stopovirus Index du Forum
Connexion S’enregistrer FAQ Membres Rechercher stopovirus Index du Forum

[Résolu] ordi qui rame et s'éteint tout seul
Aller à la page: 1, 2  >

 
Poster un nouveau sujet   Répondre au sujet    stopovirus Index du Forum » Lutte anti malware » Eradication virus lutte antimalware
Sujet précédent :: Sujet suivant  
Auteur Message
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Mer 25 Juil - 17:54 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Bonjour à tous,
Voilà j'ai un problème avec mon ordi c'est un " HP pavillon dv6" depuis quelques temps mon ordi rame et chauffe en dessous en haut à gauche du clavier ( à peu près sous la touche echap) ; j'avais déjà eu ce problème auparavant mais ça faisait quelques temps que tout fonctionnait correctement puis depuis 3 jours ça recommence ; j'ai lancé avira , malware bytes et roguekiller mais pas de changement  j'ai essayé de zhp et adwcleaner comme expliqué dans les sujets sur ce site mais je m'en sors pas ; si quelqu'un peut m’aiguiller ça serai super sympa...





Dernière édition par hamham92 le Dim 29 Juil - 15:51 (2012); édité 1 fois
Revenir en haut
Publicité






MessagePosté le: Mer 25 Juil - 17:54 (2012)    Sujet du message: Publicité

PublicitéSupprimer les publicités ?


Revenir en haut
Geronimo
Administrateur

Hors ligne

Inscrit le: 07 Fév 2010
Messages: 3 874
Localisation: Dans mon tepee
Sexe: Masculin
Système d'exploitation: Windows 8
memoire ram: 8 Giga
carte graphique:
disque dur: 1,5 tera

MessagePosté le: Mer 25 Juil - 18:27 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Bonjour hamham92


Le rapport de ZHPDiag doit être posté en lien, il est parfois trop long pour tenir dans une réponse.

Scan

    Télécharge ZHPDiag (de Nicolas coolman)

  • Double clique sur le fichier téléchargé, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher Créer une icône sur le bureau)
  • Pour Vista et Windows 7 clic droit sur le fichier téléchargé et Exécuter en tant qu'administrateur
  • Lance ZHPDiag en double cliquant sur
    présent sur ton bureau
  • Pour Vista et Windows 7 clic droit sur le raccourci de ZHPDiag et Exécuter en tant qu'administrateur
  • Clique sur Options

  • Clique sur

  • Clique en haut à gauche sur la loupe




  • Laisse le scan se dérouler.



  • Le scan terminé, clique sur la disquette

  • Enregistre le rapport sur le bureau.
  • Sinon le rapport se trouvera aussi ici ==> c:\ZHP\ZHPDiag.txt


Pour poster le rapport en lien utilise cet hébergeur de fichiers :



_________________
Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Mer 25 Juil - 19:40 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

http://cjoint.com/?BGztL36cJzE
Voilà le lien ; merci pour la réponse rapide !



Revenir en haut
Geronimo
Administrateur

Hors ligne

Inscrit le: 07 Fév 2010
Messages: 3 874
Localisation: Dans mon tepee
Sexe: Masculin
Système d'exploitation: Windows 8
memoire ram: 8 Giga
carte graphique:
disque dur: 1,5 tera

MessagePosté le: Mer 25 Juil - 20:16 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Infection USB détectée


Scan UsbFix


  • Télécharge UsbFix
  • Enregistre ce fichier sur le bureau
  • Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir
  • Double clique sur UsbFix.exe qui est sur le bureau.
  • Pour Vista et Seven fais un clic droit sur le fichier téléchargé et Exécuter en tant qu'adminstrateur
  • Clique sur Recherche
  • Laisse travailler l'outil
  • Poste ensuitele rapport UsbFix.txt qui apparaitra.
  • Note : Le rapport UsbFix.txt est sauvegardé à la racine du disque. ( C:\UsbFix.txt )



_________________
Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Mer 25 Juil - 20:51 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Bah franchement j'ai pas utiliser l’USB depuis un moment donc je sais pas ce que ça peut être ; par contre j'ai un dvd de code de la route que j'ai installé y à 1 mois environ et à ce moment la avira m'a dit qu'il y a un virus mais depuis j'ai rien fait de spécial...


Revenir en haut
Geronimo
Administrateur

Hors ligne

Inscrit le: 07 Fév 2010
Messages: 3 874
Localisation: Dans mon tepee
Sexe: Masculin
Système d'exploitation: Windows 8
memoire ram: 8 Giga
carte graphique:
disque dur: 1,5 tera

MessagePosté le: Mer 25 Juil - 21:29 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Fais tout de même le scan avec USFix



_________________
Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Jeu 26 Juil - 13:00 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Bonjour , voila le rapport d' USBFIX

############################## | UsbFix V 7.094 | [Recherche]

Utilisateur: Abd-El-Hamid (Administrateur) # PAVILLONDV6
Mis à jour le 20/07/2012 par El Desaparecido
Lancé à 12:54:18 | 26/07/2012

Site Web: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Fichier suspect ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (X86-based PC) # Notebook
CPU: AMD Turion(tm) X2 Dual-Core Mobile RM-74 (2200)
RAM -> [Total : 3069 | Free : 1710]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Premium  (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: AntiVir Desktop [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 455 Go (163 Go libre(s) - 36%) [] # NTFS
D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 17%) [RECOVERY] # NTFS
E:\ -> CD-ROM

################## | Processus Actif |

C:\Windows\system32\csrss.exe (476)
C:\Windows\system32\wininit.exe (540)
C:\Windows\system32\csrss.exe (552)
C:\Windows\system32\services.exe (588)
C:\Windows\system32\lsass.exe (600)
C:\Windows\system32\lsm.exe (608)
C:\Windows\system32\winlogon.exe (756)
C:\Windows\system32\svchost.exe (780)
C:\Windows\system32\svchost.exe (876)
C:\Windows\System32\svchost.exe (920)
C:\Windows\system32\Ati2evxx.exe (972)
C:\Windows\System32\svchost.exe (988)
C:\Windows\System32\svchost.exe (1016)
C:\Windows\system32\svchost.exe (1044)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe (1064)
C:\Windows\system32\svchost.exe (1392)
C:\Windows\system32\SLsvc.exe (1412)
C:\Windows\system32\svchost.exe (1460)
C:\Windows\system32\Hpservice.exe (1572)
C:\Windows\system32\Ati2evxx.exe (1596)
C:\Windows\system32\svchost.exe (1676)
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1788)
C:\Windows\System32\spoolsv.exe (1996)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (2020)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (2032)
C:\Windows\system32\svchost.exe (2044)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1500)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe (728)
C:\Windows\system32\svchost.exe (1648)
C:\Program Files\BboxUpdate\eSRunService.exe (1880)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (1700)
C:\Windows\system32\svchost.exe (2084)
C:\Program Files\SMINST\BLService.exe (2104)
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2148)
C:\Windows\system32\svchost.exe (2196)
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe (2252)
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe (2276)
C:\Windows\System32\svchost.exe (2324)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2352)
C:\Windows\system32\SearchIndexer.exe (2420)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2452)
C:\Windows\system32\Dwm.exe (3544)
C:\Windows\system32\taskeng.exe (3576)
C:\Windows\Explorer.EXE (3612)
C:\Program Files\Alwil Software\Avast4\ashDisp.exe (4092)
C:\Program Files\IDT\WDM\sttray.exe (2076)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (1320)
C:\Program Files\BboxUpdate\BTLiveUpdate.exe (2128)
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (2472)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (1032)
C:\Windows\ehome\ehtray.exe (2396)
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (2660)
C:\Windows\ehome\ehmsas.exe (3148)
C:\Windows\system32\svchost.exe (4056)
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (1664)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3476)
C:\Windows\system32\taskeng.exe (3484)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (3160)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3712)
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (4172)
C:\Program Files\Mozilla Firefox\firefox.exe (4288)
C:\Windows\system32\SearchProtocolHost.exe (4628)
C:\Windows\servicing\TrustedInstaller.exe (4736)
C:\Program Files\Mozilla Firefox\plugin-container.exe (5204)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (5244)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (5260)
C:\UsbFix\Go.exe (1332)
C:\Windows\system32\wbem\wmiprvse.exe (4744)

################## | Éléments infectieux |


################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\G
Shell\AutoRun\Command = G:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{2e0459d1-b469-11de-aa33-00238be4b502}
Shell\Auto\Command = F:\msnmsgr_plus.exe
Shell\AutoRun\Command = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\msnmsgr_plus.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{3200a428-4432-11df-b926-00238be4b502}
Shell\AutoRun\Command = F:\Autorun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{6458150d-1f1f-11df-97cb-00238be4b502}
Shell\AutoRun\Command = F:\loader.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{7228db9a-93cd-11de-87ef-00238be4b502}
Shell\AutoRun\Command = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Portail-Pharma-salon-cleUSB.pdf

HKCU\.\.\.\.\Explorer\MountPoints2\{951b062a-a135-11de-9167-00238be4b502}
Shell\AutoRun\Command = G:\loader.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{db06e03a-b5eb-11de-ba84-00238be4b502}
Shell\AutoRun\Command = e2.cmd
Shell\open\Command = e2.cmd

HKCU\.\.\.\.\Explorer\MountPoints2\{db06e03f-b5eb-11de-ba84-00238be4b502}
Shell\AutoRun\Command = F:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{fb3a5366-40b7-11df-b7ea-00238be4b502}
Shell\AutoRun\Command = e2.cmd
Shell\open\Command = e2.cmd



################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |


Revenir en haut
Geronimo
Administrateur

Hors ligne

Inscrit le: 07 Fév 2010
Messages: 3 874
Localisation: Dans mon tepee
Sexe: Masculin
Système d'exploitation: Windows 8
memoire ram: 8 Giga
carte graphique:
disque dur: 1,5 tera

MessagePosté le: Jeu 26 Juil - 13:31 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Bonjour




Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir


  • Double clic sur UsbFix.exe présent sur le bureau
  • Pour Vista et Seven fais un clic droit sur UsbFix.exe et Exécuter en tant qu’administrateur
  • Clique sur Suppression
  • Laisse travailler l'outil.
  • Poste ensuite le rapport UsbFix.txt qui apparaitra avec le bureau
  • Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )




Nouveau scan avec ZHPDiag

Refais un scan avec ZHPDiag poste ensuite son rapport en lien.

Note : Tu as deux rapports à poster



_________________
Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Jeu 26 Juil - 14:08 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

############################## | UsbFix V 7.094 | [Suppression]

Utilisateur: Abd-El-Hamid (Administrateur) # PAVILLONDV6
Mis à jour le 20/07/2012 par El Desaparecido
Lancé à 13:39:53 | 26/07/2012

Site Web: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Fichier suspect ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Hewlett-Packard (HP Pavilion dv6 Notebook PC) (X86-based PC) # Notebook
CPU: AMD Turion(tm) X2 Dual-Core Mobile RM-74 (2200)
RAM -> [Total : 3069 | Free : 2097]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft® Windows Vista™ Édition Familiale Premium  (6.0.6002 32-Bit) # Service Pack 2
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: AntiVir Desktop [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Disque fixe # 455 Go (163 Go libre(s) - 36%) [] # NTFS
D:\ -> Disque fixe # 11 Go (2 Go libre(s) - 17%) [RECOVERY] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM

################## | Processus Actif |

C:\Windows\system32\csrss.exe (540)
C:\Windows\system32\wininit.exe (604)
C:\Windows\system32\csrss.exe (616)
C:\Windows\system32\services.exe (652)
C:\Windows\system32\lsass.exe (664)
C:\Windows\system32\lsm.exe (672)
C:\Windows\system32\winlogon.exe (824)
C:\Windows\system32\svchost.exe (848)
C:\Windows\system32\svchost.exe (940)
C:\Windows\System32\svchost.exe (988)
C:\Windows\system32\Ati2evxx.exe (1040)
C:\Windows\System32\svchost.exe (1060)
C:\Windows\System32\svchost.exe (1096)
C:\Windows\system32\svchost.exe (1108)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe (1132)
C:\Windows\system32\svchost.exe (1388)
C:\Windows\system32\SLsvc.exe (1408)
C:\Windows\system32\svchost.exe (1436)
C:\Windows\system32\Ati2evxx.exe (1512)
C:\Windows\system32\Hpservice.exe (1568)
C:\Windows\system32\svchost.exe (1628)
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1740)
C:\Windows\System32\spoolsv.exe (2020)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (2044)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (204)
C:\Windows\system32\svchost.exe (336)
C:\Windows\system32\taskeng.exe (724)
C:\Windows\system32\Dwm.exe (1624)
C:\Windows\Explorer.EXE (2064)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2348)
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe (2380)
C:\Windows\system32\svchost.exe (2396)
C:\Program Files\BboxUpdate\eSRunService.exe (2424)
C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2556)
C:\Windows\system32\svchost.exe (2596)
C:\Program Files\SMINST\BLService.exe (2612)
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2624)
C:\Windows\system32\svchost.exe (2684)
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe (2716)
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe (2744)
C:\Windows\System32\svchost.exe (2788)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2820)
C:\Windows\system32\SearchIndexer.exe (2872)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2964)
C:\Windows\system32\WUDFHost.exe (3136)
C:\Windows\system32\wbem\wmiprvse.exe (3420)
C:\Windows\System32\mobsync.exe (3544)
C:\Program Files\Alwil Software\Avast4\ashDisp.exe (3652)
C:\Program Files\IDT\WDM\sttray.exe (3696)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3748)
C:\Program Files\BboxUpdate\BTLiveUpdate.exe (3888)
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (3900)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (3920)
C:\Windows\System32\WScript.exe (3996)
C:\Windows\ehome\ehtray.exe (4004)
C:\Program Files\Samsung\Kies\KiesHelper.exe (4032)
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (4056)
C:\Windows\ehome\ehmsas.exe (3280)
C:\Windows\system32\taskeng.exe (1928)
C:\UsbFix\Go.exe (2260)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4580)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (4864)
C:\Windows\system32\SearchProtocolHost.exe (4896)
C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceManager.exe (4952)

################## | Processus Stoppés |

Stoppé! C:\Windows\system32\Ati2evxx.exe (1040)
Stoppé! C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe (1132)
Stoppé! C:\Windows\system32\SLsvc.exe (1408)
Stoppé! C:\Windows\system32\Ati2evxx.exe (1512)
Stoppé! C:\Windows\system32\Hpservice.exe (1568)
Stoppé! C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1740)
Stoppé! C:\Windows\System32\spoolsv.exe (2020)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\sched.exe (2044)
Stoppé! C:\Program Files\Avira\AntiVir Desktop\avguard.exe (204)
Stoppé! C:\Windows\system32\taskeng.exe (724)
Stoppé! C:\Windows\Explorer.EXE (2064)
Stoppé! C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (2348)
Stoppé! C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe (2380)
Stoppé! C:\Program Files\BboxUpdate\eSRunService.exe (2424)
Stoppé! C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2556)
Stoppé! C:\Program Files\SMINST\BLService.exe (2612)
Stoppé! C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (2624)
Stoppé! C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe (2716)
Stoppé! C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe (2744)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2820)
Stoppé! C:\Windows\system32\SearchIndexer.exe (2872)
Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2964)
Stoppé! C:\Windows\system32\WUDFHost.exe (3136)
Stoppé! C:\Windows\System32\mobsync.exe (3544)
Stoppé! C:\Program Files\Alwil Software\Avast4\ashDisp.exe (3652)
Stoppé! C:\Program Files\IDT\WDM\sttray.exe (3696)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3748)
Stoppé! C:\Program Files\BboxUpdate\BTLiveUpdate.exe (3888)
Stoppé! C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (3900)
Stoppé! C:\Program Files\Common Files\Java\Java Update\jusched.exe (3920)
Stoppé! C:\Windows\System32\WScript.exe (3996)
Stoppé! C:\Windows\ehome\ehtray.exe (4004)
Stoppé! C:\Program Files\Samsung\Kies\KiesHelper.exe (4032)
Stoppé! C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (4056)
Stoppé! C:\Windows\ehome\ehmsas.exe (3280)
Stoppé! C:\Windows\system32\taskeng.exe (1928)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (4580)
Stoppé! C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (4864)
Stoppé! C:\Windows\system32\SearchProtocolHost.exe (4896)
Stoppé! C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceManager.exe (4952)
Stoppé! C:\Windows\system32\SearchFilterHost.exe (5088)
Stoppé! C:\Program Files\Samsung\Kies\External\DeviceModules\ConnectionManager.exe (5096)
Stoppé! C:\Windows\system32\conime.exe (5940)

################## | Éléments infectieux |

Supprimé! C:\$RECYCLE.BIN\S-1-5-18
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-1000
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-1001
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-1002
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-500
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-746032363-521491259-186433594-500
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-1000
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-1001
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-1002
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-3901224373-932584255-2147343616-500

(!) Fichiers temporaires supprimés.

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\G
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{2e0459d1-b469-11de-aa33-00238be4b502}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{6458150d-1f1f-11df-97cb-00238be4b502}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{7228db9a-93cd-11de-87ef-00238be4b502}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{951b062a-a135-11de-9167-00238be4b502}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{db06e03a-b5eb-11de-ba84-00238be4b502}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{fb3a5366-40b7-11df-b7ea-00238be4b502}

################## | Listing |

[26/07/2012 - 13:44:59 | SHD ]     C:\$RECYCLE.BIN
[11/08/2011 - 18:14:50 | D ]     C:\16e999f995b4458c61a06e98dae865
[01/07/2011 - 18:44:30 | D ]     C:\a4145c98ef425d294837c392cb
[25/07/2012 - 04:36:46 | N | 10187]     C:\AdwCleaner[R1].txt
[25/07/2012 - 04:37:36 | N | 10248]     C:\AdwCleaner[R2].txt
[25/07/2012 - 04:57:47 | N | 1315]     C:\AdwCleaner[R3].txt
[25/07/2012 - 16:55:42 | N | 1620]     C:\AdwCleaner[R4].txt
[25/07/2012 - 04:39:22 | N | 10600]     C:\AdwCleaner[S1].txt
[25/07/2012 - 04:58:02 | N | 1377]     C:\AdwCleaner[S2].txt
[25/07/2012 - 16:55:56 | N | 1682]     C:\AdwCleaner[S3].txt
[18/09/2006 - 23:43:36 | N | 24]     C:\autoexec.bat
[21/10/2009 - 23:20:08 | SHD ]     C:\boot
[11/04/2009 - 08:36:36 | RASH | 333257]     C:\bootmgr
[25/07/2012 - 14:52:43 | D ]     C:\Config.Msi
[18/09/2006 - 23:43:37 | N | 10]     C:\config.sys
[02/11/2006 - 15:02:03 | SHD ]     C:\Documents and Settings
[28/08/2009 - 16:35:41 | D ]     C:\HP
[06/04/2010 - 19:55:25 | N | 0]     C:\IO.SYS
[16/06/2012 - 02:00:42 | N | 1558]     C:\MAKEMSI_VBSCA-Kaspersky Security Scan(1.0.0.500)-samedi.log
[06/04/2010 - 19:55:25 | N | 0]     C:\MSDOS.SYS
[26/07/2012 - 13:38:03 | ASH | 3532546048]     C:\pagefile.sys
[29/04/2010 - 21:52:50 | D ]     C:\PerfLogs
[25/07/2012 - 19:36:07 | N | 512]     C:\PhysicalDisk0_MBR.bin
[25/07/2012 - 13:41:18 | D ]     C:\Program Files
[25/07/2012 - 04:39:16 | D ]     C:\ProgramData
[07/03/2011 - 09:51:08 | D ]     C:\Programs
[07/03/2011 - 09:51:09 | D ]     C:\renault_F2K
[07/03/2011 - 09:53:29 | D ]     C:\SWSetup
[25/07/2012 - 21:20:54 | SHD ]     C:\System Volume Information
[28/08/2009 - 16:36:14 | D ]     C:\System.sav
[26/07/2012 - 13:44:59 | D ]     C:\UsbFix
[26/07/2012 - 13:44:59 | A | 10177]     C:\UsbFix.txt
[25/07/2012 - 01:01:55 | N | 849]     C:\user.js
[30/08/2010 - 05:18:55 | D ]     C:\Users
[25/07/2012 - 04:08:59 | D ]     C:\Windows
[25/07/2012 - 19:32:44 | D ]     C:\ZHP
[26/07/2012 - 13:44:59 | SHD ]     D:\$RECYCLE.BIN
[28/08/2009 - 16:34:45 | N | 13]     D:\BLOCK.RIN
[22/05/2009 - 03:45:47 | RSHD ]     D:\boot
[03/10/2006 - 23:02:44 | SH | 438328]     D:\bootmgr
[04/11/2008 - 17:37:42 | SH | 1199]     D:\Desktop.ini
[10/09/2002 - 16:14:28 | N | 8134]     D:\Folder.htt
[22/05/2009 - 03:46:26 | D ]     D:\HP
[26/07/2012 - 13:38:36 | N | 196]     D:\MASTER.LOG
[22/05/2009 - 03:45:55 | RSHD ]     D:\PRELOAD
[12/09/2008 - 17:17:38 | SH | 381873]     D:\protect.arabic
[15/09/2008 - 15:57:58 | N | 182624]     D:\protect.bulgarian
[16/09/2002 - 14:37:48 | SH | 181898]     D:\protect.chinese hong kong
[16/09/2002 - 14:37:40 | SH | 181916]     D:\protect.chinese simplified
[16/09/2002 - 14:37:48 | SH | 181898]     D:\protect.chinese traditional
[27/04/2006 - 16:19:40 | SH | 181865]     D:\protect.czech
[03/11/2005 - 15:21:26 | SH | 181726]     D:\protect.danish
[10/09/2002 - 13:56:12 | SH | 181605]     D:\protect.dutch
[10/09/2002 - 13:50:18 | N | 181651]     D:\protect.ed
[22/11/2004 - 15:28:30 | SH | 181648]     D:\protect.english
[03/11/2005 - 15:20:20 | SH | 181673]     D:\protect.finnish
[03/11/2005 - 15:19:52 | SH | 181736]     D:\protect.french
[03/11/2005 - 15:18:10 | SH | 181669]     D:\protect.german
[23/11/2005 - 15:56:46 | SH | 182689]     D:\protect.greek
[23/01/2006 - 09:18:00 | SH | 182605]     D:\protect.hebrew
[28/08/2007 - 14:58:08 | N | 181696]     D:\protect.hungarian
[03/11/2005 - 15:17:00 | SH | 181554]     D:\protect.italian
[19/06/2007 - 15:22:10 | SH | 182351]     D:\protect.japanese
[24/11/2005 - 11:24:44 | SH | 218295]     D:\protect.korean
[03/11/2005 - 15:15:12 | SH | 181578]     D:\protect.norwegian
[25/04/2006 - 14:44:10 | SH | 181789]     D:\protect.polish
[03/11/2005 - 15:13:12 | SH | 181624]     D:\protect.portuguese
[27/10/2005 - 19:24:10 | SH | 181882]     D:\protect.portuguese brazilian
[15/09/2008 - 15:57:54 | N | 181735]     D:\protect.romanian
[28/06/2004 - 08:52:46 | SH | 211936]     D:\protect.russian
[04/07/2007 - 11:46:44 | SH | 181954]     D:\protect.slovak
[03/11/2005 - 15:11:46 | SH | 181586]     D:\protect.spanish
[10/09/2002 - 14:15:06 | SH | 181602]     D:\protect.swedish
[12/08/2003 - 10:37:30 | SH | 181783]     D:\protect.turkish
[22/05/2009 - 03:45:45 | RD ]     D:\RECOVERY
[22/05/2009 - 03:45:54 | RSHD ]     D:\SOURCES
[08/11/2009 - 22:17:39 | SHD ]     D:\System Volume Information
[22/05/2009 - 03:46:25 | D ]     D:\Tools
[22/05/2009 - 03:45:54 | D ]     D:\WINDOWS

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F |


Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Jeu 26 Juil - 14:10 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Rapport de ZHPDiag v1.31.11 par Nicolas Coolman, Update du 21/07/2012
Run by Abd-El-Hamid at 26/07/2012 14:00:36
Web site :  http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Web site :  http://nicolascoolman.skyrock.com/
State : Version à jour.


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 12.0 v12.0 (Defaut)
GCIE: Google Chrome

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3068 MB (69% free)
System Restore: Activé (Enable)
System drive C: has 163 GB (35%) free of 455 GB

---\\ Logged in mode
~ Computer Name: PAVILLONDV6
~ User Name: Abd-El-Hamid
~ All Users Names: nawel, Mcx1, maman, Administrateur, Abd-El-Hamid,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Abd-El-Hamid\AppData\Roaming\
~ %Desktop% : C:\Users\Abd-El-Hamid\Desktop\
~ %Favorites% : C:\Users\Abd-El-Hamid\Favorites\
~ %LocalAppData% : C:\Users\Abd-El-Hamid\AppData\Local\
~ %StartMenu% : C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 163 Go of 455 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 11 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.8E87270C4704CF2951E1E7820D6C8A2B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/06/2012 - 09:25:08.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/9
~ Mes musiques (My Musics) : 2/7
~ Mes Favoris (My Favorites) : 1/85
~ Mes Documents (My Documents) : 1/36
~ Mon Bureau (My Desktop) : 1/9402
~ Menu demarrer (Programs) : 0/34
~ Scan Hidden Files in 00mn 14s



---\\ Processus lancés
[MD5.28E9092D50AE450662EEA4719E5AA304] - (.ALWIL Software - avast! service GUI component.) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe   [81000] [PID.3652]
[MD5.72AE847EB2B526CC0551C88B9A2970C1] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [3763200] [PID.4752]
[MD5.3DBB0D7890741B53369CB808B7F2E30C] - (.ALWIL Software - avast! Antivirus updating service.) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe   [18752] [PID.]
[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe   [108289] [PID.]
[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe   [185089] [PID.]
[MD5.DCF3E3EDF5109EE8BC02FE6E1F045795] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe   [753504] [PID.]
[MD5.A19B0BB5A7EB6DF2DD4A0711D36955EE] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe   [94208] [PID.]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.1940]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Abd-El-Hamid\AppData\Roaming\Mozilla\Firefox\Profiles\zqp9nw4d.default\prefs.js
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M3 - MFPP: Plugins - [Abd-El-Hamid] -- C:\Program Files\Mozilla FireFox\searchplugins\Yahoo.xml
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll
P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.5.1] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.5.1] - (.Oracle Corporation - Next Generation Java Plug-in 10.5.1 for Mozilla browsers.) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.450] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.448] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.448] - (.RealNetworks, Inc. - 6.0.12.448.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
P2 - FPN: [HKLM] [@veetle.com/vbp;version=0.9.17] - (...) -- C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (.not file.)
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.3.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [avast!] . (.ALWIL Software - avast! service GUI component.) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [BboxUpdate] . (.TechCity Solutions France - eStantAutoRunV.) -- C:\Program Files\BboxUpdate\eStantAutoRunV.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [potter] . (...) -- C:\Program Files\bhttp.vbs
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]  oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter]  oobefldr.dll
O4 - HKUS\S-1-5-21-3901224373-932584255-2147343616-1000\..\Run: [potter] . (...) -- C:\Program Files\bhttp.vbs
O4 - HKUS\S-1-5-21-3901224373-932584255-2147343616-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-3901224373-932584255-2147343616-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-3901224373-932584255-2147343616-1000\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-3901224373-932584255-2147343616-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\nawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\nawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\nawel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\nawel\Desktop\Brothers In Arms.lnk . (...)  -- C:\Program Files\Ubisoft\Gearbox Software\BrothersInArms\System\bia.exe (.not file.)
O4 - Global Startup: C:\Users\nawel\Desktop\Installation de PartyPoker.lnk . (...)  -- C:\Users\Abd-El-Hamid\Desktop\jeux\PartyPoker_Installer\SmartInstaller.exe (.not file.)
O4 - Global Startup: C:\Users\nawel\Desktop\Jouer à PKR.lnk . (...)  -- C:\Program Files\PKR\pkr.exe (.not file.)
O4 - Global Startup: C:\Users\nawel\Desktop\Mihov Image Resizer.lnk . (.Miha Psenica.)  -- C:\Program Files\Mihov Image Resizer\Resizer.exe
O4 - Global Startup: C:\Users\nawel\Desktop\PartyPoker.lnk . (...)  -- C:\Users\Abd-El-Hamid\Desktop\jeux\PartyGaming.exe (.not file.)
O4 - Global Startup: C:\Users\nawel\Desktop\Play Deal or No Deal.lnk . (...)  -- C:\Program Files\PKR\pkr.exe (.not file.)
O4 - Global Startup: C:\Users\nawel\Desktop\Risk II on the ZONE.lnk . (...)  -- C:\Users\nawel\Desktop\Risk II on the ZONE.lnk
O4 - Global Startup: C:\Users\nawel\Desktop\Risk II.lnk . (.Deep Red Games Ltd.)  -- C:\Program Files\Microprose\Risk II\RISKII.EXE
O4 - Global Startup: C:\Users\nawel\Desktop\YesMessenger.lnk . (...)  -- C:\Program Files\YesMessenger\YesMessenger.exe (.not file.)
O4 - Global Startup: C:\Users\nawel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk . (...)  -- C:\Windows\Installer\{A7AC8E69-01FF-494E-9A2C-423B82CEA604}\_3D6C77F60D97007F65EA64.exe
O4 - Global Startup: C:\Users\nawel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\nawel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PartyPoker.lnk . (...)  -- C:\Users\Abd-El-Hamid\Desktop\jeux\PartyGaming.exe (.not file.)
O4 - Global Startup: C:\Users\nawel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\maman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\maman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\maman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\maman\Desktop\Mihov Image Resizer.lnk . (.Miha Psenica.)  -- C:\Program Files\Mihov Image Resizer\Resizer.exe
O4 - Global Startup: C:\Users\maman\Desktop\Risk II on the ZONE.lnk . (...)  -- C:\Users\maman\Desktop\Risk II on the ZONE.lnk
O4 - Global Startup: C:\Users\maman\Desktop\Risk II.lnk . (.Deep Red Games Ltd.)  -- C:\Program Files\Microprose\Risk II\RISKII.EXE
O4 - Global Startup: C:\Users\maman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk . (...)  -- C:\Windows\Installer\{A7AC8E69-01FF-494E-9A2C-423B82CEA604}\_3D6C77F60D97007F65EA64.exe
O4 - Global Startup: C:\Users\maman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\maman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\Desktop\Bouygues Telecom - Mes services en un clic.url . (...)  -- C:\Users\Abd-El-Hamid\Desktop\Bouygues Telecom - Mes services en un clic.url
O4 - Global Startup: C:\Users\Abd-El-Hamid\Desktop\CCleaner.lnk . (.Piriform Ltd.)  -- C:\Program Files\CCleaner\CCleaner.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\Desktop\Corbeille.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Abd-El-Hamid\Desktop\Need For Speed World.lnk . (.Electronic Arts Inc.)  -- C:\Program Files\Electronic Arts\Need For Speed World\GameLauncher.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\Desktop\RealPlayer SP.lnk . (.RealNetworks, Inc..)  -- C:\Program Files\Real\RealPlayer\realplay.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\Desktop\Soucrire au Contrôle parental.url . (...)  -- C:\Users\Abd-El-Hamid\Desktop\Soucrire au Contrôle parental.url
O4 - Global Startup: C:\Users\Abd-El-Hamid\Desktop\Soucrire au pack Sécurité.url . (...)  -- C:\Users\Abd-El-Hamid\Desktop\Soucrire au pack Sécurité.url
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation.)  -- C:\Windows\System32\fsquirt.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk . (...)  -- C:\Windows\Installer\{A7AC8E69-01FF-494E-9A2C-423B82CEA604}\_3D6C77F60D97007F65EA64.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser (2).lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.)  -- C:\Program Files\PokerStars.FR\PokerStarsUpdate.exe
O4 - Global Startup: C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} -- C:\Programs\PartyFrance\PartyPokerFr\images\ppicon.ico (.not file.)
O9 - Extra button: PartyPoker.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} -- C:\Program Files\PokerStars.FR\main.ico (.not file.)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -- C:\Users\Abd-El-Hamid\Desktop\jeux\PartyPoker\images\ppicon.ico (.not file.)
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{10621CD3-5444-40A6-9789-E4B61CD66320}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{41580AD7-863A-4CA0-B257-83894AE37907}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{41580AD7-863A-4CA0-B257-83894AE37907}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{10621CD3-5444-40A6-9789-E4B61CD66320}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{41580AD7-863A-4CA0-B257-83894AE37907}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{41580AD7-863A-4CA0-B257-83894AE37907}: DhcpDomain = lan
O17 - HKLM\System\CS3\Services\Tcpip\..\{10621CD3-5444-40A6-9789-E4B61CD66320}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{41580AD7-863A-4CA0-B257-83894AE37907}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{41580AD7-863A-4CA0-B257-83894AE37907}: DhcpDomain = lan
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: dvd - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: its - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mhtml - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ms-its - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: tv - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: vbscript - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) . (.ALWIL Software - avast! Antivirus updating service.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service:  (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.ALWIL Software - avast! antivirus service.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service:  (eStantLaunchService) . (.TechCity Solutions France - eSTantAutoRunService.) - C:\Program Files\BboxUpdate\eSRunService.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe
O23 - Service: LightScribeService Direct Disc Labeling  (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (...) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (.not file.)
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) . (.Pas de propriétaire -  STServices.) - C:\Program Files\SMINST\BLService.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) . (.Pas de propriétaire - CLCapSvc Module.) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) . (.Pas de propriétaire - CLSched Module.) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.AE37F6508716D2DD6122744C46686BEC] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[MD5.B8E421C0890356CD4A793D8A346D9096] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.29BE51557A3E686B297BE273EB17CA67] [APT] [Programme de mise … jour en ligne de Real Player] (.RealNetworks, Inc..) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (...) -- C:\Program Files\TuneUp Utilities 2011\OneClick.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{0031D9FC-67BA-41C2-81A3-FB0EF42096B5}] (...) -- C:\Users\Abd-El-Hamid\Desktop\Nouveau dossier\rld-fim0.ClashGET\Support\FIFA Manager 10_code.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{03052C90-A7B4-4539-AEF8-68AB8A524CE6}] (...) -- C:\Users\Abd-El-Hamid\Downloads\pkrinstall(2).exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{0892B95C-6E34-498A-A35B-6032B5790106}] (...) -- C:\Users\Abd-El-Hamid\Downloads\RA21006FR.exe (.not file.)
[MD5.87AD03A742F7625648A5BE4F975716D4] [APT] [{0A2A0CAF-9D0D-4D42-84CD-BC326EB67724}] (...) -- C:\Programs\PartyFrance\PartyPokerFr\Uninstall.exe
[MD5.00000000000000000000000000000000] [APT] [{1052BDB3-1492-4EA8-8D66-C1B74163CF27}] (...) -- C:\Users\Abd-El-Hamid\Desktop\Red Alert\RedAlert1_AlliedDisc\RedAlert1_AlliedDisc\SETUP.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{119BA127-7C79-4D6C-A5AB-A2B9CAE5A023}] (...) -- C:\Users\Abd-El-Hamid\Desktop\Red Alert\RedAlert1_AlliedDisc\RedAlert1_AlliedDisc\SETUP\INSTALL\_SETUP.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{1BA83EBE-52D9-4F75-A91E-0B4725D875CF}] (...) -- C:\Users\Abd-El-Hamid\Desktop\Red Alert\RedAlert1_AlliedDisc\RedAlert1_AlliedDisc\INSTALL\SETUP.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{22F4C970-E340-467A-967A-16F012D67541}] (...) -- C:\Users\Abd-El-Hamid\Downloads\PartyPokerFrSetup(2).exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{32B890F2-94BC-43D3-B7E6-5A9EEC8B8C2D}] (...) -- C:\Users\Abd-El-Hamid\Desktop\Red Alert\RedAlert1_SovietDisc\RedAlert1_SovietDisc\SETUP\_SETUP.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{635C8297-0FBE-4CB6-8852-827E84792A86}] (...) -- C:\Users\Abd-El-Hamid\Desktop\SoftonicToolbar.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{722B3136-6BA5-4E0E-985F-D735EB4247BD}] (...) -- C:\Users\Abd-El-Hamid\Desktop\Red Alert\RedAlert1_AlliedDisc\RedAlert1_AlliedDisc\INSTALL\RASETUP.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{7271CA94-9442-4030-B053-98C1437BEC77}] (...) -- F:\Setup.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{7A32C11E-7779-4184-BF02-FEABF409A9C3}] (...) -- C:\Users\Abd-El-Hamid\Downloads\CrackWepPack_v0.1_11-11-2005.exe (.not file.)
~ Scan Scheduled Task in 00mn 05s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: LightScribe Control Panel - {10880D85-AAD9-4558-ABDC-2AB1552D831F} . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSRunOnce.exe
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
O41 - Driver:  (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver:  (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AMD USB Audio Driver Filter - (.Advanced Micro Devices, Inc..) [HKLM] -- {A3AB35FA-943E-4799-99DC-46EFD59E998F}
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.3) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player - (.Adobe Systems, Inc..) [HKLM] -- {AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Betclic Poker.fr (Remove Only) - (.Pas de propriétaire.) [HKLM] -- Betclic Poker.fr
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {187817E2-6407-461C-B59B-56CE73363D34}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Favorit (hyyssee) - (.Pas de propriétaire.) [HKLM] -- hyyssee
O42 - Logiciel: FinePixViewer Ver.4.2 - (.Pas de propriétaire.) [HKLM] -- {24ED4D80-8294-11D5-96CD-0040266301AD}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}
O42 - Logiciel: HP Common Access Service Library - (.Hewlett-Packard.) [HKLM] -- {732A3F80-008B-4350-BD58-EC5AE98707B8}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {57A5AEC1-97FC-474D-92C4-908FCC2253D4}
O42 - Logiciel: HP Help and Support - (.Hewlett-Packard Company.) [HKLM] -- {0054A0F6-00C9-4498-B821-B5C9578F433E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart Music/Photo/Video - (.Hewlett-Packard.) [HKLM] -- {B2EE25B9-5B00-4ACF-94F0-92433C28C39E}
O42 - Logiciel: HP MediaSmart SmartMenu - (.Hewlett-Packard.) [HKLM] -- {A7AC8E69-01FF-494E-9A2C-423B82CEA604}
O42 - Logiciel: HP MediaSmart TV - (.Hewlett-Packard.) [HKLM] -- InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart TV - (.Hewlett-Packard.) [HKLM] -- {67626E09-5366-4480-8F1E-93FADF50CA15}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP MediaSmart Webcam - (.Hewlett-Packard.) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: HP Quick Launch Buttons 6.40 L1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355}
O42 - Logiciel: HP Total Care Advisor - (.Hewlett-Packard.) [HKLM] -- {154A4184-1A3D-4BF9-A5AE-4FA1660445F3}
O42 - Logiciel: HP Total Care Setup - (.Hewlett-Packard Company.) [HKLM] -- {95A747E0-DF19-46CB-A622-20A0107201BD}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {47F36D92-E58E-456D-B73C-3382737E4C42}
O42 - Logiciel: HP User Guides 0126 - (.Hewlett-Packard.) [HKLM] -- {36E90C09-EB23-4EAC-8B47-12C0CA5DBD3A}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {E5E29403-3D25-40C6-892B-F9FEE2A95585}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: HPNetworkAssistant - (.Hewlett-Packard..) [HKLM] -- {228C6B46-64E2-404E-898A-EF0830603EF4}
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}
O42 - Logiciel: Java(TM) 6 Update 19 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Java(TM) 7 Update 5 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217005FF}
O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LightScribe System Software  1.14.17.1 - (.LightScribe.) [HKLM] -- {0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word Viewer 2003 - (.Microsoft Corporation.) [HKLM] -- {9085040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {06E6E30D-B498-442F-A943-07DE41D7F785}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM] -- {3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Mihov Image Resizer 1.2 (remove only) - (.Pas de propriétaire.) [HKLM] -- Mihov Image Resizer
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Monopoly Version 8 - (.Olivier RAVET.) [HKLM] -- Monopoly_is1
O42 - Logiciel: Mozilla Firefox 12.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 12.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Need For Speed™ World - (.Electronic Arts.) [HKLM] -- {7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1
O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: ProtectSmart Hard Drive Protection - (.Hewlett-Packard.) [HKLM] -- {9D615069-AA8F-4E89-AE9D-77AAE90F529F}
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0
O42 - Logiciel: Realtek 8169 8168 8101E 8102E Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Réussir son Code de la Route 2005 - (.Pas de propriétaire.) [HKLM] -- {E88CBF0C-500C-401C-BED2-47973423C7AA}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2604111
O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2657424
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217
O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {F53D678E-238F-4A71-9742-08BB6774E9DC}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {FCFBA290-CB48-4AF1-A241-2685AEDEDD66}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09F56A49-A7B1-4AAB-95B9-D13094254AD1}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: avast! Antivirus v4.8 - (.Alwil Software.) [HKLM] -- avast!
O42 - Logiciel: muvee Reveal - (.muvee Technologies Pte Ltd.) [HKLM] -- {DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Monitored]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\settings]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Athoers]
[HKCU\Software\Avira]
[HKCU\Software\Binary Noise]
[HKCU\Software\Casino]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DT Soft]
[HKCU\Software\EA Sports]
[HKCU\Software\EasyBits]
[HKCU\Software\FIXIO PC Utilities]
[HKCU\Software\FUJIFILM]
[HKCU\Software\FreeDownloadManager.ORG]
[HKCU\Software\Full Tilt Poker]
[HKCU\Software\Google]
[HKCU\Software\Grand Virtual]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HipSoft]
[HKCU\Software\HookNetwork]
[HKCU\Software\IDT]
[HKCU\Software\IGA]
[HKCU\Software\IM Providers]
[HKCU\Software\INTEL]
[HKCU\Software\InstallCore]
[HKCU\Software\JavaSoft]
[HKCU\Software\Joyland Casino]
[HKCU\Software\KNT]
[HKCU\Software\KSS]
[HKCU\Software\Leadertech]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Live-Player]
[HKCU\Software\MGS]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee Consumer)]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mihov Image Resizer]
[HKCU\Software\Mihove feke]
[HKCU\Software\Mooii]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\PartyFrance]
[HKCU\Software\PartyGaming]
[HKCU\Software\Piriform]
[HKCU\Software\Poker 770]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Samsung]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Speed-Downloading]
[HKCU\Software\Sports Interactive Ltd]
[HKCU\Software\Synaptics]
[HKCU\Software\SysInternals]
[HKCU\Software\Team17SoftwareLTD]
[HKCU\Software\Titan Poker]
[HKCU\Software\TomTom]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Ubisoft]
[HKCU\Software\Unity]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WarZone]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\Z-Com, Inc.]
[HKCU\Software\Zylom]
[HKCU\Software\winnerpoker]
[HKLM\Software\<company>]
[HKLM\Software\ALWIL Software]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Atheros]
[HKLM\Software\Audible]
[HKLM\Software\Avira]
[HKLM\Software\Caphyon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\Cyberlink]
[HKLM\Software\Deal or No Deal at PKR]
[HKLM\Software\Debug]
[HKLM\Software\DeepRed]
[HKLM\Software\DriverTuner]
[HKLM\Software\DriverTuner_Init]
[HKLM\Software\EA Sports]
[HKLM\Software\EasyBits]
[HKLM\Software\Electronic Arts]
[HKLM\Software\FUJI PHOTO FILM CO.,LTD.]
[HKLM\Software\FreeDownloadManager.ORG]
[HKLM\Software\Full Tilt Poker]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard Company]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IDT]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Joyland Casino]
[HKLM\Software\JreMetrics]
[HKLM\Software\LightScribe]
[HKLM\Software\Live-Player]
[HKLM\Software\MDC]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Micro Application]
[HKLM\Software\Microprose]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mooii]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Nero]
[HKLM\Software\Notepad]
[HKLM\Software\ODBC]
[HKLM\Software\Oracle]
[HKLM\Software\P2G_Upgrade]
[HKLM\Software\PDR_Upgrade]
[HKLM\Software\PKR]
[HKLM\Software\PTECH]
[HKLM\Software\Poker 770]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RichFX]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\SimplyGen]
[HKLM\Software\Sonic]
[HKLM\Software\Speed-Downloading]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Systweak]
[HKLM\Software\TSMSTV_Upgrade]
[HKLM\Software\Techcity]
[HKLM\Software\Titan Poker]
[HKLM\Software\TomTom]
[HKLM\Software\TuneUp]
[HKLM\Software\Ubisoft]
[HKLM\Software\Uniblue]
[HKLM\Software\Veetle]
[HKLM\Software\VideoLAN]
[HKLM\Software\W3i]
[HKLM\Software\WOW6432Node]
[HKLM\Software\WarZone]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\X-AVCSD]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\lameme]
[HKLM\Software\mozilla.org]
[HKLM\Software\winnerpoker]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/02/2009 - 11:08:51 - [12,096] ----D C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD: 18/07/2011 - 15:37:48 - [158,815] ----D C:\Program Files\Adobe
O43 - CFD: 08/11/2009 - 18:47:23 - [377,869] ----D C:\Program Files\Alwil Software
O43 - CFD: 22/05/2009 - 03:19:43 - [0,060] ----D C:\Program Files\AMD
O43 - CFD: 22/05/2009 - 03:18:57 - [1,064] ----D C:\Program Files\Atheros
O43 - CFD: 22/05/2009 - 03:12:24 - [13,661] ----D C:\Program Files\ATI
O43 - CFD: 22/05/2009 - 03:14:03 - [83,161] ----D C:\Program Files\ATI Technologies
O43 - CFD: 07/04/2010 - 22:24:54 - [190,628] ----D C:\Program Files\Avira
O43 - CFD: 23/12/2011 - 17:41:47 - [32,619] ----D C:\Program Files\Bbox
O43 - CFD: 23/12/2011 - 17:41:57 - [0,219] ----D C:\Program Files\BboxUpdate
O43 - CFD: 11/07/2012 - 14:12:01 - [30,198] ----D C:\Program Files\Betclic Poker.fr
O43 - CFD: 01/11/2009 - 18:32:58 - [2,716] ----D C:\Program Files\CCleaner
O43 - CFD: 14/07/2012 - 13:50:59 - [522,658] ----D C:\Program Files\Common Files
O43 - CFD: 30/05/2011 - 06:53:18 - [476,725] ----D C:\Program Files\CyberLink
O43 - CFD: 10/04/2010 - 01:45:58 - [11,127] ----D C:\Program Files\DAEMON Tools Lite
O43 - CFD: 22/05/2009 - 03:15:22 - [0,758] ----D C:\Program Files\DIFX
O43 - CFD: 20/06/2012 - 23:42:21 - [12,476] ----D C:\Program Files\Electronic Arts
O43 - CFD: 28/08/2009 - 16:33:28 - [0] ----D C:\Program Files\Fichiers communs
O43 - CFD: 11/11/2009 - 01:07:01 - [45,787] ----D C:\Program Files\FinePixViewer
O43 - CFD: 18/02/2012 - 03:01:55 - [13,850] ----D C:\Program Files\FoxTabPDFConverter
O43 - CFD: 08/11/2009 - 23:29:50 - [18,008] ----D C:\Program Files\Free Download Manager
O43 - CFD: 08/04/2010 - 08:26:24 - [0] ----D C:\Program Files\Google
O43 - CFD: 22/05/2009 - 04:12:26 - [696,615] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 26/02/2009 - 10:07:25 - [0] ----D C:\Program Files\Hewlett-Packard Company
O43 - CFD: 26/02/2009 - 11:33:30 - [20,128] ----D C:\Program Files\HP
O43 - CFD: 22/05/2009 - 03:17:22 - [36,388] ----D C:\Program Files\IDT
O43 - CFD: 23/06/2012 - 12:55:27 - [178,936] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 11/07/2012 - 03:20:37 - [5,795] ----D C:\Program Files\Internet Explorer
O43 - CFD: 14/07/2012 - 13:49:10 - [178,822] ----D C:\Program Files\Java
O43 - CFD: 22/05/2009 - 03:15:41 - [1,535] ----D C:\Program Files\JMicron
O43 - CFD: 17/12/2010 - 13:02:34 - [0,822] ----D C:\Program Files\Live-Player
O43 - CFD: 22/06/2010 - 23:59:48 - [3,801] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 14/05/2012 - 16:05:05 - [2,414] ----D C:\Program Files\MarkAny
O43 - CFD: 23/06/2012 - 12:55:27 - [731,918] ----D C:\Program Files\Micro Application
O43 - CFD: 08/09/2009 - 18:42:19 - [205,827] ----D C:\Program Files\Microprose
O43 - CFD: 23/09/2009 - 20:45:47 - [2,676] ----D C:\Program Files\Microsoft
O43 - CFD: 30/10/2009 - 01:59:36 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 14:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 20/05/2010 - 19:13:50 - [63,139] ----D C:\Program Files\Microsoft Office
O43 - CFD: 12/05/2012 - 12:06:04 - [40,838] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 23/09/2009 - 20:41:09 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 16/12/2010 - 04:04:01 - [137,975] ----D C:\Program Files\Microsoft Works
O43 - CFD: 26/06/2010 - 03:01:44 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 10/11/2009 - 19:20:31 - [0,364] ----D C:\Program Files\Mihov Image Resizer
O43 - CFD: 01/09/2010 - 16:52:51 - [2,817] ----D C:\Program Files\Monopoly
O43 - CFD: 11/08/2010 - 23:34:06 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 12/06/2012 - 09:57:18 - [38,966] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 12/06/2012 - 09:57:18 - [0,210] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 14:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 20/05/2010 - 19:12:50 - [25,658] ----D C:\Program Files\MSECache
O43 - CFD: 20/09/2009 - 03:01:09 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 22/05/2009 - 04:19:15 - [56,025] ----D C:\Program Files\muvee Technologies
O43 - CFD: 28/08/2009 - 16:37:10 - [17,895] R---D C:\Program Files\Online Services
O43 - CFD: 25/07/2012 - 01:02:20 - [0] ----D C:\Program Files\Optimizer Pro
O43 - CFD: 14/07/2012 - 13:50:27 - [33,207] ----D C:\Program Files\Oracle
O43 - CFD: 05/06/2012 - 22:23:21 - [106,866] ----D C:\Program Files\PokerStars.FR
O43 - CFD: 09/12/2009 - 03:59:24 - [65,977] ----D C:\Program Files\Real
O43 - CFD: 22/05/2009 - 03:17:28 - [1,974] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [36,906] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 14/05/2012 - 16:06:30 - [241,415] ----D C:\Program Files\Samsung
O43 - CFD: 13/03/2011 - 10:32:54 - [24,115] ----D C:\Program Files\SMINST
O43 - CFD: 17/12/2010 - 02:03:30 - [15,285] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 22/05/2009 - 03:14:40 - [35,918] ----D C:\Program Files\Synaptics
O43 - CFD: 14/12/2011 - 17:32:31 - [0,029] ----D C:\Program Files\Techcity
O43 - CFD: 01/09/2010 - 16:11:37 - [0,035] ----D C:\Program Files\TomTom HOME 2
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 11/06/2011 - 20:21:07 - [80,376] ----D C:\Program Files\VideoLAN
O43 - CFD: 08/11/2009 - 18:24:20 - [1,350] ----D C:\Program Files\WarZone
O43 - CFD: 12/03/2011 - 16:30:42 - [6,301] ----D C:\Program Files\Winamax Poker(170)
O43 - CFD: 21/10/2009 - 23:12:08 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 21/10/2009 - 23:12:07 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 21/10/2009 - 23:12:04 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 10/05/2012 - 22:21:14 - [6,757] ----D C:\Program Files\Windows Journal
O43 - CFD: 01/04/2012 - 16:34:57 - [176,620] ----D C:\Program Files\Windows Live
O43 - CFD: 12/04/2012 - 05:08:26 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 14/10/2010 - 20:28:53 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 28/08/2009 - 16:33:28 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 21/10/2009 - 23:12:07 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 17/11/2009 - 17:44:43 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 21/10/2009 - 23:12:07 - [9,938] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 25/07/2012 - 13:44:44 - [3,898] ----D C:\Program Files\WinRAR
O43 - CFD: 06/10/2009 - 14:54:43 - [0,000] --H-D C:\Program Files\Zero G Registry
O43 - CFD: 26/07/2012 - 14:01:12 - [12,850] ----D C:\Program Files\ZHPDiag
O43 - CFD: 18/07/2011 - 15:37:50 - [3,734] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 29/01/2012 - 22:21:48 - [37,554] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 08/09/2009 - 18:43:57 - [0,000] ----D C:\Program Files\Common Files\Idu
O43 - CFD: 11/10/2009 - 21:43:17 - [8,002] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 14/07/2012 - 13:50:59 - [1,181] ----D C:\Program Files\Common Files\Java
O43 - CFD: 22/05/2009 - 03:50:28 - [27,847] ----D C:\Program Files\Common Files\LightScribe
O43 - CFD: 12/06/2011 - 21:33:28 - [278,410] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/05/2009 - 04:19:21 - [92,269] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 30/05/2011 - 07:08:11 - [0] ----D C:\Program Files\Common Files\Nero
O43 - CFD: 09/12/2009 - 04:00:00 - [19,701] ----D C:\Program Files\Common Files\Real
O43 - CFD: 02/11/2006 - 13:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 02/11/2006 - 13:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 11/11/2009 - 01:07:42 - [0] ----D C:\Program Files\Common Files\SWF Studio
O43 - CFD: 08/11/2009 - 18:30:30 - [0,055] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 09/11/2011 - 04:00:25 - [14,369] ----D C:\Program Files\Common Files\System
O43 - CFD: 23/09/2009 - 20:20:50 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 09/12/2009 - 03:59:44 - [0,336] ----D C:\Program Files\Common Files\xing shared
O43 - CFD: 18/07/2011 - 15:37:53 - [1,722] ----D C:\ProgramData\Adobe
O43 - CFD: 02/11/2006 - 15:02:03 - [0] ----D C:\ProgramData\Application Data
O43 - CFD: 22/05/2009 - 03:19:09 - [0,008] ----D C:\ProgramData\Atheros
O43 - CFD: 22/05/2009 - 04:23:07 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 07/04/2010 - 22:24:54 - [650,762] ----D C:\ProgramData\Avira
O43 - CFD: 28/08/2009 - 16:33:28 - [0] ----D C:\ProgramData\Bureau
O43 - CFD: 19/09/2009 - 03:19:21 - [0,125] ----D C:\ProgramData\CyberLink
O43 - CFD: 10/04/2010 - 01:41:40 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 02/11/2006 - 15:02:03 - [0] ----D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [0] ----D C:\ProgramData\Documents
O43 - CFD: 20/06/2012 - 23:42:21 - [-1340,302] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 28/08/2009 - 16:33:28 - [0] ----D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [0] ----D C:\ProgramData\Favorites
O43 - CFD: 13/03/2011 - 15:10:31 - [0,000] ----D C:\ProgramData\fLhPiEc00000
O43 - CFD: 31/08/2009 - 14:50:30 - [0] ----D C:\ProgramData\FloodLightGames
O43 - CFD: 08/04/2010 - 08:26:24 - [2,139] ----D C:\ProgramData\Google
O43 - CFD: 02/03/2010 - 16:44:52 - [34,803] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 30/08/2009 - 22:20:49 - [0,185] ----D C:\ProgramData\HipSoft
O43 - CFD: 11/10/2011 - 02:06:45 - [0,000] ----D C:\ProgramData\iMc06511lPiIh06511
O43 - CFD: 13/03/2011 - 10:11:40 - [0,000] ----D C:\ProgramData\jJmPoGb06504
O43 - CFD: 21/10/2009 - 22:40:39 - [0,001] ----D C:\ProgramData\LightScribe
O43 - CFD: 07/04/2010 - 22:17:17 - [10,431] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 28/08/2009 - 16:33:28 - [0] ----D C:\ProgramData\Menu Démarrer
O43 - CFD: 19/11/2009 - 23:31:24 - [-1349,082] ----D C:\ProgramData\MGS
O43 - CFD: 25/07/2012 - 02:45:46 - [655,032] -S--D C:\ProgramData\Microsoft
O43 - CFD: 13/05/2010 - 17:45:36 - [0,054] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 28/08/2009 - 16:33:28 - [0] ----D C:\ProgramData\Modèles
O43 - CFD: 02/05/2012 - 22:53:19 - [0,000] ----D C:\ProgramData\Mozilla
O43 - CFD: 07/11/2009 - 12:23:02 - [0] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 30/05/2011 - 07:07:28 - [0,631] ----D C:\ProgramData\Nero
O43 - CFD: 11/09/2009 - 19:21:12 - [0,011] ----D C:\ProgramData\NETGEAR
O43 - CFD: 08/11/2009 - 18:30:58 - [0,015] ----D C:\ProgramData\Norton
O43 - CFD: 26/02/2009 - 10:09:14 - [5,829] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 12/03/2010 - 20:15:40 - [0,000] ----D C:\ProgramData\Real
O43 - CFD: 14/05/2012 - 16:05:38 - [7,365] ----D C:\ProgramData\Samsung
O43 - CFD: 30/12/2010 - 20:20:48 - [20,357] ----D C:\ProgramData\Skype
O43 - CFD: 23/10/2009 - 14:53:24 - [0,072] ----D C:\ProgramData\SpinTop Games
O43 - CFD: 06/10/2009 - 15:00:39 - [0,138] ----D C:\ProgramData\Sports Interactive
O43 - CFD: 17/12/2010 - 03:34:57 - [0,798] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 15:02:03 - [0] ----D C:\ProgramData\Start Menu
O43 - CFD: 31/03/2010 - 01:10:04 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 08/11/2009 - 18:29:33 - [0,102] ----D C:\ProgramData\Symantec
O43 - CFD: 22/05/2009 - 04:18:29 - [0,606] ----D C:\ProgramData\Temp
O43 - CFD: 02/11/2006 - 15:02:04 - [0] ----D C:\ProgramData\Templates
O43 - CFD: 21/05/2011 - 11:49:19 - [8,199] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 23/03/2010 - 17:21:29 - [0,173] ----D C:\ProgramData\WildTangent
O43 - CFD: 27/02/2010 - 17:05:48 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 25/07/2012 - 13:41:13 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 26/02/2009 - 11:08:51 - [6,585] ----D C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
O43 - CFD: 21/05/2011 - 11:46:01 - [17,381] -SH-D C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
O43 - CFD: 07/04/2010 - 22:27:13 - [17,670] -SH-D C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
O43 - CFD: 07/02/2011 - 17:38:36 - [26,150] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Adobe
O43 - CFD: 28/08/2009 - 16:46:26 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\ATI
O43 - CFD: 05/01/2010 - 02:22:05 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\cttlho
O43 - CFD: 14/09/2009 - 15:21:54 - [0,129] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\CyberLink
O43 - CFD: 10/04/2010 - 01:53:44 - [0,001] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 02/05/2011 - 00:10:52 - [0,000] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\dvdcss
O43 - CFD: 31/08/2009 - 14:50:29 - [0,057] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\FloodLightGames
O43 - CFD: 04/04/2010 - 20:45:42 - [0,117] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Free Download Manager
O43 - CFD: 26/11/2009 - 03:27:30 - [0,000] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\FUJIFILM
O43 - CFD: 25/03/2010 - 19:57:01 - [0,025] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Gearbox Software
O43 - CFD: 02/03/2010 - 16:46:11 - [0,322] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\hewlett-packard
O43 - CFD: 31/12/2009 - 21:52:20 - [0,593] RSH-D C:\Users\Abd-El-Hamid\AppData\Roaming\hostkt
O43 - CFD: 28/08/2009 - 16:37:15 - [0,040] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\HP TCS
O43 - CFD: 10/11/2009 - 01:50:25 - [0,001] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Identities
O43 - CFD: 13/01/2010 - 23:06:22 - [0,047] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Leadertech
O43 - CFD: 28/08/2009 - 16:52:36 - [1,928] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Macromedia
O43 - CFD: 07/04/2010 - 22:18:07 - [0,034] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Media Center Programs
O43 - CFD: 13/10/2011 - 15:19:12 - [5,566] -S--D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft
O43 - CFD: 28/04/2010 - 00:30:30 - [28,126] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Mozilla
O43 - CFD: 05/09/2010 - 19:04:00 - [0,100] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Mozilla-Cache
O43 - CFD: 07/11/2009 - 12:24:41 - [0,001] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\muvee Technologies
O43 - CFD: 21/06/2012 - 00:29:13 - [0,042] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Need for Speed World
O43 - CFD: 19/09/2009 - 04:05:50 - [0,071] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Nero
O43 - CFD: 30/08/2010 - 00:33:57 - [0,004] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\PeaZip
O43 - CFD: 25/07/2010 - 10:14:11 - [0,041] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\PhotoScape
O43 - CFD: 12/03/2010 - 20:15:34 - [56,822] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Real
O43 - CFD: 14/05/2012 - 16:09:14 - [14,041] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Samsung
O43 - CFD: 14/04/2010 - 17:14:40 - [0,035] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\skypePM
O43 - CFD: 16/09/2009 - 01:45:34 - [0,143] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\SPORE Creature Creator
O43 - CFD: 06/10/2009 - 15:00:51 - [6,034] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Sports Interactive
O43 - CFD: 25/07/2012 - 04:16:00 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Systweak
O43 - CFD: 08/11/2009 - 18:15:31 - [0,004] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Talkback
O43 - CFD: 13/05/2010 - 23:18:30 - [0,013] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Template
O43 - CFD: 13/06/2010 - 16:24:52 - [19,858] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\TomTom
O43 - CFD: 21/05/2011 - 11:47:04 - [0,036] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\TuneUp Software
O43 - CFD: 09/12/2009 - 19:53:16 - [18,305] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\U3
O43 - CFD: 24/12/2011 - 17:24:37 - [0,000] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Unity
O43 - CFD: 12/06/2012 - 09:57:18 - [2,000] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\vlc
O43 - CFD: 30/01/2011 - 23:24:42 - [1,055] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O43 - CFD: 19/09/2009 - 03:09:02 - [1,339] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\WarZone
O43 - CFD: 11/12/2009 - 23:09:59 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Windows Live Writer
O43 - CFD: 08/09/2009 - 18:40:40 - [0,000] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\WinRAR
O43 - CFD: 10/11/2009 - 01:50:25 - [0,248] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Zylom
O43 - CFD: 30/01/2011 - 23:23:51 - [15,027] ----D C:\Users\Abd-El-Hamid\AppData\Local\Adobe
O43 - CFD: 28/08/2009 - 16:33:54 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\Application Data
O43 - CFD: 28/08/2009 - 16:46:26 - [0,041] ----D C:\Users\Abd-El-Hamid\AppData\Local\ATI
O43 - CFD: 26/10/2009 - 07:45:08 - [0,101] ----D C:\Users\Abd-El-Hamid\AppData\Local\Boss Media
O43 - CFD: 05/01/2010 - 02:22:05 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\cttlho
O43 - CFD: 14/09/2009 - 15:21:49 - [0,100] ----D C:\Users\Abd-El-Hamid\AppData\Local\CyberLink
O43 - CFD: 14/05/2012 - 16:02:28 - [86,701] ----D C:\Users\Abd-El-Hamid\AppData\Local\Downloaded Installations
O43 - CFD: 25/01/2012 - 08:24:50 - [0,002] ----D C:\Users\Abd-El-Hamid\AppData\Local\Electronic_Arts_Inc
O43 - CFD: 06/01/2010 - 02:03:49 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\gkvsno
O43 - CFD: 08/04/2010 - 07:38:26 - [0,001] ----D C:\Users\Abd-El-Hamid\AppData\Local\Google
O43 - CFD: 14/09/2009 - 15:21:29 - [0,002] ----D C:\Users\Abd-El-Hamid\AppData\Local\Hewlett-Packard
O43 - CFD: 28/08/2009 - 16:33:54 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\Historique
O43 - CFD: 22/06/2012 - 21:00:36 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\Macromedia
O43 - CFD: 25/07/2012 - 02:45:45 - [304,135] ----D C:\Users\Abd-El-Hamid\AppData\Local\Microsoft
O43 - CFD: 01/04/2010 - 19:57:34 - [0,739] ----D C:\Users\Abd-El-Hamid\AppData\Local\Microsoft Games
O43 - CFD: 09/09/2009 - 12:43:38 - [0,092] ----D C:\Users\Abd-El-Hamid\AppData\Local\Microsoft Help
O43 - CFD: 14/04/2011 - 03:34:14 - [0,004] ----D C:\Users\Abd-El-Hamid\AppData\Local\MigWiz
O43 - CFD: 28/08/2009 - 17:03:16 - [70,485] ----D C:\Users\Abd-El-Hamid\AppData\Local\Mozilla
O43 - CFD: 28/08/2010 - 19:31:31 - [0,014] ----D C:\Users\Abd-El-Hamid\AppData\Local\P5
O43 - CFD: 25/07/2012 - 19:44:43 - [3,674] ----D C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR
O43 - CFD: 14/09/2009 - 15:21:48 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\PowerCinema
O43 - CFD: 09/12/2009 - 04:00:50 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\Real
O43 - CFD: 15/05/2012 - 09:11:14 - [0,013] ----D C:\Users\Abd-El-Hamid\AppData\Local\Samsung
O43 - CFD: 29/10/2009 - 06:07:44 - [0,001] ----D C:\Users\Abd-El-Hamid\AppData\Local\Symantec
O43 - CFD: 26/07/2012 - 13:59:25 - [0,140] ----D C:\Users\Abd-El-Hamid\AppData\Local\Temp
O43 - CFD: 28/08/2009 - 16:33:54 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\Temporary Internet Files
O43 - CFD: 13/06/2010 - 16:24:52 - [1,783] ----D C:\Users\Abd-El-Hamid\AppData\Local\TomTom
O43 - CFD: 01/04/2012 - 07:30:29 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\Unity
O43 - CFD: 29/09/2009 - 19:26:55 - [231,969] ----D C:\Users\Abd-El-Hamid\AppData\Local\VirtualStore
O43 - CFD: 08/01/2012 - 12:51:39 - [0,137] ----D C:\Users\Abd-El-Hamid\AppData\Local\Windows Live
O43 - CFD: 11/12/2009 - 23:09:59 - [0,002] ----D C:\Users\Abd-El-Hamid\AppData\Local\Windows Live Writer
O43 - CFD: 06/01/2010 - 02:03:48 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\yxmcnh
O43 - CFD: 23/03/2010 - 17:13:44 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Local\Zylom Games
O43 - CFD: 07/03/2011 - 09:53:50 - [0,014] R---D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 28/08/2009 - 16:46:03 - [0,000] R---D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 23/12/2011 - 17:41:57 - [0,004] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bbox - Bouygues Telecom
O43 - CFD: 01/11/2009 - 18:32:54 - [0,003] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 06/10/2009 - 03:54:50 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 22/05/2009 - 04:12:17 - [0,001] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 21/01/2008 - 04:42:46 - [0,001] R---D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 10/11/2009 - 19:20:31 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mihov Image Resizer
O43 - CFD: 06/10/2009 - 03:54:49 - [0] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PartyPoker
O43 - CFD: 25/07/2012 - 04:26:14 - [0] R---D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 25/07/2012 - 13:44:45 - [0,002] ----D C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 06s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.60BDF4955DD96FE5E2ECDDF49AAFF291] - 26/07/2012 - 12:59:15 ---A- . (...) -- C:\UsbFix.txt   [12987]
O44 - LFC:[MD5.AE4DBF4DE3679C4B08BC39A23A05B2D6] - 26/07/2012 - 12:59:14 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [463114]
O44 - LFC:[MD5.A4988C1AC7776A7E7BD0DC497F892ECF] - 26/07/2012 - 12:45:00 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1495948]
O44 - LFC:[MD5.F463FCF55F22D2B1E5B32B3D95D3B9FB] - 26/07/2012 - 12:45:00 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [104242]
O44 - LFC:[MD5.FC3602E7E77434AED8481E8A361FDF3B] - 26/07/2012 - 12:45:00 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [126798]
O44 - LFC:[MD5.28E38C6E6FEFA4EF5A16D6DCE1436D8E] - 26/07/2012 - 12:45:00 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [596168]
O44 - LFC:[MD5.80CF765F78A6B0A96F62A79F5D6526C3] - 26/07/2012 - 12:45:00 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [679214]
O44 - LFC:[MD5.85E2B5C37354C9FDB1ACA18B2B3C90BC] - 26/07/2012 - 12:38:09 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.81E1AD2F66EF7ED2B73F95853CCC587D] - 25/07/2012 - 18:36:07 ----- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.E47CB63CAC15D5983A55FA3FF606AE74] - 25/07/2012 - 15:55:56 ----- . (...) -- C:\AdwCleaner[S3].txt   [1682]
O44 - LFC:[MD5.73E72716362F9BBC5AFCEE997B2908AB] - 25/07/2012 - 15:55:42 ----- . (...) -- C:\AdwCleaner[R4].txt   [1620]
O44 - LFC:[MD5.EADE5C69802FBCCD30D3616839A8BE1D] - 25/07/2012 - 03:58:02 ----- . (...) -- C:\AdwCleaner[S2].txt   [1377]
O44 - LFC:[MD5.22A82988D57AA5C64CD3AF7DC6B2FD82] - 25/07/2012 - 03:57:47 ----- . (...) -- C:\AdwCleaner[R3].txt   [1315]
O44 - LFC:[MD5.50691FC30731F766453EF137AE36714E] - 25/07/2012 - 03:40:34 ---A- . (...) -- C:\Windows\PFRO.log   [2144]
O44 - LFC:[MD5.72120CCA65891B8E0A913034BF9F0CC5] - 25/07/2012 - 03:39:22 ----- . (...) -- C:\AdwCleaner[S1].txt   [10600]
O44 - LFC:[MD5.E89200D2186FD3EF1692C1144453446E] - 25/07/2012 - 03:37:36 ----- . (...) -- C:\AdwCleaner[R2].txt   [10248]
O44 - LFC:[MD5.9DE129E1F601953A2A1C7F0FD4E595DE] - 25/07/2012 - 03:36:46 ----- . (...) -- C:\AdwCleaner[R1].txt   [10187]
O44 - LFC:[MD5.F86882C1CBB1E988A68B97FE6B2B42FB] - 25/07/2012 - 00:01:55 ----- . (...) -- C:\user.js   [849]
O44 - LFC:[MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - 24/07/2012 - 07:35:13 ---A- . (...) -- C:\Windows\System32\DOErrors.log   [52]
O44 - LFC:[MD5.B9A095D29B7B5C724F704511504532CA] - 17/07/2012 - 00:30:47 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [426184]
O44 - LFC:[MD5.BA8EBDACB4998C159FF48B6133E1A15A] - 17/07/2012 - 00:30:47 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [70344]
O44 - LFC:[MD5.7BFAAB2432ECFBDBD5CC0C507C03A6D1] - 16/07/2012 - 13:25:06 ---A- . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\System32\roboot.exe   [17320]
O44 - LFC:[MD5.1C4D251305E3DE58D412552104EDD3CF] - 14/07/2012 - 12:49:15 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe   [174064]
O44 - LFC:[MD5.53560C9205CD9A362F10CDDAD91BF7BD] - 14/07/2012 - 12:49:15 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe   [174064]
O44 - LFC:[MD5.553D3D9AA09EEC398739C211A2C4957B] - 11/07/2012 - 02:24:04 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [309768]
O44 - LFC:[MD5.192CF127DD5452E4C1174C5C15012AD4] - 05/07/2012 - 21:06:48 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe   [227760]
O44 - LFC:[MD5.2F4781F84C92E8C4B1586E47A78E8A61] - 05/07/2012 - 21:06:30 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll   [772544]
O44 - LFC:[MD5.169022F31B2BD42EB19ECB7B8B68E566] - 05/07/2012 - 21:06:20 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll   [687544]
~ Scan Files in 00mn 46s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.7BEEDFC2DF8E89DACE9155BD7CE42B83] - 10/07/2012 - 00:53:56 ---A- - C:\Windows\Prefetch\AgCx_SC2.db
O45 - LFCP:[MD5.9C8A2856BB7660F0F97CED9EB280E2C5] - 20/07/2012 - 03:12:05 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-834350CA.pf
O45 - LFCP:[MD5.214D0DD77FB14A3B245ADE26CC0D9482] - 24/07/2012 - 20:43:13 ---A- - C:\Windows\Prefetch\PHOTOSCREENSAVER.SCR-DC8CDF36.pf
O45 - LFCP:[MD5.1538EA1DB65B7E14BF66311559D37B73] - 25/07/2012 - 02:06:01 ---A- - C:\Windows\Prefetch\DFRGNTFS.EXE-4F838A89.pf
O45 - LFCP:[MD5.3D564EAB846066F4630B71BFF71EE79C] - 25/07/2012 - 03:00:08 ---A- - C:\Windows\Prefetch\CLAMSCAN.EXE-7DC2ADE3.pf
O45 - LFCP:[MD5.F6007ED91D858C6FB855B11F75C96AB3] - 25/07/2012 - 03:00:19 ---A- - C:\Windows\Prefetch\GUARDGUI.EXE-C8C5CF5F.pf
O45 - LFCP:[MD5.91768189A64B9F97C266B9504D4C9E76] - 25/07/2012 - 03:21:48 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7D2183B8.pf
O45 - LFCP:[MD5.605A5D3F092343489C2ED30ADAC637B3] - 25/07/2012 - 04:25:39 ---A- - C:\Windows\Prefetch\JP2LAUNCHER.EXE-A3069683.pf
O45 - LFCP:[MD5.296BA8DB3C44915938E380495D561F44] - 25/07/2012 - 04:25:40 ---A- - C:\Windows\Prefetch\JAVA.EXE-872FBD82.pf
O45 - LFCP:[MD5.91C8BA46482B8A70D91B0F0D85E183A8] - 25/07/2012 - 12:38:46 ---A- - C:\Windows\Prefetch\WINZIP32.EXE-598FDAD4.pf
O45 - LFCP:[MD5.77763A08BD282FF8CE53CF04611C1E23] - 25/07/2012 - 12:39:38 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-783DCB11.pf
O45 - LFCP:[MD5.17A6F4FF9C6530C902B097F3017A52A6] - 25/07/2012 - 12:41:10 ---A- - C:\Windows\Prefetch\WZPREVIEWER32.EXE-395ED831.pf
O45 - LFCP:[MD5.47DC8F267E2802AF48AF7A603AF3FB4B] - 25/07/2012 - 12:41:12 ---A- - C:\Windows\Prefetch\REGASM.EXE-C2EF506E.pf
O45 - LFCP:[MD5.4EA29824BBC3B7AEAC4AF18380DB5DC3] - 25/07/2012 - 12:41:17 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf
O45 - LFCP:[MD5.14FEFA452D5137E6C071E893523EE0FF] - 25/07/2012 - 12:44:36 ---A- - C:\Windows\Prefetch\WINRAR_WINRAR_4.2_32_BITS_FRA-13F2C181.pf
O45 - LFCP:[MD5.792EED5BDEC58F63DF8E14C77419DE3C] - 25/07/2012 - 12:44:46 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-CE8C92FA.pf
O45 - LFCP:[MD5.1B86223BF1A365248715A9C6539917F4] - 25/07/2012 - 12:50:00 ---A- - C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf
O45 - LFCP:[MD5.0B1A918351577B1013D1526BFD161F82] - 25/07/2012 - 14:07:18 ---A- - C:\Windows\Prefetch\LOGON.SCR-7C80CA1C.pf
O45 - LFCP:[MD5.002D2111073B81412B224A5622D7EA1B] - 25/07/2012 - 14:11:18 ---A- - C:\Windows\Prefetch\VLC.EXE-CE8E9BE1.pf
O45 - LFCP:[MD5.077FB0766098826E9819F96EAC81995B] - 25/07/2012 - 15:49:31 ---A- - C:\Windows\Prefetch\UPDATE.EXE-3FBE35E6.pf
O45 - LFCP:[MD5.0DC6FDDB68A4042D17F4EB4A104DBEA4] - 25/07/2012 - 15:49:39 ---A- - C:\Windows\Prefetch\AVNOTIFY.EXE-4291C867.pf
O45 - LFCP:[MD5.267869AC6906C38A35348097137865D2] - 25/07/2012 - 15:55:44 ---A- - C:\Windows\Prefetch\ADWCLEANER.EXE-EA8BBD89.pf
O45 - LFCP:[MD5.1E6CC5DCEA67F368F562841FC44231BA] - 25/07/2012 - 15:57:57 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-4361DC86.pf
O45 - LFCP:[MD5.6DC4D3553EDA52338D02F6B677A285A6] - 25/07/2012 - 16:06:43 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-C80BEC1F.pf
O45 - LFCP:[MD5.1FB2493943D46BC71D2CEA03E496AC7F] - 25/07/2012 - 16:06:45 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-7103EBC4.pf
O45 - LFCP:[MD5.BA949B9FA48D7F2A47563C99F388F433] - 25/07/2012 - 16:18:22 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-AE17B5CA.pf
O45 - LFCP:[MD5.1B77488BC9E3A7D6FCF684AFF2846D2F] - 25/07/2012 - 16:18:22 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-E14FC02F.pf
O45 - LFCP:[MD5.FEABB89BEA3F0BE562CE0CD09B23A45E] - 25/07/2012 - 16:19:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-3FCBF927.pf
O45 - LFCP:[MD5.FA75A74D15F41C8B7AD1D600D81765A7] - 25/07/2012 - 16:26:59 ---A- - C:\Windows\Prefetch\ZHPFIX.EXE-35B45B71.pf
O45 - LFCP:[MD5.B39E848794A62105FE8B81A12032604A] - 25/07/2012 - 18:14:48 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-FF58B71D.pf
O45 - LFCP:[MD5.BD91083C47F24879FA06E94C9BDD751C] - 25/07/2012 - 18:14:58 ---A- - C:\Windows\Prefetch\USERINIT.EXE-F39AB672.pf
O45 - LFCP:[MD5.2D5CDFA9489B73ADA4BD28358FDF39E9] - 25/07/2012 - 18:15:01 ---A- - C:\Windows\Prefetch\DWM.EXE-AEABE78B.pf
O45 - LFCP:[MD5.931BE21A492FAC643BFC16E0E2735C10] - 25/07/2012 - 18:24:35 ---A- - C:\Windows\Prefetch\UNINS000.EXE-F9973A15.pf
O45 - LFCP:[MD5.B879D770939545DED3E90FD7131D2E8D] - 25/07/2012 - 18:24:38 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-D5ABE4D9.pf
O45 - LFCP:[MD5.3B98719A9A9FDA0DB9EEB04F6A8296E6] - 25/07/2012 - 18:24:43 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-928474CF.pf
O45 - LFCP:[MD5.FCCF0949853BC073CF221615C1DB661F] - 25/07/2012 - 18:27:58 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-21B371DB.pf
O45 - LFCP:[MD5.F14DE744AEC0DD81E122CC1ED09F4E37] - 25/07/2012 - 18:28:01 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-29157D18.pf
O45 - LFCP:[MD5.323CD15DEF0421EA828EE2C543BFCD29] - 25/07/2012 - 18:28:01 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-5D41F48F.pf
O45 - LFCP:[MD5.396EE3AA16C7534DC54EE31AE7CFA401] - 25/07/2012 - 18:33:57 ---A- - C:\Windows\Prefetch\LADS.EXE-4CE62B10.pf
O45 - LFCP:[MD5.D4CC022C64471F63A71FA5C9CE7701A4] - 25/07/2012 - 18:33:59 ---A- - C:\Windows\Prefetch\SIGCHECK.EXE-F64F11B9.pf
O45 - LFCP:[MD5.F6F6107C083E076B5A78439F421C5BBC] - 25/07/2012 - 18:35:38 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-0E49F32A.pf
O45 - LFCP:[MD5.C0CADF5F51EFDFBF46A2A98A347F1CE3] - 25/07/2012 - 18:36:07 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-2EC93C97.pf
O45 - LFCP:[MD5.E52B67C7DB4184A2D730ADE38798D261] - 25/07/2012 - 18:36:20 ---A- - C:\Windows\Prefetch\MBR.EXE-0F291291.pf
O45 - LFCP:[MD5.91B4E7447A315053DEFAC46FC3427C91] - 25/07/2012 - 18:44:37 ---A- - C:\Windows\Prefetch\POKERSTARSUPDATE.EXE-AAB3E45A.pf
O45 - LFCP:[MD5.4AA055C62D4C259431A50751F2C1EB34] - 25/07/2012 - 18:44:53 ---A- - C:\Windows\Prefetch\POKERSTARS.EXE-4F167BF3.pf
O45 - LFCP:[MD5.B22F1829BA61B39D4B9CD90A546F0B6F] - 25/07/2012 - 20:11:07 ---A- - C:\Windows\Prefetch\Layout.ini
O45 - LFCP:[MD5.98FB86A026C491E08F25160E38615178] - 25/07/2012 - 20:12:25 ---A- - C:\Windows\Prefetch\PHOTOSCREENSAVER.SCR-F1874E40.pf
O45 - LFCP:[MD5.B77454CC5EB56A244ADDEF8C039CC354] - 25/07/2012 - 20:20:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F452D79D.pf
O45 - LFCP:[MD5.B6A79B653C4B0A5964D275F5C2E85886] - 25/07/2012 - 20:20:46 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf
O45 - LFCP:[MD5.EBC573E7A31C1E0BCDD20594C79DB9D8] - 25/07/2012 - 20:20:46 ---A- - C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf
O45 - LFCP:[MD5.BE4233C30671B92884AA5D8202596DC1] - 25/07/2012 - 20:53:03 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3901224373-932584255-2147343616-1000.db
O45 - LFCP:[MD5.C0DE45B5E7CBDE07844D5BB9B0B61BA9] - 25/07/2012 - 20:53:03 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3901224373-932584255-2147343616-1000.db
O45 - LFCP:[MD5.B6DB2F22DB545849441ABA91B95C6287] - 25/07/2012 - 21:11:56 ---A- - C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:[MD5.7AFC8CF39BD374C49EE44E9FECAF7F0A] - 25/07/2012 - 21:11:56 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:[MD5.467D0AEC1563C7793E97872A1E7912DE] - 25/07/2012 - 21:11:59 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:[MD5.17DB5055B99908466F0CB8DAB6E1E1AB] - 25/07/2012 - 21:11:59 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:[MD5.85759667AB989C8561EBBA0A69E7DC2A] - 25/07/2012 - 21:11:59 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:[MD5.E1C1B39DE6AD0998E8D35E30E7A03A65] - 26/07/2012 - 11:46:39 ---A- - C:\Windows\Prefetch\ASHDISP.EXE-9B08CA5C.pf
O45 - LFCP:[MD5.C955346FCB97D96BCF42DA5E5F6BAD86] - 26/07/2012 - 11:47:00 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-33939BD1.pf
O45 - LFCP:[MD5.BE355DDE606B51F66D8F9ACCDB117876] - 26/07/2012 - 11:47:25 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-ACA00A4A.pf
O45 - LFCP:[MD5.F0DFC80B7EB7AA8029FCD1F300181965] - 26/07/2012 - 11:49:09 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf
O45 - LFCP:[MD5.B6D69594D92F0BA842C827B0DDA36D85] - 26/07/2012 - 12:01:25 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf
O45 - LFCP:[MD5.11BC66CC6A144E4C4E705B1A5C2A8483] - 26/07/2012 - 12:04:59 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-BB72ED6F.pf
O45 - LFCP:[MD5.D797FA0B1A3EFECE52F01E86D3CC3B13] - 26/07/2012 - 12:15:56 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-E33ED995.pf
O45 - LFCP:[MD5.BB01280E1B4EA5A554DEC24F453F27AC] - 26/07/2012 - 12:17:28 ---A- - C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-42767AE9.pf
O45 - LFCP:[MD5.CF08A3498783E70B0D24662A241CE54F] - 26/07/2012 - 12:17:42 ---A- - C:\Windows\Prefetch\FLASHPLAYERPLUGIN_11_3_300_26-6FE8B718.pf
O45 - LFCP:[MD5.561349E9DBACF9B4B95AE90641D85FFC] - 26/07/2012 - 12:17:42 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-1D5F6C6B.pf
O45 - LFCP:[MD5.FBAE6601A84BB96F86AA5E637421DF78] - 26/07/2012 - 12:30:45 ---A- - C:\Windows\Prefetch\CONTROL.EXE-9459D5A0.pf
O45 - LFCP:[MD5.1E05A8366188C17843850DEC4B14B5FE] - 26/07/2012 - 12:31:51 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7EA5E62D.pf
O45 - LFCP:[MD5.C94BE83EC473A4BB3060DDE6076A938C] - 26/07/2012 - 12:34:30 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf
O45 - LFCP:[MD5.4A7BDAE162A21181A73AD4F70C134FB3] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\BTLIVEUPDATE.EXE-B841D2EC.pf
O45 - LFCP:[MD5.EB0AF7C247057D56CF9B08DF6E5F16BD] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf
O45 - LFCP:[MD5.E7597C28D2EDF0B5C596EF5FBE9AEA01] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\EHMSAS.EXE-6BE9D904.pf
O45 - LFCP:[MD5.394ACBCC43789CB550E54F5C18BAB041] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:[MD5.F7AAD9FE93AA225A024DECF805221E4A] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\PRESENTATIONSETTINGS.EXE-6F4C5E34.pf
O45 - LFCP:[MD5.B04E3C13441F6E2BF5470DA8B31A4442] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\STTRAY.EXE-CC1C3F0D.pf
O45 - LFCP:[MD5.84F79019FDF8B7B5C57E0DFA50C07094] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf
O45 - LFCP:[MD5.2B04F79396012E2646A0EA4983A89755] - 26/07/2012 - 12:39:23 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-9DE758AE.pf
O45 - LFCP:[MD5.5B497BB84367964A5BF59E768C9A46CD] - 26/07/2012 - 12:39:33 ---A- - C:\Windows\Prefetch\READER_SL.EXE-9594AF7E.pf
O45 - LFCP:[MD5.ACFD1F49467DC9997F516E712CA4F6D1] - 26/07/2012 - 12:39:37 ---A- - C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf
O45 - LFCP:[MD5.C0802224BAC5410E0D32E47449BE97C7] - 26/07/2012 - 12:39:40 ---A- - C:\Windows\Prefetch\USBFIX.EXE-75F57490.pf
O45 - LFCP:[MD5.F80357FEE2F856D51DF32813396BB98D] - 26/07/2012 - 12:39:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E447C111.pf
O45 - LFCP:[MD5.7CED1B109993B98C27A3DD21860972C9] - 26/07/2012 - 12:39:53 ---A- - C:\Windows\Prefetch\GO.EXE-759C3391.pf
O45 - LFCP:[MD5.7645531DC1CE9EA6895E96208D8FFB9D] - 26/07/2012 - 12:40:04 ---A- - C:\Windows\Prefetch\WSCRIPT.EXE-65A9658F.pf
O45 - LFCP:[MD5.327487961F1CF7E668B6B84C85734E38] - 26/07/2012 - 12:40:08 ---A- - C:\Windows\Prefetch\ERUNT.COM-CB4DBD94.pf
O45 - LFCP:[MD5.1E44D3DC54FC198285BF5CBEBE4F3045] - 26/07/2012 - 12:40:09 ---A- - C:\Windows\Prefetch\SYNTPHELPER.EXE-4B6F43CF.pf
O45 - LFCP:[MD5.2BAA8AAD2B7B426180A0E0D0C35C3AE7] - 26/07/2012 - 12:40:15 ---A- - C:\Windows\Prefetch\DEVICEMANAGER.EXE-034B79FA.pf
O45 - LFCP:[MD5.8DD36281B1FBA65CD496001F0FB328FF] - 26/07/2012 - 12:40:17 ---A- - C:\Windows\Prefetch\CONNECTIONMANAGER.EXE-A8B7647A.pf
O45 - LFCP:[MD5.C2437A3313EBF2DD06550CA7A74CDFD5] - 26/07/2012 - 12:40:17 ---A- - C:\Windows\Prefetch\CSC.EXE-4EF173D0.pf
O45 - LFCP:[MD5.FF9BB8D5385F32B4F5ACF7A2A608260B] - 26/07/2012 - 12:40:17 ---A- - C:\Windows\Prefetch\CVTRES.EXE-419E4E46.pf
O45 - LFCP:[MD5.05D3B18ACC9E5E6B6A1BCDA5CE80D716] - 26/07/2012 - 12:40:36 ---A- - C:\Windows\Prefetch\WPFFONTCACHE_V0400.EXE-408E90AE.pf
O45 - LFCP:[MD5.56508B310089B95522B50BD455E5DFE8] - 26/07/2012 - 12:40:43 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-FAA88858.pf
O45 - LFCP:[MD5.15A67A52040F57935D2DB15443B48018] - 26/07/2012 - 12:40:45 ---A- - C:\Windows\Prefetch\WLIDSVC.EXE-1DBC2021.pf
O45 - LFCP:[MD5.6B22CBDC16DAF13139A95C0E89E58AA2] - 26/07/2012 - 12:40:45 ---A- - C:\Windows\Prefetch\WLIDSVCM.EXE-AD2DE5FA.pf
O45 - LFCP:[MD5.FC8830F4E9BB2915F879C12D976BC30E] - 26/07/2012 - 12:40:49 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-81420B07.pf
O45 - LFCP:[MD5.77419A5D3EA380E528B8B0EE54E9F135] - 26/07/2012 - 12:41:00 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-135A30D8.pf
O45 - LFCP:[MD5.D35B1781801067C506E230E45F05B21E] - 26/07/2012 - 12:41:01 ---A- - C:\Windows\Prefetch\HPHC_SERVICE.EXE-B8B935C8.pf
O45 - LFCP:[MD5.094B2DEB8A6ED09259D7D54B2433A9C1] - 26/07/2012 - 12:41:06 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-77D27BAC.pf
O45 - LFCP:[MD5.2BB1425443B6D9AD020784F588341365] - 26/07/2012 - 12:41:31 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-BD0344CA.pf
O45 - LFCP:[MD5.862E329040CAA1CEFD7B08DE2A1CE0A5] - 26/07/2012 - 12:41:37 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-E4D0FF39.pf
O45 - LFCP:[MD5.6D0263EE3C9839972815F075DB7E981F] - 26/07/2012 - 12:42:35 ---A- - C:\Windows\Prefetch\SLSVC.EXE-A012DE22.pf
O45 - LFCP:[MD5.C23D8246A209BA8D2F16BE192E09F412] - 26/07/2012 - 12:43:01 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf
O45 - LFCP:[MD5.D84F40BE827FC6AEE5CD82922A953CCA] - 26/07/2012 - 12:45:29 ---A- - C:\Windows\Prefetch\MSFEEDSSYNC.EXE-1F01ED17.pf
O45 - LFCP:[MD5.BA984575314E1932C27DE958DDBC3B02] - 26/07/2012 - 12:46:20 ---A- - C:\Windows\Prefetch\GREP.COM-6800C3CB.pf
O45 - LFCP:[MD5.8B5B3B2BFABC85AFAF29B3B7B2F8715F] - 26/07/2012 - 12:46:32 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf
O45 - LFCP:[MD5.64B54B09A19BA92FC9A4B768B685F211] - 26/07/2012 - 12:51:25 ---A- - C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf
O45 - LFCP:[MD5.CE5D5D17BC4B2161EB0E71B2BD6268DE] - 26/07/2012 - 12:51:40 ---A- - C:\Windows\Prefetch\WERCON.EXE-FE5CD389.pf
O45 - LFCP:[MD5.7F3B95F5E9205DDDFE1523BDFAEB6FD5] - 26/07/2012 - 12:53:27 ---A- - C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf
O45 - LFCP:[MD5.E038CBCBD518F2F2E789E39C9C052A49] - 26/07/2012 - 12:53:33 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-E2054E7F.pf
O45 - LFCP:[MD5.3697CFAA517CD3A8B26584184F8FD00C] - 26/07/2012 - 12:53:47 ---A- - C:\Windows\Prefetch\ZIP.COM-A1EE4E0C.pf
O45 - LFCP:[MD5.386FFEF5E6137983BDE21016F56F6DD4] - 26/07/2012 - 12:59:22 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf
O45 - LFCP:[MD5.D24773BD81E671D873327C55BDB4ACC1] - 26/07/2012 - 12:59:26 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf
O45 - LFCP:[MD5.90B0BD6F2B1DC8ACF449DAE1002D1D36] - 26/07/2012 - 12:59:34 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-E60C0AA7.pf
O45 - LFCP:[MD5.F04E91DEFB958D22413C507EBC458E58] - 26/07/2012 - 12:59:36 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf
O45 - LFCP:[MD5.61E88D8E47AA57D33644E8619EA9FD44] - 26/07/2012 - 13:00:34 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-9D0EE457.pf
O45 - LFCP:[MD5.80B177C4942836F8EC6CBF0B89EB7E2A] - 26/07/2012 - 13:00:39 ---A- - C:\Windows\Prefetch\CONIME.EXE-B273009A.pf
O45 - LFCP:[MD5.DA72BA85EDE7D920FFBA3AFFFAAC13D1] - 26/07/2012 - 13:00:46 ---A- - C:\Windows\Prefetch\CMD.EXE-89305D47.pf
O45 - LFCP:[MD5.FE88028A73174F744046D9E9EA9B7550] - 26/07/2012 - 13:00:47 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-E4C98DEB.pf
O45 - LFCP:[MD5.23E92E4FEAD614FDD5F191C7C81105E5] - 26/07/2012 - 13:00:47 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf
O45 - LFCP:[MD5.073C2EFF5844148F1366E9D482E62BD6] - 26/07/2012 - 13:01:11 ---A- - C:\Windows\Prefetch\PV.EXE-8E63E86A.pf
O45 - LFCP:[MD5.F50E606E03BB483BCC7A1F043594FE0D] - 26/07/2012 - 13:01:19 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-2DE769BF.pf
O45 - LFCP:[MD5.7AB685F286CE86A6BA35C4A7FCE38A35] - 26/07/2012 - 13:01:29 ---A- - C:\Windows\Prefetch\AVWSC.EXE-877F4F63.pf
O45 - LFCP:[MD5.40A60938B471B7409EEA8BC8C79D8B25] - 26/07/2012 - 13:01:41 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf
~ Scan Prefetcher in 00mn 02s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{3200a428-4432-11df-b926-00238be4b502}\AutoRun\command. (...) -- F:\Autorun.exe (.not file.)
O51 - MPSK:{db06e03f-b5eb-11de-ba84-00238be4b502}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"l3codecp.acm"="" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\System32\l3codecp.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher  [Key] . (...) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\avgnt  [Key] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O53 - SMSR:HKLM\...\startupreg\CLMLServer for HP TouchSmart  [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite  [Key] . (...) -- C:\Program Files\DAEMON Tools Lite\daemon.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DialFlirt  [Key] . (...) -- C:\Program Files\DialFlirt\dialmsn.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DVDAgent  [Key] . (...) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\EA Core  [Key] . (...) -- C:\Program Files\Electronic Arts\EADM\Core.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ehTray.exe  [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O53 - SMSR:HKLM\...\startupreg\HP Health Check Scheduler  [Key] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O53 - SMSR:HKLM\...\startupreg\HP Software Update  [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O53 - SMSR:HKLM\...\startupreg\HPAdvisor  [Key] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O53 - SMSR:HKLM\...\startupreg\jswtrayutil  [Key] . (...) -- C:\Program Files\NETGEAR\WN111v2\jswtrayutil.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel  [Key] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O53 - SMSR:HKLM\...\startupreg\MSSE  [Key] . (...) -- C:\Program Files\Microsoft Security Essentials\msseces.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\QlbCtrl.exe  [Key] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O53 - SMSR:HKLM\...\startupreg\SmartMenu  [Key] . (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O53 - SMSR:HKLM\...\startupreg\StartCCC  [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched  [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O53 - SMSR:HKLM\...\startupreg\SynTPEnh  [Key] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O53 - SMSR:HKLM\...\startupreg\SysTrayApp  [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O53 - SMSR:HKLM\...\startupreg\TkBellExe  [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
O53 - SMSR:HKLM\...\startupreg\TSMAgent  [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O53 - SMSR:HKLM\...\startupreg\TVAgent  [Key] . (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
O53 - SMSR:HKLM\...\startupreg\UCam_Menu  [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdateLBPShortCut  [Key] . (...) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\UpdateP2GoShortCut  [Key] . (...) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\UpdatePDIRShortCut  [Key] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O53 - SMSR:HKLM\...\startupreg\UpdatePSTShortCut  [Key] . (...) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Windows Defender  [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O53 - SMSR:HKLM\...\startupreg\WirelessAssistant  [Key] . (.Hewlett-Packard - HP Wireless Assistant main program.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O53 - SMSR:HKLM\...\startupreg\WMPNSCFG  [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.CC1F1D3D70DC13C2C281488D347D4415] - 13/05/2011 - 17:57:20 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys   [35896]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 23/07/2012 - 02:45:02 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.1   [2497]
O61 - LFC:Last File Created 23/07/2012 - 02:45:10 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3B3EFD6240144E3010702B0A8EC7A40B.psi   [18457]
O61 - LFC:Last File Created 23/07/2012 - 02:45:10 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\CB4ED6F81FEE6582DE8957BD68F6CD84.psi   [73201]
O61 - LFC:Last File Created 23/07/2012 - 02:59:58 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\34299D952C5518E7A6E03E4D7D355425.psi   [4523]
O61 - LFC:Last File Created 23/07/2012 - 02:59:58 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\51A4DA7C7E2C8585008566A289754C03.psi   [5916]
O61 - LFC:Last File Created 23/07/2012 - 02:59:58 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\EED5C0848F251B575E1346366313B49D.psi   [5423]
O61 - LFC:Last File Created 23/07/2012 - 03:04:09 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\04E4CF4FF5A6F559C693563BA3D68299.psi   [6439]
O61 - LFC:Last File Created 23/07/2012 - 03:04:09 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\E93BA6149BE930E5A1E24C54E8F1F870.psi   [4466]
O61 - LFC:Last File Created 23/07/2012 - 03:04:39 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\2E9C00249BEC3A8C96EB0CBEB6506141.psi   [4583]
O61 - LFC:Last File Created 23/07/2012 - 03:04:57 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\4DAEA278426A57A99B8F19B5423C4E66.psi   [4481]
O61 - LFC:Last File Created 23/07/2012 - 03:06:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\40D7A55AF6E86607F1982162DD2ABF57.psi   [5422]
O61 - LFC:Last File Created 23/07/2012 - 03:06:55 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\9F7C7644A7A60ED1EF3BF9AFFDE74EB1.psi   [4754]
O61 - LFC:Last File Created 23/07/2012 - 03:39:56 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6B87EBAED27AEE36F0DEE06E2CDEB9B4.psi   [5404]
O61 - LFC:Last File Created 23/07/2012 - 03:39:56 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\8038D58CF55BCA8F6C14293ECBA710A9.psi   [4926]
O61 - LFC:Last File Created 23/07/2012 - 03:39:56 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\825C5127AFAD52A38657026D94FBA484.psi   [4832]
O61 - LFC:Last File Created 23/07/2012 - 03:46:15 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6FC498C256A6A377748170BC3D3E6C24.psi   [3991]
O61 - LFC:Last File Created 23/07/2012 - 03:48:39 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\C2F976B455173BB2BE8D8327CF2BD3FB.psi   [4443]
O61 - LFC:Last File Created 23/07/2012 - 03:52:59 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\0E6CE2519F641591B76F8F79B78892C5.psi   [5299]
O61 - LFC:Last File Created 23/07/2012 - 03:55:42 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\C893BCC4F2789A83941AEA9EFE2EDAD5.psi   [6589]
O61 - LFC:Last File Created 23/07/2012 - 03:55:44 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\0A5BD12A10B252E227A1AAC23E84B9E9.psi   [4936]
O61 - LFC:Last File Created 23/07/2012 - 04:03:03 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6A87FB79F21F78540D0DC0E6B5727E63.psi   [5988]
O61 - LFC:Last File Created 23/07/2012 - 04:18:11 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\2637B05B5CCC5CEA07792F8DF40B18AA.psi   [2839]
O61 - LFC:Last File Created 23/07/2012 - 04:18:11 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3799524904205B9E95A8C434711DF235.psi   [4945]
O61 - LFC:Last File Created 23/07/2012 - 04:18:11 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6DEC8EBB88EEA586148C9880AE1C4D1D.psi   [6029]
O61 - LFC:Last File Created 23/07/2012 - 04:18:11 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\839EB87165516B57ED97091FA8407BA7.psi   [6140]
O61 - LFC:Last File Created 23/07/2012 - 04:20:37 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\972565E032EEF6687311F6FDF13E0918.psi   [5959]
O61 - LFC:Last File Created 23/07/2012 - 04:24:49 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\72591714B7A70E1E37D8CCE9FF6F9E31.psi   [5032]
O61 - LFC:Last File Created 23/07/2012 - 04:39:57 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\60F3F84519A316209E4E5066784F72D6.psi   [2584]
O61 - LFC:Last File Created 23/07/2012 - 05:02:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\2554736BD2699F50F84C1671AFAEAE37.psi   [4022]
O61 - LFC:Last File Created 23/07/2012 - 05:04:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\16C78CCA24F3EBF55C91CD6DBEBE30FD.psi   [5405]
O61 - LFC:Last File Created 23/07/2012 - 05:04:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6500BDC97229FF821B7797619C77A1F8.psi   [4374]
O61 - LFC:Last File Created 23/07/2012 - 05:04:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\DD5E189D48A862AB5B5D3059458A647F.psi   [6592]
O61 - LFC:Last File Created 23/07/2012 - 05:04:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\E09C99787BAB7D7938053C9B133D739C.psi   [5448]
O61 - LFC:Last File Created 23/07/2012 - 05:05:27 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\2B449F46AA349A27275DE5D658136453.psi   [2173]
O61 - LFC:Last File Created 23/07/2012 - 05:05:27 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\54C95F16AEA168345BCF9C0D3ADF88AA.psi   [4329]
O61 - LFC:Last File Created 23/07/2012 - 05:05:27 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\8181E63629FC881F2CFF3BC0A355B012.psi   [6425]
O61 - LFC:Last File Created 23/07/2012 - 05:05:27 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\AADE353A1FDD76E81BF322A851AEC585.psi   [5704]
O61 - LFC:Last File Created 23/07/2012 - 05:05:57 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\1304F51A5902262C190C6F1DEFF1D0E7.psi   [6064]
O61 - LFC:Last File Created 23/07/2012 - 05:13:34 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\PokerStars.log.1   [497279]
O61 - LFC:Last File Created 24/07/2012 - 07:35:18 ---A- C:\Users\Abd-El-Hamid\AppData\Roaming\hewlett-packard\HP Active Support\cee\1543929444.cee   [1791]
O61 - LFC:Last File Created 24/07/2012 - 07:35:21 ---A- C:\Users\Abd-El-Hamid\AppData\Roaming\hewlett-packard\HP Active Support\cee\3755202032.cee   [1791]
O61 - LFC:Last File Created 25/07/2012 - 02:44:58 ---A- C:\Users\Abd-El-Hamid\AppData\Roaming\Microsoft\MMC\eventvwr   [86860]
O61 - LFC:Last File Created 25/07/2012 - 02:52:01 ---A- C:\Users\Abd-El-Hamid\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2012-07-25 (03-52-01).txt   [1028]
O61 - LFC:Last File Created 25/07/2012 - 12:45:00 ---A- C:\Users\Abd-El-Hamid\AppData\Roaming\WinRAR\version.dat   [12]
O61 - LFC:Last File Created 25/07/2012 - 16:25:37 ---A- C:\Users\Abd-El-Hamid\AppData\Local\ZHPFixReport.txt   [5994]
O61 - LFC:Last File Created 25/07/2012 - 18:15:33 ----- C:\Users\Abd-El-Hamid\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll   [115137]
O61 - LFC:Last File Created 25/07/2012 - 18:37:04 ---A- C:\Users\Abd-El-Hamid\Documents\ZHPDiag.Txt   [58705]
O61 - LFC:Last File Created 25/07/2012 - 18:44:34 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\PokerStarsUpdate.log.0   [2487]
O61 - LFC:Last File Created 25/07/2012 - 18:44:34 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\_update2.dat   [4446]
O61 - LFC:Last File Created 25/07/2012 - 18:44:43 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\PokerStarsUpdateE.log.0   [18457]
O61 - LFC:Last File Created 25/07/2012 - 18:44:43 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\_updcache.dat   [194648]
O61 - LFC:Last File Created 25/07/2012 - 18:44:50 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6B5C11C6AC941C7903F7CF2EC045B2DE.psi   [10716]
O61 - LFC:Last File Created 25/07/2012 - 18:44:50 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\DA2DBB84D6AEDE81E240C23DDBAD6FF5.psi   [50132]
O61 - LFC:Last File Created 25/07/2012 - 18:44:50 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\E79062CFB3151C3076186ABD89A581D0.psi   [20925]
O61 - LFC:Last File Created 25/07/2012 - 18:44:50 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\FF265AE24CE198372D923BD3396B4DA1.psi   [16491]
O61 - LFC:Last File Created 25/07/2012 - 18:44:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\4FD1ED0EE69C5F7D0DE8720C65955205.psi   [17199]
O61 - LFC:Last File Created 25/07/2012 - 18:45:36 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\4900A09AF97FAFF918B31C82F62C2E7D.psi   [66507]
O61 - LFC:Last File Created 25/07/2012 - 18:58:39 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\59154B7E196FA7DBAC783BF290903B22.psi   [6083]
O61 - LFC:Last File Created 25/07/2012 - 18:58:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\26994DA7D0BB38C2B7E5F05E8F965EC8.psi   [2845]
O61 - LFC:Last File Created 25/07/2012 - 18:58:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\44E23F8FC233BB7E6281C13E4D0AB53B.psi   [4598]
O61 - LFC:Last File Created 25/07/2012 - 18:58:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\63B65C27A2A8EC576AF732C14096ADEA.psi   [4689]
O61 - LFC:Last File Created 25/07/2012 - 18:58:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\E3B7C41ED6645062667F1DBE63A834A9.psi   [5124]
O61 - LFC:Last File Created 25/07/2012 - 18:58:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\F3AE872C51B9E1E9408E72CC284DC11B.psi   [4332]
O61 - LFC:Last File Created 25/07/2012 - 18:58:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\FF58C86DCF49416A8D434492A0B3C5CD.psi   [3792]
O61 - LFC:Last File Created 25/07/2012 - 18:59:59 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3E0FCF21C3E75F48AF1665ABAF38269D.psi   [4856]
O61 - LFC:Last File Created 25/07/2012 - 18:59:59 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\B1B60E2AA9FC38F623EE2D4F15B31596.psi   [4607]
O61 - LFC:Last File Created 25/07/2012 - 18:59:59 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\FA2156FD7B7C64FEDD78A7F4E829A8B8.psi   [3484]
O61 - LFC:Last File Created 25/07/2012 - 18:59:59 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\FB0C6CDF5B720B468ADDEB1A1B5B55AC.psi   [6225]
O61 - LFC:Last File Created 25/07/2012 - 19:01:32 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\AED349D03DBCB9E31AC2D69C2AF02C75.psi   [4255]
O61 - LFC:Last File Created 25/07/2012 - 19:01:55 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\AD3DFF8123EADCE8FB6595523F3ECE3C.psi   [4325]
O61 - LFC:Last File Created 25/07/2012 - 19:03:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\2D3B712AEC11EF7B52147A26C296E5D9.psi   [6477]
O61 - LFC:Last File Created 25/07/2012 - 19:03:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\A594BF791B7383C938D4503A2BAA0829.psi   [4007]
O61 - LFC:Last File Created 25/07/2012 - 19:03:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\B460EF9CE4FF7E01ECC595ABBFDDF22B.psi   [5633]
O61 - LFC:Last File Created 25/07/2012 - 19:03:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\B498E31ADBEDA9A8548235D288462B19.psi   [4626]
O61 - LFC:Last File Created 25/07/2012 - 19:03:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\D664F366C9153410690BD098C68EE904.psi   [3780]
O61 - LFC:Last File Created 25/07/2012 - 19:03:45 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\017CBDED63AA76895F1A417DD7F55125.psi   [5184]
O61 - LFC:Last File Created 25/07/2012 - 19:03:49 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\DE41AE1150F43FBBACEAF7C0FE7C6261.psi   [2064]
O61 - LFC:Last File Created 25/07/2012 - 19:03:53 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\305A490E49D186F1D4511A8CEFF7CD20.psi   [4562]
O61 - LFC:Last File Created 25/07/2012 - 19:12:14 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\47F6FF111D1FF72FF9B1B8CE46FBF1AA.psi   [5043]
O61 - LFC:Last File Created 25/07/2012 - 19:14:15 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\D6B6A7BDD00BB4A0C01B5D5D2EBEDE54.psi   [5128]
O61 - LFC:Last File Created 25/07/2012 - 19:16:19 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\D90E00D430A2980E1B7789482F086E7D.psi   [5398]
O61 - LFC:Last File Created 25/07/2012 - 19:19:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3C6DF74D05DC482ED0FD87850351F78A.psi   [4409]
O61 - LFC:Last File Created 25/07/2012 - 19:40:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\2BB5428ADDE076A4C986E8BBF85BBC65.psi   [3595]
O61 - LFC:Last File Created 25/07/2012 - 19:40:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\5B5ED5C4EF953A1D29D8AE2E9A32B217.psi   [5494]
O61 - LFC:Last File Created 25/07/2012 - 19:40:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\5CFCAFF3B3D23F3A810039F4AA8BC5B4.psi   [5208]
O61 - LFC:Last File Created 25/07/2012 - 19:40:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\8B52FE4E75E546138C7D869932EDB02F.psi   [5565]
O61 - LFC:Last File Created 25/07/2012 - 19:40:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\A68C32EFB6C893B5C717AAF0DB47889E.psi   [4536]
O61 - LFC:Last File Created 25/07/2012 - 19:40:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\DC6281D9427F159D0B26FD4920C2A5AC.psi   [4861]
O61 - LFC:Last File Created 25/07/2012 - 19:40:35 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\39AC3EA0A678A5FEABA269D18B892FF6.psi   [5006]
O61 - LFC:Last File Created 25/07/2012 - 19:43:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\2ECA7B728BA6610478A29F0E0E10B075.psi   [4458]
O61 - LFC:Last File Created 25/07/2012 - 19:52:03 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\408AF41E3FE08D5D79751878DAB0167F.psi   [5156]
O61 - LFC:Last File Created 25/07/2012 - 19:52:04 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\8970D4B9C8C6F95A2AC45783F24DF92B.psi   [2009]
O61 - LFC:Last File Created 25/07/2012 - 19:58:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\1461E05CBF9E7F4E4E1F4450D0EE656D.psi   [5165]
O61 - LFC:Last File Created 25/07/2012 - 19:58:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\4FF73B098F5E107E0AB67DFB2B145C45.psi   [3824]
O61 - LFC:Last File Created 25/07/2012 - 19:58:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\A67C0C1922A3756B477F5FFF42D5C2BA.psi   [4693]
O61 - LFC:Last File Created 25/07/2012 - 19:58:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\CD1468F0E7BAE6E69E47F53FB84B5F17.psi   [4909]
O61 - LFC:Last File Created 25/07/2012 - 19:58:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\F1F9CB0C93D11222CC80DD9CE4E9A968.psi   [5810]
O61 - LFC:Last File Created 25/07/2012 - 19:58:53 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\CCAE65C1A29400622BB35A7F203FB5FC.psi   [6622]
O61 - LFC:Last File Created 25/07/2012 - 19:58:57 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\BB64E85173634FFCB8E3DDD474A6EB25.psi   [5279]
O61 - LFC:Last File Created 25/07/2012 - 19:58:57 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\EA492DF1AC2A8F5415169ADFC2F4C034.psi   [5014]
O61 - LFC:Last File Created 25/07/2012 - 19:58:58 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\1BA8DBDEF95D8770B5511DD588310748.psi   [5318]
O61 - LFC:Last File Created 25/07/2012 - 19:58:58 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\63692F82012E06FD7BCC95EBD20A583B.psi   [6427]
O61 - LFC:Last File Created 25/07/2012 - 19:58:58 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\E22DD7B1A4757DB59019B40860B6FE2C.psi   [5917]
O61 - LFC:Last File Created 25/07/2012 - 19:59:14 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\630D2067064F36AC9BB74168429B6B4C.psi   [4671]
O61 - LFC:Last File Created 25/07/2012 - 20:00:38 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\5F7583CD2B7F65760DADBDCD8F57FAA5.psi   [6723]
O61 - LFC:Last File Created 25/07/2012 - 20:00:39 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\1BA29BD18B324A9355A80A9A1D1C9F30.psi   [6527]
O61 - LFC:Last File Created 25/07/2012 - 20:00:39 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3969C5CCDD2CF9EAC8A33E0D5D2D9B7C.psi   [4595]
O61 - LFC:Last File Created 25/07/2012 - 20:00:39 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\586CF98E2E7EDCC6D16BD270D15A8714.psi   [2050]
O61 - LFC:Last File Created 25/07/2012 - 20:00:39 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\B8E9B61037C9FE50C09BAA186D895C42.psi   [5283]
O61 - LFC:Last File Created 25/07/2012 - 20:00:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3A11B4E93C572F03B20C050B2419DB59.psi   [5541]
O61 - LFC:Last File Created 25/07/2012 - 20:03:29 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\DDD586BA099D33E077827B41A112892D.psi   [5105]
O61 - LFC:Last File Created 25/07/2012 - 20:07:12 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\58F80BD96A6E5E4ED1D8C65BB5A89B15.psi   [4528]
O61 - LFC:Last File Created 25/07/2012 - 20:08:37 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6A0750E7B9E42C35EA23FBC99F1232FC.psi   [6192]
O61 - LFC:Last File Created 25/07/2012 - 20:08:37 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\826A4539074CCB84A424DEAF3A8C5E91.psi   [5554]
O61 - LFC:Last File Created 25/07/2012 - 20:08:37 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\AD6133027667E79BEB479FCC18BCA2FE.psi   [6170]
O61 - LFC:Last File Created 25/07/2012 - 20:08:37 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\C87399EF6ECC23746B328BF1A5C44E20.psi   [6526]
O61 - LFC:Last File Created 25/07/2012 - 20:12:14 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\52BF3202AACBA11FF750BAE3956F179D.psi   [4388]
O61 - LFC:Last File Created 25/07/2012 - 20:13:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\178AA33BDFD097151E499AC87DEAB2A8.psi   [3664]
O61 - LFC:Last File Created 25/07/2012 - 20:13:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3303EA3004F47995472E6E510D880415.psi   [5199]
O61 - LFC:Last File Created 25/07/2012 - 20:13:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\7AF0C8CDF88806768F892DAD031A2D61.psi   [5729]
O61 - LFC:Last File Created 25/07/2012 - 20:13:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\C6B88B3DE51FB1A4792E1058AB7E185B.psi   [4557]
O61 - LFC:Last File Created 25/07/2012 - 20:13:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\5846D6103C01FE127D55F9C1E9395E62.psi   [5373]
O61 - LFC:Last File Created 25/07/2012 - 20:13:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\5FC1A40DB661C75CF02F965E129DE343.psi   [5949]
O61 - LFC:Last File Created 25/07/2012 - 20:16:48 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\8BB3F0BE550F56F608B6EFD624CDEBA9.psi   [2166]
O61 - LFC:Last File Created 25/07/2012 - 20:19:32 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\7E348627F22969B5A156D0581BE513D4.psi   [3984]
O61 - LFC:Last File Created 25/07/2012 - 20:19:44 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\E88C8CEA142F0DAA89984AD953C3A7C8.psi   [4424]
O61 - LFC:Last File Created 25/07/2012 - 20:19:47 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\A30C29D787F2819F3C7DBDCFF354D7BF.psi   [5906]
O61 - LFC:Last File Created 25/07/2012 - 20:20:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6785169F4959676AAE671BF981207C47.psi   [4905]
O61 - LFC:Last File Created 25/07/2012 - 20:20:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\69A30568789C98013A508D910844EAEB.psi   [4171]
O61 - LFC:Last File Created 25/07/2012 - 20:20:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6C0F2EF6D7B0AE50A8B80A4BCC2DB4D5.psi   [5216]
O61 - LFC:Last File Created 25/07/2012 - 20:20:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\9A0AAEE4B9ECA7D55B42E1A5A1BAC0C1.psi   [5054]
O61 - LFC:Last File Created 25/07/2012 - 20:20:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\BCD88FDD9FE53D9C9164329C2B5F96D7.psi   [4675]
O61 - LFC:Last File Created 25/07/2012 - 20:20:00 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\ECBB7B6D0CA901A057635BB419FEAC9E.psi   [6357]
O61 - LFC:Last File Created 25/07/2012 - 20:20:13 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\359EBCC1F4B6E746E60FC29B7D1EDD64.psi   [4768]
O61 - LFC:Last File Created 25/07/2012 - 20:22:32 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\546D5AC11C700605EE2C356C72C7C457.psi   [5520]
O61 - LFC:Last File Created 25/07/2012 - 20:23:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\296CB780A77C59811759FDFAAEAA8C1E.psi   [6542]
O61 - LFC:Last File Created 25/07/2012 - 20:23:52 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\BE84AB59F165A3576FA9CBAABF581DE4.psi   [6743]
O61 - LFC:Last File Created 25/07/2012 - 20:24:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\A95D764604C89A32B9DF8A5DFA73C47E.psi   [4764]
O61 - LFC:Last File Created 25/07/2012 - 20:24:42 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\FE8CB97AB0D5BCCD8003A53B5255F6CD.psi   [4761]
O61 - LFC:Last File Created 25/07/2012 - 20:24:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\0DE05AB490159D13C0787C8298EFC7D1.psi   [5426]
O61 - LFC:Last File Created 25/07/2012 - 20:26:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3E2848AB74BE224659C7B5D7ED0BA355.psi   [6718]
O61 - LFC:Last File Created 25/07/2012 - 20:26:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\9D98CCED19FCB8E2CAD4B39FC81DADE5.psi   [5485]
O61 - LFC:Last File Created 25/07/2012 - 20:26:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\A825B6080CF04ED04862137FF2E2E2C6.psi   [6927]
O61 - LFC:Last File Created 25/07/2012 - 20:26:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\DC1CCF352AD864886CB4A95DD75EED25.psi   [6782]
O61 - LFC:Last File Created 25/07/2012 - 20:26:02 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\7C0A28CDEA023611BDD62DA6A610CEE1.psi   [5607]
O61 - LFC:Last File Created 25/07/2012 - 20:27:12 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\63A7AC38D25E013E3484B1BBA1428110.psi   [5135]
O61 - LFC:Last File Created 25/07/2012 - 20:28:46 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\185FA75A806CF384099E60392F5198BA.psi   [5423]
O61 - LFC:Last File Created 25/07/2012 - 20:28:47 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\519F63ACFD19889F2AB1F00AB9E93194.psi   [4681]
O61 - LFC:Last File Created 25/07/2012 - 20:28:50 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\BA7BF55701D9521C28E7FB3AA13A7A80.psi   [3275]
O61 - LFC:Last File Created 25/07/2012 - 20:31:13 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\0DB36546551D8EAE3BB85DD4B8E3A60D.psi   [5162]
O61 - LFC:Last File Created 25/07/2012 - 20:31:13 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3376056BD0053CFE2DA3A60789967C32.psi   [4594]
O61 - LFC:Last File Created 25/07/2012 - 20:31:30 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\1D2B7D453ED67F06D5765161D6D821CF.psi   [4666]
O61 - LFC:Last File Created 25/07/2012 - 20:32:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\660C984EA9A25118A1C06EAEB458BBC4.psi   [5109]
O61 - LFC:Last File Created 25/07/2012 - 20:34:55 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\972278C20F8A047D3319502BA99156E1.psi   [5015]
O61 - LFC:Last File Created 25/07/2012 - 20:34:58 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\630B213A55CC8E5ECD645B14C21AB2EE.psi   [4978]
O61 - LFC:Last File Created 25/07/2012 - 20:36:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\B015272105C58CE7849E834763651B23.psi   [4932]
O61 - LFC:Last File Created 25/07/2012 - 20:36:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\34DA104E59CBAECC2E52D1EAE860BA2F.psi   [4970]
O61 - LFC:Last File Created 25/07/2012 - 20:36:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\5490CDAB9B85F0F51CD3FA4931852E1A.psi   [4048]
O61 - LFC:Last File Created 25/07/2012 - 20:36:41 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\C676BCE9D9E39D4A4B616E2655FBC2DD.psi   [4473]
O61 - LFC:Last File Created 25/07/2012 - 20:36:43 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\0455CBC7DBDE3316074A49FCA4890ADF.psi   [6311]
O61 - LFC:Last File Created 25/07/2012 - 20:37:35 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\07EDADC81EF3D2CF72823093677422E6.psi   [4000]
O61 - LFC:Last File Created 25/07/2012 - 20:37:53 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\491D7908164707BBBC71A733EB8E7A5C.psi   [5620]
O61 - LFC:Last File Created 25/07/2012 - 20:38:08 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\79A166E205384DCEFC8A1E092E387415.psi   [5284]
O61 - LFC:Last File Created 25/07/2012 - 20:38:15 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\7BD0C4AB6F899DC81C8161B64ABC1062.psi   [4723]
O61 - LFC:Last File Created 25/07/2012 - 20:41:55 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\29EC67910BB5FF300F6B5D4BCD0E285E.psi   [5117]
O61 - LFC:Last File Created 25/07/2012 - 20:43:45 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\CEA827069C8574A2C0C58B65A21331BF.psi   [2829]
O61 - LFC:Last File Created 25/07/2012 - 20:44:44 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\14ED204F074A479F5CD4800753FADD5B.psi   [2484]
O61 - LFC:Last File Created 25/07/2012 - 20:44:44 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\9233612344CABC4BD5B6C5525F7D215C.psi   [5240]
O61 - LFC:Last File Created 25/07/2012 - 20:44:44 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\D04F31160FF6F3E7A22F151F844350B8.psi   [5523]
O61 - LFC:Last File Created 25/07/2012 - 20:44:44 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\D9A838ABEB4D5FF1F6F8A2DD1058B364.psi   [6607]
O61 - LFC:Last File Created 25/07/2012 - 20:44:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\863FB26D5FB44BC8CB04576ED8E33D3B.psi   [5182]
O61 - LFC:Last File Created 25/07/2012 - 20:45:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\6964901AAD82877B14D62A1496C9832F.psi   [4730]
O61 - LFC:Last File Created 25/07/2012 - 20:46:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\277E9C122B0467E8EA61A3DC0E95A859.psi   [5293]
O61 - LFC:Last File Created 25/07/2012 - 20:46:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\35D0EB472354AF27F17E859F90A730EF.psi   [6095]
O61 - LFC:Last File Created 25/07/2012 - 20:46:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\38191FD3E832EF63E62A4DA1D37BDEFB.psi   [3787]
O61 - LFC:Last File Created 25/07/2012 - 20:46:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\463C839FCDAC24B858BE3E807ECD40B3.psi   [4930]
O61 - LFC:Last File Created 25/07/2012 - 20:46:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\647D9FBC664AFF80315DAAA48605FEBC.psi   [5398]
O61 - LFC:Last File Created 25/07/2012 - 20:46:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\81ED8A4AEB0B5BC1D46E9AD4DD34B5B0.psi   [5723]
O61 - LFC:Last File Created 25/07/2012 - 20:46:31 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\FB430F33E45A7096868C00CB721E82A7.psi   [4955]
O61 - LFC:Last File Created 25/07/2012 - 20:47:21 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\561B9CEE20940761231DEA17D3811A52.psi   [5212]
O61 - LFC:Last File Created 25/07/2012 - 20:47:22 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\8A55799FA95563579C59BA77AB0D1138.psi   [4191]
O61 - LFC:Last File Created 25/07/2012 - 20:50:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\610477F41F043A3ECE831F7C685CC969.psi   [5177]
O61 - LFC:Last File Created 25/07/2012 - 20:50:02 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\D81B0E111ADD14F8FF1EBA71F87AD21F.psi   [4813]
O61 - LFC:Last File Created 25/07/2012 - 20:50:33 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\A4BBDA7B1A58713E193C7CA179C30BEF.psi   [5204]
O61 - LFC:Last File Created 25/07/2012 - 20:52:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\1AE86060BE844B84F027C0FCECE4DE8E.psi   [5302]
O61 - LFC:Last File Created 25/07/2012 - 20:52:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\59189B09FD6A15A7E4F5BC632FA1A716.psi   [5855]
O61 - LFC:Last File Created 25/07/2012 - 20:52:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\59E49F9802AD1B430176754EE99F5B7A.psi   [5841]
O61 - LFC:Last File Created 25/07/2012 - 20:52:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\60E9CB3CE5F78764FDFFBADFEDE8B378.psi   [5797]
O61 - LFC:Last File Created 25/07/2012 - 20:52:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\8496048B00EE98C9B89417201A17309B.psi   [6893]
O61 - LFC:Last File Created 25/07/2012 - 20:52:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\866DD4AD1C7D4FB5B5C157FA5F407826.psi   [4817]
O61 - LFC:Last File Created 25/07/2012 - 20:52:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\87BE3C500FD29CC91D7DE088126361F4.psi   [4900]
O61 - LFC:Last File Created 25/07/2012 - 20:53:22 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\CDE838E476B010C08072577DAFB563F1.psi   [6251]
O61 - LFC:Last File Created 25/07/2012 - 20:53:36 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\116DD25A3862E539DA0A9B0C35020972.psi   [5552]
O61 - LFC:Last File Created 25/07/2012 - 20:55:01 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\DA883385430FF71B95EE008914E6BFE8.psi   [6000]
O61 - LFC:Last File Created 25/07/2012 - 21:03:51 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\3DB420613E82E79059FF93A52D3AC3A9.psi   [5405]
O61 - LFC:Last File Created 25/07/2012 - 21:07:46 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\4B244EF3E02AAB98B6E5CCB7AA91CF86.psi   [5687]
O61 - LFC:Last File Created 25/07/2012 - 21:11:48 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\ImgCache\img.idx   [8420]
O61 - LFC:Last File Created 25/07/2012 - 21:11:48 ---A- C:\Users\Abd-El-Hamid\AppData\Local\PokerStars.FR\PokerStars.log.0   [1142495]
O61 - LFC:Last File Created 26/07/2012 - 12:17:25 ---A- C:\Users\Abd-El-Hamid\AppData\Local\Samsung\KiesHelper.exe_Url_bjxkoxoqvkgeyu2sereshmia5yxgelc0\1.0.0.570\user.config   [544]
O61 - LFC:Last File Created 26/07/2012 - 12:26:10 ----- C:\Users\Abd-El-Hamid\AppData\Local\Temp\KiesLiveupdateTemp\PluginHost.xml   [279]
O61 - LFC:Last File Created 26/07/2012 - 12:59:16 ---A- C:\Users\Abd-El-Hamid\AppData\Local\Temp\Abd-El-Hamid.bmp   [31832]
O61 - LFC:Last File Created 30/12/1899 - 21:11:50 --HA- C:\Users\Abd-El-Hamid\AppData\Local\IconCache.db   [1734436]
~ Scan Files in 00mn 16s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des fichiers non signés (O65) (None)

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\system32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {105E99FF-8B9A-4492-B155-06194B9056D2} - (Web Search) - http://startsear.ch
O69 - SBI: SearchScopes [HKCU] {11927D07-8E8E-4B99-B165-D006D5B060EE} - (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {2292CCD5-25C3-42FE-8A3C-7B608EABDFA0} - (Yahoo!) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {2FAA6004-29C4-4B06-AECA-01A5F8881FB6} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {B2AD8094-3A62-4EBC-A01B-A3141A4275A5} - (Kelkoo) - http://fr.kelkoopartners.net
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll   [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll   [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [200704]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: ezSharedSvc (ezSharedSvc) . (.EasyBits Sofware AS - Shared EasyBits services for Windows.) -- C:\Windows\System32\ezsvc7.dll   [129992]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.F3CEFCE8D2A47E628B7DFC21DCCD9D6B] [SPRF][12/12/2009] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\chcyosod.bat   [98]
[MD5.E611922BB375E6A8330A552F76EDE237] [SPRF][10/03/2010] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\d3d9caps.dat   [6836]
[MD5.179DAE6F21EC7EED38E7EEF71DB66D65] [SPRF][27/10/2009] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\gnenl.bat   [97]
[MD5.F5718246C575C416C3AAC7A22468C7D0] [SPRF][10/10/2009] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\hyyssee.bat   [95]
[MD5.F77E8F9FF4CDE2F75D819A761C3B93A9] [SPRF][15/11/2009] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\requimq.bat   [98]
[MD5.B8160D2614E2CE7C3B6749FADCE0B385] [SPRF][24/01/2010] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\tdbhgnu.dat   [3375]
[MD5.4DC9A3650210A7DF96AECCBD10888510] [SPRF][24/01/2010] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\thvbivkq.bat   [97]
[MD5.64432931E82CB075030C361132C26AC3] [SPRF][09/01/2010] (...) -- C:\Users\Abd-El-Hamid\AppData\Local\uthgnazh.bat   [98]
[MD5.B3456EE3F467F60ABDADE5963EDE0292] [SPRF][20/05/2010] (...) -- C:\Users\Abd-El-Hamid\AppData\Roaming\wklnhst.dat   [414]
[MD5.07DA6C9C3547C38BBA12E63F54FD9B00] [SPRF][25/07/2012] (...) -- C:\Users\Abd-El-Hamid\Desktop\adwcleaner.exe   [632049]
[MD5.A2E50750D3894556E2A1354B1D0E6FE4] [SPRF][29/01/2012] (.W3i, LLC - InstallIQ Installation Utility.) -- C:\Users\Abd-El-Hamid\Desktop\mediaplayer.exe   [1653952]
[MD5.C3D32E964E5F5989ECEF890BAE80A837] [SPRF][15/04/2011] (...) -- C:\Users\Abd-El-Hamid\Desktop\RogueKiller.exe   [1103872]
[MD5.32EFD73D28B1CC5D32539B4B10ADD411] [SPRF][26/07/2012] (.El Desaparecido - UsbFix NSIS Installer.) -- C:\Users\Abd-El-Hamid\Desktop\UsbFix.exe   [1270976]
[MD5.2F5A438D23DFD21EBA32306C64EBE992] [SPRF][25/07/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Abd-El-Hamid\Desktop\ZHPDiag2.exe   [4598607]
[MD5.4D930392BD13F448ED474CE2C41DFADA] [SPRF][03/02/2011] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.2 r152.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe   [2871968]
~ Scan Files in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{13C2863D-C605-4AD9-9F78-D3FF2B1D556A}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{4291C81D-72F3-4EC9-99AB-0C73A243D703}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Microsoft Office\Office12\ONENOTE.exe (.not file.)
O87 - FAEL: "{CE27DBDA-2B35-495A-8166-3BE5EDB1866A}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\CyberLink\PowerDirector\PDR.exe
O87 - FAEL: "{F823AF5B-2189-466B-8460-768794499F1E}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.)
O87 - FAEL: "{792E7BFA-64E2-46D3-AC3B-C74260721F53}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.)
O87 - FAEL: "{4997D7C5-C3EF-4380-8BA3-33393BFE129C}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.)
O87 - FAEL: "{B219E725-B8A2-40AA-8530-F3C0B12E8826}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.)
O87 - FAEL: "{EFC6CAA5-4224-4A01-B319-154A1BE1C301}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{08C64BDB-DABE-4A2E-98A1-7C4B1CDD4BC3}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (.not file.)
O87 - FAEL: "{DF7C58EF-CB4A-44FF-9EC0-CD4AD12BB685}" | In - None - P17 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
O87 - FAEL: "{B602BC81-F696-4C6E-935B-9A0856DC570D}" | In - None - P17 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
O87 - FAEL: "{819C66CD-FB89-40BE-97E6-9F037B6AFDAF}" | In - None - P17 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video Main Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
O87 - FAEL: "{867FD40F-69DA-435C-B31D-E5132C149A9E}" | In - None - P17 - TRUE | .(.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O87 - FAEL: "{A5DE65CA-CD37-4E85-9FA8-CFDA4248C190}" | In - None - P17 - TRUE | .(.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O87 - FAEL: "{58C1CE82-2DC1-4140-B87C-642EB194B3DF}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\TV\QP.exe (.not file.)
O87 - FAEL: "{71AF1619-773F-4E00-A5A9-18DEB8E9ABFE}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Hewlett-Packard\Media\TV\QPService.exe (.not file.)
O87 - FAEL: "TCP Query User{A5D24B05-778F-4C9B-AE9D-693E2B949962}C:\program files\real\realplayer\realplay.exe" | In - Public - P6 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe
O87 - FAEL: "UDP Query User{9710C4E2-3BB3-44FE-A2FA-CBEB8B29F609}C:\program files\real\realplayer\realplay.exe" | In - Public - P17 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe
O87 - FAEL: "TCP Query User{5E92AD8A-7B70-47EA-9282-419883948ADC}C:\program files\microprose\risk ii\riskii.exe" | In - Public - P6 - TRUE | .(.Deep Red Games Ltd - Risk II.) -- C:\program files\microprose\risk ii\riskii.exe
O87 - FAEL: "UDP Query User{A21A42B0-7732-42FD-A6A8-88E890CB1006}C:\program files\microprose\risk ii\riskii.exe" | In - Public - P17 - TRUE | .(.Deep Red Games Ltd - Risk II.) -- C:\program files\microprose\risk ii\riskii.exe
O87 - FAEL: "TCP Query User{78D6E0EB-6AC4-4744-9F29-C9C57A104674}C:\program files\live-player\live-player.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\live-player\live-player.exe (.not file.)
O87 - FAEL: "UDP Query User{AA86942D-06EA-494A-8CED-35D67C81AB05}C:\program files\live-player\live-player.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\live-player\live-player.exe (.not file.)
O87 - FAEL: "TCP Query User{AB64A153-32E5-44BA-87E3-3C74A61E9BAC}C:\program files\free download manager\fdm.exe" | In - Public - P6 - TRUE | .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files\free download manager\fdm.exe
O87 - FAEL: "UDP Query User{E5D3CCA5-FE99-43C5-9E70-BD5FA944F068}C:\program files\free download manager\fdm.exe" | In - Public - P17 - TRUE | .(.FreeDownloadManager.ORG - Free Download Manager.) -- C:\program files\free download manager\fdm.exe
O87 - FAEL: "TCP Query User{84685170-9A4E-40AC-83DF-816C8027D03B}C:\program files\freeplayer\vlc\vlc.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\freeplayer\vlc\vlc.exe (.not file.)
O87 - FAEL: "UDP Query User{113C6604-C2FF-4730-A308-0D98288ED1DE}C:\program files\freeplayer\vlc\vlc.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\freeplayer\vlc\vlc.exe (.not file.)
O87 - FAEL: "TCP Query User{D06A86D2-9C4B-4502-96AD-E78869125F83}C:\program files\freeplayer\vlc\vlc.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\freeplayer\vlc\vlc.exe (.not file.)
O87 - FAEL: "UDP Query User{D27CCE3F-726D-42F2-B28C-570B0B448776}C:\program files\freeplayer\vlc\vlc.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\freeplayer\vlc\vlc.exe (.not file.)
O87 - FAEL: "{9EF32517-3BA7-4CE5-B7A7-8E83FE87698C}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\VideoLAN\VLC\vlc.exe
O87 - FAEL: "{2C030999-6745-4A28-91DA-BA83F0A20F93}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\VideoLAN\VLC\vlc.exe
O87 - FAEL: "TCP Query User{7D3BEA43-BF5D-4CBB-954C-F6181B6BBF75}C:\users\abd-el-hamid\desktop\jeux\command and conquer 4 by titi\cnc4server.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\abd-el-hamid\desktop\jeux\command and conquer 4 by titi\cnc4s
O87 - FAEL: "UDP Query User{7CC88C3C-5161-478F-AC29-12FD651F02D1}C:\users\abd-el-hamid\desktop\jeux\command and conquer 4 by titi\cnc4server.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\abd-el-hamid\desktop\jeux\command and conquer 4 by titi\cnc4
O87 - FAEL: "TCP Query User{1AD7C411-2C20-4874-8BD4-F867308398E3}C:\program files\real\realplayer\realplay.exe" | In - Private - P6 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe
O87 - FAEL: "UDP Query User{40A54543-8156-4486-9ADA-3B9B390E8136}C:\program files\real\realplayer\realplay.exe" | In - Private - P17 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\program files\real\realplayer\realplay.exe
O87 - FAEL: "{C9B1A5EC-EFB2-4F67-A8D9-AAF856B795E6}" |In - Public - P6 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{69CB50C4-0549-45ED-8F8D-975B30216F5F}" |In - Public - P17 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{FB12E609-94B6-42FA-B18B-02E463A1C14F}" |In - Private - P6 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{1ACB3B33-D5AD-4593-A881-954BC533B358}" |In - Private - P17 - TRUE | .(...) -- E:\data\eSKernel.exe (.not file.)
O87 - FAEL: "{DC0D0613-2CE7-46B8-BB64-8BFE75463F25}" | In - Private - P6 - TRUE | .(.Teleperformance France - eSKernel.) -- C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: "{CBD1B65E-55A5-401B-A7B2-74B8B813494A}" | In - Private - P17 - TRUE | .(.Teleperformance France - eSKernel.) -- C:\Program Files\Bbox\eSKernel.exe
O87 - FAEL: "{C3E06E8C-575F-438D-BD14-8061BB046437}" | In - Private - P6 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: "{6C1A6BAD-4029-40F8-A881-074230E563DC}" | In - Private - P17 - TRUE | .(.TechCity Solutions France - BTLiveUpdate.) -- C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O87 - FAEL: "{A0E736F0-738E-4984-85B6-2D61B32BD51D}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "{9144ABFA-DB5B-49E4-8465-D2B8FB34C251}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe
O87 - FAEL: "TCP Query User{219F4D96-843F-430C-AE54-2CD813DBCF1A}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" | In - Private - P6 - TRUE | .(.Electronic Arts.) -- C:\programdata\electronic arts\need for speed world\data\nfsw.exe
O87 - FAEL: "UDP Query User{E0B0DF4C-F711-42A4-A3EB-7FF778A676BC}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" | In - Private - P17 - TRUE | .(.Electronic Arts.) -- C:\programdata\electronic arts\need for speed world\data\nfsw.exe
O87 - FAEL: "TCP Query User{F898AF1D-6909-4029-92D2-E73838B1C527}C:\users\abd-el-hamid\appdata\local\directdownloader\directdownloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\abd-el-hamid\appdata\local\directdownloader\directdownloader.exe (.
O87 - FAEL: "UDP Query User{4CE58962-065F-4932-B149-CE708516CCA9}C:\users\abd-el-hamid\appdata\local\directdownloader\directdownloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\abd-el-hamid\appdata\local\directdownloader\directdownloader.exe (
~ Scan Firewall in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : 9170 - (21/07/2012)
Clés trouvées (Keys found) : 19
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 2
Fichiers trouvés  (Files found) : 0

[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PartyPoker]   =>Casino.OnlineGames
[HKLM\Software\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}]   =>PUP.Eorezo
[HKLM\Software\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}]   =>PUP.Eorezo
[HKLM\Software\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}]   =>PUP.Eorezo
[HKLM\Software\Classes\CLSID\{97d69524-bb57-4185-9c7f-5f05593b771a}]   =>PUP.Eorezo
[HKLM\Software\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}]   =>PUP.Eorezo
[HKLM\Software\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}]   =>PUP.Eorezo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7fe5d70-9aa2-40f1-9c6b-12a255f085e1}]   =>Casino.OnlineGames
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b7fe5d70-9aa2-40f1-9c6b-12a255f085e1}]   =>Casino.OnlineGames
[HKLM\Software\Microsoft\Internet Explorer\extensions\{b7fe5d70-9aa2-40f1-9c6b-12a255f085e1}]   =>Casino.OnlineGames
[HKCU\Software\Grand Virtual]   =>Spyware.AgenceExclusive
[HKCU\Software\live-player]   =>Adware.Navipromo
[HKLM\Software\live-player]   =>Adware.Navipromo
[HKCU\Software\PartyFrance]   =>Casino.OnlineGames
[HKCU\Software\PartyGaming]   =>Casino.OnlineGames
[HKCU\Software\poker 770]   =>Adware.Casino
[HKLM\Software\poker 770]   =>Adware.Casino
[HKCU\Software\titan poker]   =>Adware.Casino
[HKLM\Software\titan poker]   =>Adware.Casino
C:\Program Files\Live-Player   =>Adware.Navipromo
~ Scan Additionnel in 00mn 12s



---\\ Recherche détournement de DNS routeur (O89) (None)

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 03/01/2012 63928 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Auto 02/03/2009 81920 |  (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
SR - | Auto 07/04/2010 108289 |  (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 07/04/2010 185089 |  (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 15/09/2009 18752 |  (aswUpdSv) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
SS - | Auto 22/01/2009 729088 |  (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SS - | Auto 15/09/2009 138680 |  (avast! Antivirus) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe
SS - | Demand 15/09/2009 254040 |  (avast! Mail Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
SS - | Demand 15/09/2009 352920 |  (avast! Web Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
SS - | Demand 19/11/2008 222512 |  (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SS - | Auto 29/04/2008 20480 |  (eStantLaunchService) . (.TechCity Solutions France.) - C:\Program Files\BboxUpdate\eSRunService.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/10/2008 94208 |  (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SS - | Demand 23/10/2008 223232 |  (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SS - | Auto 13/05/2011 26168 |  (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SS - | Auto 09/06/2008 73728 |  (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SS - | Demand 02/05/2012 129976 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto  0 |  (Nero BackItUp Scheduler 4.0) . (...) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto  365952 |  (Recovery Service for Windows) . (...) - C:\Program Files\SMINST\BLService.exe
SS - | Auto 14/05/2010 249136 |  (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Auto 03/06/2009 217170 |  (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
SS - | Auto  296320 |  (TVCapSvc) . (...) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
SS - | Auto  116096 |  (TVSched) . (...) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ Scan MBR in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Abd-El-Hamid at 26/07/2012 14:05:09

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s



End of the scan (1793 lines in 04mn 32s)(0)


Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Jeu 26 Juil - 14:11 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Désolé de poster comme ça mais cijoint ne fonctionnent pas...

Autre chose tant que j'y pense la veille prolongée a disparu et c'était déjà comme ça la 1ère fois que j'ai eu ce problème et c'était revenu...


Revenir en haut
Geronimo
Administrateur

Hors ligne

Inscrit le: 07 Fév 2010
Messages: 3 874
Localisation: Dans mon tepee
Sexe: Masculin
Système d'exploitation: Windows 8
memoire ram: 8 Giga
carte graphique:
disque dur: 1,5 tera

MessagePosté le: Jeu 26 Juil - 14:26 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Les hébergeurs de fichiers ce n'est pas cela qui manque.

http://www.1fichier.com/
http://pjjoint.malekal.com/index.php?lang=fr ect...



Surligne le texte en citation ci-dessous ensuite clic droit dessus et choisis Copier dans la liste

Citation:
O42 - Logiciel: Favorit (hyyssee) - (.Pas de propriétaire.) [HKLM] -- hyyssee
[HKCU\Software\Grand Virtual]
[HKCU\Software\Live-Player]
[HKCU\Software\Poker 770]
[HKCU\Software\Titan Poker]
[HKLM\Software\Live-Player]
[HKLM\Software\Poker 770]
[HKLM\Software\Titan Poker]
O43 - CFD: 17/12/2010 - 13:02:34 - [0,822] ----D C:\Program Files\Live-Player
O69 - SBI: SearchScopes [HKCU] {105E99FF-8B9A-4492-B155-06194B9056D2} - (Web Search) - http://startsear.ch
O87 - FAEL: "TCP Query User{78D6E0EB-6AC4-4744-9F29-C9C57A104674}C:\program files\live-player\live-player.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\live-player\live-player.exe (.not file.)
O87 - FAEL: "UDP Query User{AA86942D-06EA-494A-8CED-35D67C81AB05}C:\program files\live-player\live-player.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\live-player\live-player.exe
[HKLM\Software\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}]
[HKLM\Software\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}]
[HKLM\Software\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}]
[HKLM\Software\Classes\CLSID\{97d69524-bb57-4185-9c7f-5f05593b771a}]
[HKLM\Software\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}]
[HKLM\Software\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}]
[HKCU\Software\Grand Virtual]
[HKCU\Software\live-player]
[HKLM\Software\live-player]
[HKCU\Software\poker 770]
[HKLM\Software\poker 770]
[HKCU\Software\titan poker]
[HKLM\Software\titan poker]
C:\Program Files\Live-Player
EmptyTemp
EmptyFlash


Double clique sur
qui est sur le bureau.
Pour Vista et Seven fais un clic droit sur le raccouri de ZHPFix et Exécuter en tant qu'adminstrateur
Clique maintenant sur
(coller les lignes helper)
Le texte copié dans le presse papiers s'affichera dans la fenêtre de ZHPFix



Clique sur

Confirme le nettoyage des données si demandé



Un rapport nommé ZHPFix[R*].txt sera créé et sauvegardé sur le bureau poste son contenu dans ta prochaine réponse
Ce rapport se trouve aussi ici C:\ZHP\ZHPFix[R*].txt



_________________
Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Jeu 26 Juil - 14:58 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

Rapport de ZHPFix 1.2.07 par Nicolas Coolman, Update du 20/07/2012
Fichier d'export Registre :
Run by Abd-El-Hamid at 26/07/2012 14:57:07
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/

========== Logiciel(s) ==========
SUPPRIME Favorit (hyyssee)

========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hyyssee]
SUPPRIME Key*: HKCU\Software\Grand Virtual
SUPPRIME Key*: HKCU\Software\Live-Player
SUPPRIME Key*: HKCU\Software\Poker 770
SUPPRIME Key*: HKCU\Software\Titan Poker
SUPPRIME Key*: HKLM\Software\Live-Player
SUPPRIME Key*: HKLM\Software\Poker 770
SUPPRIME Key*: HKLM\Software\Titan Poker
SUPPRIME Key*: SearchScopes :{105E99FF-8B9A-4492-B155-06194B9056D2}
SUPPRIME Key*: HKLM\Software\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}
SUPPRIME Key*: HKLM\Software\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}
SUPPRIME Key*: HKLM\Software\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}
SUPPRIME Key*: HKLM\Software\Classes\CLSID\{97d69524-bb57-4185-9c7f-5f05593b771a}
SUPPRIME Key*: HKLM\Software\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}
SUPPRIME Key*: HKLM\Software\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}
ABSENT Key: HKCU\Software\live-player
ABSENT Key: HKLM\Software\live-player
ABSENT Key: HKCU\Software\poker 770
ABSENT Key: HKLM\Software\poker 770
ABSENT Key: HKCU\Software\titan poker
ABSENT Key: HKLM\Software\titan poker

========== Valeur(s) du Registre ==========
ABSENT TCP Query User{78D6E0EB-6AC4-4744-9F29-C9C57A104674}C:/program files/live-player/live-player.exe
ABSENT UDP Query User{AA86942D-06EA-494A-8CED-35D67C81AB05}C:/program files/live-player/live-player.exe

========== Dossier(s) ==========
SUPPRIME Folder: C:\Program Files\Live-Player
SUPPRIME Temporaires Windows:
SUPPRIME Flash Cookies:

========== Fichier(s) ==========
ABSENT Folder/File: c:\program files\live-player
SUPPRIME Temporaires Windows:
SUPPRIME Flash Cookies:


========== Récapitulatif ==========
21 : Clé(s) du Registre
2 : Valeur(s) du Registre
3 : Dossier(s)
3 : Fichier(s)
1 : Logiciel(s)


End of clean in 00mn 03s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 25/07/2012 16:25:34 [5849]
C:\ZHP\ZHPFix[R2].txt - 25/07/2012 16:25:37 [5994]
C:\ZHP\ZHPFix[R3].txt - 26/07/2012 14:57:07 [2471]


Revenir en haut
Geronimo
Administrateur

Hors ligne

Inscrit le: 07 Fév 2010
Messages: 3 874
Localisation: Dans mon tepee
Sexe: Masculin
Système d'exploitation: Windows 8
memoire ram: 8 Giga
carte graphique:
disque dur: 1,5 tera

MessagePosté le: Jeu 26 Juil - 15:03 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

As tu toujours des problèmes de lenteur ?



_________________
Revenir en haut
hamham92


Hors ligne

Inscrit le: 25 Juil 2012
Messages: 10
Sexe: Masculin

MessagePosté le: Jeu 26 Juil - 15:33 (2012)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul Répondre en citant

ça va un peu mieux à part que je suis sur le net et à l'ouverture d'un nouvel onglet firefox se bloque et ne répond pas ça dure de 30secs à 2mins environ et sinon il chauffe toujours et s'éteint tout seulet y a aussi avira qui se desactive tout seul...


Revenir en haut
Contenu Sponsorisé






MessagePosté le: Aujourd’hui à 09:02 (2017)    Sujet du message: [Résolu] ordi qui rame et s'éteint tout seul



Revenir en haut
Montrer les messages depuis:   
Poster un nouveau sujet   Répondre au sujet    stopovirus Index du Forum » Lutte anti malware » Eradication virus lutte antimalware Toutes les heures sont au format GMT + 2 Heures
Aller à la page: 1, 2  >
Page 1 sur 2

 
Sauter vers:  

Index | Panneau d’administration | forum gratuit | Forum gratuit d’entraide | Annuaire des forums gratuits | Signaler une violation | Conditions générales d'utilisation
Powered by phpBB © 2001- 2004 phpBB Group
Designed for Trushkin.net | Styles Database
Traduction par : phpBB-fr.com