cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v1.3.5.60 par Nicolas Coolman, Update du 12/02/2013
Run by Hugues2 at 16/02/2013 00:58:51
State :
UAC : Deactivate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6CJ97
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 15 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2029 MB (47% free)
System Restore: D�sactiv� (Disabled)
System drive C: has 153 GB (66%) free of 228 GB

---\\ Logged in mode
~ Computer Name: PC-DE-JACQUES
~ User Name: Hugues2
~ All Users Names: Jacques, Hugues2, C�cile, Coco, Agathe, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Hugues2\AppData\Roaming\
~ %Desktop% : C:\Users\Hugues2\Desktop\
~ %Favorites% : C:\Users\Hugues2\Favorites\
~ %LocalAppData% : C:\Users\Hugues2\AppData\Local\
~ %StartMenu% : C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 153 Go of 228 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 221 Go of 228 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.B49B56B64F57699A1A663D2CF7D0A56F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/01/2013 - 23:03:20.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.4F4FCB8B6EA06784FB6D475B7EC7300F] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.02/11/2006 - 10:49:36.) -- C:\Windows\system32\Drivers\atapi.sys [19048]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parall�le.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/96
~ Mes musiques (My Musics) : 1/219
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/58
~ Mes Documents (My Documents) : 1/63
~ Mon Bureau (My Desktop) : 1/687
~ Menu demarrer (Programs) : 1/27
~ Scan Hidden Files in 00mn 00s



---\\ Processus lanc�s
[MD5.4BA84C832E0741A294C4444556DFE993] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe [143928] [PID.364]
[MD5.698EB1E5F8C66344D97C00B5699E871D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757280] [PID.2832]
[MD5.8906FFADDF99ACCB5C751E75E879481F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5676032] [PID.3216]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3980]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1272]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1868]
[MD5.A2580C15D2664D18C3E140C7F98B366C] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248] [PID.588]
[MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.3028]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_37] - (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npdeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_37 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 1



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MathPlayer BHO - {32F66A28-7614-11D4-BD11-00104BD3F987} . (.Design Science, Inc. - MathPlayer Binary Helper Object.) -- C:\Program Files\Design Science\MathPlayer002\MathPlayerBHO.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\20.2.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files\Norton 360\Engine\20.2.1.22\IPS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton 360\Engine\20.2.1.22\coIEPlg.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] . (.Acer Inc. - Acer Tour Reminder.) -- C:\Acer\AcerTour\Reminder.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\Documents - Raccourci.lnk . (...) -- C:\Users\Hugues2\Documents
O4 - Global Startup: C:\Users\Jacques\Desktop\Guitar Pro 5.lnk . (.Arobas Music.) -- C:\Program Files\Guitar Pro 5\GP5.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\Jouer � Client Game Service.lnk . (...) -- C:\Windows\UbiSoft\SetupUbi.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\Microsoft Works (2).LNK . (.Microsoft� Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\Microsoft Works.LNK . (.Microsoft� Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\SpywareBlaster.lnk . (...) -- C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk . (.Sierra Entertainment, Inc..) -- C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\SWAT 4.lnk . (.Sierra Entertainment, Inc..) -- C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe
O4 - Global Startup: C:\Users\Jacques\Desktop\Ubi Soft Product Registration.lnk . (.Ubi Soft.) -- C:\Program Files\Ubi Soft\Register\register.exe
O4 - Global Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SpywareBlaster.lnk . (...) -- C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - Global Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vos D�marches Administratives.lnk - Cl� orpheline
O4 - Global Startup: C:\Users\Jacques\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\AIDA64 Extreme Edition.lnk . (.FinalWire Ltd..) -- C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\Auslogics Registry Cleaner.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Registry Cleaner\RegCleaner.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\Auslogics Registry Defrag.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Registry Defrag\RegistryDefrag.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\Fichiers d�installation Norton.lnk . (...) -- C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014}
O4 - Global Startup: C:\Users\Hugues2\Desktop\Guitar Pro 5.lnk . (.Arobas Music.) -- C:\Program Files\Guitar Pro 5\GP5.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\SpeedFan.lnk . (.Almico Software (www.almico.com).) -- C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\SpywareBlaster.lnk . (...) -- C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\SWAT 4.lnk . (.Sierra Entertainment, Inc..) -- C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\Ubi Soft Product Registration.lnk . (.Ubi Soft.) -- C:\Program Files\Ubi Soft\Register\register.exe
O4 - Global Startup: C:\Users\Hugues2\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Hugues2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\C�cile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\C�cile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\C�cile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\C�cile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Coco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Coco\Desktop\Corbeille.lnk - Cl� orpheline
O4 - Global Startup: C:\Users\Coco\Desktop\Guitar Pro 5.lnk . (.Arobas Music.) -- C:\Program Files\Guitar Pro 5\GP5.exe
O4 - Global Startup: C:\Users\Coco\Desktop\Microsoft Works.LNK . (.Microsoft� Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Users\Coco\Desktop\SpeedFan.lnk . (.Almico Software (www.almico.com).) -- C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: C:\Users\Coco\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk . (.Sierra Entertainment, Inc..) -- C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe
O4 - Global Startup: C:\Users\Coco\Desktop\Ubi Soft Product Registration.lnk . (.Ubi Soft.) -- C:\Program Files\Ubi Soft\Register\register.exe
O4 - Global Startup: C:\Users\Coco\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Coco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Coco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Agathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Agathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Agathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Auslogics Registry Cleaner.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Registry Cleaner\RegCleaner.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Auslogics Registry Defrag.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Registry Defrag\RegistryDefrag.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Guitar Pro 5.lnk . (.Arobas Music.) -- C:\Program Files\Guitar Pro 5\GP5.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Jouer � Client Game Service.lnk . (...) -- C:\Windows\UbiSoft\SetupUbi.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Microsoft Works.LNK . (.Microsoft� Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\SpeedFan.lnk . (.Almico Software (www.almico.com).) -- C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\SpywareBlaster.lnk . (...) -- C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\SWAT 4 - The Stetchkov Syndicate.lnk . (.Sierra Entertainment, Inc..) -- C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\SWAT 4.lnk . (.Sierra Entertainment, Inc..) -- C:\Program Files\Sierra\SWAT 4\Content\System\Swat4.exe
O4 - Global Startup: C:\Users\Agathe\Desktop\Ubi Soft Product Registration.lnk . (.Ubi Soft.) -- C:\Program Files\Ubi Soft\Register\register.exe
O4 - Global Startup: C:\Users\Agathe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Agathe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk . (...) -- C:\Program Files\Samsung\Samsung PC Studio 3\Launcher.exe
O4 - Global Startup: C:\Users\Agathe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Administrateur\Desktop\AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe (.not file.)
~ Scan Global Startup in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} ((no name)) - http://cdn.scan.onecare.live.com/resource/download/scanner/fr-fr/wlscctrl2.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{714546E9-3DFF-4886-B2FB-3471DE1B3D88}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{714546E9-3DFF-4886-B2FB-3471DE1B3D88}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{714546E9-3DFF-4886-B2FB-3471DE1B3D88}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} . (...) -- C:\Program Files\Design Science\MathPlayer002\MathMLMimer.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contr�leur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: eRecovery Service (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
~ Scan Services in 00mn 03s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\img18.jpg
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
[MD5.255236F43012C430B99D78BCA59C9593] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files\Norton 360\Engine\20.2.1.22\WSCStub.exe
[MD5.C82886A0C88DA48CF36DC2B9CA701E11] [APT] [Norton Error Analyzer] (.Symantec Corporation.) -- C:\Program Files\Norton 360\Engine\20.2.1.22\SymErr.exe
[MD5.C82886A0C88DA48CF36DC2B9CA701E11] [APT] [Norton Error Processor] (.Symantec Corporation.) -- C:\Program Files\Norton 360\Engine\20.2.1.22\SymErr.exe
~ Scan Scheduled Task in 00mn 02s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Microsoft Windows Media Component Removal File..) -- C:\Windows\system32\msdxm.ocx
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (...) -- C:\Windows\INF\mswmp.inf
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\Windows\system32\Macromed\Flash\Flash32_11_5_502_146.ocx
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BHDrvx86) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130208.001\BHDrvx86.sys
O41 - Driver: (ccSet_N360) . (.Symantec Corporation - Common Client Settings Driver.) - C:\Windows\system32\drivers\N360\1402010.016\ccSetx86.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (IDSVix86) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130214.001\IDSvix86.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de p�riph�rique s�rie.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\N360\1402010.016\SRTSPX.sys
O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\N360\1402010.016\Ironx86.sys
O41 - Driver: (SYMTDIv) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\drivers\N360\1402010.016\SYMTDIV.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: AIDA64 Extreme Edition v2.80 - (.FinalWire Ltd..) [HKLM] -- AIDA64 Extreme Edition_is1
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {2E2253E9-3EAD-D9DF-EDCA-A893551EB081}
O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM] -- {11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
O42 - Logiciel: Acer Empowering Technology - (.Acer Inc..) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2}
O42 - Logiciel: Acer Picture Slide DVD - (.Pas de propri�taire.) [HKLM] -- {41581EF5-45A7-11DA-9D78-000129760D75}
O42 - Logiciel: Acer Plug and Record - (.Pas de propri�taire.) [HKLM] -- {F6EFFB76-4A07-11DA-9D78-000129760D75}
O42 - Logiciel: Acer ScreenSaver - (.Acer Inc..) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}
O42 - Logiciel: Acer Tour - (.Acer Inc..) [HKLM] -- {94389919-B0AA-4882-9BE8-9F0B004ECA35}
O42 - Logiciel: Acer ePerformance Management - (.Acer Inc..) [HKLM] -- {D462BF9E-0C35-4705-BF9B-3DF9F3816643}
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.5) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
O42 - Logiciel: Auslogics Registry Cleaner - (.Auslogics Software Pty Ltd.) [HKLM] -- {8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1
O42 - Logiciel: Auslogics Registry Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {D627784F-B3EE-44E8-96B1-9509B991EA34}_is1
O42 - Logiciel: AxCrypt 1.7.2867.0 - (.Axantum Software AB.) [HKLM] -- {9BA2A8C7-BFFD-4125-9377-C191C3FF174F}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {19A492A0-888F-44A0-9B21-D91700763F62}
O42 - Logiciel: Compl�ment Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Counter-Strike: Source - (.Valve.) [HKLM] -- {9580813D-94B1-4C28-9426-A441E2BB29A5}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: EPSON Printer Software - (.Pas de propri�taire.) [HKLM] -- EPSON Printer and Utilities
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1
O42 - Logiciel: HydraVision - (.ATI Technologies Inc..) [HKLM] -- {FB6DE932-24CA-D1C0-2FD8-1DFCE4A33CC5}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Pas de propri�taire.) [HKLM] -- HDMI
O42 - Logiciel: Intel(R) Management Engine Interface - (.Pas de propri�taire.) [HKLM] -- HECI
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Pas de propri�taire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java(TM) 6 Update 37 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216037FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Logiciel Intel� Viiv� - (.Intel Corporation.) [HKLM] -- Intel(R) Configuration Center
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: MathPlayer - (.Design Science, Inc..) [HKLM] -- {32F66A20-7614-11D4-BD11-00104BD3F987}
O42 - Logiciel: Medieval II Total War - (.SEGA.) [HKLM] -- {C0698BDA-0D29-40EE-8570-A31106DF9AB1}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft DirectX Transform optional components - (.Pas de propri�taire.) [HKLM] -- DXTXTRA
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Windows Media Video 9 VCM - (.Pas de propri�taire.) [HKLM] -- WMV9_VCM
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {67ADE9AF-5CD9-4089-8825-55DE4B366799}
O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}
O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel
O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers
O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- N360
O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {266517E6-D866-439D-919C-B8B1A52E6080}
O42 - Logiciel: PG Music DirectX Plugins 1.3.4.1 - (.PG Music Inc..) [HKLM] -- PG Music DirectX Plugins_is1
O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propri�taire.) [HKLM] -- SAMSUNG Mobile Composite Device
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propri�taire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propri�taire.) [HKLM] -- SAMSUNG Mobile USB Modem
O42 - Logiciel: SWAT 4 - (.Nom de votre soci�t�.) [HKLM] -- InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}
O42 - Logiciel: SWAT 4 - The Stetchkov Syndicate - (.Sierra Entertainment, Inc..) [HKLM] -- InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}
O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propri�taire.) [HKLM] -- Samsung Mobile phone USB driver
O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97}
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: SpywareBlaster 4.6 - (.Javacool Software LLC.) [HKLM] -- SpywareBlaster_is1
O42 - Logiciel: The Lord of the Rings FREE Trial - (.ATI Technologies Inc..) [HKLM] -- {8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
O42 - Logiciel: Virtual Sound Canvas DXi - (.Pas de propri�taire.) [HKLM] -- {745877DC-8FFE-4E4C-ABBC-589B887A47D1}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}
O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01
O42 - Logiciel: WinRAR 4.10 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Auslogics]
[HKCU\Software\Axantum]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Design Science]
[HKCU\Software\EFD Software]
[HKCU\Software\EPSON]
[HKCU\Software\ESET]
[HKCU\Software\FinalWire]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Leadertech]
[HKCU\Software\MRU-Blaster]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Memeo]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\NirSoft]
[HKCU\Software\Norton]
[HKCU\Software\ODBC]
[HKCU\Software\Parsec Productions]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\QFX Software]
[HKCU\Software\Resplendence Sp]
[HKCU\Software\SAMSUNG]
[HKCU\Software\Secunia]
[HKCU\Software\SpeedFan]
[HKCU\Software\TCP Optimizer]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\ej-technologies]
[HKCU\Software\repkasoft]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Acer]
[HKLM\Software\Activision]
[HKLM\Software\Adobe]
[HKLM\Software\Arobas Music]
[HKLM\Software\Axantum]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Bunndle]
[HKLM\Software\CDDB]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Design Science]
[HKLM\Software\EPSON]
[HKLM\Software\Eset]
[HKLM\Software\GEAR Software]
[HKLM\Software\GTek]
[HKLM\Software\Google]
[HKLM\Software\IK Multimedia]
[HKLM\Software\IObit]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Lenovo]
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Ligos Corporation]
[HKLM\Software\MCCI]
[HKLM\Software\MRU-Blaster]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Reviversoft]
[HKLM\Software\Roland]
[HKLM\Software\SEGA]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Samsung]
[HKLM\Software\Secunia]
[HKLM\Software\Sierra]
[HKLM\Software\Slowin Killer]
[HKLM\Software\Sonic]
[HKLM\Software\SpeedFan]
[HKLM\Software\SpywareBlaster]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\ThinkVantage]
[HKLM\Software\Thraex Software]
[HKLM\Software\Ubi Soft]
[HKLM\Software\Uniblue]
[HKLM\Software\Valve]
[HKLM\Software\Volatile]
[HKLM\Software\WholeSecurity]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Xerox]
[HKLM\Software\Yahoo]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/11/2011 - 11:01:05 - [0,348] ----D C:\Program Files\Acer Inc
O43 - CFD: 28/04/2012 - 17:22:26 - [101,814] ----D C:\Program Files\Acer Zone
O43 - CFD: 06/01/2013 - 13:03:33 - [113,334] ----D C:\Program Files\Adobe
O43 - CFD: 02/04/2011 - 23:32:29 - [1,863] ----D C:\Program Files\AMD APP
O43 - CFD: 20/11/2010 - 11:34:14 - [17,425] ----D C:\Program Files\ATI
O43 - CFD: 10/11/2011 - 20:29:52 - [46,361] ----D C:\Program Files\ATI Technologies
O43 - CFD: 13/02/2013 - 17:16:44 - [54,587] ----D C:\Program Files\Auslogics
O43 - CFD: 21/03/2012 - 19:48:37 - [2,419] ----D C:\Program Files\Axantum
O43 - CFD: 15/02/2013 - 20:23:53 - [5,071] ----D C:\Program Files\CCleaner
O43 - CFD: 11/02/2013 - 19:55:19 - [200,578] ----D C:\Program Files\Common Files
O43 - CFD: 03/04/2007 - 18:09:50 - [4,122] ----D C:\Program Files\CyberLink
O43 - CFD: 22/11/2011 - 18:17:58 - [14,944] ----D C:\Program Files\Design Science
O43 - CFD: 17/08/2011 - 12:33:30 - [0,020] ----D C:\Program Files\EPSON
O43 - CFD: 24/09/2008 - 16:02:06 - [0] ----D C:\Program Files\Fichiers communs
O43 - CFD: 22/08/2011 - 15:40:28 - [26,640] ----D C:\Program Files\FinalWire
O43 - CFD: 28/04/2012 - 18:51:37 - [5,883] ----D C:\Program Files\Google
O43 - CFD: 14/01/2012 - 11:02:30 - [57,200] ----D C:\Program Files\Guitar Pro 5
O43 - CFD: 13/01/2012 - 20:07:41 - [5,565] ----D C:\Program Files\Guitar Pro 5.2
O43 - CFD: 22/05/2012 - 13:52:22 - [15,904] ----D C:\Program Files\index
O43 - CFD: 10/02/2013 - 01:06:34 - [69,606] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/09/2008 - 15:56:54 - [29,096] ----D C:\Program Files\Intel
O43 - CFD: 13/02/2013 - 16:47:29 - [5,901] ----D C:\Program Files\Internet Explorer
O43 - CFD: 27/10/2011 - 19:14:09 - [172,028] ----D C:\Program Files\Java
O43 - CFD: 25/02/2011 - 18:08:25 - [15,541] ----D C:\Program Files\JRE
O43 - CFD: 24/11/2010 - 13:11:42 - [0,078] ----D C:\Program Files\Lenovo
O43 - CFD: 11/01/2013 - 23:25:11 - [12,156] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 10/02/2011 - 16:54:02 - [2,541] ----D C:\Program Files\Microsoft
O43 - CFD: 02/11/2006 - 13:37:34 - [0,001] ----D C:\Program Files\Microsoft Games
O43 - CFD: 11/02/2013 - 19:55:24 - [4,587] ----D C:\Program Files\Microsoft Office
O43 - CFD: 13/05/2012 - 09:01:32 - [41,992] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 07/05/2009 - 17:20:52 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 06/11/2011 - 11:01:05 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 26/01/2012 - 20:39:43 - [143,674] ----D C:\Program Files\Microsoft Works
O43 - CFD: 11/02/2013 - 19:55:24 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 16/08/2010 - 01:06:49 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 12/02/2013 - 19:31:48 - [0,004] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 18/12/2011 - 19:33:10 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 03/04/2007 - 17:52:08 - [46,728] ----D C:\Program Files\NewTech Infosystems
O43 - CFD: 12/02/2013 - 18:58:26 - [125,101] ----D C:\Program Files\Norton 360
O43 - CFD: 02/11/2008 - 11:55:35 - [4,922] R---D C:\Program Files\Norton Support
O43 - CFD: 12/02/2013 - 18:58:14 - [13,749] ----D C:\Program Files\NortonInstaller
O43 - CFD: 26/05/2010 - 13:22:44 - [20,262] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 25/02/2011 - 18:08:23 - [368,596] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 26/07/2011 - 11:46:50 - [4,298] ----D C:\Program Files\oZone3D
O43 - CFD: 07/06/2011 - 17:32:32 - [5,049] ----D C:\Program Files\PowerTracks DirectX Plugins
O43 - CFD: 09/05/2011 - 17:29:58 - [27,100] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:34 - [36,910] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 11/12/2009 - 14:35:40 - [5,325] ----D C:\Program Files\Roland
O43 - CFD: 03/01/2009 - 16:09:44 - [190,406] ----D C:\Program Files\Samsung
O43 - CFD: 06/01/2013 - 12:22:00 - [0,879] ----D C:\Program Files\Secunia
O43 - CFD: 17/01/2013 - 21:05:12 - [-992,826] ----D C:\Program Files\SEGA
O43 - CFD: 28/02/2010 - 13:28:21 - [-1531,388] ----D C:\Program Files\Sierra
O43 - CFD: 25/11/2012 - 15:19:37 - [0,455] ----D C:\Program Files\Slowin Killer
O43 - CFD: 15/02/2013 - 11:39:09 - [5,409] ----D C:\Program Files\SpeedFan
O43 - CFD: 01/03/2012 - 17:38:42 - [37,251] ----D C:\Program Files\Spotify
O43 - CFD: 15/02/2013 - 18:54:04 - [5,474] ----D C:\Program Files\SpywareBlaster
O43 - CFD: 19/02/2012 - 11:14:53 - [0,325] ----D C:\Program Files\SpywareGuard
O43 - CFD: 03/06/2012 - 10:31:49 - [792,592] ----D C:\Program Files\Steam
O43 - CFD: 12/02/2013 - 18:58:42 - [0] ----D C:\Program Files\Symantec
O43 - CFD: 12/09/2009 - 17:05:31 - [1,079] ----D C:\Program Files\Ubi Soft
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 16/02/2011 - 14:13:25 - [0,002] ----D C:\Program Files\Webtarot
O43 - CFD: 27/05/2009 - 16:02:44 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 27/05/2009 - 16:02:44 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 27/05/2009 - 16:02:42 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 30/03/2011 - 13:06:59 - [181,545] ----D C:\Program Files\Windows Live
O43 - CFD: 11/04/2012 - 17:01:06 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 13/02/2013 - 17:29:28 - [4,394] ----D C:\Program Files\Windows Media Player
O43 - CFD: 24/09/2008 - 16:02:06 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 27/05/2009 - 16:02:43 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 28/10/2009 - 11:56:37 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 24/10/2011 - 15:47:04 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 08/02/2012 - 14:00:15 - [4,008] ----D C:\Program Files\WinRAR
O43 - CFD: 03/04/2009 - 17:56:42 - [0,098] ----D C:\Program Files\WMV9_VCM
O43 - CFD: 19/12/2011 - 10:40:49 - [103,911] ----D C:\Program Files\Woonoz
O43 - CFD: 06/11/2011 - 11:01:06 - [0,214] ----D C:\Program Files\Yahoo!
O43 - CFD: 16/02/2013 - 00:59:03 - [11,465] ----D C:\Program Files\ZHPDiag
O43 - CFD: 06/01/2013 - 13:03:41 - [3,878] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 03/04/2007 - 18:08:52 - [9,554] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 24/09/2008 - 15:56:54 - [40,761] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 28/09/2010 - 19:49:29 - [1,202] ----D C:\Program Files\Common Files\Java
O43 - CFD: 03/04/2007 - 17:51:39 - [6,815] ----D C:\Program Files\Common Files\LightScribe
O43 - CFD: 11/02/2013 - 19:52:22 - [0,307] ----D C:\Program Files\Common Files\Memeo
O43 - CFD: 11/02/2013 - 19:55:24 - [51,456] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 03/04/2007 - 17:51:13 - [9,257] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 03/04/2007 - 17:52:10 - [2,179] ----D C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 05/02/2010 - 23:48:12 - [0,100] ----D C:\Program Files\Common Files\Steam
O43 - CFD: 13/02/2013 - 16:47:21 - [3,369] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 11/02/2013 - 19:54:07 - [14,328] ----D C:\Program Files\Common Files\System
O43 - CFD: 09/04/2009 - 14:06:58 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 29/09/2008 - 17:19:09 - [18,172] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD: 07/01/2013 - 08:55:25 - [134,049] ----D C:\ProgramData\Adobe
O43 - CFD: 19/10/2011 - 12:03:02 - [0,001] ----D C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 10/11/2011 - 20:30:05 - [1,108] ----D C:\ProgramData\ATI
O43 - CFD: 24/09/2008 - 16:02:06 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 09/07/2012 - 15:18:48 - [0] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 10/06/2011 - 16:07:57 - [0,017] ----D C:\ProgramData\ClubSanDisk
O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 24/11/2010 - 16:02:48 - [0,000] ----D C:\ProgramData\Driver Whiz
O43 - CFD: 18/09/2009 - 11:17:15 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 17/08/2011 - 12:32:39 - [0,137] ----D C:\ProgramData\EPSON
O43 - CFD: 18/12/2011 - 19:23:08 - [0,000] ----D C:\ProgramData\eSobi
O43 - CFD: 24/09/2008 - 16:02:06 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 11/01/2012 - 19:07:41 - [0] ----D C:\ProgramData\Google
O43 - CFD: 24/09/2008 - 15:57:17 - [0,185] --HAD C:\ProgramData\GTek
O43 - CFD: 24/09/2008 - 15:56:55 - [0,000] ----D C:\ProgramData\Intel
O43 - CFD: 23/11/2011 - 17:21:39 - [1,795] ----D C:\ProgramData\IObit
O43 - CFD: 18/12/2010 - 19:46:10 - [0,000] ----D C:\ProgramData\Lavasoft
O43 - CFD: 18/12/2010 - 19:59:30 - [16,420] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/09/2008 - 16:02:06 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 11/02/2013 - 19:55:24 - [206,507] -S--D C:\ProgramData\Microsoft
O43 - CFD: 11/02/2013 - 19:56:09 - [0,016] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 24/09/2008 - 16:02:06 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 23/06/2012 - 15:26:21 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 13/02/2013 - 15:50:23 - [305,115] ----D C:\ProgramData\Norton
O43 - CFD: 04/11/2011 - 15:07:40 - [15,832] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 09/05/2011 - 17:22:02 - [0,263] ----D C:\ProgramData\NVIDIA
O43 - CFD: 21/08/2011 - 17:20:49 - [0,000] ----D C:\ProgramData\PassMark
O43 - CFD: 17/10/2008 - 19:48:45 - [0] ----D C:\ProgramData\PCSettings
O43 - CFD: 23/11/2011 - 18:51:28 - [0,000] ----D C:\ProgramData\QFX Software
O43 - CFD: 29/11/2011 - 20:47:52 - [0,014] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 22/05/2010 - 16:54:46 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 22/09/2012 - 14:50:23 - [0,000] ----D C:\ProgramData\Symantec
O43 - CFD: 18/12/2011 - 21:56:38 - [0] ----D C:\ProgramData\Symantec Temporary Files
O43 - CFD: 15/02/2013 - 18:54:13 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 14:02:04 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 29/11/2008 - 00:50:55 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 24/10/2011 - 15:47:07 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 29/09/2008 - 17:17:56 - [0,582] ----D C:\ProgramData\WLInstaller
O43 - CFD: 28/10/2008 - 21:10:54 - [0,002] ----D C:\ProgramData\Xerox
O43 - CFD: 08/07/2012 - 13:47:25 - [0,003] ----D C:\Users\Hugues2\AppData\Roaming\addpcs
O43 - CFD: 06/01/2013 - 13:05:57 - [3,011] ----D C:\Users\Hugues2\AppData\Roaming\Adobe
O43 - CFD: 08/11/2011 - 16:21:40 - [0] ----D C:\Users\Hugues2\AppData\Roaming\AdobeUM
O43 - CFD: 01/11/2011 - 18:47:54 - [0] ----D C:\Users\Hugues2\AppData\Roaming\ATI
O43 - CFD: 30/01/2013 - 13:17:49 - [0,047] ----D C:\Users\Hugues2\AppData\Roaming\Auslogics
O43 - CFD: 12/06/2012 - 17:32:23 - [1,568] ----D C:\Users\Hugues2\AppData\Roaming\BitTorrent
O43 - CFD: 09/07/2012 - 15:18:48 - [0] ----D C:\Users\Hugues2\AppData\Roaming\Canneverbe Limited
O43 - CFD: 12/09/2012 - 11:49:55 - [0,021] ----D C:\Users\Hugues2\AppData\Roaming\codeblocks
O43 - CFD: 18/12/2011 - 19:22:59 - [0] ----D C:\Users\Hugues2\AppData\Roaming\eSobi
O43 - CFD: 22/08/2012 - 18:47:45 - [0,003] ----D C:\Users\Hugues2\AppData\Roaming\FUJIFILM
O43 - CFD: 23/06/2012 - 16:41:04 - [0,000] ----D C:\Users\Hugues2\AppData\Roaming\Groovedown
O43 - CFD: 24/09/2008 - 15:57:18 - [0] --H-D C:\Users\Hugues2\AppData\Roaming\GTek
O43 - CFD: 29/08/2012 - 09:22:51 - [0,004] ----D C:\Users\Hugues2\AppData\Roaming\HD Tune Pro
O43 - CFD: 01/11/2011 - 18:47:32 - [0] ----D C:\Users\Hugues2\AppData\Roaming\Identities
O43 - CFD: 23/06/2012 - 20:20:31 - [233,174] ----D C:\Users\Hugues2\AppData\Roaming\IObit
O43 - CFD: 04/07/2012 - 11:52:38 - [0,003] ----D C:\Users\Hugues2\AppData\Roaming\Leadertech
O43 - CFD: 01/11/2011 - 18:47:52 - [0,000] ----D C:\Users\Hugues2\AppData\Roaming\Macromedia
O43 - CFD: 30/11/2011 - 19:57:57 - [0,000] ----D C:\Users\Hugues2\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Hugues2\AppData\Roaming\Media Center Programs
O43 - CFD: 11/02/2013 - 19:52:18 - [0,084] ----D C:\Users\Hugues2\AppData\Roaming\Memeo
O43 - CFD: 15/01/2013 - 10:24:49 - [9,358] -S--D C:\Users\Hugues2\AppData\Roaming\Microsoft
O43 - CFD: 26/11/2011 - 15:35:04 - [2,180] ----D C:\Users\Hugues2\AppData\Roaming\OpenOffice.org
O43 - CFD: 14/10/2012 - 10:03:24 - [0] ----D C:\Users\Hugues2\AppData\Roaming\PeerNetworking
O43 - CFD: 25/11/2011 - 19:18:06 - [0,000] ----D C:\Users\Hugues2\AppData\Roaming\QFX Software
O43 - CFD: 04/11/2011 - 17:54:36 - [0,107] ----D C:\Users\Hugues2\AppData\Roaming\Reviversoft
O43 - CFD: 15/06/2012 - 11:27:46 - [0] ----D C:\Users\Hugues2\AppData\Roaming\Samsung
O43 - CFD: 01/11/2011 - 19:14:05 - [0,008] ----D C:\Users\Hugues2\AppData\Roaming\Template
O43 - CFD: 24/01/2012 - 19:17:42 - [60,314] ----D C:\Users\Hugues2\AppData\Roaming\The Creative Assembly
O43 - CFD: 10/11/2011 - 18:25:51 - [0,024] ----D C:\Users\Hugues2\AppData\Roaming\Tific
O43 - CFD: 13/01/2012 - 19:58:42 - [0,001] ----D C:\Users\Hugues2\AppData\Roaming\vlc
O43 - CFD: 08/02/2012 - 14:00:38 - [0,000] ----D C:\Users\Hugues2\AppData\Roaming\WinRAR
O43 - CFD: 01/03/2012 - 17:42:32 - [0] ----D C:\Users\Hugues2\AppData\Roaming\YoWindow
O43 - CFD: 02/11/2011 - 17:14:06 - [15,030] ----D C:\Users\Hugues2\AppData\Local\Adobe
O43 - CFD: 08/11/2011 - 20:50:35 - [0] ----D C:\Users\Hugues2\AppData\Local\Apple
O43 - CFD: 01/11/2011 - 18:46:12 - [0] ----D C:\Users\Hugues2\AppData\Local\Application Data
O43 - CFD: 25/11/2011 - 17:44:24 - [0] ----D C:\Users\Hugues2\AppData\Local\Apps
O43 - CFD: 01/11/2011 - 18:47:54 - [0,068] ----D C:\Users\Hugues2\AppData\Local\ATI
O43 - CFD: 11/02/2013 - 19:49:08 - [0] ----D C:\Users\Hugues2\AppData\Local\Cockatrice
O43 - CFD: 06/12/2012 - 01:06:46 - [0] ----D C:\Users\Hugues2\AppData\Local\CrashDumps
O43 - CFD: 11/01/2012 - 19:07:41 - [0] ----D C:\Users\Hugues2\AppData\Local\Google
O43 - CFD: 13/01/2013 - 15:41:17 - [233,900] ----D C:\Users\Hugues2\AppData\Local\Microsoft
O43 - CFD: 27/09/2008 - 16:17:19 - [0] ----D C:\Users\Hugues2\AppData\Local\Microsoft Help
O43 - CFD: 09/01/2013 - 17:11:34 - [1,310] ----D C:\Users\Hugues2\AppData\Local\MicrosoftStore
O43 - CFD: 31/08/2012 - 14:31:27 - [0,001] ----D C:\Users\Hugues2\AppData\Local\MigWiz
O43 - CFD: 23/06/2012 - 15:26:24 - [0] ----D C:\Users\Hugues2\AppData\Local\Mozilla
O43 - CFD: 15/02/2013 - 19:45:47 - [20,517] ----D C:\Users\Hugues2\AppData\Local\NPE
O43 - CFD: 13/01/2012 - 19:52:51 - [0] ----D C:\Users\Hugues2\AppData\Local\PackageAware
O43 - CFD: 28/04/2012 - 17:22:18 - [0] ----D C:\Users\Hugues2\AppData\Local\PowerCinema
O43 - CFD: 17/11/2012 - 18:35:09 - [0,000] ----D C:\Users\Hugues2\AppData\Local\Proxure
O43 - CFD: 06/01/2013 - 12:22:12 - [0] ----D C:\Users\Hugues2\AppData\Local\Secunia PSI
O43 - CFD: 10/11/2011 - 18:25:48 - [0,001] ----D C:\Users\Hugues2\AppData\Local\Symantec
O43 - CFD: 16/02/2013 - 00:58:37 - [0,046] ----D C:\Users\Hugues2\AppData\Local\Temp
O43 - CFD: 18/11/2011 - 14:20:31 - [3,344] ----D C:\Users\Hugues2\AppData\Local\Tific
O43 - CFD: 01/12/2011 - 18:25:43 - [0,000] ----D C:\Users\Hugues2\AppData\Local\VirtualStore
O43 - CFD: 05/07/2012 - 20:56:37 - [0,199] ----D C:\Users\Hugues2\AppData\Local\Windows Live
O43 - CFD: 13/02/2013 - 23:41:39 - [0,015] R---D C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 01/11/2011 - 18:47:37 - [0,000] R---D C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/10/2008 - 19:52:20 - [0,001] R---D C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/02/2013 - 18:59:31 - [0,001] ----D C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
O43 - CFD: 26/02/2012 - 13:28:06 - [0,000] R---D C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 08/02/2012 - 14:00:15 - [0,002] ----D C:\Users\Hugues2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 06s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.C7A98F522F1D22FE89AFA6659EEAD52F] - 16/02/2013 - 00:49:40 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1883440]
O44 - LFC:[MD5.E0CDF00FAE5547B6B8C96D1E0168A58E] - 16/02/2013 - 00:46:09 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.7C15D169A6750A31C7A55C7E70F5F620] - 15/02/2013 - 23:35:31 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [400184]
O44 - LFC:[MD5.2EBA1477C3206501079A147556AF3B29] - 15/02/2013 - 23:34:41 ---A- . (...) -- C:\Windows\PFRO.log [344]
O44 - LFC:[MD5.1E8016330A58F698C5A1CFDDFA1556C4] - 15/02/2013 - 10:03:21 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1503898]
O44 - LFC:[MD5.E1F70C530368F941F3E115D6DF2376F9] - 15/02/2013 - 10:03:21 ---A- . (...) -- C:\Windows\System32\perfc009.dat [104954]
O44 - LFC:[MD5.0E51F9F0497043CAA99E66DD15630202] - 15/02/2013 - 10:03:21 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127536]
O44 - LFC:[MD5.77FD29C3A64F870C2FAAE7C55463FDD8] - 15/02/2013 - 10:03:21 ---A- . (...) -- C:\Windows\System32\perfh009.dat [598940]
O44 - LFC:[MD5.CD20933C2999FA33933FA9EE7E960436] - 15/02/2013 - 10:03:21 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [681798]
O44 - LFC:[MD5.8378774ABC9CAA2C60B298AE0C084FB7] - 12/02/2013 - 18:58:42 ---A- . (...) -- C:\Windows\System32\Drivers\SYMEVENT.CAT [7446]
O44 - LFC:[MD5.2A8DCC2EC2AC5C0588F818B16E606CED] - 12/02/2013 - 18:58:42 ---A- . (...) -- C:\Windows\System32\Drivers\SYMEVENT.INF [806]
O44 - LFC:[MD5.C940F10C31E2C60CC967FFD6A370720C] - 12/02/2013 - 18:58:42 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\Drivers\SYMEVENT.SYS [142496]
O44 - LFC:[MD5.377834A9909097B9733F840C2FE2D12B] - 11/02/2013 - 19:54:07 ---A- . (...) -- C:\Windows\win.ini [128]
O44 - LFC:[MD5.680CE43141FB1F432CD375063450E0C0] - 20/01/2013 - 10:27:29 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [697864]
O44 - LFC:[MD5.72AC0DB22D016619E0AD3F9C411B9738] - 20/01/2013 - 10:27:29 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [74248]
~ Scan Files in 00mn 11s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.7BB95A0673FF3BF9AB375897453101CD] - 02/02/2013 - 13:37:18 ---A- - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-224001376-1006615189-1975643287-1003.snp.db
O45 - LFCP:[MD5.0F764A73B4A62E120EAE4F420BACA488] - 02/02/2013 - 13:37:37 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-224001376-1006615189-1975643287-1003.db
O45 - LFCP:[MD5.04621720ED4D3E74A34D59D37BFBB21F] - 02/02/2013 - 13:37:37 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-224001376-1006615189-1975643287-1003.db
O45 - LFCP:[MD5.D3C179DB65D541546388D2AB80425737] - 12/02/2013 - 22:07:46 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-224001376-1006615189-1975643287-1001.db
O45 - LFCP:[MD5.5F5A7D67E77262136D2CD9D432966122] - 12/02/2013 - 22:07:46 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-224001376-1006615189-1975643287-1001.db
O45 - LFCP:[MD5.BCF69F803F0957F2F89DD171086AC7B2] - 13/02/2013 - 18:07:32 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-224001376-1006615189-1975643287-500.snp.db
O45 - LFCP:[MD5.59F6FEDA30F4782FE85B3E5DEE6F1C1E] - 13/02/2013 - 18:10:16 ---A- - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-224001376-1006615189-1975643287-1001.snp.db
O45 - LFCP:[MD5.897BF481F44CBAE0C299A2F18BCBFC4A] - 13/02/2013 - 18:27:33 ---A- - C:\Windows\Prefetch\AgCx_SC3_E2A1D5CB.db
O45 - LFCP:[MD5.81669B636CE5B6BAC18E07537CEE03D3] - 13/02/2013 - 18:38:39 ---A- - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-224001376-1006615189-1975643287-500.snp.db
O45 - LFCP:[MD5.5867E4E595C465D686040C26D8A5C527] - 13/02/2013 - 18:40:19 ---A- - C:\Windows\Prefetch\AgCx_SC3_737FCB8B.db
O45 - LFCP:[MD5.1E37229631EF315B78C6D55FD03AB99D] - 13/02/2013 - 19:12:34 ---A- - C:\Windows\Prefetch\CCLEANER.EXE-37365492.pf
O45 - LFCP:[MD5.502D964C6E30AE5BE242D7B332EB310E] - 13/02/2013 - 19:13:35 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6FCDC72B.pf
O45 - LFCP:[MD5.1254813F927D8256FBF72BCC63A77083] - 13/02/2013 - 23:27:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-03923A36.pf
O45 - LFCP:[MD5.EDFF25C90B4DB163D709971FEED40961] - 13/02/2013 - 23:27:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E58841A6.pf
O45 - LFCP:[MD5.52FFA1BB81314E8125FC3222703EE401] - 13/02/2013 - 23:40:26 ---A- - C:\Windows\Prefetch\BULLETSPASSVIEW-1-25-EN-WIN.E-1E02A2A9.pf
O45 - LFCP:[MD5.9112F965DC21D8A6002487A4AE10036C] - 13/02/2013 - 23:46:18 ---A- - C:\Windows\Prefetch\BULLETSPASSVIEW.EXE-A2CC06FD.pf
O45 - LFCP:[MD5.FA9D489337488BD8F26BC28EE8C84D12] - 13/02/2013 - 23:47:19 ---A- - C:\Windows\Prefetch\UNINST.EXE-377E74B1.pf
O45 - LFCP:[MD5.CCB29DD4DEC3A201C942526B2C98C69B] - 14/02/2013 - 00:09:23 ---A- - C:\Windows\Prefetch\NET.EXE-DF44F913.pf
O45 - LFCP:[MD5.D34B0B801AC5A43AB528EFC1A25FB036] - 14/02/2013 - 00:09:23 ---A- - C:\Windows\Prefetch\NET1.EXE-849DA590.pf
O45 - LFCP:[MD5.B3CC640E06D57278AC9DE195A34BEBA7] - 14/02/2013 - 10:27:51 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf
O45 - LFCP:[MD5.4A302A5B5897445D766CE6888DF2FD20] - 14/02/2013 - 11:31:29 ---A- - C:\Windows\Prefetch\CDMKR32.EXE-3BB1E0CC.pf
O45 - LFCP:[MD5.D17D382FEE9979739DF3AD5FE8599964] - 14/02/2013 - 12:00:32 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-58F0A49D.pf
O45 - LFCP:[MD5.ED1C33C3A4482FC581C6530E83D16979] - 14/02/2013 - 17:49:59 ---A- - C:\Windows\Prefetch\OPHCRACK-WIN32-INSTALLER-3.4.-9E6AE145.pf
O45 - LFCP:[MD5.9273C70F1F1874502515808C30AA1AD0] - 14/02/2013 - 17:55:11 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-655FBCC4.pf
O45 - LFCP:[MD5.84309C332C36598F29575C1BF0D4F693] - 14/02/2013 - 17:55:11 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E9876B04.pf
O45 - LFCP:[MD5.776BDD8E88C7B889FB5F1194A377CB9E] - 14/02/2013 - 18:53:44 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B8BD8672.pf
O45 - LFCP:[MD5.8F6A8844A28A8B1D713C3C31B9F50111] - 14/02/2013 - 18:58:55 ---A- - C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf
O45 - LFCP:[MD5.C9CB65F818D8604AC7D7E25B1A7B5D5B] - 14/02/2013 - 19:12:19 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-C2B8534F.pf
O45 - LFCP:[MD5.B17905D4F7D8E746C3A079CDF543BD38] - 14/02/2013 - 19:40:46 ---A- - C:\Windows\Prefetch\MEMCHECK.EXE-097EA243.pf
O45 - LFCP:[MD5.401CCEB368153750EB66F664BF2457B6] - 14/02/2013 - 19:47:02 ---A- - C:\Windows\Prefetch\OPHCRACK.EXE-7F65CFEC.pf
O45 - LFCP:[MD5.48745B5ED36D2DC66B927B611549E7D0] - 14/02/2013 - 20:29:08 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.5D76EF32F4709356BE6FCC6EDEC1DB38] - 14/02/2013 - 22:20:26 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf
O45 - LFCP:[MD5.31489AFC384B7B631FEB70A1DD83E36F] - 14/02/2013 - 22:20:31 ---A- - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf
O45 - LFCP:[MD5.545ACFE3F7D1F23FC97B2F76ABD9070F] - 14/02/2013 - 22:20:42 ---A- - C:\Windows\Prefetch\ASOELNCH.EXE-0D3817D9.pf
O45 - LFCP:[MD5.7A6C73B0FA3D69203D94F3AAC873ECC9] - 14/02/2013 - 23:37:03 ---A- - C:\Windows\Prefetch\ERECOVERYSERVICE.EXE-42F19B34.pf
O45 - LFCP:[MD5.BCE29B465AA15FFC1C713482427DB3BB] - 14/02/2013 - 23:37:03 ---A- - C:\Windows\Prefetch\SEAPORT.EXE-61743F47.pf
O45 - LFCP:[MD5.F7A70BC4834720F9F2F62A3A479F9BD2] - 14/02/2013 - 23:37:03 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-9EFC97F2.pf
O45 - LFCP:[MD5.4D4F1C0EA83F6304B51FD947F838269F] - 14/02/2013 - 23:37:10 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A2B6AE05.pf
O45 - LFCP:[MD5.92951D1615C5BE8D39BBE07A50864B81] - 14/02/2013 - 23:45:47 ---A- - C:\Windows\Prefetch\NAVW32.EXE-CCAAE540.pf
O45 - LFCP:[MD5.56192ED895A03E88258DA70F6133A870] - 14/02/2013 - 23:55:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1797FD69.pf
O45 - LFCP:[MD5.808C28CAB15C6D774552A8F8DEDEF6ED] - 14/02/2013 - 23:55:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B54174B1.pf
O45 - LFCP:[MD5.A4075DC2FFFAEBF7848E50ECF20C91DE] - 15/02/2013 - 00:01:16 ---A- - C:\Windows\Prefetch\USBFIX.EXE-2317488C.pf
O45 - LFCP:[MD5.64140C150B7AE19931DB7615B80F588D] - 15/02/2013 - 00:11:05 ---A- - C:\Windows\Prefetch\ROGUEKILLER.EXE-122000B7.pf
O45 - LFCP:[MD5.BFA033427E571F0E54C29B0D5F106BC2] - 15/02/2013 - 00:12:18 ---A- - C:\Windows\Prefetch\TDSSKILLER.EXE-2B0DE29B.pf
O45 - LFCP:[MD5.22511A965C6E3209ECA6539AE0F76DD5] - 15/02/2013 - 00:16:11 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BD2B28D7.pf
O45 - LFCP:[MD5.60F6B2C7B126CEC78DE7A5F7FDE3D3F7] - 15/02/2013 - 00:16:43 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf
O45 - LFCP:[MD5.F7E6A81DC3A36E16DEABCD1D901E19DA] - 15/02/2013 - 00:16:48 ---A- - C:\Windows\Prefetch\AU_.EXE-6FC2B6AC.pf
O45 - LFCP:[MD5.E7FBD2DD872438D67FA69534C1CE0538] - 15/02/2013 - 00:16:48 ---A- - C:\Windows\Prefetch\UN-USBFIX.EXE-5AFDA635.pf
O45 - LFCP:[MD5.DDE48F4C0EDE49B467B409173BC4CD53] - 15/02/2013 - 00:16:56 ---A- - C:\Windows\Prefetch\UPDATE_USBFIX.EXE-38D6E696.pf
O45 - LFCP:[MD5.C61B2FA3393F490E0966D34CEE3C055B] - 15/02/2013 - 00:22:56 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6E96A864.pf
O45 - LFCP:[MD5.AE659A9AD235435077515B37C24011D1] - 15/02/2013 - 00:23:07 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1B826072.pf
O45 - LFCP:[MD5.430791B411FEA001D6ED335A5917E79E] - 15/02/2013 - 00:39:02 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-FEB6D051.pf
O45 - LFCP:[MD5.2F5F66981CF05C9F87CFFB347C4D533E] - 15/02/2013 - 00:41:36 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-B2E51257.pf
O45 - LFCP:[MD5.80A809126057105814DA2E0AD79F7F61] - 15/02/2013 - 01:22:02 ---A- - C:\Windows\Prefetch\NPE.EXE-87EC90CE.pf
O45 - LFCP:[MD5.0EE05655D993AF0D66E358F8D7B4BC52] - 15/02/2013 - 09:55:39 ---A- - C:\Windows\Prefetch\ACER.EMPOWERING.FRAMEWORK.SUP-54963495.pf
O45 - LFCP:[MD5.D128F1958EC8BE742D21867437432276] - 15/02/2013 - 09:56:22 ---A- - C:\Windows\Prefetch\MSCONFIG.EXE-3A52734E.pf
O45 - LFCP:[MD5.5D9EC86F213C7E0CA6599E95DAD42BA5] - 15/02/2013 - 10:02:19 ---A- - C:\Windows\Prefetch\NAVW32.EXE-500D212D.pf
O45 - LFCP:[MD5.8C6B960DC6F2CF592A7F585C39219DB7] - 15/02/2013 - 10:06:27 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:[MD5.63E54FE5D4A686233B6441C4868B51A3] - 15/02/2013 - 10:06:36 ---A- - C:\Windows\Prefetch\WSCRIPT.EXE-52CF1F0C.pf
O45 - LFCP:[MD5.31C7E9590071951783312455DBA8A5C8] - 15/02/2013 - 10:06:39 ---A- - C:\Windows\Prefetch\GREP.COM-A0F2EC80.pf
O45 - LFCP:[MD5.B93B66C33F9E4DF87C1C0DA15368363D] - 15/02/2013 - 10:07:29 ---A- - C:\Windows\Prefetch\USBFIX.EXE-C567E5E3.pf
O45 - LFCP:[MD5.2F7EA380CBD5C802331B16E97AD23271] - 15/02/2013 - 10:07:38 ---A- - C:\Windows\Prefetch\GO.EXE-0A7DE786.pf
O45 - LFCP:[MD5.E47B92CC2A261B452D072A89FC46C2F7] - 15/02/2013 - 10:08:35 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BBC02690.pf
O45 - LFCP:[MD5.E2C5B24B6E2AA9D2CC163F778C9CB600] - 15/02/2013 - 10:08:38 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-92681913.pf
O45 - LFCP:[MD5.162F0B1C746AAE15C603EA54DB25AA2A] - 15/02/2013 - 10:08:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A3FFBBC2.pf
O45 - LFCP:[MD5.8CC4167DF0196A3FA1F8E5FEEF8EF2C5] - 15/02/2013 - 10:08:49 ---A- - C:\Windows\Prefetch\SLSVC.EXE-53F2276F.pf
O45 - LFCP:[MD5.A62BF87753474FCA4D6407734BADF7AD] - 15/02/2013 - 11:35:34 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-86E0E9B9.pf
O45 - LFCP:[MD5.F233DA7B6F124628C068A34C95BAD1AD] - 15/02/2013 - 11:38:23 ---A- - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf
O45 - LFCP:[MD5.740B74E4D1B07D4F9A21CDF218CCCD07] - 15/02/2013 - 11:39:19 ---A- - C:\Windows\Prefetch\SPEEDFAN.EXE-DA70FAF2.pf
O45 - LFCP:[MD5.F6D592ADEB513E848E48174977F4F094] - 15/02/2013 - 12:44:26 ---A- - C:\Windows\Prefetch\SCRNSAVE.SCR-51176AA7.pf
O45 - LFCP:[MD5.739BFE6DD90E2C30B577995C4B380481] - 15/02/2013 - 13:12:41 ---A- - C:\Windows\Prefetch\ONLINECMDLINESCANNER.EXE-8ADAC576.pf
O45 - LFCP:[MD5.CEA812F737230BE3644A794C02CBB1E4] - 15/02/2013 - 13:14:31 ---A- - C:\Windows\Prefetch\DISKDEFRAG.EXE-1EF2B5F6.pf
O45 - LFCP:[MD5.F24B5E40E492E51FFBF164C7DB10DF7F] - 15/02/2013 - 13:16:03 ---A- - C:\Windows\Prefetch\ESETSMARTINSTALLER_FRA.EXE-AA2167B4.pf
O45 - LFCP:[MD5.D4FE6F3F91608E8520BCA07B3516D41E] - 15/02/2013 - 13:16:26 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf
O45 - LFCP:[MD5.480F045A0CA6531FB45FD3D0367F3701] - 15/02/2013 - 13:16:33 ---A- - C:\Windows\Prefetch\ONLINESCANNERAPP.EXE-47AF3687.pf
O45 - LFCP:[MD5.C6A5810D7F961FDE6CB4CBB75869D7B0] - 15/02/2013 - 13:24:28 ---A- - C:\Windows\Prefetch\AD-R.EXE-B1326EC2.pf
O45 - LFCP:[MD5.74CBDEC26665BEFDA0419019C484A85C] - 15/02/2013 - 13:31:15 ---A- - C:\Windows\Prefetch\AgCx_SC3_7E52D393.db
O45 - LFCP:[MD5.B562817C831348EC19CAA10EC2A470C7] - 15/02/2013 - 13:32:57 ---A- - C:\Windows\Prefetch\MAIN.EXE-6B3CA411.pf
O45 - LFCP:[MD5.EE604E5A8AE231F560878DE3582A545F] - 15/02/2013 - 13:55:14 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-224001376-1006615189-1975643287-1006.snp.db
O45 - LFCP:[MD5.9AF9FB915622262836F21A3617F35141] - 15/02/2013 - 13:55:46 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6BCB9FAA.pf
O45 - LFCP:[MD5.3B9D499C725078F0BB7D17287655BD3A] - 15/02/2013 - 13:55:55 ---A- - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-224001376-1006615189-1975643287-1003.snp.db
O45 - LFCP:[MD5.F2B50F1E032CBA6D040921563B014CBF] - 15/02/2013 - 13:57:02 ---A- - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-224001376-1006615189-1975643287-1007.snp.db
O45 - LFCP:[MD5.281C4D17100430D7C6DD2EDF48D5E048] - 15/02/2013 - 14:07:45 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf
O45 - LFCP:[MD5.7F9A8DA7FCCD4705C3DC0BE6AEF8B1A3] - 15/02/2013 - 14:14:30 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf
O45 - LFCP:[MD5.3E18E48CB46101C219FC64A2E430A462] - 15/02/2013 - 18:06:36 ---A- - C:\Windows\Prefetch\CLTRT.EXE-CD97074D.pf
O45 - LFCP:[MD5.C0A81D36482D79D6ACCA7E3D7C4B7E46] - 15/02/2013 - 18:54:43 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:[MD5.41B7DD4475F9180EAF06651A7CA13EFD] - 15/02/2013 - 18:55:44 ---A- - C:\Windows\Prefetch\SYSTEMPROPERTIESPERFORMANCE.E-9C40C7D4.pf
O45 - LFCP:[MD5.09B543D938CB0FC9F7D82428CB2DF0F7] - 15/02/2013 - 19:02:46 ---A- - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-224001376-1006615189-1975643287-1006.snp.db
O45 - LFCP:[MD5.D2F8687BB407BA9AC5BD2192E0EC2FC1] - 15/02/2013 - 19:04:11 ---A- - C:\Windows\Prefetch\AgCx_SC3_B851BB31.db
O45 - LFCP:[MD5.96D5B8EB8B89655DC572EA35737EC92B] - 15/02/2013 - 19:04:42 ---A- - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-224001376-1006615189-1975643287-1003.snp.db
O45 - LFCP:[MD5.3CA71B29D52DD1135C864CA219F3D84E] - 15/02/2013 - 19:04:42 ---A- - C:\Windows\Prefetch\CSRSS.EXE-3FE41F7E.pf
O45 - LFCP:[MD5.6B041435E7B80FDE419680B7F4F2BAC4] - 15/02/2013 - 19:04:43 ---A- - C:\Windows\Prefetch\SMSS.EXE-E9C28FC6.pf
O45 - LFCP:[MD5.E7953465DDA16316986325DCD37730EE] - 15/02/2013 - 19:04:51 ---A- - C:\Windows\Prefetch\WINLOGON.EXE-B020DC41.pf
O45 - LFCP:[MD5.5CC18FC6E7213B95D0669E4B8A6275A8] - 15/02/2013 - 19:06:09 ---A- - C:\Windows\Prefetch\AgCx_SC3_2F8BC0B4.db
O45 - LFCP:[MD5.F24D447C36FCD7A63D180CC4EFD6717C] - 15/02/2013 - 19:10:00 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf
O45 - LFCP:[MD5.2C144DF70015979FCA45276CA0416A52] - 15/02/2013 - 19:12:37 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf
O45 - LFCP:[MD5.C56ECC3C9A88157FC5E740A6FBFFBBFD] - 15/02/2013 - 19:12:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-FEDB32D0.pf
O45 - LFCP:[MD5.525C7EAF92502CFF760B7BE1E07EAF29] - 15/02/2013 - 19:43:30 ---A- - C:\Windows\Prefetch\NPE.EXE-7717ED91.pf
O45 - LFCP:[MD5.C7370669749E0E3BBEE12371A15D9845] - 15/02/2013 - 20:15:31 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-224001376-1006615189-1975643287-1006.db
O45 - LFCP:[MD5.7AAB75F7D490059C19023E272764E6C5] - 15/02/2013 - 20:15:31 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-224001376-1006615189-1975643287-1006.db
O45 - LFCP:[MD5.A71CAF5867EC7E25358C122AD9A389CD] - 15/02/2013 - 20:30:46 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7FAA2E4C.pf
O45 - LFCP:[MD5.033402E0CDBF4F800DD2A32516A9539C] - 15/02/2013 - 20:42:29 ---A- - C:\Windows\Prefetch\LADS.EXE-3D3801BD.pf
O45 - LFCP:[MD5.50997AD24BA63441A5D36E47BF2374FA] - 15/02/2013 - 20:43:14 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-3D06E09F.pf
O45 - LFCP:[MD5.CEF1C7A80B83EA6F29046C3C58653E0D] - 15/02/2013 - 20:43:17 ---A- - C:\Windows\Prefetch\MBR.EXE-3DE60006.pf
O45 - LFCP:[MD5.3321DB9695331C16A7A9612B452FD7FB] - 15/02/2013 - 20:43:19 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-015A14A4.pf
O45 - LFCP:[MD5.EAD5B892C3614A328605507F1C885B36] - 15/02/2013 - 23:22:44 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:[MD5.252F8C423D658F87E169D1805677BEE6] - 15/02/2013 - 23:22:44 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf
O45 - LFCP:[MD5.27B82BB0DD02B3CC0CE8CE8702FEDB35] - 15/02/2013 - 23:23:44 ---A- - C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:[MD5.911BFDD24F3FC2370DA73AB585DBD9FF] - 15/02/2013 - 23:32:03 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-91E1AAD6.pf
O45 - LFCP:[MD5.618C24E1A6AC7A58ABB257D36367FAA7] - 15/02/2013 - 23:33:42 ---A- - C:\Windows\Prefetch\ADWCLEANER0.EXE-99C1308C.pf
O45 - LFCP:[MD5.EEBD8F48314F55F9F125A43330B13C16] - 15/02/2013 - 23:33:51 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.24E0BEF42BE3656FF333584DA972CED8] - 15/02/2013 - 23:36:11 ---A- - C:\Windows\Prefetch\ARMSVC.EXE-E21746FC.pf
O45 - LFCP:[MD5.7D372B0F1796AB931E0CFBFE6FCE45D4] - 15/02/2013 - 23:36:11 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-2E15A492.pf
O45 - LFCP:[MD5.C5AEAE361346AAA58ABC3D53B4108AA9] - 15/02/2013 - 23:36:11 ---A- - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
O45 - LFCP:[MD5.FA8E7DB6C7824F485F3CF1FCB8E328FE] - 15/02/2013 - 23:36:11 ---A- - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf
O45 - LFCP:[MD5.B53861F0A785934E088D73FF5510C88F] - 15/02/2013 - 23:36:11 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf
O45 - LFCP:[MD5.7A1A6D194C637BFFEBA3BC5AF894EA3E] - 15/02/2013 - 23:38:56 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:[MD5.46BBA198E6F10F1709EAF88A1B1D2A09] - 15/02/2013 - 23:39:51 ---A- - C:\Windows\Prefetch\WKSWP.EXE-DFBEB44E.pf
O45 - LFCP:[MD5.14A1093FEDFA930179F7C83600FFCC52] - 15/02/2013 - 23:39:52 ---A- - C:\Windows\Prefetch\WKDSTORE.EXE-AC552969.pf
O45 - LFCP:[MD5.C1B0F00EAE00F04338326C0DE62DC4A1] - 15/02/2013 - 23:39:52 ---A- - C:\Windows\Prefetch\WKGDCACH.EXE-DC9F14AE.pf
O45 - LFCP:[MD5.CAE2CB4C4336059C9BC412B2F450E35E] - 15/02/2013 - 23:40:52 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1304AE86.pf
O45 - LFCP:[MD5.D3F3718CD50F027AC1901E3770507780] - 15/02/2013 - 23:50:15 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:[MD5.03ACBBE485AFBECF8A824F39104754A2] - 15/02/2013 - 23:50:20 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-CF2B07FC.pf
O45 - LFCP:[MD5.AA3B4804179A5CD0E42245A36205735C] - 16/02/2013 - 00:08:50 ---A- - C:\Windows\Prefetch\CCSVCHST.EXE-D48200C5.pf
O45 - LFCP:[MD5.CDEB4E64695D43E53BC47C5349BF51BD] - 16/02/2013 - 00:12:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:[MD5.33CF3B368229EB601C2EAE1F940C0521] - 16/02/2013 - 00:17:56 ---A- - C:\Windows\Prefetch\DELFIX.EXE-4DA24732.pf
O45 - LFCP:[MD5.5F93CF1A79D7057AC1C4AE777B7D4031] - 16/02/2013 - 00:18:05 ---A- - C:\Windows\Prefetch\PING.EXE-7E94E73E.pf
O45 - LFCP:[MD5.CEAF071B87CB4FAA32F939B6270E673E] - 16/02/2013 - 00:20:27 ---A- - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf
O45 - LFCP:[MD5.AD70B2283C505BC86BDC2CEA0165D15F] - 16/02/2013 - 00:20:34 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:[MD5.4EA0796A0A05083CB34DE81B1ED1E543] - 16/02/2013 - 00:20:41 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf
O45 - LFCP:[MD5.33AFA60F2FD832ADA991B6C00F7CAFEA] - 16/02/2013 - 00:26:03 ---A- - C:\Windows\Prefetch\SYMERR.EXE-51DD992A.pf
O45 - LFCP:[MD5.93FB85A644D53EA1158ADE502AAF10A8] - 16/02/2013 - 00:32:08 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf
O45 - LFCP:[MD5.6897F677FAB85EBCFF536502FC18B748] - 16/02/2013 - 00:36:09 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.DD2A5EA0D1D4E4B1E60DE42EF53FD232] - 16/02/2013 - 00:36:09 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.EE9DBCCB81B4DA29CE5E4CB0421A52E7] - 16/02/2013 - 00:36:10 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.4925E0F7AE2E7CDF006A674041099D05] - 16/02/2013 - 00:36:10 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.9AA72F59B266FD25B399996381B8D4DB] - 16/02/2013 - 00:37:10 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf
O45 - LFCP:[MD5.9DFDEDA4EA0C0C43998AC79279E9F82A] - 16/02/2013 - 00:37:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C4E2B159.pf
O45 - LFCP:[MD5.5DC8266D09F12BE7D21971F95419F3BF] - 16/02/2013 - 00:37:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-400631C4.pf
O45 - LFCP:[MD5.BBAD2F8A4AE6AA352C387EC0286E5DE0] - 16/02/2013 - 00:47:11 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.DEA985FDB1889222E806DD1ABBFE0E2C] - 16/02/2013 - 00:47:11 ---A- - C:\Windows\Prefetch\WSCSTUB.EXE-9259B92F.pf
O45 - LFCP:[MD5.8E192CA7940751C46B1ABCA01BA34B8F] - 16/02/2013 - 00:48:47 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf
O45 - LFCP:[MD5.5D6BB465FAF246DEF20C99392DE7F4B2] - 16/02/2013 - 00:49:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-EEE13F6D.pf
O45 - LFCP:[MD5.F92644A49DBB624D400094CFDCEA93B7] - 16/02/2013 - 00:50:30 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:[MD5.A67E83C4FCFE9A0FACAFB4ABB8F0A0FB] - 16/02/2013 - 00:51:55 ---A- - C:\Windows\Prefetch\CLTLMH.EXE-EA0107C4.pf
O45 - LFCP:[MD5.306F040AF5783C17736EB3AF50B38B27] - 16/02/2013 - 00:52:00 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:[MD5.583C6BC02D8CDF99C0709AC4A5F4F3C5] - 16/02/2013 - 00:56:49 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
O45 - LFCP:[MD5.F5612315893A091BB40DEB98631A9DD0] - 16/02/2013 - 00:58:29 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:[MD5.A33E65EF727FCBDBFEC4CD392E8D9AF6] - 16/02/2013 - 00:58:37 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-4C2F743B.pf
O45 - LFCP:[MD5.2687211806D5E5D10EFFF2959E49A11B] - 16/02/2013 - 00:58:50 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-5F50D22C.pf
O45 - LFCP:[MD5.DF7A0B745430754A79881634599F0379] - 16/02/2013 - 00:59:01 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf
O45 - LFCP:[MD5.04BCEFAC69453B8D799B932B0FB5ADD7] - 16/02/2013 - 00:59:01 ---A- - C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf
O45 - LFCP:[MD5.9E73AB05155E24D0A69D384A90286826] - 16/02/2013 - 00:59:01 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-D1EF4768.pf
O45 - LFCP:[MD5.333D9BF3298B26BBA035D5C2DBB30538] - 16/02/2013 - 00:59:02 ---A- - C:\Windows\Prefetch\PV.EXE-7B89A1E7.pf
O45 - LFCP:[MD5.2FCDF71932C698C350DE3CEB38B2E644] - 16/02/2013 - 00:59:07 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-7FBD134E.pf
O45 - LFCP:[MD5.9A7033795865D34A84896FFB8FF1CA1A] - 16/02/2013 - 00:59:12 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf
O45 - LFCP:[MD5.995F71711FA4AC92434C589BF233A7ED] - 16/02/2013 - 00:59:26 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:[MD5.956264F799B75F6894DDC10DC7504B90] - 20/01/2013 - 01:07:44 ---A- - C:\Windows\Prefetch\AgCx_S4_S-1-5-21-224001376-1006615189-1975643287-1001.snp.db
O45 - LFCP:[MD5.FA85F341F201CCBD0959A7E03DA7A739] - 20/01/2013 - 17:47:23 ---A- - C:\Windows\Prefetch\AgCx_S4_S-1-5-21-224001376-1006615189-1975643287-1003.snp.db
O45 - LFCP:[MD5.9FDA0100161B226CF44EADA9BE8C8E2C] - 21/01/2013 - 19:19:39 ---A- - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-224001376-1006615189-1975643287-1006.snp.db
O45 - LFCP:[MD5.E84B2C08DD9F55774A5C33E868471ECD] - 22/01/2013 - 11:26:41 ---A- - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-224001376-1006615189-1975643287-1004.snp.db
O45 - LFCP:[MD5.AE55759F076C248FB5F0270B10506762] - 26/01/2013 - 17:06:49 ---A- - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-224001376-1006615189-1975643287-1004.snp.db
O45 - LFCP:[MD5.0155D2B6EC585F6C1525738AE1BF5B4A] - 28/01/2013 - 14:44:55 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-224001376-1006615189-1975643287-1004.db
O45 - LFCP:[MD5.F16BFD1B7BBCEDEFD232EFF56F8C4BEC] - 28/01/2013 - 14:44:55 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-224001376-1006615189-1975643287-1004.db
~ Scan Prefetcher in 00mn 04s



---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'�diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ Scan Keys in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak�.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.IV50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo� video 5.10.) -- C:\Windows\System32\ir50_32.dll
O52 - TDSD: \Drivers32\"VIDC.IV41"="ir41_32.dll" . (.Intel Corporation - Intel Indeo(R) Video Interactive 32-bit Driver.) -- C:\Windows\System32\ir41_32.dll
O52 - TDSD: \Drivers32\"VIDC.IV32"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll
O52 - TDSD: \drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Acer Empowering Technology Monitor [Key] . (...) -- C:\Acer\Empowering Technology\SysMonitor.exe
O53 - SMSR:HKLM\...\startupreg\Acer Tour Reminder [Key] . (.Acer Inc. - Acer Tour Reminder.) -- C:\Acer\AcerTour\Reminder.exe
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\ATICustomerCare [Key] . (.Advanced Micro Devices, Inc. - ATI Customer Care.) -- C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe
O53 - SMSR:HKLM\...\startupreg\ehTray.exe [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O53 - SMSR:HKLM\...\startupreg\EPSON Stylus DX3800 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIACE.exe
O53 - SMSR:HKLM\...\startupreg\FlashPlayerUpdate [Key] . (.Adobe Systems Incorporated - Adobe� Flash� Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware [Key] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O53 - SMSR:HKLM\...\startupreg\Skytel [Key] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\WarReg_PopUp [Key] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe
O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "ClearRecentDocsOnExit"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC:Last File Created 13/02/2013 - 16:00:53 ---A- C:\Users\Hugues2\AppData\Local\NPE\Info20130213160049.xml [43075]
O61 - LFC:Last File Created 13/02/2013 - 16:29:20 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Linguistic.xcu [10020]
O61 - LFC:Last File Created 13/02/2013 - 16:30:00 ---A- C:\Users\Hugues2\Downloads\D�sinfection\D�sinfection.wps [10240]
O61 - LFC:Last File Created 13/02/2013 - 17:05:30 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys [1]
O61 - LFC:Last File Created 13/02/2013 - 17:05:52 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Jobs.xcu [1834]
O61 - LFC:Last File Created 13/02/2013 - 17:06:47 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Common.xcu [1179]
O61 - LFC:Last File Created 13/02/2013 - 17:06:47 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Recovery.xcu [641]
O61 - LFC:Last File Created 13/02/2013 - 17:06:47 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Views.xcu [3623]
O61 - LFC:Last File Created 13/02/2013 - 17:06:47 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Setup.xcu [1321]
O61 - LFC:Last File Created 13/02/2013 - 17:06:47 ---A- C:\Users\Hugues2\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\log.txt [3816]
O61 - LFC:Last File Created 13/02/2013 - 17:22:52 ---A- C:\Users\Hugues2\Downloads\T�l�chargement\ccsetup327.exe [4189792]
O61 - LFC:Last File Created 13/02/2013 - 23:03:03 ---A- C:\Users\Hugues2\Documents\Pc portable.wps [13824]
O61 - LFC:Last File Created 14/02/2013 - 23:42:31 ---A- C:\Users\Hugues2\AppData\Local\NPE\Remediate2013021423364616011000000.dat [219812]
O61 - LFC:Last File Created 14/02/2013 - 23:44:58 ---A- C:\Users\Hugues2\AppData\Local\NPE\Info20130214233646.xml [872346]
O61 - LFC:Last File Created 14/02/2013 - 23:50:09 ---A- C:\Users\Hugues2\AppData\Local\NPE\Info20130214234734.xml [877195]
O61 - LFC:Last File Created 14/02/2013 - 23:51:58 ---A- C:\Users\Hugues2\AppData\Local\NPE\Info20130214235045.xml [876561]
O61 - LFC:Last File Created 15/02/2013 - 01:08:56 ---A- C:\Users\Hugues2\AppData\Local\NPE\Info20130215010541.xml [875508]
O61 - LFC:Last File Created 15/02/2013 - 01:12:44 ---A- C:\Users\Hugues2\Downloads\D�sinfection\NPE.exe [2961472]
O61 - LFC:Last File Created 15/02/2013 - 01:17:28 ---A- C:\Users\Hugues2\AppData\Local\NPE\Remediate2013021501155285911000000.dat [437613]
O61 - LFC:Last File Created 15/02/2013 - 01:17:36 ---A- C:\Users\Hugues2\AppData\Local\NPE\Metadata.dat [7168]
O61 - LFC:Last File Created 15/02/2013 - 01:21:18 ---A- C:\Users\Hugues2\AppData\Local\NPE\NPETraceSessionBoot.etl [1769472]
O61 - LFC:Last File Created 15/02/2013 - 01:21:35 ---A- C:\Users\Hugues2\AppData\Local\NPE\Info20130215011552.xml [877264]
O61 - LFC:Last File Created 15/02/2013 - 19:02:27 ---A- C:\Users\Hugues2\AppData\Roaming\Auslogics\Rescue\Auslogics Registry Cleaner\130215190227783.rsc [2730]
O61 - LFC:Last File Created 15/02/2013 - 19:45:39 ---A- C:\Users\Hugues2\AppData\Local\NPE\Info20130215194331.xml [889853]
O61 - LFC:Last File Created 15/02/2013 - 19:45:47 ---A- C:\Users\Hugues2\AppData\Local\NPE\ErrMgmt\SQCLIENT.dat [5632]
O61 - LFC:Last File Created 15/02/2013 - 19:45:47 ---A- C:\Users\Hugues2\AppData\Local\NPE\NPETraceSession.etl [13762560]
O61 - LFC:Last File Created 15/02/2013 - 20:22:36 ---A- C:\Users\Hugues2\AppData\Local\GDIPFONTCACHEV1.DAT [105552]
O61 - LFC:Last File Created 15/02/2013 - 20:23:39 ---A- C:\Users\Hugues2\AppData\Roaming\Microsoft\MMC\Taskschd [87530]
O61 - LFC:Last File Created 15/02/2013 - 23:40:39 ---A- C:\Users\Hugues2\AppData\Roaming\wklnhst.dat [32478]
O61 - LFC:Last File Created 16/02/2013 - 00:32:55 ---A- C:\Users\Hugues2\Documents\zhp.txt [1618]
O61 - LFC:Last File Created 16/02/2013 - 00:46:45 ---A- C:\Users\Hugues2\AppData\Local\Temp\Hugues2.bmp [31832]
O61 - LFC:Last File Created 30/12/1899 - 11:31:34 -SHA- C:\Users\Hugues2\AppData\Roaming\Microsoft\Protect\S-1-5-21-224001376-1006615189-1975643287-1006\Preferred [24]
O61 - LFC:Last File Created 30/12/1899 - 11:31:34 -SHA- C:\Users\Hugues2\AppData\Roaming\Microsoft\Protect\S-1-5-21-224001376-1006615189-1975643287-1006\a2477dac-87fd-4def-85f6-9dffca6c451f [388]
O61 - LFC:Last File Created 30/12/1899 - 23:33:47 --HA- C:\Users\Hugues2\AppData\Local\IconCache.db [2550686]
~ Scan Files in 00mn 18s



---\\ Alternate Data Stream File (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\Window.dll:Zone.Identifier
~ Scan ADS in 00mn 01s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Alg.exe,-112 (ALG) .(...) - LEGACY_ALG
O64 - Services: CurCS - 12/10/2011 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 16/01/2013 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130208.001\BHDrvx86.sys (BHDrvx86) .(.Symantec Corporation - BASH Driver.) - LEGACY_BHDRVX86
O64 - Services: CurCS - 20/08/2012 - C:\Windows\system32\drivers\N360\1402010.016\ccSetx86.sys (ccSet_N360) .(.Symantec Corporation - Common Client Settings Driver.) - LEGACY_CCSET_N360
O64 - Services: CurCS - ??\??\???? - (cpuz134) .(. - .) - LEGACY_CPUZ134
O64 - Services: CurCS - 12/02/2013 - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL
O64 - Services: CurCS - ??\??\???? - C:\Windows\ehome\ehrecvr.exe,-101 (ehRecvr) .(...) - LEGACY_EHRECVR
O64 - Services: CurCS - ??\??\???? - C:\Windows\ehome\ehsched.exe,-101 (ehSched) .(...) - LEGACY_EHSCHED
O64 - Services: CurCS - 12/02/2013 - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV
O64 - Services: CurCS - ??\??\???? - (Futuremark SystemInfo Service) .(. - .) - LEGACY_FUTUREMARK_SYSTEMINFO_SERVICE
O64 - Services: CurCS - 03/04/1996 - C:\Windows\System32\giveio.sys - giveio (giveio) .(...) - LEGACY_GIVEIO
O64 - Services: CurCS - 09/02/2013 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130214.001\IDSvix86.sys (IDSVix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86
O64 - Services: CurCS - 07/12/2006 - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15 (int15) .(...) - LEGACY_INT15
O64 - Services: CurCS - ??\??\???? - (Lavasoft Kernexplorer) .(. - .) - LEGACY_LAVASOFT_KERNEXPLORER
O64 - Services: CurCS - 12/02/2013 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130214.016\NAVENG.sys (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG
O64 - Services: CurCS - 12/02/2013 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130214.016\NAVEX15.sys (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15
O64 - Services: CurCS - 27/09/2006 - C:\Windows\System32\DRIVERS\nmsgopro.sys (nmsgopro) .(.Gteko Ltd. - Gteko's GoProto protocol driver.) - LEGACY_NMSGOPRO
O64 - Services: CurCS - 19/10/2006 - C:\Windows\System32\DRIVERS\nmsunidr.sys (nmsunidr) .(.Gteko Ltd. - GUniDriver.) - LEGACY_NMSUNIDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Locator.exe,-2 (RpcLocator) .(...) - LEGACY_RPCLOCATOR
O64 - Services: CurCS - 13/04/2001 - C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys (RVIEG01) .(.Roland - Roland VSC Synthesizer Engine.) - LEGACY_RVIEG01
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\snmptrap.exe,-3 (SNMPTRAP) .(...) - LEGACY_SNMPTRAP
O64 - Services: CurCS - 18/03/2011 - C:\Windows\System32\speedfan.sys (speedfan) .(.Almico Software - SpeedFan x32 Driver.) - LEGACY_SPEEDFAN
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\spoolsv.exe,-1 (Spooler) .(...) - LEGACY_SPOOLER
O64 - Services: CurCS - 08/10/2012 - C:\Windows\system32\drivers\N360\1402010.016\SRTSP.sys (SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP
O64 - Services: CurCS - 06/09/2012 - C:\Windows\system32\drivers\N360\1402010.016\SRTSPX.sys (SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\N360\1402010.016\SYMDS.sys (SymDS) .(.Symantec Corporation - Symantec Data Store.) - LEGACY_SYMDS
O64 - Services: CurCS - 03/10/2012 - C:\Windows\System32\drivers\N360\1402010.016\SYMEFA.sys (SymEFA) .(.Symantec Corporation - Symantec Extended File Attributes.) - LEGACY_SYMEFA
O64 - Services: CurCS - 12/02/2013 - C:\Windows\system32\Drivers\SYMEVENT.sys (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT
O64 - Services: CurCS - 06/09/2012 - C:\Windows\system32\drivers\N360\1402010.016\Ironx86.sys (SymIRON) .(.Symantec Corporation - Iron Driver.) - LEGACY_SYMIRON
O64 - Services: CurCS - 06/09/2012 - C:\Windows\system32\drivers\N360\1402010.016\SYMTDIV.sys (SYMTDIv) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDIV
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\ui0detect.exe,-101 (UI0Detect) .(...) - LEGACY_UI0DETECT
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\dwm.exe,-2000 (UxSms) .(...) - LEGACY_UXSMS
O64 - Services: CurCS - 21/09/2010 - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe (wlidsvc) .(.Microsoft Corp. - Microsoft� Windows Live ID Service.) - LEGACY_WLIDSVC
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) .(...) - LEGACY_WMIAPSRV
O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\SearchIndexer.exe,-103 (WSearch) .(...) - LEGACY_WSEARCH
~ Scan Services in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {8F8134B5-8119-4734-A5F5-940A9455F368} - (Bing) - http://www.bing.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'acc�s distant.) -- C:\Windows\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [68096]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.82A981FA7D8A5859814C34A8636F78E6] [SPRF][30/06/2010] (...) -- C:\ProgramData\nvModes.dat [88501]
[MD5.5574F42832CDCEC3FB8AFBB515BEA6DA] [SPRF][31/10/2012] (...) -- C:\Users\Hugues2\AppData\Local\d3d9caps.dat [680]
[MD5.750FAF534999712C90DD8ADDC8C45BC4] [SPRF][15/02/2013] (...) -- C:\Users\Hugues2\AppData\Roaming\wklnhst.dat [32478]
[MD5.D4645D60E04813DD40C7B9158796DA74] [SPRF][02/12/2006] (.KingSOFT DVD - Counter-Strike 1.6 No Steam v.23b FULL - v.2.5.) -- C:\Users\Hugues2\Desktop\cs16full_v23b_v2_5.exe [238617038]
[MD5.2A9A453201A27ECB6D366900501A91EC] [SPRF][16/02/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Hugues2\Desktop\ZHPDiag2.exe [3728968]
~ Scan Files in 00mn 04s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{34B087DC-CD9D-44C6-B626-3F79DC528461}" | In - None - P6 - TRUE | .(.Cyberlink - PictureSlideDVD Worker.) -- C:\Program Files\Acer Zone\Acer Picture Slide DVD\Component\CLSLDVD.exe
O87 - FAEL: "{AE078BE2-6F15-4D46-9C88-57063ADCD039}" | In - None - P6 - TRUE | .(.Cyberlink - Plug n Record.) -- C:\Program Files\Acer Zone\Acer Plug and Record\Component\ARAWP.exe
O87 - FAEL: "{A0645421-8520-4699-BD1C-254AAC4ACF0C}" | In - None - P6 - TRUE | .(.Pas de propri�taire - DVAX2Process MFC Application.) -- C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe
O87 - FAEL: "{B9C9FEA5-A6D8-4BF4-AEEE-E84AE38E8E30}" | In - Domain - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
O87 - FAEL: "{38590DB5-053D-4C34-A50F-259D2CCAED29}" | In - Domain - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
O87 - FAEL: "{B119F254-1771-4F64-AEBA-093A55EC5181}" | In - Domain - P6 - TRUE | .(.Intel(R) Corporation - Intel� Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O87 - FAEL: "{A8F9A1F8-EDA0-4C2B-8FD7-BE93156D2ADA}" | In - Domain - P17 - TRUE | .(.Intel(R) Corporation - Intel� Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O87 - FAEL: "{B50E455F-6CC0-434F-A568-5CE640601C40}" | In - Domain - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O87 - FAEL: "{FA21D769-1EA0-4098-8916-E16785DA2B22}" | In - Domain - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O87 - FAEL: "{EF419FA9-EBEB-4456-83B3-4842EC5347A5}" | In - Private - P6 - TRUE | .(.Sierra Entertainment, Inc. - SWAT 4 - The Stetchkov Syndicate.) -- C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe
O87 - FAEL: "{5D614EEE-1EF2-4C6E-951F-C0C6F5FBB089}" | In - Private - P17 - TRUE | .(.Sierra Entertainment, Inc. - SWAT 4 - The Stetchkov Syndicate.) -- C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe
O87 - FAEL: "{6CC08BE8-E64F-43D3-89D3-6B6C97A43550}" | In - Private - P6 - TRUE | .(.Sierra Entertainment, Inc. - SWAT 4 - The Stetchkov Syndicate.) -- C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe
O87 - FAEL: "{363D4A21-0CE7-4743-8809-366770CCF57B}" | In - Private - P17 - TRUE | .(.Sierra Entertainment, Inc. - SWAT 4 - The Stetchkov Syndicate.) -- C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe
~ Scan Firewall in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.10682 - (12/02/2013)
Cl�s trouv�es (Keys found) : 1
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Classes\AppID\Tuto4pcFrSoftonicBHO.DLL] =>Spyware.AgenceExclusive
~ Scan Additionnel in 00mn 08s



---\\ Recherche d�tournement de DNS routeur (O89) (None)

---\\ Product Upgrade Codes (O90)
O90 - PUC: "02FCC1E821E94284DB95A79D0E84D68D" . (.SWAT 4.) -- C:\Windows\Installer\{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}\ARPPRODUCTICON.exe
O90 - PUC: "0A294A91F8880A44B9129D710067F326" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{19A492A0-888F-44A0-9B21-D91700763F62}\ARPPRODUCTICON.exe
O90 - PUC: "0C1FF52A6B08B8B45A15CD2565794A80" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{A25FF1C0-80B6-4B8B-A551-DC525697A408}\ARPPRODUCTICON.exe
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Compl�ment Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "239ED6BFAC420C1DF28DD1CF4E3AC35C" . (.HydraVision.) -- C:\Windows\Installer\{FB6DE932-24CA-D1C0-2FD8-1DFCE4A33CC5}\ARPPRODUCTICON.exe
O90 - PUC: "31870A9F5A6F74B48D33314770760EB4" . (.Catalyst Control Center.) -- C:\Windows\Installer\{F9A07813-F6A5-4B47-D833-13740767E04B}\ARPPRODUCTICON.exe
O90 - PUC: "48F21E79330C2AD4792D5F043C2E29AE" . (.Installer.) -- C:\Windows\Installer\{97E12F84-C033-4DA2-97D2-F540C3E292EA}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.5) - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "6E715662668DD93419C98B1B5AE20608" . (.OpenOffice.org 3.2.) -- C:\Windows\Installer\{266517E6-D866-439D-919C-B8B1A52E6080}\soffice.ico
O90 - PUC: "7C8A2AB9DFFB521439771C193CFF71F4" . (.AxCrypt 1.7.2867.0.) -- C:\Windows\Installer\{9BA2A8C7-BFFD-4125-9377-C191C3FF174F}\axcrypt.ico
O90 - PUC: "884FD4BEFEAAF6043A14BCA2AA13B509" . (.Windows Live Messenger.) -- C:\Windows\Installer\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}\MsblIco.Exe
O90 - PUC: "9E3522E2DAE3FD9DDEAC8A3955E10B18" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{2E2253E9-3EAD-D9DF-EDCA-A893551EB081}\ARPPRODUCTICON.exe
O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico
O90 - PUC: "A7C380116D0D4AD4C8A3478B83E90CB7" . (.ATI Catalyst Registration.) -- C:\Windows\Installer\{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}\ARPPRODUCTICON.exe
O90 - PUC: "AA37CCA8115655C71B9AE8D5D1AEAF3A" . (.The Lord of the Rings FREE Trial .) -- C:\Windows\Installer\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}\ARPPRODUCTICON.exe
O90 - PUC: "B50A775126EECBB4D97BEF47F84AE42C" . (.NTI CD & DVD-Maker.) -- C:\Windows\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\ARPPRODUCTICON.exe
O90 - PUC: "CB5889C528EA56E37AF75F0FFA1A85E1" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{5C9885BC-AE82-3E65-A77F-F5F0AFA1581E}\ARPPRODUCTICON.exe
O90 - PUC: "D366E3D3E7E477545A06E7DCDD5445A8" . (.PVSonyDll.) -- C:\Windows\Installer\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- C:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
O90 - PUC: "E1851AAF88C20196AB9644D7368EFE21" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{FAA1581E-2C88-6910-BA69-447D63E8EF12}\ARPPRODUCTICON.exe
O90 - PUC: "E7BD9C54D2C09BEF1619E33DA2CD70F7" . (.ccc-utility.) -- C:\Windows\Installer\{45C9DB7E-0C2D-FEB9-6191-3ED32ADC077F}\ARPPRODUCTICON.exe
O90 - PUC: "E876D35FF83217A4792480BB76479ECD" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{F53D678E-238F-4A71-9742-08BB6774E9DC}\fssicon.ico
O90 - PUC: "FB016C62B1679024DBA60A1F7BD3D6ED" . (.Logiciel Intel� Viiv�.) -- C:\Windows\Installer\{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}\ARPPRODUCTICON.exe
~ Scan Files in 00mn 00s



---\\ MyComputer Name Space (O92)
O92 - MNS: @C:\Program Files\Norton 360\Branding\muis.dll,-115 - {0579E89F-E364-4a3d-A9CB-90262B2B7E1C}
~ Scan MNS in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 28672 | (AcerMemUsageCheckService) . (...) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 20/01/2013 251400 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 18/11/2006 195032 | (AlertService) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
SS - | Disabled 12/10/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Disabled 208896 | (DQLWinService) . (...) - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
SR - | Auto 31/01/2007 53248 | (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
SS - | Disabled 11/01/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 11/01/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 29/09/2006 81920 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SS - | Disabled 14/12/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/12/2012 143928 | (N360) . (.Symantec Corporation.) - C:\Program Files\Norton 360\Engine\20.2.1.22\ccSvcHst.exe
SS - | Disabled 03/04/2010 129640 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Disabled 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Hugues2 at 16/02/2013 01:00:55

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s



End of the scan (1403 lines in 02mn 03s)(0)

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !