E5BAADAB2B0C165BEE5DF8F299A] - 16/02/2014 - 17:03:37 ---A- - C:\WINDOWS\Prefetch\SUMATRAPDF.EXE-1AA19E18.pf
O45 - LFCP:[MD5.61E24BDE62944F47DFC486599181D3CF] - 17/02/2014 - 16:48:50 ---A- - C:\WINDOWS\Prefetch\ACRORD32.EXE-3B19D33B.pf
O45 - LFCP:[MD5.EFFD362799E35F142D43D47E0CF43E68] - 17/02/2014 - 18:47:55 ---A- - C:\WINDOWS\Prefetch\SSMYST.SCR-1CCCF0DC.pf
O45 - LFCP:[MD5.B3ABB17D8ACC47ED35F4BAF7802B66BA] - 21/02/2014 - 18:45:24 ---A- - C:\WINDOWS\Prefetch\POPOTANAGRAMME.EXE-0CD7FE1C.pf
O45 - LFCP:[MD5.6932A6786AC5C396C5C0162DD4F1794C] - 21/02/2014 - 18:45:55 ---A- - C:\WINDOWS\Prefetch\WORDBIZ.EXE-0F1BAC1C.pf
O45 - LFCP:[MD5.B1344939DE98EDF652EF337A042627DE] - 25/02/2014 - 20:43:12 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-13C59DFD.pf
O45 - LFCP:[MD5.398CA4E36AE10365C93C4DE16E96EBDA] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\AVASTSVC.EXE-2FF42CC2.pf
O45 - LFCP:[MD5.BCC1895D34ED8A80D35B033AF6594CE5] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\CSRSS.EXE-12B63473.pf
O45 - LFCP:[MD5.D673F996835E0C6128BA081B16585180] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\INSTUP.EXE-2B8BA16F.pf
O45 - LFCP:[MD5.3365740DDCC2B312333FFABF4B3F946E] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\JQS.EXE-21B69FF4.pf
O45 - LFCP:[MD5.C5345CBD3C1380ECB093C0B2D1F3CDE5] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\LSASS.EXE-20DB6D1B.pf
O45 - LFCP:[MD5.D660E07ED16D1BCD0B9921D9366C24CC] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\MSCORSVW.EXE-1366B4F5.pf
O45 - LFCP:[MD5.E203BF73FEBA464E4907E3907F6B0C58] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\SERVICES.EXE-2F433351.pf
O45 - LFCP:[MD5.3EAA3E1FE109FC9BBE7F2ACF4FCB6387] - 25/02/2014 - 20:50:00 ---A- - C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf
O45 - LFCP:[MD5.6A91E81E5BC516DE4E91F1DF1850BB45] - 25/02/2014 - 21:06:39 ---A- - C:\WINDOWS\Prefetch\ASWOFFERTOOL.EXE-1F51A021.pf
O45 - LFCP:[MD5.181C7FFD51DC9016FC3155774F54ABD2] - 25/02/2014 - 21:29:53 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4489B61B.pf
O45 - LFCP:[MD5.C54972112D3D0901F930E540739FC387] - 25/02/2014 - 21:30:34 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
O45 - LFCP:[MD5.A3ABF705775D6904C0772132A2C146B8] - 25/02/2014 - 21:54:05 ---A- - C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf
O45 - LFCP:[MD5.30C8AA6C6C5AC86852D7A7A3A879D8FF] - 26/02/2014 - 20:39:06 ---A- - C:\WINDOWS\Prefetch\SOFFICE.BIN-01E25E9C.pf
O45 - LFCP:[MD5.FFE33A9D2F42F0A52B5E3EA6BF24A3A1] - 26/02/2014 - 20:39:06 ---A- - C:\WINDOWS\Prefetch\SOFFICE.EXE-358D937C.pf
O45 - LFCP:[MD5.E1BBF38D201554AAEC8EA81F8FA0ABA4] - 27/02/2014 - 20:36:51 ---A- - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf
O45 - LFCP:[MD5.4326F17FEDCDE9489244C846332D3B61] - 27/02/2014 - 20:36:51 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
O45 - LFCP:[MD5.226CEBF70116EFA9F06715337584F8AC] - 27/02/2014 - 20:42:46 ---A- - C:\WINDOWS\Prefetch\TASKKILL.EXE-0A8306E3.pf
O45 - LFCP:[MD5.68FB72D35E11C5F5A5254B8AAE5A1235] - 27/02/2014 - 20:42:56 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
O45 - LFCP:[MD5.C5DF0F731C26E988AA076144F1B882BD] - 27/02/2014 - 20:43:07 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf
O45 - LFCP:[MD5.1D53545293F593D3CE59CB423FF9AA64] - 27/02/2014 - 20:43:17 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf
O45 - LFCP:[MD5.6A593A91C9C0E131738910B9100FC226] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\AVASTEMUPDATE.EXE-033BD90D.pf
O45 - LFCP:[MD5.4B94CA4BDA2251C87AE16B6B7FBDCF36] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\AVASTUI.EXE-0B3C80E5.pf
O45 - LFCP:[MD5.F21184315C9CAB1BD08FA80E5BEC7662] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\AVBUGREPORT.EXE-17B0B851.pf
O45 - LFCP:[MD5.C025D1B753EEBE901D60E9C1B69F09B2] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
O45 - LFCP:[MD5.72EC0278E37E356852B00F0914CB2C19] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-1E123D86.pf
O45 - LFCP:[MD5.5D1E598973156354DE8673E61E391B01] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.9CF203B0F4A5C40A5D5FF87AE34A13FE] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
O45 - LFCP:[MD5.F5A7D3AF75686E701A1DFF396D1F1D4E] - 27/02/2014 - 20:46:56 ---A- - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf
O45 - LFCP:[MD5.3E65755FF865C1673C925323708EE8D7] - 27/02/2014 - 20:47:12 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-06157C0F.pf
O45 - LFCP:[MD5.68A657D1DF1E69941670E6902220FD50] - 27/02/2014 - 20:47:17 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-3715295A.pf
O45 - LFCP:[MD5.EF2393CEDD21676646393C4A6FCECF3F] - 27/02/2014 - 20:48:12 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-E0603309.pf
O45 - LFCP:[MD5.8F76B48E13D5D887DCC167451A52AB03] - 27/02/2014 - 20:52:10 ---A- - C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf
O45 - LFCP:[MD5.4B5092196300D5358F9EA45526A96E4F] - 27/02/2014 - 20:52:42 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
O45 - LFCP:[MD5.6D1AB704F0AD4EA1162CB3A0C6397277] - 27/02/2014 - 20:55:15 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-DF9E35B6.pf
O45 - LFCP:[MD5.1D6F14335D8254AEC916C4726232873F] - 27/02/2014 - 20:57:20 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-2E34A69E.pf
O45 - LFCP:[MD5.DCBA81C7467BECD072AEDB69C8F8143E] - 27/02/2014 - 20:59:06 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
O45 - LFCP:[MD5.9ABA84A6F4F02DBA0A2A9F538ABACC31] - 27/02/2014 - 21:00:00 ---A- - C:\WINDOWS\Prefetch\SC.EXE-012262AF.pf
O45 - LFCP:[MD5.0FCDB0E8EC1F791F316413E7AAD97DC7] - 28/01/2014 - 14:13:54 ---A- - C:\WINDOWS\Prefetch\NS71.TMP-067BC062.pf
O45 - LFCP:[MD5.ED87B4A7F0B906154B46ABB9814013F7] - 28/01/2014 - 14:15:28 ---A- - C:\WINDOWS\Prefetch\INSTALLOPTIONS.EXE-0A96DDFD.pf
O45 - LFCP:[MD5.BC6DEFF5AA6DE54915E85A49F829E1E1] - 28/01/2014 - 14:16:06 ---A- - C:\WINDOWS\Prefetch\INSTALLOPTION.EXE-07E805F0.pf
O45 - LFCP:[MD5.F216F403E174AFDBFA9F7F132FA7422B] - 28/01/2014 - 14:28:30 ---A- - C:\WINDOWS\Prefetch\FLASH.EXE-2571B010.pf
O45 - LFCP:[MD5.BF11747D9EEC979B5B4E3EA3D62C50F8] - 28/01/2014 - 14:28:32 ---A- - C:\WINDOWS\Prefetch\FLASHUTIL9K.EXE-3833FBC9.pf
O45 - LFCP:[MD5.59928E81735EE60DEFF141EEEC216A0D] - 28/01/2014 - 14:28:32 ---A- - C:\WINDOWS\Prefetch\NS7.TMP-33068339.pf
O45 - LFCP:[MD5.282B7CC1FB7073581103E4760A44C42A] - 28/01/2014 - 15:22:17 ---A- - C:\WINDOWS\Prefetch\9SUPPORT.EXE-2EF3F31A.pf
O45 - LFCP:[MD5.0E1C6263E07F4E6A90895DF1AEB4FC9F] - 28/01/2014 - 15:22:48 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34A1FC07.pf
O45 - LFCP:[MD5.32C8CE236F6B046B95852E68B594DF1C] - 28/01/2014 - 15:37:28 ---A- - C:\WINDOWS\Prefetch\SPEEDMAXPC_INSTALLER_FR.EXE-1A103BCD.pf  =>PUP.SpeedMaxPc
O45 - LFCP:[MD5.95578B7492CDE7F51515F4C32FF0A4CB] - 28/01/2014 - 15:40:56 ---A- - C:\WINDOWS\Prefetch\UNINSTALL.EXE-05FA30DE.pf
O45 - LFCP:[MD5.8AAA776981E5DFF6D64C4B68EFE5EB16] - 28/01/2014 - 15:40:59 ---A- - C:\WINDOWS\Prefetch\SPEEDMAXPC.EXE-19E6FC14.pf  =>PUP.SpeedMaxPc
O45 - LFCP:[MD5.AF518120CB5F94B253E9CA4BD25F37A6] - 28/01/2014 - 15:41:16 ---A- - C:\WINDOWS\Prefetch\UPDATE3.EXE-171755F2.pf
O45 - LFCP:[MD5.36F07F7EBE123F6124AED53484466C14] - 28/01/2014 - 15:41:37 ---A- - C:\WINDOWS\Prefetch\SLOWIN KILLER.EXE-28042020.pf
O45 - LFCP:[MD5.86E8603CBA6A71AF2D4DE36CB39DCAE8] - 28/01/2014 - 16:05:56 ---A- - C:\WINDOWS\Prefetch\SWRITER.EXE-38A9F6BD.pf
O45 - LFCP:[MD5.A26F22D4CFFE67E7AF06EB7AF6DF4213] - 28/01/2014 - 16:28:04 ---A- - C:\WINDOWS\Prefetch\E_S10MT2.EXE-0E680929.pf
O45 - LFCP:[MD5.E1A359F050118C7DC3E452F9B4FF66C2] - 28/01/2014 - 16:28:04 ---A- - C:\WINDOWS\Prefetch\E_S10RN2.EXE-38983110.pf
O45 - LFCP:[MD5.CBE8870987683F320F067EAA8C8F9F7E] - 28/01/2014 - 16:30:07 ---A- - C:\WINDOWS\Prefetch\KIT.EXE-04CE5F4C.pf
O45 - LFCP:[MD5.5C9E5D7C838EFCED88DFEF2B0FF162BE] - 28/01/2014 - 16:30:46 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-38767B4D.pf
~ Prefetcher: 94 Scanned in 00mn 00s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\maconfservice.exe" [Enabled] .(...) -- C:\Program Files\ma-config.com\maconfservice.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\ma-config.com\MaConfigAgent.exe" [Enabled] .(...) -- C:\Program Files\ma-config.com\MaConfigAgent.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" [Enabled] .(...) -- C:\Program Files\iMesh Applications\iMesh\iMesh.exe (.not file.) =>PUP.iMesh
O47 - AAKE:Key Export SP - "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" [Enabled] .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe
O47 - AAKE:Key Export DP - "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" [Enabled] .(...) -- C:\Program Files\iMesh Applications\iMesh\iMesh.exe (.not file.) =>PUP.iMesh
O47 - AAKE:Key Export DP - "C:\Program Files\BearShare Applications\BearShare\BearShare.exe" [Enabled] .(...) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
~ Keys Export: 8 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll
~ LSA: 6 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)
~ CSB: 21 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO:  Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{477f075a-bbac-11e2-98ec-00112fa67f97}\AutoRun\command. (...) -- J:\sources\SetupError.exe (.not file.)
O51 - MPSK:{5c48adc6-9030-11e3-aef9-00112fa67f97}\AutoRun\command. (...) -- C:\WINDOWS\system32\launcher.exe (.not file.)
O51 - MPSK:{5c48adc7-9030-11e3-aef9-00112fa67f97}\AutoRun\command. (...) -- C:\WINDOWS\system32\launcher.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll
O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax
O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax
O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm
~ TDSD: 12 Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\EPSON Stylus Photo RX500  [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.exe  =>.Epson Seiko Corporation
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched  [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe  =>.Oracle Corporation
~ SMSR Keys: 3 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll
~ MSCP: 6 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
~ MWPS: 5 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoRecentDocsMenu"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoCDBurning"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoStartBanner"=
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMHelp"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "MemCheckBoxInRunDlg"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMBalloonTip"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDesktopCleanupWizard"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWelcomeScreen"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoAutoUpdate"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=1
~ MWPE Keys: 12 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.009927DB8019C54477DABF6F9D795053] - 03/08/2004 - 22:10:08 ---A- . (.Microsoft Corporation - 1394 Bus Device Driver.) -- C:\WINDOWS\system32\Drivers\1394bus.sys   [53248]
O58 - SDL:[MD5.0BD94FBFC14EA3606CD6CA4C0255BAA3] - 19/08/2004 - 14:51:56 ---A- . (.Microsoft Corporation - Pilote ACPI pour NT.) -- C:\WINDOWS\system32\Drivers\acpi.sys   [188672]
O58 - SDL:[MD5.E4ABC1212B70BB03D35E60681C447210] - 02/10/2001 - 17:15:52 ---A- . (.Microsoft Corporation - Pilote de contrôleur intégré ACPI.) -- C:\WINDOWS\system32\Drivers\acpiec.sys   [12032]
O58 - SDL:[MD5.841F385C6CFAF66B58FBD898722BB4F0] - 26/07/2005 - 13:44:02 ---A- . (.Microsoft Corporation - Microsoft Acoustic Echo Canceller.) -- C:\WINDOWS\system32\Drivers\aec.sys   [142464]
O58 - SDL:[MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - 03/08/2004 - 22:14:16 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\system32\Drivers\afd.sys   [138496]
O58 - SDL:[MD5.F7DDE198231BE379DF7F9E1FD6777BFF] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\Drivers\amdk6.sys   [41216]
O58 - SDL:[MD5.C0F59933070392E662B3C2BB2BE77955] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\Drivers\amdk7.sys   [41600]
O58 - SDL:[MD5.F0D692B0BFFB46E30EB3CEA168BBC49F] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - IP/1394 Arp Client.) -- C:\WINDOWS\system32\Drivers\arp1394.sys   [60800]
O58 - SDL:[MD5.77D1BB80580EE1AC9F517D098DEBE5F6] - 30/08/2013 - 08:48:11 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\WINDOWS\system32\Drivers\aswKbd.sys   [21576]
O58 - SDL:[MD5.7021F01CCAC1538CCF9AE004723AF033] - 13/02/2014 - 20:43:52 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\WINDOWS\system32\Drivers\aswmonflt.sys   [67824]
O58 - SDL:[MD5.98C18C78B0C3E7EFBDDA7BD0C35F5903] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\WINDOWS\system32\Drivers\aswRdr.sys   [54832]
O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 02/12/2013 - 20:55:09 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys   [49944]
O58 - SDL:[MD5.8CD8710457FCC1CDE88CBFA3AA119B92] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\WINDOWS\system32\Drivers\aswSnx.sys   [775952]
O58 - SDL:[MD5.C1F95C9481F46B96E23A276639C55AC9] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! self protection module.) -- C:\WINDOWS\system32\Drivers\aswSP.sys   [410784]
O58 - SDL:[MD5.E6390554DCB2A730702188547267093C] - 13/02/2014 - 20:43:29 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\WINDOWS\system32\Drivers\aswTdi.sys   [57672]
O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 06/01/2014 - 13:08:25 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys   [180248]
O58 - SDL:[MD5.02000ABF34AF4C218C35D257024807D6] - 03/08/2004 - 22:05:04 ---A- . (.Microsoft Corporation - MS Remote Access serial network driver.) -- C:\WINDOWS\system32\Drivers\asyncmac.sys   [14336]
O58 - SDL:[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - 03/08/2004 - 21:59:44 ---A- . (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\system32\Drivers\atapi.sys   [95360]
O58 - SDL:[MD5.417352592432F5368A8296F7FB73BECF] - 26/07/2005 - 12:44:04 ---A- . (.ATI Technologies Inc. - Pilote de miniport ATI RAGE 128.) -- C:\WINDOWS\system32\Drivers\ati2mtag.sys   [701440]
O58 - SDL:[MD5.EC88DA854AB7D7752EC8BE11A741BB7F] - 03/08/2004 - 21:58:32 ---A- . (.Microsoft Corporation - IP/ATM Arp Client.) -- C:\WINDOWS\system32\Drivers\atmarpc.sys   [59904]
O58 - SDL:[MD5.39A0A59180F19946374275745B21AEBA] - 02/10/2001 - 17:15:54 ---A- . (.Microsoft Corporation - ATM Ethernet Encapsulation Intermediate Driver.) -- C:\WINDOWS\system32\Drivers\atmepvc.sys   [31360]
O58 - SDL:[MD5.0128E78FE835F074E469F03DB681CA9E] - 03/08/2004 - 21:58:36 ---A- . (.Microsoft Corporation - ATM Lan Emulation Driver.) -- C:\WINDOWS\system32\Drivers\atmlane.sys   [55936]
O58 - SDL:[MD5.E7EF69B38D17BA01F914AE8F66216A38] - 02/10/2001 - 17:15:54 ---A- . (.Microsoft Corporation - ATM UNI Call Manager.) -- C:\WINDOWS\system32\Drivers\atmuni.sys   [352256]
O58 - SDL:[MD5.D9F724AA26C010A217C97606B160ED68] - 26/07/2005 - 14:42:56 ---A- . (.Microsoft Corporation - AudStub Driver.) -- C:\WINDOWS\system32\Drivers\audstub.sys   [3072]
O58 - SDL:[MD5.DA1F27D85E0D1525F6621372E7B685E9] - 02/10/2001 - 17:15:54 ---A- . (.Microsoft Corporation - BEEP Driver.) -- C:\WINDOWS\system32\Drivers\beep.sys   [4224]
O58 - SDL:[MD5.E4E6A0922E3D983728C9AD4E8D466954] - 03/08/2004 - 21:59:58 ---A- . (.Microsoft Corporation - MAC Bridge Driver.) -- C:\WINDOWS\system32\Drivers\bridge.sys   [71552]
O58 - SDL:[MD5.90A673FC8E12A79AFBED2576F6A7AAF9] - 02/10/2001 - 17:15:56 ---A- . (.Microsoft Corporation - CardBus/PCMCIA IDE Miniport Driver.) -- C:\WINDOWS\system32\Drivers\cbidf2k.sys   [13952]
O58 - SDL:[MD5.C1B486A7658353D33A10CC15211A873B] - 26/07/2005 - 12:59:55 ---A- . (.Microsoft Corporation - CD-ROM Audio Filter Driver.) -- C:\WINDOWS\system32\Drivers\cdaudio.sys   [18688]
O58 - SDL:[MD5.CD7D5152DF32B47F4E36F710B35AAE02] - 03/08/2004 - 22:14:12 ---A- . (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\system32\Drivers\cdfs.sys   [63744]
O58 - SDL:[MD5.AF9C19B3100FE010496B1A27181FBF72] - 03/08/2004 - 21:59:54 ---A- . (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\system32\Drivers\cdrom.sys   [49536]
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 26/07/2005 - 12:59:55 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys   [262528]
O58 - SDL:[MD5.D86173B401470F06D9810F7962969DDF] - 03/08/2004 - 22:14:28 ---A- . (.Microsoft Corporation - SCSI Class System Dll.) -- C:\WINDOWS\system32\Drivers\classpnp.sys   [49664]
O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 26/07/2005 - 12:59:55 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\Drivers\cpqdap01.sys   [11776]
O58 - SDL:[MD5.3B2457605666FD854E738C3D25859CA3] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\Drivers\crusoe.sys   [40704]
O58 - SDL:[MD5.00CA44E4534865F8A3B64F7C0984BFF0] - 03/08/2004 - 21:59:56 ---A- . (.Microsoft Corporation - PnP Disk Driver.) -- C:\WINDOWS\system32\Drivers\disk.sys   [36352]
O58 - SDL:[MD5.D16C81677A9BE399C63CD2EA486472A5] - 03/08/2004 - 21:59:54 ---A- . (.Microsoft Corporation - Crash Dump Disk Driver.) -- C:\WINDOWS\system32\Drivers\diskdump.sys   [14208]
O58 - SDL:[MD5.E2D3B7620310FE56685F9B15A6B404B3] - 19/08/2004 - 15:01:16 ---A- . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys   [800256]
O58 - SDL:[MD5.C77F5C20AA70197A69AA84BAA9DE43C8] - 19/08/2004 - 15:01:22 ---A- . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys   [154496]
O58 - SDL:[MD5.E9317282A63CA4D188C0DF5E09C6AC5F] - 02/10/2001 - 17:16:02 ---A- . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys   [5888]
O58 - SDL:[MD5.A6F881284AC1150E37D9AE47FF601267] - 26/07/2005 - 13:44:04 ---A- . (.Microsoft Corporation - Microsoft Kernel DLS Synthesizer.) -- C:\WINDOWS\system32\Drivers\DMusic.sys   [52864]
O58 - SDL:[MD5.FF86422268DE771D571E123EB7092C6A] - 26/07/2005 - 13:44:00 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Descrambler Filter.) -- C:\WINDOWS\system32\Drivers\drmk.sys   [60288]
O58 - SDL:[MD5.1ED4DBBAE9F5D558DBBA4CC450E3EB2E] - 26/07/2005 - 13:44:00 ---A- . (.Microsoft Corporation - Microsoft Kernel DRM Audio Descrambler Filter.) -- C:\WINDOWS\system32\Drivers\drmkaud.sys   [2944]
O58 - SDL:[MD5.FE97D0343ACFDEBDD578FC67CC91FA87] - 02/10/2001 - 17:16:22 ---A- . (.Microsoft Corporation - DirectX API Driver.) -- C:\WINDOWS\system32\Drivers\dxapi.sys   [10496]
O58 - SDL:[MD5.D3DAC8432110AAD0B02A58B4459AB835] - 03/08/2004 - 22:00:56 ---A- . (.Microsoft Corporation - DirectX Graphics Driver.) -- C:\WINDOWS\system32\Drivers\dxg.sys   [71040]
O58 - SDL:[MD5.A73F5D6705B1D820C19B18782E176EFD] - 02/10/2001 - 17:16:22 ---A- . (.Microsoft Corporation - DirectX Graphics Driver Thunk.) -- C:\WINDOWS\system32\Drivers\dxgthk.sys   [3328]
O58 - SDL:[MD5.80D1B490B60E74E002DC116EC5D41748] - 26/07/2005 - 14:43:18 ---A- . (.Microsoft Corporation - Ndis 1394 Enumerator.) -- C:\WINDOWS\system32\Drivers\enum1394.sys   [6400]
O58 - SDL:[MD5.3117F595E9615E04F05A54FC15A03B20] - 03/08/2004 - 22:14:18 ---A- . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\WINDOWS\system32\Drivers\fastfat.sys   [143360]
O58 - SDL:[MD5.CED2E8396A8838E59D8FD529C680E02C] - 03/08/2004 - 21:59:28 ---A- . (.Microsoft Corporation - Floppy Disk Controller Driver.) -- C:\WINDOWS\system32\Drivers\fdc.sys   [27392]
O58 - SDL:[MD5.8B121FF880683607AB2AEF0340721718] - 02/10/2001 - 17:16:24 ---A- . (.Microsoft Corporation - Pilote de cryptographie FIPS.) -- C:\WINDOWS\system32\Drivers\fips.sys   [35072]
O58 - SDL:[MD5.0DD1DE43115B93F4D85E889D7A86F548] - 03/08/2004 - 21:59:28 ---A- . (.Microsoft Corporation - Floppy Driver.) -- C:\WINDOWS\system32\Drivers\flpydisk.sys   [20480]
O58 - SDL:[MD5.157754F0DF355A9E0A6F54721914F9C6] - 03/08/2004 - 22:01:20 ---A- . (.Microsoft Corporation - Microsoft Filesystem Filter Manager.) -- C:\WINDOWS\system32\Drivers\fltMgr.sys   [124800]
O58 - SDL:[MD5.B71A69BB9CC88803F455341BD3992E0C] - 26/07/2005 - 12:59:55 ---A- . (.Microsoft Corporation - Pilote vidéo plein écran.) -- C:\WINDOWS\system32\Drivers\fsvga.sys   [12416]
O58 - SDL:[MD5.3E1E2BD4F39B0E2B7DC4F4D2BCC2779A] - 02/10/2001 - 17:16:24 ---A- . (.Microsoft Corporation - File System Recognizer Driver.) -- C:\WINDOWS\system32\Drivers\fs_rec.sys   [7936]
O58 - SDL:[MD5.A86859B77B908C18C2657F284AA29FE3] - 02/10/2001 - 17:16:24 ---A- . (.Microsoft Corporation - Pilote de disque à FT.) -- C:\WINDOWS\system32\Drivers\ftdisk.sys   [126080]
O58 - SDL:[MD5.5F92FD09E5610A5995DA7D775EADCD12] - 26/07/2005 - 12:44:04 ---A- . (.Microsoft Corporation - Game Port Enumerator.) -- C:\WINDOWS\system32\Drivers\gameenum.sys   [10624]
O58 - SDL:[MD5.CBC3DEF409549672B915FB9403D63F74] - 27/10/2004 - 15:21:36 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudbus.sys   [138240]
O58 - SDL:[MD5.F58D2900C66A1E773E3375098E0E9337] - 27/10/2004 - 15:21:30 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys   [145920]
O58 - SDL:[MD5.378055AB8DDA86228683C697C4E11685] - 03/08/2004 - 22:08:20 ---A- . (.Microsoft Corporation - Hid Class Library.) -- C:\WINDOWS\system32\Drivers\hidclass.sys   [36224]
O58 - SDL:[MD5.5FFF41CD5108E9051D255C37825AF697] - 03/08/2004 - 22:08:18 ---A- . (.Microsoft Corporation - Hid Parsing Library.) -- C:\WINDOWS\system32\Drivers\hidparse.sys   [24960]
O58 - SDL:[MD5.1DE6783B918F540149AA69943BDFEBA8] - 02/10/2001 - 17:16:28 ---A- . (.Microsoft Corporation - USB Miniport Driver for Input Devices.) -- C:\WINDOWS\system32\Drivers\hidusb.sys   [9600]
O58 - SDL:[MD5.BFB7B73C942E816C4FB4A5A7BAE87136] - 26/07/2005 - 14:01:30 ---A- . (.Microsoft Corporation - HTTP Protocol Stack.) -- C:\WINDOWS\system32\Drivers\http.sys   [262400]
O58 - SDL:[MD5.D1EFCBD693B5BA21314D06368C471070] - 19/08/2004 - 14:56:40 ---A- . (.Microsoft Corporation - Pilote de port i8042.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys   [54400]
O58 - SDL:[MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - 03/08/2004 - 22:00:16 ---A- . (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\system32\Drivers\imapi.sys   [41856]
O58 - SDL:[MD5.1367812F8A974E0C13A4888FA5E7EDE6] - 26/07/2005 - 14:44:04 ---A- . (.Microsoft Corporation - Pilote IDE Intel PCI.) -- C:\WINDOWS\system32\Drivers\intelide.sys   [5504]
O58 - SDL:[MD5.DD5AD1E79AC26D3F8D8828AD4627F160] - 19/08/2004 - 14:59:10 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\Drivers\intelppm.sys   [40320]
O58 - SDL:[MD5.4448006B6BC60E6C027932CFC38D6855] - 03/08/2004 - 22:00:08 ---A- . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys   [29056]
O58 - SDL:[MD5.731F22BA402EE4B62748ADAF6363C182] - 02/10/2001 - 17:16:32 ---A- . (.Microsoft Corporation - IP FILTER DRIVER.) -- C:\WINDOWS\system32\Drivers\ipfltdrv.sys   [32896]
O58 - SDL:[MD5.E1EC7F5DA720B640CD8FB8424F1B14BB] - 03/08/2004 - 22:04:46 ---A- . (.Microsoft Corporation - IP in IP Encapsulation Driver.) -- C:\WINDOWS\system32\Drivers\ipinip.sys   [20992]
O58 - SDL:[MD5.E2168CBC7098FFE963C6F23F472A3593] - 26/07/2005 - 14:01:32 ---A- . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys   [134912]
O58 - SDL:[MD5.64537AA5C003A6AFEEE1DF819062D0D1] - 03/08/2004 - 22:14:30 ---A- . (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\system32\Drivers\ipsec.sys   [74752]
O58 - SDL:[MD5.50708DAA1B1CBB7D6AC1CF8F56A24410] - 03/08/2004 - 22:00:48 ---A- . (.Microsoft Corporation - Infra-Red Bus Enumerator.) -- C:\WINDOWS\system32\Drivers\irenum.sys   [11264]
O58 - SDL:[MD5.54632F1A7DE61DC3615D756F2A90FA72] - 02/10/2001 - 17:16:32 ---A- . (.Microsoft Corporation - Pilote de bus PNP ISA.) -- C:\WINDOWS\system32\Drivers\isapnp.sys   [36224]
O58 - SDL:[MD5.E798705E8DC7FAB596EF6BFDF167E007] - 19/08/2004 - 15:00:34 ---A- . (.Microsoft Corporation - Pilote de la classe Clavier.) -- C:\WINDOWS\system32\Drivers\kbdclass.sys   [25216]
O58 - SDL:[MD5.62DD5EEFCEC4EF4163F1168D4262A9E4] - 19/08/2004 - 15:00:36 ---A- . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\WINDOWS\system32\Drivers\kbdhid.sys   [14848]
O58 - SDL:[MD5.D93CAD07C5683DB066B0B2D2D3790EAD] - 26/07/2005 - 13:44:00 ---A- . (.Microsoft Corporation - Kernel Mode Audio Mixer.) -- C:\WINDOWS\system32\Drivers\kmixer.sys   [171776]
O58 - SDL:[MD5.B9540E258F952650DE8DEC68719A5C97] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Kernel CSA Library.) -- C:\WINDOWS\system32\Drivers\ks.sys   [140928]
O58 - SDL:[MD5.EB7FFE87FD367EA8FCA0506F74A87FBB] - 03/08/2004 - 21:59:48 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\WINDOWS\system32\Drivers\ksecdd.sys   [92032]
O58 - SDL:[MD5.0DB7527DB188C7D967A37BB51BBF3963] - 25/02/2014 - 21:07:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\Drivers\mbamswissarmy.sys   [40776]
O58 - SDL:[MD5.D1F8BE91ED4DDB671D42E473E3FE71AB] - 02/10/2001 - 17:16:36 ---A- . (.Microsoft Corporation - Medium changer class driver.) -- C:\WINDOWS\system32\Drivers\mcd.sys   [7680]
O58 - SDL:[MD5.729D83E56C29C510258A6E9E79FFDDC3] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Multifunction Enumerator.) -- C:\WINDOWS\system32\Drivers\mf.sys   [63744]
O58 - SDL:[MD5.4AE068242760A1FB6E1A44BF4E16AFA6] - 02/10/2001 - 17:16:38 ---A- . (.Microsoft Corporation - Frame buffer simulator.) -- C:\WINDOWS\system32\Drivers\mnmdd.sys   [4224]
O58 - SDL:[MD5.5AC7E16F5B40A6DA14B5F2B3ADA4693E] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de périphérique modem.) -- C:\WINDOWS\system32\Drivers\modem.sys   [30336]
O58 - SDL:[MD5.7D4F19411BD941E1D432A99E24230386] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de la classe Souris.) -- C:\WINDOWS\system32\Drivers\mouclass.sys   [23680]
O58 - SDL:[MD5.124D6846040C79B9C997F78EF4B2A4E5] - 26/07/2005 - 12:59:55 ---A- . (.Microsoft Corporation - Pilote de filtre souris HID.) -- C:\WINDOWS\system32\Drivers\mouhid.sys   [12288]
O58 - SDL:[MD5.65653F3B4477F3C63E68A9659F85EE2E] - 03/08/2004 - 21:58:32 ---A- . (.Microsoft Corporation - Mount Manager.) -- C:\WINDOWS\system32\Drivers\mountmgr.sys   [42240]
O58 - SDL:[MD5.DB07B0088CDFD20C2A22E675120EDE34] - 03/08/2004 - 21:58:22 ---A- . (.Microsoft Corporation - Windows NT MQ Access Control Device Driver.) -- C:\WINDOWS\system32\Drivers\mqac.sys   [72960]
O58 - SDL:[MD5.46EDCC8F2DB2F322C24F48785CB46366] - 03/08/2004 - 22:00:58 ---A- . (.Microsoft Corporation - Windows NT WebDav Minirdr.) -- C:\WINDOWS\system32\Drivers\mrxdav.sys   [181248]
O58 - SDL:[MD5.5DDC9A1B2EB5A4BF010CE8C019A18C1F] - 26/07/2005 - 14:01:33 ---A- . (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\system32\Drivers\mrxsmb.sys   [451584]
O58 - SDL:[MD5.561B3A4333CA2DBDBA28B5B956822519] - 03/08/2004 - 22:00:42 ---A- . (.Microsoft Corporation - Mailslot driver.) -- C:\WINDOWS\system32\Drivers\msfs.sys   [19072]
O58 - SDL:[MD5.C0F1D4A21DE5A415DF8170616703DEBF] - 03/08/2004 - 22:04:14 ---A- . (.Microsoft Corporation - MS General Packet Classifier.) -- C:\WINDOWS\system32\Drivers\msgpc.sys   [35072]
O58 - SDL:[MD5.AE431A8DD3C1D0D0610CDBAC16057AD0] - 26/07/2005 - 13:44:04 ---A- . (.Microsoft Corporation - MS KS Server.) -- C:\WINDOWS\system32\Drivers\MSKSSRV.sys   [7552]
O58 - SDL:[MD5.13E75FEF9DFEB08EEDED9D0246E1F448] - 26/07/2005 - 13:44:04 ---A- . (.Microsoft Corporation - MS Proxy Clock.) -- C:\WINDOWS\system32\Drivers\MSPCLOCK.sys   [5376]
O58 - SDL:[MD5.1988A33FF19242576C3D0EF9CE785DA7] - 26/07/2005 - 13:44:00 ---A- . (.Microsoft Corporation - MS Proxy Quality Manager.) -- C:\WINDOWS\system32\Drivers\MSPQM.sys   [4992]
O58 - SDL:[MD5.469541F8BFD2B32659D5D463A6714BCE] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - System Management BIOS Driver.) -- C:\WINDOWS\system32\Drivers\mssmbios.sys   [15488]
O58 - SDL:[MD5.82035E0F41C2DD05AE41D27FE6CF7DE1] - 03/08/2004 - 22:15:22 ---A- . (.Microsoft Corporation - Multiple UNC Provider driver.) -- C:\WINDOWS\system32\Drivers\mup.sys   [107904]
O58 - SDL:[MD5.558635D3AF1C7546D26067D5D9B6959E] - 03/08/2004 - 22:14:30 ---A- . (.Microsoft Corporation - NDIS 5.1 wrapper driver.) -- C:\WINDOWS\system32\Drivers\ndis.sys   [182912]
O58 - SDL:[MD5.08D43BBDACDF23F34D79E44ED35C1B4C] - 02/10/2001 - 17:16:48 ---A- . (.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) -- C:\WINDOWS\system32\Drivers\ndistapi.sys   [9600]
O58 - SDL:[MD5.8D3CE6B579CDE8D37ACC690B67DC2106] - 20/04/2005 - 01:54:04 ---A- . (.Microsoft Corporation - NDIS User mode I/O Driver.) -- C:\WINDOWS\system32\Drivers\ndisuio.sys   [14592]
O58 - SDL:[MD5.0B90E255A9490166AB368CD55A529893] - 03/08/2004 - 22:14:32 ---A- . (.Microsoft Corporation - MS PPP Framing Driver (Strong Encryption).) -- C:\WINDOWS\system32\Drivers\ndiswan.sys   [91776]
O58 - SDL:[MD5.59FC3FB44D2669BC144FD87826BB571F] - 02/10/2001 - 17:16:48 ---A- . (.Microsoft Corporation - NDIS Proxy.) -- C:\WINDOWS\system32\Drivers\ndproxy.sys   [38016]
O58 - SDL:[MD5.3A2ACA8FC1D7786902CA434998D7CEB4] - 03/08/2004 - 22:03:22 ---A- . (.Microsoft Corporation - NetBIOS interface driver.) -- C:\WINDOWS\system32\Drivers\netbios.sys   [34560]
O58 - SDL:[MD5.0C80E410CD2F47134407EE7DD19CC86B] - 03/08/2004 - 22:14:38 ---A- . (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\system32\Drivers\netbt.sys   [162816]
O58 - SDL:[MD5.5C5C53DB4FEF16CF87B9911C7E8C6FBC] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - IEEE1394 Ndis Miniport and Call Manager.) -- C:\WINDOWS\system32\Drivers\nic1394.sys   [61824]
O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 26/07/2005 - 12:59:55 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\nikedrv.sys   [12032]
O58 - SDL:[MD5.60CF8C7192B3614F240838DDBAA4A245] - 03/08/2004 - 21:59:52 ---A- . (.Microsoft Corporation - Netmon NT Driver.) -- C:\WINDOWS\system32\Drivers\nmnt.sys   [40320]
O58 - SDL:[MD5.4F601BCB8F64EA3AC0994F98FED03F8E] - 03/08/2004 - 22:00:44 ---A- . (.Microsoft Corporation - NPFS Driver.) -- C:\WINDOWS\system32\Drivers\npfs.sys   [30848]
O58 - SDL:[MD5.B78BE402C3F63DD55521F73876951CDD] - 03/08/2004 - 22:15:10 ---A- . (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\system32\Drivers\ntfs.sys   [574592]
O58 - SDL:[MD5.73C1E1F395918BC2C6DD67AF7591A3AD] - 02/10/2001 - 17:16:54 ---A- . (.Microsoft Corporation - NULL Driver.) -- C:\WINDOWS\system32\Drivers\null.sys   [2944]
O58 - SDL:[MD5.B305F3FAD35083837EF46A0BBCE2FC57] - 02/10/2001 - 17:16:54 ---A- . (.Microsoft Corporation - NWLINK2 Traffic Filter Driver.) -- C:\WINDOWS\system32\Drivers\nwlnkflt.sys   [12416]
O58 - SDL:[MD5.C99B3415198D1AAB7227F2C88FD664B9] - 02/10/2001 - 17:16:54 ---A- . (.Microsoft Corporation - NWLINK2 Forwarder Driver.) -- C:\WINDOWS\system32\Drivers\nwlnkfwd.sys   [32512]
O58 - SDL:[MD5.79EA3FCDA7067977625B3363A2657C80] - 03/08/2004 - 22:03:36 ---A- . (.Microsoft Corporation - NWLINK2 IPX Protocol Driver.) -- C:\WINDOWS\system32\Drivers\nwlnkipx.sys   [88448]
O58 - SDL:[MD5.56D34A67C05E94E16377C60609741FF8] - 02/10/2001 - 17:16:54 ---A- . (.Microsoft Corporation - NWLINK2 IPX Netbios Protocol Driver.) -- C:\WINDOWS\system32\Drivers\nwlnknb.sys   [63232]
O58 - SDL:[MD5.C0BB7D1615E1ACBDC99757F6CEAF8CF0] - 02/10/2001 - 17:16:54 ---A- . (.Microsoft Corporation - NWLINK2 SPX Protocol Driver.) -- C:\WINDOWS\system32\Drivers\nwlnkspx.sys   [55936]
O58 - SDL:[MD5.03373A79440473062C6F3AEDEC6A49C8] - 03/08/2004 - 22:02:24 ---A- . (.Microsoft Corporation - NetWare Redirector File System Driver.) -- C:\WINDOWS\system32\Drivers\nwrdr.sys   [163584]
O58 - SDL:[MD5.FC128C3D7D5AD30A13742DC3737B9DF7] - 13/08/2005 - 03:11:00 ---A- . (.Microsoft Corporation - 1394 OpenHCI Port Driver.) -- C:\WINDOWS\system32\Drivers\ohci1394.sys   [61312]
O58 - SDL:[MD5.4BB30DDC53EBC76895E38694580CDFE9] - 02/10/2001 - 17:16:58 ---A- . (.Microsoft Corporation - ACPI Operation Registration Driver.) -- C:\WINDOWS\system32\Drivers\oprghdlr.sys   [3456]
O58 - SDL:[MD5.136E0CEA9BD1C42066692DECFA5C6418] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\Drivers\p3.sys   [46720]
O58 - SDL:[MD5.318696359AC7DF48D1E51974EC527DD2] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de port parallèle.) -- C:\WINDOWS\system32\Drivers\parport.sys   [80384]
O58 - SDL:[MD5.3334430C29DC338092F79C38EF7B4CD0] - 02/10/2001 - 17:17:00 ---A- . (.Microsoft Corporation - Partition Manager.) -- C:\WINDOWS\system32\Drivers\partmgr.sys   [18688]
O58 - SDL:[MD5.9575C5630DB8FB804649A6959737154C] - 02/10/2001 - 17:17:00 ---A- . (.Microsoft Corporation - Pilote parallèle VDM.) -- C:\WINDOWS\system32\Drivers\parvdm.sys   [6912]
O58 - SDL:[MD5.07C02C892E8E1A72D6BF35004F0E9C5E] - 19/11/2005 - 02:13:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\WINDOWS\system32\Drivers\PCASp50.sys   [20096]
O58 - SDL:[MD5.7C5DA5C1ED801AD8B0309D5514F0B75E] - 19/08/2004 - 14:52:04 ---A- . (.Microsoft Corporation - Énumérateur Plug-and-Play PCI pour NT.) -- C:\WINDOWS\system32\Drivers\pci.sys   [68608]
O58 - SDL:[MD5.F4BFDE7209C14A07AAA61E4D6AE69EAC] - 02/10/2001 - 17:17:00 ---A- . (.Microsoft Corporation - Pilote de bus générique PCI IDE.) -- C:\WINDOWS\system32\Drivers\pciide.sys   [3328]
O58 - SDL:[MD5.520B91AB011456B940D9B05FC91108FF] - 03/08/2004 - 21:59:42 ---A- . (.Microsoft Corporation - PCI IDE Bus Driver Extension.) -- C:\WINDOWS\system32\Drivers\pciidex.sys   [25088]
O58 - SDL:[MD5.641DA274E163617EA7A33506BC6DA8E3] - 19/08/2004 - 14:52:10 ---A- . (.Microsoft Corporation - Pilote de bus PCMCIA.) -- C:\WINDOWS\system32\Drivers\pcmcia.sys   [120320]
O58 - SDL:[MD5.5B0F00E43A7094C0B7E433CB42C79164] - 26/07/2005 - 13:44:02 ---A- . (.Microsoft Corporation - Port Class (Class Driver for Port/Miniport Devices).) -- C:\WINDOWS\system32\Drivers\portcls.sys   [145792]
O58 - SDL:[MD5.F480712B761E538BC8E44EDE60F3A3C3] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Pilote de périphérique processeur.) -- C:\WINDOWS\system32\Drivers\processr.sys   [39552]
O58 - SDL:[MD5.48671F327553DCF1D27F6197F622A668] - 03/08/2004 - 22:04:20 ---A- . (.Microsoft Corporation - MS QoS Packet Scheduler.) -- C:\WINDOWS\system32\Drivers\psched.sys   [69120]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 02/10/2001 - 17:17:04 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys   [17792]
O58 - SDL:[MD5.FE0D99D6F31E4FAD8159F690D68DED9C] - 02/10/2001 - 17:17:04 ---A- . (.Microsoft Corporation - RAS Automatic Connection Driver.) -- C:\WINDOWS\system32\Drivers\rasacd.sys   [8832]
O58 - SDL:[MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - 03/08/2004 - 22:14:24 ---A- . (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\system32\Drivers\rasl2tp.sys   [51328]
O58 - SDL:[MD5.7306EEED8895454CBED4669BE9F79FAA] - 03/08/2004 - 22:05:08 ---A- . (.Microsoft Corporation - RAS PPPoE mini-port/call-manager driver.) -- C:\WINDOWS\system32\Drivers\raspppoe.sys   [41472]
O58 - SDL:[MD5.1C5CC65AAC0783C344F16353E60B72AC] - 03/08/2004 - 22:14:28 ---A- . (.Microsoft Corporation - Peer-to-Peer Tunneling Protocol.) -- C:\WINDOWS\system32\Drivers\raspptp.sys   [48384]
O58 - SDL:[MD5.FDBB1D60066FCFBB7452FD8F9829B242] - 02/10/2001 - 17:17:06 ---A- . (.Microsoft Corporation - PTI DirectParallel(R) mini-port/call-manager driver.) -- C:\WINDOWS\system32\Drivers\raspti.sys   [16512]
O58 - SDL:[MD5.01524CD237223B18ADBB48F70083F101] - 02/10/2001 - 17:17:06 ---A- . (.Microsoft Corporation - Raw WAN Transport.) -- C:\WINDOWS\system32\Drivers\rawwan.sys   [34432]
O58 - SDL:[MD5.809CA45CAA9072B3176AD44579D7F688] - 26/07/2005 - 14:01:41 ---A- . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) -- C:\WINDOWS\system32\Drivers\rdbss.sys   [174592]
O58 - SDL:[MD5.4912D5B403614CE99C28420F75353332] - 02/10/2001 - 17:17:06 ---A- . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys   [4224]
O58 - SDL:[MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - 26/07/2005 - 13:44:02 ---A- . (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys   [196864]
O58 - SDL:[MD5.B54CD38A9EBFBF2B3561426E3FE26F62] - 10/08/2005 - 11:15:08 ---A- . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys   [139528]
O58 - SDL:[MD5.2CC30B68DD62B73D444A41322CD7FC4C] - 26/07/2005 - 14:44:00 ---A- . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) -- C:\WINDOWS\system32\Drivers\redbook.sys   [58496]
O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 26/07/2005 - 12:59:55 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\Drivers\rio8drv.sys   [12032]
O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 26/07/2005 - 12:59:55 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\Drivers\riodrv.sys   [12032]
O58 - SDL:[MD5.35E81B908AE4E97FC7BDF4607C516FF4] - 02/10/2001 - 17:17:06 ---A- . (.Microsoft Corporation - Reliable Multicast Transport.) -- C:\WINDOWS\system32\Drivers\RMCast.sys   [200064]
O58 - SDL:[MD5.7CE8B277F3207EA82D7D22AD348BEFC6] - 03/08/2004 - 22:04:32 ---A- . (.Microsoft Corporation - Remote NDIS Miniport.) -- C:\WINDOWS\system32\Drivers\rndismp.sys   [30080]
O58 - SDL:[MD5.D8B0B4ADE32574B2D9C5CC34DC0DBBE7] - 02/10/2001 - 17:17:08 ---A- . (.Microsoft Corporation - Legacy Non-Pnp Modem Device Driver.) -- C:\WINDOWS\system32\Drivers\rootmdm.sys   [5888]
O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 26/07/2005 - 14:44:02 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\Drivers\RTL8139.sys   [20992]
O58 - SDL:[MD5.D7FD0FF761E28AC0EA35AD71E0CD67E9] - 03/08/2004 - 21:59:42 ---A- . (.Microsoft Corporation - SCSI Port Driver.) -- C:\WINDOWS\system32\Drivers\scsiport.sys   [96256]
O58 - SDL:[MD5.02FC71B020EC8700EE8A46C58BC6F276] - 03/08/2004 - 22:07:48 ---A- . (.Microsoft Corporation - SecureDigital Bus Driver.) -- C:\WINDOWS\system32\Drivers\sdbus.sys   [67584]
O58 - SDL:[MD5.D26E26EA516450AF9D072635C60387F4] - 17/07/2004 - 10:36:38 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys   [27440]
O58 - SDL:[MD5.A2D868AEEFF612E70E213C451A70CAFB] - 03/08/2004 - 21:59:08 ---A- . (.Microsoft Corporation - Serial Port Enumerator.) -- C:\WINDOWS\system32\Drivers\serenum.sys   [15488]
O58 - SDL:[MD5.653201755CA96AB4AAA4131DAF6DA356] - 19/08/2004 - 14:56:40 ---A- . (.Microsoft Corporation - Pilote de périphérique série.) -- C:\WINDOWS\system32\Drivers\serial.sys   [66560]
O58 - SDL:[MD5.1D9F1BEC651815741F088A8FB88E17EE] - 03/08/2004 - 21:59:56 ---A- . (.Microsoft Corporation - Small Form Factor Disk Driver.) -- C:\WINDOWS\system32\Drivers\sffdisk.sys   [11136]
O58 - SDL:[MD5.586499FD312FFD7F78553F408E71682E] - 03/08/2004 - 21:59:56 ---A- . (.Microsoft Corporation - Small Form Factor SD Protocol Driver.) -- C:\WINDOWS\system32\Drivers\sffp_sd.sys   [10240]
O58 - SDL:[MD5.0D13B6DF6E9E101013A7AFB0CE629FE0] - 03/08/2004 - 21:59:56 ---A- . (.Microsoft Corporation - SCSI Floppy Driver.) -- C:\WINDOWS\system32\Drivers\sfloppy.sys   [11392]
O58 - SDL:[MD5.017DAECF0ED3AA731313433601EC40FA] - 02/10/2001 - 17:17:12 ---A- . (.Microsoft Corporation - Smard Card Driver Library.) -- C:\WINDOWS\system32\Drivers\smclib.sys   [14592]
O58 - SDL:[MD5.ADDC9E4757A68AB60562AD3CB9C288D6] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - 1394 Desktop Camera Driver.) -- C:\WINDOWS\system32\Drivers\sonydcam.sys   [25472]
O58 - SDL:[MD5.8E186B8F23295D1E42C573B82B80D548] - 26/07/2005 - 13:44:00 ---A- . (.Microsoft Corporation - Microsoft Kernel Audio Splitter.) -- C:\WINDOWS\system32\Drivers\splitter.sys   [6400]
O58 - SDL:[MD5.B52181023B827ACDA36C1B76751EBFFD] - 19/08/2004 - 15:04:58 ---A- . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du.) -- C:\WINDOWS\system32\Drivers\sr.sys   [73600]
O58 - SDL:[MD5.553007ECCE7F6565BBE645BEB66D3B69] - 26/07/2005 - 14:01:48 ---A- . (.Microsoft Corporation - Server driver.) -- C:\WINDOWS\system32\Drivers\srv.sys   [332544]
O58 - SDL:[MD5.C43356072EB3E88CD62958DB10CEAD47] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\WINDOWS\system32\Drivers\stream.sys   [48640]
O58 - SDL:[MD5.03C1BAE4766E2450219D20B993D6E046] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Plug and Play Software Device Enumerator.) -- C:\WINDOWS\system32\Drivers\swenum.sys   [4352]
O58 - SDL:[MD5.94ABC808FC4B6D7D2BBF42B85E25BB4D] - 26/07/2005 - 13:43:46 ---A- . (.Microsoft Corporation - Microsoft GS Wavetable Synthesizer.) -- C:\WINDOWS\system32\Drivers\swmidi.sys   [54272]
O58 - SDL:[MD5.650AD082D46BAC0E64C9C0E0928492FD] - 26/07/2005 - 13:44:00 ---A- . (.Microsoft Corporation - System Audio WDM Filter.) -- C:\WINDOWS\system32\Drivers\sysaudio.sys   [60800]
O58 - SDL:[MD5.147B9CCE0B523D4DAFD91A60C2CE2B25] - 30/04/2013 - 09:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\WINDOWS\system32\Drivers\tap0901.sys   [35088]
O58 - SDL:[MD5.A2A9CA0D1A9AC1FF54220AA0789FE5CF] - 03/08/2004 - 22:00:00 ---A- . (.Microsoft Corporation - SCSI Tape Class Driver.) -- C:\WINDOWS\system32\Drivers\tape.sys   [14976]
O58 - SDL:[MD5.0DF628756FB71111955BE60BAC216A70] - 18/09/2005 - 11:29:51 ---A- . (.Microsoft Corporation - TCP/IP Protocol Driver.) -- C:\WINDOWS\system32\Drivers\tcpip.sys   [359936]
O58 - SDL:[MD5.4D58BB1AE8841AAFD8790AD7E1E3B8EA] - 03/08/2004 - 22:07:46 ---A- . (.Microsoft Corporation - IPv6 driver.) -- C:\WINDOWS\system32\Drivers\tcpip6.sys   [223616]
O58 - SDL:[MD5.6891B74AB9A016064E82A419388D0601] - 03/08/2004 - 22:07:50 ---A- . (.Microsoft Corporation - TDI Wrapper.) -- C:\WINDOWS\system32\Drivers\tdi.sys   [18560]
O58 - SDL:[MD5.38D437CF2D98965F239B0ABCD66DCB0F] - 19/08/2004 - 15:10:20 ---A- . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys   [12040]
O58 - SDL:[MD5.ED0580AF02502D00AD8C4C066B156BE9] - 19/08/2004 - 15:10:20 ---A- . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys   [21896]
O58 - SDL:[MD5.A540A99C281D933F3D69D55E48727F47] - 26/07/2005 - 13:44:00 ---A- . (.Microsoft Corporation - Terminal Server Driver.) -- C:\WINDOWS\system32\Drivers\termdd.sys   [40840]
O58 - SDL:[MD5.699450901C5CCFD82357CBC531CEDD23] - 26/07/2005 - 12:59:55 ---A- . (.Microsoft Corporation - TOSHIBA DVD Stream Minidriver.) -- C:\WINDOWS\system32\Drivers\tosdvd.sys   [51712]
O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 26/07/2005 - 12:59:55 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\Drivers\tsbvcap.sys   [21376]
O58 - SDL:[MD5.87A0E9E18C10A9E454238E3330E2A26D] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Microsoft Tunnel Interface Driver.) -- C:\WINDOWS\system32\Drivers\tunmp.sys   [12416]
O58 - SDL:[MD5.12F70256F140CD7D52C58C7048FDE657] - 03/08/2004 - 22:00:32 ---A- . (.Microsoft Corporation - UDF File System Driver.) -- C:\WINDOWS\system32\Drivers\udfs.sys   [66176]
O58 - SDL:[MD5.A4815A4884898F355A3513E60843A4FD] - 26/07/2005 - 14:01:50 ---A- . (.Microsoft Corporation - Update Driver.) -- C:\WINDOWS\system32\Drivers\update.sys   [209280]
O58 - SDL:[MD5.AF090265EC388BAB320F1FF7E7A7D5EA] - 03/08/2004 - 22:04:34 ---A- . (.Microsoft Corporation - Remote NDIS USB Driver.) -- C:\WINDOWS\system32\Drivers\usb8023.sys   [12672]
O58 - SDL:[MD5.2654EECC6FB13603EBDDCD5C8EA943D1] - 26/07/2005 - 12:59:55 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\Drivers\usbcamd.sys   [23808]
O58 - SDL:[MD5.61018BA9DF6B63E51D9753C980E73EC2] - 26/07/2005 - 12:59:55 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\Drivers\usbcamd2.sys   [23936]
O58 - SDL:[MD5.BFFD9F120CC63BCBAA3D840F3EEF9F79] - 03/08/2004 - 22:08:48 ---A- . (.Microsoft Corporation - USB Common Class Generic Parent Driver.) -- C:\WINDOWS\system32\Drivers\usbccgp.sys   [31616]
O58 - SDL:[MD5.596EB39B50D6EBD9B734DC4AE0544693] - 02/10/2001 - 17:17:20 ---A- . (.Microsoft Corporation - Universal Serial Bus Driver.) -- C:\WINDOWS\system32\Drivers\usbd.sys   [4736]
O58 - SDL:[MD5.15E993BA2F6946B2BFBBFCD30398621E] - 03/08/2004 - 22:08:38 ---A- . (.Microsoft Corporation - EHCI eUSB Miniport Driver.) -- C:\WINDOWS\system32\Drivers\usbehci.sys   [26624]
O58 - SDL:[MD5.C72F40947F92CEA56A8FB532EDF025F1] - 03/08/2004 - 22:08:44 ---A- . (.Microsoft Corporation - Default Hub Driver for USB.) -- C:\WINDOWS\system32\Drivers\usbhub.sys   [57600]
O58 - SDL:[MD5.2853FD4C4489E0F8BFCF78EFCDB7E998] - 12/10/2005 - 09:33:32 ---A- . (.Microsoft Corporation - Universal Serial Bus Camera Driver.) -- C:\WINDOWS\system32\Drivers\usbintel.sys   [16000]
O58 - SDL:[MD5.2034CA78F9C6E787B4B76D81AC888351] - 03/08/2004 - 22:08:44 ---A- . (.Microsoft Corporation - USB 1.1 & 2.0 Port Driver.) -- C:\WINDOWS\system32\Drivers\usbport.sys   [142976]
O58 - SDL:[MD5.A42369B7CD8886CD7C70F33DA6FCBCF5] - 26/07/2005 - 12:44:00 ---A- . (.Microsoft Corporation - USB Printer driver.) -- C:\WINDOWS\system32\Drivers\usbprint.sys   [25856]
O58 - SDL:[MD5.A6BC71402F4F7DD5B77FD7F4A8DDBA85] - 26/07/2005 - 12:44:02 ---A- . (.Microsoft Corporation - USB Scanner Driver.) -- C:\WINDOWS\system32\Drivers\usbscan.sys   [15104]
O58 - SDL:[MD5.6CD7B22193718F1D17A47A1CD6D37E75] - 03/08/2004 - 22:08:48 ---A- . (.Microsoft Corporation - USB Mass Storage Class Driver.) -- C:\WINDOWS\system32\Drivers\usbstor.sys   [26496]
O58 - SDL:[MD5.F8FD1400092E23C8F2F31406EF06167B] - 03/08/2004 - 22:08:38 ---A- . (.Microsoft Corporation - UHCI USB Miniport Driver.) -- C:\WINDOWS\system32\Drivers\usbuhci.sys   [20480]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 26/07/2005 - 12:59:55 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys   [58112]
O58 - SDL:[MD5.8A60EDD72B4EA5AEA8202DAF0E427925] - 03/08/2004 - 22:07:08 ---A- . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys   [20992]
O58 - SDL:[MD5.D5A9D123F5ED7C9965A481BD20CF66D8] - 03/08/2004 - 22:07:06 ---A- . (.Microsoft Corporation - Video Port Driver.) -- C:\WINDOWS\system32\Drivers\videoprt.sys   [79744]
O58 - SDL:[MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - 19/08/2004 - 14:59:14 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\WINDOWS\system32\Drivers\volsnap.sys   [53376]
O58 - SDL:[MD5.984EF0B9788ABF89974CFED4BFBAACBC] - 03/08/2004 - 22:04:58 ---A- . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) -- C:\WINDOWS\system32\Drivers\wanarp.sys   [34560]
O58 - SDL:[MD5.2797F33EBF50466020C430EE4F037933] - 26/07/2005 - 13:44:04 ---A- . (.Microsoft Corporation - MMSYSTEM Wave/Midi API mapper.) -- C:\WINDOWS\system32\Drivers\wdmaud.sys   [82944]
O58 - SDL:[MD5.2F31B7F954BED437F2C75026C65CAF7B] - 02/10/2001 - 17:17:26 ---A- . (.Microsoft Corporation - WMILIB WMI support library Dll.) -- C:\WINDOWS\system32\Drivers\wmilib.sys   [4352]
O58 - SDL:[MD5.6ABE6E225ADB5A751622A9CC3BC19CE8] - 02/10/2001 - 17:17:28 ---A- . (.Microsoft Corporation - Winsock2 IFS Layer.) -- C:\WINDOWS\system32\Drivers\ws2ifsl.sys   [12032]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 02/10/2001 - 17:15:52 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/10/2001 - 17:15:58 ---A- . (...) -- C:\WINDOWS\system32\country.sys   [27097]
O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 02/10/2001 - 17:16:28 ---A- . (...) -- C:\WINDOWS\system32\himem.sys   [4912]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 02/10/2001 - 17:16:34 ---A- . (...) -- C:\WINDOWS\system32\key01.sys   [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 03/08/2004 - 21:46:56 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys   [42537]
O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 02/10/2001 - 17:16:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys   [27916]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/10/2001 - 17:16:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys   [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/10/2001 - 17:16:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys   [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/10/2001 - 17:16:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys   [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/10/2001 - 17:16:50 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys   [29146]
O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 03/08/2004 - 21:45:26 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys   [34000]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 03/08/2004 - 21:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys   [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 03/08/2004 - 21:45:12 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys   [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 03/08/2004 - 21:45:16 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys   [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 03/08/2004 - 21:45:14 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys   [34560]
O58 - SDL:[MD5.C9BF2F12C4E6C12F8A85FBA4B6BC6208] - 03/08/2004 - 22:07:34 ---A- . (.Microsoft Corporation - Watchdog Driver.) -- C:\WINDOWS\system32\watchdog.sys   [17664]
O58 - SDL:[MD5.692ED535C8ABAA2B38A13025DC0ED758] - 09/11/2005 - 09:31:04 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\WINDOWS\system32\win32k.sys   [1839616]
~ Drivers: 5 Scanned in 00mn 03s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 25/02/2014 - 21:00:44 ---A- . (...) -- C:\Documents and Settings\Admin\Bureau\DecompteMail (4).pdf   [25250]
O61 - LFC: 25/02/2014 - 21:00:48 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists   [270670]
O61 - LFC: 25/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_p.ccmbg.com_0.localstorage   [3072]
O61 - LFC: 25/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_p.ccmbg.com_0.localstorage-journal   [3608]
O61 - LFC: 25/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_player.ooyala.com_0.localstorage   [3072]
O61 - LFC: 25/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_player.ooyala.com_0.localstorage-journal   [3608]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\macromedia.com\support\flashplayer\sys\#opf.ooyala.com\settings.sol   [84]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\macromedia.com\support\flashplayer\sys\#player.ooyala.com\settings.sol   [87]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\opf.ooyala.com\com.conviva.livePass.sol   [62]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\player.ooyala.com\auth.sol   [47]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\player.ooyala.com\auth2.sol   [158]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\player.ooyala.com\auth_id.sol   [40]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\player.ooyala.com\ooyala_guid.sol   [63]
O61 - LFC: 25/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\player.ooyala.com\perf.sol   [127]
O61 - LFC: 25/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\CdmAdapterVersion   [13]
O61 - LFC: 25/02/2014 - 21:01:05 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\MSHist012014021720140224\index.dat   [32768]
O61 - LFC: 25/02/2014 - 21:01:05 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\MSHist012014022520140226\index.dat   [32768]
O61 - LFC: 25/02/2014 - 21:01:05 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Temp\3888_11335\crl-set   [270670]
O61 - LFC: 25/02/2014 - 21:01:05 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Temp\3888_11335\manifest.fingerprint   [12]
O61 - LFC: 25/02/2014 - 21:01:05 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Temp\3888_11335\manifest.json   [34]
O61 - LFC: 25/02/2014 - 21:01:07 ---A- . (...) -- C:\Documents and Settings\Admin\Recent\DecompteMail (4).pdf.lnk   [430]
O61 - LFC: 26/02/2014 - 21:00:30 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\AVAST Software\Avast\Cache\Cookies   [8192]
O61 - LFC: 26/02/2014 - 21:00:30 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\AVAST Software\Avast\Cache\Cookies-journal   [6704]
O61 - LFC: 26/02/2014 - 21:00:30 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\AVAST Software\Avast\Cache\f_00001d   [18440]
O61 - LFC: 26/02/2014 - 21:00:38 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\OpenOffice.org\3\user\extensions\shared\log.txt   [3947]
O61 - LFC: 26/02/2014 - 21:00:40 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\OpenOffice.org\3\user\registrymodifications.xcu   [90468]
O61 - LFC: 26/02/2014 - 21:00:40 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\OpenOffice.org\3\user\uno_packages\cache\log.txt   [4276]
O61 - LFC: 26/02/2014 - 21:00:42 ---A- . (...) -- C:\Documents and Settings\Admin\Bureau\carnet-course-a-pied-debutant.ods   [25191]
O61 - LFC: 26/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\000099.ldb   [307]
O61 - LFC: 26/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\000101.ldb   [259]
O61 - LFC: 26/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\00\00000000   [211]
O61 - LFC: 26/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\00\00000001   [15027084]
O61 - LFC: 26/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\Paths\000005.ldb   [623]
O61 - LFC: 26/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\Paths\LOCK   [0]
O61 - LFC: 26/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\Origins\000010.ldb   [168]
O61 - LFC: 26/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\History Provider Cache   [115820]
O61 - LFC: 26/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Last Tabs   [15680]
O61 - LFC: 26/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_www.commentcamarche.net_0.localstorage   [3072]
O61 - LFC: 26/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_www.commentcamarche.net_0.localstorage-journal   [3608]
O61 - LFC: 26/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\https_www.google.fr_0.localstorage   [3072]
O61 - LFC: 26/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\https_www.google.fr_0.localstorage-journal   [3608]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Login Data   [12288]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Login Data-journal   [4624]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\broadcast.piximedia.fr\footerJS\v4\lib\so.swf\PmUI.sol   [33]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\C6C9NYLK\macromedia.com\support\flashplayer\sys\#broadcast.piximedia.fr\settings.sol   [92]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\000903.ldb   [147]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\000905.ldb   [652514]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Web Data   [333824]
O61 - LFC: 26/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Web Data-journal   [16384]
O61 - LFC: 26/02/2014 - 21:01:05 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\MSHist012014022620140227\index.dat   [32768]
O61 - LFC: 26/02/2014 - 21:01:07 ---A- . (...) -- C:\Documents and Settings\Admin\Recent\carnet-course-a-pied-debutant.ods.lnk   [583]
O61 - LFC: 27/02/2014 - 21:00:30 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\AVAST Software\Avast\Cache\HTMLayout.xml   [4767]
O61 - LFC: 27/02/2014 - 21:00:35 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\Microsoft\HTML Help\hh.dat   [8722]
O61 - LFC: 27/02/2014 - 21:00:41 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\ZHP\Log.txt   [50796]  =>.Nicolas Coolman
O61 - LFC: 27/02/2014 - 21:00:41 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\ZHP\TestsZHPDiag.txt   [3261]  =>.Nicolas Coolman
O61 - LFC: 27/02/2014 - 21:00:41 ---A- . (...) -- C:\Documents and Settings\Admin\Application Data\ZHP\ZHPDiag.txt   [32443]  =>.Nicolas Coolman
O61 - LFC: 27/02/2014 - 21:00:44 ---A- . (...) -- C:\Documents and Settings\Admin\Bureau\ZHPDiag.lnk   [1523]  =>.Nicolas Coolman
O61 - LFC: 27/02/2014 - 21:00:44 ---A- . (...) -- C:\Documents and Settings\Admin\Bureau\ZHPFix.lnk   [1628]  =>.Nicolas Coolman
O61 - LFC: 27/02/2014 - 21:00:44 ---A- . (...) -- C:\Documents and Settings\Admin\Cookies\index.dat   [32768]
O61 - LFC: 27/02/2014 - 21:00:44 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Admin\Bureau\ZHPDiag2.exe   [6865894]  =>.Nicolas Coolman
O61 - LFC: 27/02/2014 - 21:00:48 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Local State   [64787]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Cookies   [1031168]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Cookies-journal   [16384]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension Rules\CURRENT   [16]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension Rules\LOG   [148]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension Rules\LOG.old   [145]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension Rules\MANIFEST-000837   [334]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\000104.ldb   [259]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\000107.ldb   [257]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\CURRENT   [16]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\LOG   [269]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\LOG.old   [264]
O61 - LFC: 27/02/2014 - 21:00:49 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Extension State\MANIFEST-000106   [528]  =>.Google Inc
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Favicons   [3946496]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Favicons-journal   [16384]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\.usage   [24]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\Paths\CURRENT   [16]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\Paths\LOG   [142]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\Paths\LOG.old   [142]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\001\t\Paths\MANIFEST-000009   [86]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\Origins\CURRENT   [16]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\Origins\LOG   [145]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\Origins\LOG.old   [144]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\File System\Origins\MANIFEST-000014   [179]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\History   [3325952]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\History-journal   [16384]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Last Session   [84240]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Extension Settings\gdidcmifanncidcpmndaenenhcgeaica\000198.ldb   [48501]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Extension Settings\gdidcmifanncidcpmndaenenhcgeaica\CURRENT   [16]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Extension Settings\gdidcmifanncidcpmndaenenhcgeaica\LOG   [0]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Extension Settings\gdidcmifanncidcpmndaenenhcgeaica\LOG.old   [264]
O61 - LFC: 27/02/2014 - 21:00:50 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Extension Settings\gdidcmifanncidcpmndaenenhcgeaica\MANIFEST-000195   [412]
O61 - LFC: 27/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_googleads.g.doubleclick.net_0.localstorage   [3072]
O61 - LFC: 27/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_googleads.g.doubleclick.net_0.localstorage-journal   [512]
O61 - LFC: 27/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_telechargement.zebulon.fr_0.localstorage   [3072]
O61 - LFC: 27/02/2014 - 21:00:51 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Local Storage\http_telechargement.zebulon.fr_0.localstorage-journal   [3608]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Preferences   [265954]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\QuotaManager   [19456]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\QuotaManager-journal   [6704]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\000908.ldb   [562080]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\000911.ldb   [88734]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\CURRENT   [16]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\LOG   [271]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\LOG.old   [272]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Session Storage\MANIFEST-000910   [256]  =>.Google Inc
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\TransportSecurity   [3506]
O61 - LFC: 27/02/2014 - 21:00:52 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Profile 1\Visited Links   [131072]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom   [6392480]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set   [1501054]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies   [6144]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal   [3608]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist   [135496]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download   [859024]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist   [19492]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist   [16608]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing IP Blacklist   [1848]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\CdmAdapterVersion   [13]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdm.dll   [11769848]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.2.464\imgs\icon-128x128.png   [1630]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.2.464\manifest.fingerprint   [66]
O61 - LFC: 27/02/2014 - 21:00:54 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.2.464\manifest.json   [951]
O61 - LFC: 27/02/2014 - 21:00:55 --HA- . (...) -- C:\Documents and Settings\Admin\Local Settings\Application Data\IconCache.db   [6964940]
O61 - LFC: 27/02/2014 - 21:01:05 ---A- . (...) -- C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\index.dat   [81920]
~ 3 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 123 Scanned in 00mn 38s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 12/10/2005 - C:\WINDOWS\system32\DRIVERS\arp1394.sys (Arp1394)  .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394
O64 - Services: CurCS - 13/02/2014 - C:\WINDOWS\system32\drivers\aswMonFlt.sys (aswMonFlt)  .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 13/02/2014 - C:\WINDOWS\system32\drivers\aswRdr.sys (AswRdr)  .(.AVAST Software - avast! TDI Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 02/12/2013 - C:\WINDOWS\system32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 13/02/2014 - C:\WINDOWS\system32\drivers\aswSnx.sys (aswSnx)  .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 13/02/2014 - C:\WINDOWS\system32\drivers\aswSP.sys (aswSP)  .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 13/02/2014 - C:\WINDOWS\system32\drivers\aswTdi.sys (aswTdi)  .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 06/01/2014 - C:\WINDOWS\system32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (AudioSrv)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV
O64 - Services: CurCS - 13/02/2014 - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (avast! Antivirus)  .(.AVAST Software - avast! Service.) - LEGACY_AVAST!_ANTIVIRUS
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (BITS)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BITS
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (CryptSvc)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (Dhcp)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP
O64 - Services: CurCS - 02/10/2001 - C:\WINDOWS\system32\drivers\dmload.sys (dmload)  .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (EventSystem)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (FastUserSwitchingCompatibility)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\fltMgr.sys (FltMgr)  .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc)  .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (HidServ)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - 26/07/2005 - C:\WINDOWS\system32\DRIVERS\ipnat.sys (IpNat)  .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec)  .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - 24/01/2014 - C:\Program Files\Java\jre7\bin\jqs.exe (JavaQuickStarterService)  .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (LanmanWorkstation)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION
O64 - Services: CurCS - 26/07/2005 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb)  .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\Drivers\Mup.sys (Mup)  .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\Drivers\NDIS.sys (NDIS)  .(.Microsoft Corporation - NDIS 5.1 wrapper driver.) - LEGACY_NDIS
O64 - Services: CurCS - 02/10/2001 - C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NdisTapi)  .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI
O64 - Services: CurCS - 20/04/2005 - C:\WINDOWS\system32\DRIVERS\ndisuio.sys (Ndisuio)  .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS)  .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (Netman)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN
O64 - Services: CurCS - 02/10/2001 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd)  .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (RasMan)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN
O64 - Services: CurCS - 26/07/2005 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss)  .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 02/10/2001 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD)  .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (Schedule)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (SENS)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (SharedAccess)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - 10/08/2005 - C:\WINDOWS\system32\spoolsv.exe (Spooler)  .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr)  .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (srservice)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (stisvc)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (TapiSrv)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV
O64 - Services: CurCS - 18/09/2005 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip)  .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (Themes)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave)  .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 03/08/2004 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp)  .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (winmgmt)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (wuauserv)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV
O64 - Services: CurCS - 19/08/2004 - C:\WINDOWS\system32\svchost.exe (WZCSVC)  .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC
~ Legacy: 116 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (r) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 9 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (...) --  C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.qvo6.com =>Hijacker.Qvo6
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Torch> <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll   [176640]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll   [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll   [77312]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll   [60416]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll   [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll   [111616]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll   [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll   [243200]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll   [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll   [96768]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll   [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll   [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll   [197632]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll   [247808]  =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll   [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll   [89088]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll   [174080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll   [49152]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll   [193024]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll   [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll   [38912]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll   [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll   [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll   [249344]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll   [90624]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll   [177664]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll   [474624]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll   [685056]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll   [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll   [81408]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll   [129536]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll   [382464]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll   [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll   [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll   [38912]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Fournisseur de services de périphérique multimédia Microsoft.) -- C:\WINDOWS\system32\mspmsnsv.dll   [52736]

~ Services: 38 Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9EA190ABAA9B21C597C24192609645BD] [SPRF][27/02/2014] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Documents and Settings\Admin\Bureau\ZHPDiag2.exe   [6865894]
~ Files: 1 Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "0296961D4979CBB4A803A78867D35E2A" . (.ABBYY FineReader 5.0 Sprint Plus.) -- C:\WINDOWS\Installer\{D1696920-9794-4BBC-8A30-7A88763DE5A2}\Fine5.exe
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.06) - Français.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "987A09F2E1DDEC14FBACDB8712B3BA7C" . (.OpenOffice.org 3.4.) -- C:\WINDOWS\Installer\{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}\soffice.ico
~ Update Products: 14 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
~ WIS: 15 Scanned in 00mn 01s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/02/2014 257928 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 19/08/2004 225280 |  (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 16/03/2013 116648 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/03/2013 116648 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 13/02/2014 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 24/01/2014 182696 |  (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe

~ Services:  Scanned in 00mn 01s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Admin at 27/02/2014 21:01:35

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS 
1 nt!IofCallDriver[0x804E13A7] >> \Device\Harddisk0\DR0[0x8235CAB8]
3 CLASSPNP[0xF859605B] >> nt!IofCallDriver[0x804E13A7] >> \Device\Ide\IdeDeviceP1T0L0-17[0x82351B00]
kernel: MBR read successfully
user & kernel MBR OK 

~ MBR: 12 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Admin at 27/02/2014 21:01:37

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR:  Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (23/02/2014)
Clés trouvées (Keys found) : 23
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 18
Fichiers trouvés  (Files found) : 6

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]   =>PUP.DealPly^
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}]   =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}]   =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}]   =>PUP.BearShare
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}]   =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}]   =>PUP.BearShare
[HKCU\Software\ilivid]   =>Adware.Bandoo
[HKCU\Software\iMesh]   =>PUP.iMesh
[HKCU\Software\OfferBox]   =>PUP.OfferBox
[HKLM\Software\OfferBox]   =>PUP.OfferBox
[HKCU\Software\Softonic]   =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc]   =>PUP.SpeedMaxPc
[HKLM\Software\SpeedMaxPc]   =>PUP.SpeedMaxPc
[HKLM\Software\VBMZ]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKCU\Software\Crossrider]   =>PUP.CrossRider
[HKLM\Software\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo]   =>PUP.Elex
[HKCU\Software\USyndication]   =>Trojan.USyndication
[HKCU\Software\usyndication.com]   =>Trojan.USyndication
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}]   =>Adware.BrowseFox
[HKLM\Software\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn]   =>Adware.InstallBrain
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}]   =>PUP.ZulaGames
C:\Program Files\BearShare Applications   =>PUP.BearShare^
C:\Program Files\DealPly   =>PUP.DealPly^
C:\Program Files\DealPlyLive   =>PUP.DealPly^
C:\Program Files\Mobogenie   =>PUP.Mobogenie^
C:\Documents and Settings\All Users\Application Data\DealPlyLive   =>PUP.DealPly^
C:\Documents and Settings\All Users\Application Data\SpeedMaxPc   =>PUP.SpeedMaxPc^
C:\Documents and Settings\Admin\Application Data\Dealply   =>PUP.DealPly^
C:\Documents and Settings\Admin\Application Data\DriverCure   =>PUP.DriverCure^
C:\Documents and Settings\Admin\Application Data\newnext.me   =>PUP.NextLive^
C:\Documents and Settings\Admin\Application Data\OfferBox   =>PUP.OfferBox^
C:\Documents and Settings\Admin\Application Data\OpenCandy   =>Adware.OpenCandy^
C:\Documents and Settings\Admin\Application Data\SpeedAnalysis3   =>PUP.SpeedAnalysis^
C:\Documents and Settings\Admin\Application Data\SpeedMaxPc   =>PUP.SpeedMaxPc^
C:\Documents and Settings\Admin\Local Settings\Application Data\DealPlyLive   =>PUP.DealPly^
C:\Documents and Settings\Admin\Local Settings\Application Data\Mobogenie   =>PUP.Mobogenie^
C:\Documents and Settings\Admin\Local Settings\Application Data\Software   =>Adware.Boxore^
C:\Documents and Settings\Admin\Local Settings\Application Data\VisualBeeExe   =>Adware.VisualBeeToolbar^
C:\Program Files\Software   =>Adware.Boxore
C:\WINDOWS\Tasks\BitGuard.job   =>PUP.BitGuard^
[HKCU\Software\BearShare]   =>PUP.BearShare^
[HKCU\Software\Conduit]   =>Toolbar.Conduit^
[HKCU\Software\DealPlyLive]   =>PUP.DealPly^
[HKCU\Software\iLivid]   =>Adware.Bandoo^
[HKLM\Software\Vittalia]   =>Adware.PUP.Vittalia^
~ Additionnel Scan: 119641 Items scanned in 00mn 27s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard   =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply   =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/26705717-pup-bearshare   =>PUP.BearShare
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit   =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider   =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox   =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/28947219-pup-speedmaxpc   =>PUP.SpeedMaxPc
~ http://nicolascoolman.webs.com/apps/blog/show/27328365-trojan-usyndication   =>Trojan.USyndication
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo  =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh   =>PUP.iMesh
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu   =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/35115580-pup-vittalia   =>PUP.Vittalia
~ http://nicolascoolman.webs.com/apps/blog/show/41034005-pup-mobogenie   =>PUP.Mobogenie
~ http://nicolascoolman.webs.com/apps/blog/show/28063533-pup-drivercure   =>PUP.DriverCure
~ http://nicolascoolman.webs.com/apps/blog/show/40528410-pup-nextlive   =>PUP.NextLive
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy   =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis   =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore  =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/29058830-adware-visualbeetoolbar   =>Adware.VisualBeeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6   =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma   =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/33479906-pup-elex   =>PUP.Elex
~ http://nicolascoolman.webs.com/apps/blog/show/27328365-trojan-usyndication   =>Trojan.USyndication
~ http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox   =>Adware.BrowseFox
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain  =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/34204805-pup-zulagames   =>PUP.ZulaGames
~ MSI: 26 link(s) detected in 00mn 27s



End of the scan (1537 lines in 01mn 57s)(0)