Rapport de ZHPDiag v1.34.19 par Nicolas Coolman, Update du 09/01/2013
Run by Damien at 09.01.2013 19:57:06
State : 
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 17.0.1 v17.0.1 (Defaut)
GCIE: Google Chrome v23.0.1271.97

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : XV4FB
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 16336.0 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 6 GB (9%) free of 60 GB

---\\ Logged in mode
~ Computer Name: DAMIEN-PC
~ User Name: Damien
~ All Users Names: UpdatusUser, HomeGroupUser$, Damien, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Damien\AppData\Roaming\
~ %Desktop% : C:\Users\Damien\Desktop\
~ %Favorites% : C:\Users\Damien\Favorites\
~ %LocalAppData% : C:\Users\Damien\AppData\Local\
~ %StartMenu% : C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 6 Go of 60 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 393 Go of 488 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 253 Go of 443 Go)
G:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25.02.2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14.07.2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.5121DB613E10A46A3C5085B479026AA7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14.11.2012 - 07:04:11.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21.11.2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21.11.2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28.12.2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14.07.2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14.07.2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21.11.2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21.11.2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14.07.2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14.07.2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27.04.2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21.11.2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31.08.2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14.07.2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21.11.2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14.07.2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21.11.2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25.02.2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Scan Generic Processes in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/195
~ Mes musiques (My Musics) : 10/3815
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 2/251
~ Mon Bureau (My Desktop) : 1/4
~ Menu demarrer (Programs) : 1/16
~ Scan Hidden Files in 00mn 00s



---\\ Running Processes
[MD5.3B2DDFABCC929174CD7212D11CEF0E0E].(...) -- C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe   [2443800] [PID.2248]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4].(...) -- D:\Program Files (x86)\RocketDock\RocketDock.exe   [495616] [PID.2756]
[MD5.A24B9F75B9535B7CCDDC1E2DE7CBF64F].(.Intel Corporation.Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe   [291648] [PID.2652]
[MD5.1D2B51E5291448DA123644A41250F6D6].(.AVG Technologies CZ, s.r.o..AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe   [3143800] [PID.3096]
[MD5.84A878D2D4A84CC73D53733F80FB57CE].(.SweetIM Technologies Ltd..Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe   [231768] [PID.3156]
[MD5.92C8B4413CAC0350C76AC5168FF49B6F].(..VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe   [1099592] [PID.3180]
[MD5.205E6E08B4921CE48B8E80A2D2FDE6F2].(.Logitech Inc..Logitech G-series Media Display.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe   [522824] [PID.3460]
[MD5.A80C173AC5C75706BB74AE4D78F2A53D].(.Microsoft Corporation.Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe   [164864] [PID.2624]
[MD5.90C2705EADBFB539A848333B4F3E99FD].(.TeamSpeak Systems GmbH.TeamSpeak 3 Client.) -- D:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe   [9128944] [PID.5688]
[MD5.E3CD0A561F3AABE8607BF1474F4AE1DD].(.Valve Corporation.Steam.) -- E:\Steam\Steam.exe   [1354736] [PID.5556]
[MD5.5744FFF8E72D105C138DAE9E17BB29FE].(.Mozilla Corporation.Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [916960] [PID.5676]
[MD5.C142445B59C1DABA31F6397A34C42C74].(.Mozilla Corporation.Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [16864] [PID.4692]
[MD5.4EBF0CF9B48781DA145A147AA7E9E505].(.Adobe Systems, Inc..Adobe Flash Player 11.5 r502.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe   [1808392] [PID.6080]
[MD5.0F3AA1E262FC566E4A652CFE837DF10F].(.Nicolas Coolman.ZHPDiag.) -- D:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [4969984] [PID.6148]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\Damien\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preference [User Data\Default] http://www.google.com
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\Damien\AppData\Roaming\Mozilla\Firefox\Profiles\31jy3jpe.default\prefs.js
C:\Users\Damien\AppData\Roaming\Mozilla\Firefox\Profiles\31jy3jpe.default\user.js
M3 - MFPP: Plugins - [Damien] -- C:\Users\Damien\AppData\Roaming\Mozilla\Firefox\Profiles\31jy3jpe.default\searchplugins\babylon1.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Damien] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Damien - 31jy3jpe.default] http://google.fr
M2 - MFEP: prefs.js [Damien - 31jy3jpe.default\jid1-qQSMEVsYTOjgYA@jetpack] [] Better Battlelog (BBLog) v3.2.0 (.BrainFooLong.)
M2 - MFEP: prefs.js [Damien - 31jy3jpe.default\plugin@yontoo.com] [] Yontoo v1.20.00 (.Yontoo LLC.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.10.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.10.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.10.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win64 # 6.5.0.3.) -- C:\Program Files\ma-config.com\x64\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.0.1f1.) -- C:\Users\Damien\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKCU] [ubisoft.com/uplaypc] - (.Ubisoft - Uplay PC Plugin.) -- D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Browser Helper Objects (O2)
O2 - BHO: CrossriderApp0021810 [64Bits] - {11111111-1111-1111-1111-110211181110} . (.215 Apps - Giant Savings Extension BHO.) -- C:\Program Files (x86)\Giant Savings Extension\Giant Savings Extension.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - .) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.4.9\bh\BabylonToolbar.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (. - toolbar.dll.) -- C:\Program Files (x86)\AVG Secure Search\14.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Wajam IE BHO [64Bits] - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll
~ Scan BHO in 00mn 00s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 
O4 - HKLM\..\Run: [Launch LgDeviceAgent] . (.Logitech Inc. - Logitech GamePanel Agent.) -- C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe 
O4 - HKLM\..\Run: [Launch LCDMon] . (.Logitech Inc. - Logitech LCD Manager.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe 
O4 - HKLM\..\Run: [Launch LGDCore] . (.Logitech Inc. - Logitech G-series Profiler.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe 
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe 
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 
O4 - HKCU\..\Run: [RocketDock] . (...) -- D:\Program Files (x86)\RocketDock\RocketDock.exe 
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKCU\..\Run: [AdobeBridge]  
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Wow6432Node\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe 
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (. - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-21-1440571822-1613912104-2328342273-1003-1440571822-1613912104-2328342273-1000\..\Run: [RocketDock] . (...) -- D:\Program Files (x86)\RocketDock\RocketDock.exe 
O4 - HKUS\S-1-5-21-1440571822-1613912104-2328342273-1003-1440571822-1613912104-2328342273-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe 
O4 - HKUS\S-1-5-21-1440571822-1613912104-2328342273-1003-1440571822-1613912104-2328342273-1000\..\Run: [AdobeBridge]  
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
~ Scan Application in 00mn 00s



---\\ Other User Links (O4)
O4 - Global Startup: C:\Users\UpdatusUser\Desktop\CamStudio.lnk . (...)  -- D:\Program Files (x86)\CamStudio\Recorder.exe (.not file.)
O4 - Global Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Damien\Desktop\Minecraft.lnk . (...)  -- C:\Users\Damien\AppData\Roaming\.minecraft\Minecraft.bat
O4 - Global Startup: C:\Users\Damien\Desktop\Minecraft_Server.lnk . (...)  -- D:\Program Files (x86)\Serveur_minecraft\Minecraft_Server.exe
O4 - Global Startup: C:\Users\Damien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\Damien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Scan Global Startup in 00mn 00s



---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E152C77-CE79-489E-9DFE-EB31FE2C9D99}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E152C77-CE79-489E-9DFE-EB31FE2C9D99}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{5E152C77-CE79-489E-9DFE-EB31FE2C9D99}: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Scan Domain in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) -- C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.0\ViProtocol.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: WB . (...) -- C:\Program Files (x86)\Stardock\MyColors\fast64.dll (.not file.)
~ Scan Winlogon in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service In (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) . (...) - C:\Program Files (x86)\Skype\Updater\Updater.exe (.not file.)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service:  (vToolbarUpdater14.0.0) . (. - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
O23 - Service:  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 00s



---\\ Windows Active Desktop Components  & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.424877CB9D5517F980FF7BACA2EB379D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [{2C1D7355-0195-43CC-B412-6A9E9926ECF3}] (...) -- D:\Downloads\InstallLCPDFR.exe (.not file.)
[MD5.7BCFFE9C9EB371A9F139DA2551E515E1] [APT] [{69C0BF2F-467F-409E-B823-8832883D461C}] (.Babylon Ltd..) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.4.9\GUninstaller.exe
[MD5.00000000000000000000000000000000] [APT] [{9A6F2029-5328-4C84-BAEF-D1089F579B49}] (...) -- D:\Downloads\InstallLCPDFR.exe (.not file.)
~ Scan Scheduled Task in 00mn 00s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - C:\Windows\System32\DRIVERS\avgidsdrivera.sys
O41 - Driver:  (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys
O41 - Driver:  (Avgtdia) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdia.sys
O41 - Driver:  (avgtp) . (.AVG Technologies - .) - C:\Windows\system32\drivers\avgtpx64.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {504184A2-1B0E-5D93-603A-517E93E7EDB3}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {46DA7FD9-8BC1-7BA8-98D1-27F46647871B}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0407893F-352C-B182-E04A-A8C3333DA29B}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}
O42 - Logiciel: ARMA 2 - (.Bohemia Interactive.) [HKLM][64Bits] -- Steam App 33910
O42 - Logiciel: ARMA 2: Operation Arrowhead - (.Bohemia Interactive.) [HKLM][64Bits] -- Steam App 33930
O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM][64Bits] -- {73105254-4936-47AC-ACDE-08D11D25E3DB}
O42 - Logiciel: AVG 2013 - (.AVG Technologies.) [HKLM][64Bits] -- {B9D80BD8-C6F4-467C-9717-0ABA9684DA29}
O42 - Logiciel: AVG Security Toolbar - (.AVG Technologies.) [HKLM][64Bits] -- AVG Secure Search
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Ancient Weapon Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {E00A5837-482C-4DCE-B4CC-D16B343374E1}
O42 - Logiciel: Assassin's Creed (R) III - (.Ubisoft.) [HKLM][64Bits] -- {9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}
O42 - Logiciel: BF3 Settings Editor - (.Realmware.) [HKLM][64Bits] -- {5866DD36-8055-475B-A5C3-82C04091D14E}
O42 - Logiciel: Babylon toolbar  - (.BabylonToolbar.) [HKLM][64Bits] -- BabylonToolbar
O42 - Logiciel: BattlEye for OA Uninstall - (..) [HKLM][64Bits] -- BattlEye for OA
O42 - Logiciel: Battlefield 3™ - (.Electronic Arts.) [HKLM][64Bits] -- {76285C16-411A-488A-BCE3-C83CB933D8CF}
O42 - Logiciel: Battlelog Web Plugins - (.EA Digital Illusions CE AB.) [HKLM][64Bits] -- Battlelog Web Plugins
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM][64Bits] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}
O42 - Logiciel: Curse Client - (.Curse.) [HKCU][64Bits] -- 101a9f93b8f0bb6f
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite
O42 - Logiciel: DayZ Commander - (.Dotjosh Studios.) [HKLM][64Bits] -- {D35C30C0-0A42-44C2-BBC9-23431832C89E}
O42 - Logiciel: Diablo III - (.Blizzard Entertainment.) [HKLM][64Bits] -- Diablo III
O42 - Logiciel: Désinstaller l'imprimante EPSON SX110 Series - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON SX110 Series
O42 - Logiciel: EPSON Scan - (..) [HKLM][64Bits] -- EPSON Scanner
O42 - Logiciel: ESN Sonar - (.ESN Social Software AB.) [HKLM][64Bits] -- ESN Sonar-0.70.4
O42 - Logiciel: Epson Stylus SX110_TX110 Manuel - (..) [HKLM][64Bits] -- Epson Stylus SX110_TX110 Guide d'utilisation
O42 - Logiciel: F1 2012 - Update 1 - (..) [HKLM][64Bits] -- F1 2012_is1
O42 - Logiciel: FIFA 13 - (.Electronic Arts.) [HKLM][64Bits] -- {A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}
O42 - Logiciel: Far Cry® 3 - (.Ubisoft.) [HKLM][64Bits] -- Steam App 220240
O42 - Logiciel: Farm Animal Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {F290F841-044D-44EF-9E51-FFFEA7FEE2D7}
O42 - Logiciel: Futuremark SystemInfo - (.Futuremark Corporation.) [HKLM][64Bits] -- {BEE64C14-BEF1-4610-8A68-A16EAA47B882}
O42 - Logiciel: Ghost Recon Online - (.Ubisoft.) [HKCU][64Bits] -- d8be6c3f847d7d92
O42 - Logiciel: Giant Savings Extension - (.215 Apps.) [HKLM][64Bits] -- Giant Savings Extension
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Grand Theft Auto IV - (.Rockstar Games Inc..) [HKLM][64Bits] -- {5454083B-1308-4485-BF17-1110000D8301}
O42 - Logiciel: Grand Theft Auto IV - (.Rockstar.) [HKLM][64Bits] -- Steam App 12210
O42 - Logiciel: Hitman Absolution - (..) [HKLM][64Bits] -- Hitman Absolution_is1
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {977D1ABF-4089-4CA7-BA33-CC75808B7ACE}
O42 - Logiciel: Intel® Watchdog Timer Driver (Intel® WDT) - (.Intel Corporation.) [HKLM][64Bits] -- {3FD0C489-0F02-481a-A3E1-9754CD396761}
O42 - Logiciel: Java 7 Update 10 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417010FF}
O42 - Logiciel: LCDSirReal - a multipurpose plugin for the Logitech G13/G15 - (.Link Data Stockholm.) [HKCU][64Bits] -- LCDSirReal
O42 - Logiciel: Logitech GamePanel Software 3.06.109 - (.Logitech Inc..) [HKLM][64Bits] -- {A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}
O42 - Logiciel: Logitech SetPoint 6.32 - (.Logitech.) [HKLM][64Bits] -- sp6
O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {602C9E30-F838-4AD2-8DC2-265C192D4AAC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM][64Bits] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {925D058B-564A-443A-B4B2-7E90C6432E55}
O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM][64Bits] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM][64Bits] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45}
O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM][64Bits] -- {D1A19B02-817E-4296-A45B-07853FD74D57}
O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM][64Bits] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {8557397C-A42D-486F-97B3-A2CBC2372593}
O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM][64Bits] -- {08D2E121-7F6A-43EB-97FD-629B44903403}
O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM][64Bits] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
O42 - Logiciel: Mises à jour NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Modern War Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {A514E94F-C436-44C3-A1E9-1F58CD352669}
O42 - Logiciel: Mozilla Firefox 17.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 17.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mumble 1.2.3 - (.Thorvald Natvig.) [HKLM][64Bits] -- {E1019541-10A2-464F-A23E-A4F23DA65160}
O42 - Logiciel: NGists G15/TeamSpeak Display - (.Prabang Ltd.) [HKLM][64Bits] -- {07C903D3-2996-4683-9B49-7839207148CA}
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.12.0604 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}
O42 - Logiciel: NVIDIA Pilote 3D Vision 306.97 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 306.23 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Pilote graphique 306.97 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: Need for Speed Most Wanted - (..) [HKLM][64Bits] -- Need for Speed Most Wanted_is1
O42 - Logiciel: Notepad++ - (..) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: OpenSSL 1.0.1c Light (32-bit) - (.OpenSSL Win32 Installer Team.) [HKLM][64Bits] -- OpenSSL Light (32-bit)_is1
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM][64Bits] -- RocketDock_is1
O42 - Logiciel: Saints Row: The Third - (.Volition.) [HKLM][64Bits] -- Steam App 55230
O42 - Logiciel: Skype™ 6.0 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EA17F4FC-FDBF-4CF8-A529-2D983132D053}
O42 - Logiciel: Spooky Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {F71EBF86-9A73-44C0-A674-55FA3E4A8428}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client
O42 - Logiciel: Tukui Update Utility - (.Tukui.) [HKLM][64Bits] -- {B5EDE97F-29A3-4A18-B9AE-CBE33DD2ED61}
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay
O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F}
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM][64Bits] -- World of Warcraft
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM][64Bits] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: theHunter (remove only) - (.Expansive Worlds.) [HKLM][64Bits] -- theHunter
O42 - Logiciel: µTorrent - (..) [HKLM][64Bits] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\532d78ab26fb844]
[HKCU\Software\AMD]
[HKCU\Software\ASUS]
[HKCU\Software\ATI]
[HKCU\Software\AVG Secure Search]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Giant Savings Extension]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Avg]
[HKCU\Software\BabylonToolbar]
[HKCU\Software\Battlefield 1942]
[HKCU\Software\BitTorrent]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\Bohemia Interactive Studio]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Cr_Installer]
[HKCU\Software\DT Soft]
[HKCU\Software\DataMngr]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\EA Games]
[HKCU\Software\EPSON]
[HKCU\Software\Electronic Arts]
[HKCU\Software\FLT]
[HKCU\Software\GameSpy]
[HKCU\Software\Google]
[HKCU\Software\IM]
[HKCU\Software\IO Interactive]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]
[HKCU\Software\InstalledBrowserExtensions]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavalys]
[HKCU\Software\Leadertech]
[HKCU\Software\Link Data]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logitech]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Modern UI Test]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Mumble]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Policies]
[HKCU\Software\Portrait Displays, Inc.]
[HKCU\Software\Portrait Displays]
[HKCU\Software\Realtek]
[HKCU\Software\RocketDock]
[HKCU\Software\Rockstar Games]
[HKCU\Software\SEIKO EPSON]
[HKCU\Software\SecuROM]
[HKCU\Software\Skype]
[HKCU\Software\Softonic]
[HKCU\Software\Stardock]
[HKCU\Software\StartSearch]
[HKCU\Software\SweetIM]
[HKCU\Software\Symantec]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\Ubisoft]
[HKCU\Software\Unity]
[HKCU\Software\Valve]
[HKCU\Software\Wajam]
[HKCU\Software\Win7Themes]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\cybelsoft]
[HKCU\Software\theHunter]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Alienware]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\EPSON]
[HKLM\Software\Futuremark]
[HKLM\Software\IM Providers]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Stardock]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\4shared Desktop]
[HKLM\Software\Wow6432Node\532d78ab26fb844]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ASUS]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AVG Security Toolbar]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Blizzard Entertainment]
[HKLM\Software\Wow6432Node\Bohemia Interactive Studio]
[HKLM\Software\Wow6432Node\Bohemia Interactive]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Canneverbe Limited]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\DT Soft]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\EA Games]
[HKLM\Software\Wow6432Node\EA Sports]
[HKLM\Software\Wow6432Node\EPSON]
[HKLM\Software\Wow6432Node\ESN Launcher-1.138.0]
[HKLM\Software\Wow6432Node\ESN Launcher]
[HKLM\Software\Wow6432Node\Electronic Arts]
[HKLM\Software\Wow6432Node\Even Balance]
[HKLM\Software\Wow6432Node\Futuremark Corporation]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NPCCU]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Origin Games]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Rockstar Games]
[HKLM\Software\Wow6432Node\SCS Software]
[HKLM\Software\Wow6432Node\Screaming Bee]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Stardock]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\Ubisoft]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\cybelsoft]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node]
[HKLM\Software\cybelsoft]
~ Scan Softwares in 00mn 00s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 09.11.2012 - 16:47:44 - [765.948] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 23.11.2012 - 13:12:38 - [2.145] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 23.11.2012 - 13:12:39 - [0.389] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 03.10.2012 - 00:36:34 - [58.510] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 20.09.2012 - 13:10:38 - [113.967] ----D C:\Program Files (x86)\AVG
O43 - CFD: 26.12.2012 - 14:12:10 - [13.774] ----D C:\Program Files (x86)\AVG Secure Search
O43 - CFD: 14.12.2012 - 15:34:28 - [2.337] ----D C:\Program Files (x86)\BabylonToolbar
O43 - CFD: 17.12.2012 - 18:19:24 - [11.220] ----D C:\Program Files (x86)\Battlelog Web Plugins
O43 - CFD: 04.01.2013 - 23:21:27 - [444.023] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 23.11.2012 - 22:02:20 - [13.906] ----D C:\Program Files (x86)\epson
O43 - CFD: 25.12.2012 - 00:02:07 - [3.420] ----D C:\Program Files (x86)\Futuremark
O43 - CFD: 27.12.2012 - 15:04:37 - [5.058] ----D C:\Program Files (x86)\Giant Savings Extension
O43 - CFD: 29.09.2012 - 17:34:02 - [820.617] ----D C:\Program Files (x86)\Google
O43 - CFD: 06.01.2013 - 14:06:24 - [23.053] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 29.09.2012 - 12:23:31 - [27.494] ----D C:\Program Files (x86)\Intel
O43 - CFD: 12.12.2012 - 15:47:53 - [4.933] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 29.09.2012 - 17:50:11 - [0.108] ----D C:\Program Files (x86)\Logitech
O43 - CFD: 10.10.2012 - 14:42:43 - [40.838] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 20.09.2012 - 21:03:37 - [0.023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05.12.2012 - 03:07:15 - [42.500] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 05.12.2012 - 11:14:57 - [0.212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14.07.2009 - 06:32:38 - [0.025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 29.09.2012 - 16:48:06 - [0] ----D C:\Program Files (x86)\My Company Name
O43 - CFD: 18.11.2012 - 18:12:27 - [135.034] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 23.11.2012 - 13:09:27 - [6.073] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14.07.2009 - 06:32:38 - [37.357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 27.12.2012 - 15:37:47 - [0.824] ----D C:\Program Files (x86)\Stardock
O43 - CFD: 28.10.2012 - 04:05:37 - [2.765] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 20.09.2012 - 12:58:52 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14.07.2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 06.10.2012 - 11:41:48 - [94.079] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 10.11.2012 - 15:00:43 - [0.505] ----D C:\Program Files (x86)\Wajam
O43 - CFD: 12.04.2011 - 10:16:36 - [0.500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 12.04.2011 - 10:16:36 - [5.895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 12.04.2011 - 10:16:36 - [4.791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14.07.2009 - 06:32:38 - [11.632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 12.04.2011 - 10:16:36 - [4.213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21.11.2010 - 04:31:38 - [0.181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12.04.2011 - 10:16:36 - [5.717] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 29.09.2012 - 13:57:27 - [4.131] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 28.10.2012 - 03:42:29 - [0.319] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 09.11.2012 - 16:48:24 - [309.776] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 09.11.2012 - 16:46:23 - [30.670] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 23.11.2012 - 13:12:29 - [2.737] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 26.12.2012 - 14:12:11 - [15.129] ----D C:\Program Files (x86)\Common Files\AVG Secure Search
O43 - CFD: 31.12.2012 - 16:27:02 - [3.679] ----D C:\Program Files (x86)\Common Files\Blizzard Entertainment
O43 - CFD: 04.01.2013 - 13:29:56 - [1.667] --H-D C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 29.09.2012 - 16:46:01 - [7.963] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 11.10.2012 - 13:47:18 - [0.494] ----D C:\Program Files (x86)\Common Files\LogiShrd
O43 - CFD: 06.01.2013 - 04:24:24 - [20.183] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 20.09.2012 - 13:01:23 - [0.185] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14.07.2009 - 04:20:08 - [0.003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 03.12.2012 - 00:20:30 - [2.056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14.07.2009 - 04:20:08 - [39.200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 29.12.2012 - 14:54:07 - [0.517] ----D C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 20.09.2012 - 21:01:15 - [9.767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 09.12.2012 - 14:08:50 - [383.150] ----D C:\ProgramData\Adobe
O43 - CFD: 23.11.2012 - 13:12:41 - [0.792] ----D C:\ProgramData\AMD
O43 - CFD: 14.07.2009 - 06:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 23.11.2012 - 13:12:44 - [0.000] ----D C:\ProgramData\ATI
O43 - CFD: 09.11.2012 - 08:46:12 - [1.953] ----D C:\ProgramData\AVG Secure Search
O43 - CFD: 20.09.2012 - 13:12:18 - [244.122] ----D C:\ProgramData\AVG2013
O43 - CFD: 14.12.2012 - 15:34:16 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 03.11.2012 - 16:46:41 - [202.193] ----D C:\ProgramData\Battle.net
O43 - CFD: 03.11.2012 - 16:47:12 - [4.168] ----D C:\ProgramData\Blizzard Entertainment
O43 - CFD: 14.12.2012 - 15:34:33 - [7.946] ----D C:\ProgramData\BrowserProtect
O43 - CFD: 20.09.2012 - 12:05:54 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 10.11.2012 - 15:03:39 - [0] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 19.10.2012 - 02:12:39 - [2000.000] ----D C:\ProgramData\Codemasters
O43 - CFD: 20.09.2012 - 13:05:59 - [0.000] --H-D C:\ProgramData\Common Files
O43 - CFD: 19.10.2012 - 02:00:19 - [0.001] ----D C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 14.07.2009 - 06:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14.07.2009 - 06:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 07.10.2012 - 14:49:50 - [0] ----D C:\ProgramData\EA Core
O43 - CFD: 13.10.2012 - 00:32:03 - [0.001] ----D C:\ProgramData\EA Logs
O43 - CFD: 07.10.2012 - 14:49:53 - [1.118] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 23.11.2012 - 22:01:38 - [8.213] ----D C:\ProgramData\EPSON
O43 - CFD: 20.09.2012 - 12:05:54 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14.07.2009 - 06:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 02.11.2012 - 05:46:29 - [0.004] ----D C:\ProgramData\Hunter
O43 - CFD: 20.09.2012 - 13:01:38 - [0.175] ----D C:\ProgramData\Intel
O43 - CFD: 11.10.2012 - 13:47:17 - [3.531] ----D C:\ProgramData\LogiShrd
O43 - CFD: 29.09.2012 - 17:50:11 - [1.482] ----D C:\ProgramData\Logitech
O43 - CFD: 18.11.2012 - 18:14:21 - [1.363] ----D C:\ProgramData\ma-config.com
O43 - CFD: 03.11.2012 - 16:23:18 - [16.096] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 10.10.2012 - 14:42:11 - [0.223] ----D C:\ProgramData\McAfee
O43 - CFD: 20.09.2012 - 12:05:54 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 09.01.2013 - 18:26:24 - [8.301] ----D C:\ProgramData\MFAData
O43 - CFD: 30.11.2012 - 19:46:50 - [221.787] -S--D C:\ProgramData\Microsoft
O43 - CFD: 20.09.2012 - 12:05:54 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 20.09.2012 - 13:08:43 - [0.019] ----D C:\ProgramData\Mozilla
O43 - CFD: 29.09.2012 - 17:52:28 - [0.014] ----D C:\ProgramData\Norton
O43 - CFD: 29.09.2012 - 17:34:09 - [23.548] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 09.01.2013 - 18:49:39 - [2.706] ----D C:\ProgramData\NVIDIA
O43 - CFD: 02.10.2012 - 17:18:45 - [2.410] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 21.12.2012 - 18:25:38 - [0.101] ----D C:\ProgramData\Orbit
O43 - CFD: 30.11.2012 - 15:29:40 - [6.713] ----D C:\ProgramData\Origin
O43 - CFD: 09.11.2012 - 16:48:32 - [0.002] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 27.10.2012 - 21:32:22 - [1.586] ----D C:\ProgramData\Screaming Bee
O43 - CFD: 06.01.2013 - 04:21:56 - [0.116] -SH-D C:\ProgramData\SecuROM
O43 - CFD: 03.12.2012 - 00:20:31 - [38.544] ----D C:\ProgramData\Skype
O43 - CFD: 14.07.2009 - 06:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 23.10.2012 - 17:42:39 - [0.000] ----D C:\ProgramData\Sun
O43 - CFD: 28.10.2012 - 04:05:37 - [0.000] ----D C:\ProgramData\SweetIM
O43 - CFD: 28.10.2012 - 03:42:28 - [1.661] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 14.07.2009 - 06:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 07.01.2013 - 19:25:14 - [100.295] ----D C:\Users\Damien\AppData\Roaming\.minecraft
O43 - CFD: 18.12.2012 - 02:04:04 - [48.755] ----D C:\Users\Damien\AppData\Roaming\Adobe
O43 - CFD: 09.11.2012 - 18:31:06 - [0.000] ----D C:\Users\Damien\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 20.09.2012 - 15:23:27 - [0] ----D C:\Users\Damien\AppData\Roaming\ATI
O43 - CFD: 20.09.2012 - 13:13:00 - [0.006] ----D C:\Users\Damien\AppData\Roaming\AVG2013
O43 - CFD: 10.11.2012 - 15:03:39 - [0.001] ----D C:\Users\Damien\AppData\Roaming\Canneverbe Limited
O43 - CFD: 29.12.2012 - 21:47:30 - [1.654] ----D C:\Users\Damien\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 14.12.2012 - 16:29:44 - [1.727] ----D C:\Users\Damien\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 18.12.2012 - 03:53:35 - [0] ----D C:\Users\Damien\AppData\Roaming\DisplayTune
O43 - CFD: 22.11.2012 - 16:09:29 - [0.000] ----D C:\Users\Damien\AppData\Roaming\dvdcss
O43 - CFD: 20.09.2012 - 12:06:01 - [0] ----D C:\Users\Damien\AppData\Roaming\Identities
O43 - CFD: 20.09.2012 - 13:01:07 - [0] ----D C:\Users\Damien\AppData\Roaming\InstallShield
O43 - CFD: 11.10.2012 - 13:47:19 - [0.000] ----D C:\Users\Damien\AppData\Roaming\Leadertech
O43 - CFD: 11.10.2012 - 13:46:28 - [0.181] ----D C:\Users\Damien\AppData\Roaming\Logishrd
O43 - CFD: 11.10.2012 - 13:47:25 - [0.001] ----D C:\Users\Damien\AppData\Roaming\Logitech
O43 - CFD: 29.09.2012 - 13:31:05 - [0.165] ----D C:\Users\Damien\AppData\Roaming\Macromedia
O43 - CFD: 03.11.2012 - 16:23:24 - [0.014] ----D C:\Users\Damien\AppData\Roaming\Malwarebytes
O43 - CFD: 12.04.2011 - 10:27:52 - [0] ----D C:\Users\Damien\AppData\Roaming\Media Center Programs
O43 - CFD: 06.01.2013 - 04:22:56 - [62.379] -S--D C:\Users\Damien\AppData\Roaming\Microsoft
O43 - CFD: 24.12.2012 - 17:11:02 - [0.773] ----D C:\Users\Damien\AppData\Roaming\Milestone
O43 - CFD: 20.09.2012 - 13:08:48 - [250.086] ----D C:\Users\Damien\AppData\Roaming\Mozilla
O43 - CFD: 05.01.2013 - 23:42:56 - [1.288] ----D C:\Users\Damien\AppData\Roaming\Mumble
O43 - CFD: 07.01.2013 - 18:06:33 - [0.226] ----D C:\Users\Damien\AppData\Roaming\Notepad++
O43 - CFD: 15.10.2012 - 23:40:37 - [0.856] ----D C:\Users\Damien\AppData\Roaming\NVIDIA
O43 - CFD: 30.11.2012 - 15:29:39 - [0.131] ----D C:\Users\Damien\AppData\Roaming\Origin
O43 - CFD: 29.09.2012 - 14:17:09 - [0.019] ----D C:\Users\Damien\AppData\Roaming\Prabang
O43 - CFD: 06.01.2013 - 04:20:29 - [0.010] R-H-D C:\Users\Damien\AppData\Roaming\SecuROM
O43 - CFD: 18.12.2012 - 17:38:26 - [5.128] ----D C:\Users\Damien\AppData\Roaming\Skype
O43 - CFD: 09.11.2012 - 16:53:48 - [0.006] ----D C:\Users\Damien\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 25.12.2012 - 00:05:53 - [0.039] ----D C:\Users\Damien\AppData\Roaming\Theta
O43 - CFD: 09.01.2013 - 19:55:29 - [11.174] ----D C:\Users\Damien\AppData\Roaming\TS3Client
O43 - CFD: 20.09.2012 - 13:12:06 - [0] ----D C:\Users\Damien\AppData\Roaming\TuneUp Software
O43 - CFD: 02.01.2013 - 01:20:30 - [0.000] ----D C:\Users\Damien\AppData\Roaming\Unity
O43 - CFD: 06.01.2013 - 02:11:44 - [10.652] ----D C:\Users\Damien\AppData\Roaming\uTorrent
O43 - CFD: 31.12.2012 - 22:09:35 - [0.079] ----D C:\Users\Damien\AppData\Roaming\vlc
O43 - CFD: 29.09.2012 - 13:59:31 - [0.000] ----D C:\Users\Damien\AppData\Roaming\WinRAR
O43 - CFD: 16.11.2012 - 17:31:14 - [14.918] ----D C:\Users\Damien\AppData\Local\Adobe
O43 - CFD: 20.09.2012 - 12:05:57 - [0] ----D C:\Users\Damien\AppData\Local\Application Data
O43 - CFD: 02.10.2012 - 17:26:46 - [48.315] ----D C:\Users\Damien\AppData\Local\Apps
O43 - CFD: 31.12.2012 - 22:03:08 - [0] ----D C:\Users\Damien\AppData\Local\Arktos
O43 - CFD: 03.10.2012 - 01:00:09 - [0] ----D C:\Users\Damien\AppData\Local\ArmA 2
O43 - CFD: 08.01.2013 - 22:10:11 - [5.915] ----D C:\Users\Damien\AppData\Local\ArmA 2 OA
O43 - CFD: 20.09.2012 - 15:23:27 - [0.063] ----D C:\Users\Damien\AppData\Local\ATI
O43 - CFD: 20.09.2012 - 13:12:07 - [1.089] ----D C:\Users\Damien\AppData\Local\AVG Secure Search
O43 - CFD: 20.09.2012 - 15:24:36 - [12.401] ----D C:\Users\Damien\AppData\Local\Avg2013
O43 - CFD: 08.01.2013 - 22:10:16 - [242.474] ----D C:\Users\Damien\AppData\Local\CrashDumps
O43 - CFD: 31.12.2012 - 22:03:07 - [0.000] ----D C:\Users\Damien\AppData\Local\CrashRpt
O43 - CFD: 03.10.2012 - 00:44:34 - [0.003] ----D C:\Users\Damien\AppData\Local\DayZCommander
O43 - CFD: 06.01.2013 - 14:53:52 - [0] ----D C:\Users\Damien\AppData\Local\Deployment
O43 - CFD: 07.01.2013 - 04:35:03 - [1.759] ----D C:\Users\Damien\AppData\Local\Diagnostics
O43 - CFD: 24.12.2012 - 14:18:18 - [0] ----D C:\Users\Damien\AppData\Local\ElevatedDiagnostics
O43 - CFD: 20.11.2012 - 15:47:01 - [0] ----D C:\Users\Damien\AppData\Local\ESN
O43 - CFD: 05.12.2012 - 04:38:46 - [0.015] ----D C:\Users\Damien\AppData\Local\ESN Sonar
O43 - CFD: 19.10.2012 - 02:12:39 - [0.787] ----D C:\Users\Damien\AppData\Local\FLT
O43 - CFD: 27.12.2012 - 15:04:33 - [0.039] ----D C:\Users\Damien\AppData\Local\Giant Savings Extension
O43 - CFD: 09.10.2012 - 23:51:34 - [24.887] ----D C:\Users\Damien\AppData\Local\Google
O43 - CFD: 20.09.2012 - 12:05:57 - [0] ----D C:\Users\Damien\AppData\Local\Historique
O43 - CFD: 11.10.2012 - 13:47:25 - [0.334] ----D C:\Users\Damien\AppData\Local\LogiShrd
O43 - CFD: 11.10.2012 - 20:36:49 - [0.034] ----D C:\Users\Damien\AppData\Local\Logitech
O43 - CFD: 29.09.2012 - 13:31:05 - [0] ----D C:\Users\Damien\AppData\Local\Macromedia
O43 - CFD: 20.09.2012 - 13:05:59 - [6.658] ----D C:\Users\Damien\AppData\Local\MFAData
O43 - CFD: 06.01.2013 - 14:06:01 - [297.382] ----D C:\Users\Damien\AppData\Local\Microsoft
O43 - CFD: 25.12.2012 - 11:23:15 - [0.933] ----D C:\Users\Damien\AppData\Local\Microsoft Games
O43 - CFD: 20.09.2012 - 13:08:45 - [371.919] ----D C:\Users\Damien\AppData\Local\Mozilla
O43 - CFD: 05.10.2012 - 22:32:55 - [0] ----D C:\Users\Damien\AppData\Local\Mumble
O43 - CFD: 03.10.2012 - 01:06:22 - [15.589] ----D C:\Users\Damien\AppData\Local\Origin
O43 - CFD: 27.12.2012 - 15:37:33 - [0] ----D C:\Users\Damien\AppData\Local\PackageAware
O43 - CFD: 29.09.2012 - 14:17:10 - [0.001] ----D C:\Users\Damien\AppData\Local\Prabang
O43 - CFD: 04.01.2013 - 13:11:53 - [0] ----D C:\Users\Damien\AppData\Local\Programs
O43 - CFD: 21.12.2012 - 18:25:50 - [9.715] ----D C:\Users\Damien\AppData\Local\PunkBuster
O43 - CFD: 28.12.2012 - 22:55:06 - [0.001] ----D C:\Users\Damien\AppData\Local\Realmware
O43 - CFD: 06.01.2013 - 04:20:38 - [3.779] ----D C:\Users\Damien\AppData\Local\Rockstar Games
O43 - CFD: 23.12.2012 - 11:09:46 - [0.500] ----D C:\Users\Damien\AppData\Local\SKIDROW
O43 - CFD: 09.01.2013 - 19:55:44 - [429.522] ----D C:\Users\Damien\AppData\Local\Temp
O43 - CFD: 20.09.2012 - 12:05:57 - [0] ----D C:\Users\Damien\AppData\Local\Temporary Internet Files
O43 - CFD: 02.11.2012 - 15:06:32 - [0.305] ----D C:\Users\Damien\AppData\Local\theHunter
O43 - CFD: 30.10.2012 - 15:48:51 - [0.001] ----D C:\Users\Damien\AppData\Local\Tukui
O43 - CFD: 02.01.2013 - 00:52:54 - [0.001] ----D C:\Users\Damien\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 02.01.2013 - 01:11:17 - [0.208] ----D C:\Users\Damien\AppData\Local\Unity
O43 - CFD: 03.11.2012 - 16:50:43 - [0.003] ----D C:\Users\Damien\AppData\Local\VirtualStore
O43 - CFD: 10.11.2012 - 15:00:36 - [0.054] ----D C:\Users\Damien\AppData\Local\Wajam
O43 - CFD: 11.10.2012 - 15:58:48 - [0.001] ----D C:\Users\Damien\AppData\Local\WebDKPSync
O43 - CFD: 23.11.2012 - 21:52:38 - [0.000] R---D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 08.01.2013 - 02:20:08 - [0.001] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
O43 - CFD: 14.12.2012 - 15:34:34 - [0.001] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
O43 - CFD: 04.11.2012 - 15:22:33 - [0.000] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
O43 - CFD: 07.11.2012 - 00:44:55 - [0.000] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 07.01.2013 - 18:06:07 - [0] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 02.11.2012 - 14:05:10 - [0.001] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\theHunter
O43 - CFD: 21.12.2012 - 18:05:18 - [0.004] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
O43 - CFD: 10.11.2012 - 15:00:39 - [0.001] ----D C:\Users\Damien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
~ Scan Program Folder in 00mn 01s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.C6EEB574F26C0AA814C54ED5B6128345] - 09.01.2013 - 19:42:36 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1703991]
O44 - LFC:[MD5.C452E1B9AFA4D928467C47360440A38D] - 09.01.2013 - 18:55:35  . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\perfc009.dat   [44544]
O44 - LFC:[MD5.52313AB987FC608E969EE5C0D069BD9F] - 09.01.2013 - 18:55:35  . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\perfc00C.dat   [44544]
O44 - LFC:[MD5.BC28A95D4756680940DC8D84AB286344] - 09.01.2013 - 18:55:35  . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\perfh009.dat   [44544]
O44 - LFC:[MD5.B23C3C50EEA3E620AE795B57D88C1EF2] - 09.01.2013 - 18:55:35  . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\perfh00C.dat   [44544]
O44 - LFC:[MD5.F63D28280EE2B2C17DD31538B105F7A2] - 09.01.2013 - 18:55:35 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI   [1661710]
O44 - LFC:[MD5.C452E1B9AFA4D928467C47360440A38D] - 09.01.2013 - 18:55:35 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat   [120870]
O44 - LFC:[MD5.52313AB987FC608E969EE5C0D069BD9F] - 09.01.2013 - 18:55:35 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat   [148574]
O44 - LFC:[MD5.BC28A95D4756680940DC8D84AB286344] - 09.01.2013 - 18:55:35 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat   [651938]
O44 - LFC:[MD5.B23C3C50EEA3E620AE795B57D88C1EF2] - 09.01.2013 - 18:55:35 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat   [745056]
O44 - LFC:[MD5.F63D28280EE2B2C17DD31538B105F7A2] - 09.01.2013 - 18:55:35 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1661710]
O44 - LFC:[MD5.E537D44310D23B43D7025C109401C861] - 09.01.2013 - 18:49:39 ---A- . (...) -- C:\Windows\setupact.log   [53219]
O44 - LFC:[MD5.A70145B0FF6629CBA86DF3FC815B6186] - 09.01.2013 - 18:49:39 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.549748A599ED48986C170073481DFF77] - 09.01.2013 - 15:40:56  . (.Microsoft - Système de classement ESRB.) -- C:\Windows\System32\FNTCACHE.DAT   [51712]
O44 - LFC:[MD5.549748A599ED48986C170073481DFF77] - 09.01.2013 - 15:40:56 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT   [4845296]
O44 - LFC:[MD5.8ACC1EFC15C4EA1243FF0A48B397BCC1] - 09.01.2013 - 15:17:01  . (...) -- C:\Windows\System32\MRT.exe   [420064]
O44 - LFC:[MD5.C4B0793E4B97AA36A2A8C81A7AA1979A] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\SysNative\pegibbfc.rs   [44544]
O44 - LFC:[MD5.C4B0793E4B97AA36A2A8C81A7AA1979A] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classement PEGI/BBFC.) -- C:\Windows\System32\pegibbfc.rs   [44544]
O44 - LFC:[MD5.5C48A43FC30FC61ECB1335DC646686BC] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classement USK.) -- C:\Windows\SysNative\usk.rs   [30720]
O44 - LFC:[MD5.5C48A43FC30FC61ECB1335DC646686BC] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classement USK.) -- C:\Windows\System32\usk.rs   [30720]
O44 - LFC:[MD5.A2E0F1E01A0983E9C94565BBEC862BF7] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification COB-AU.) -- C:\Windows\SysNative\cob-au.rs   [40960]
O44 - LFC:[MD5.A2E0F1E01A0983E9C94565BBEC862BF7] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification COB-AU.) -- C:\Windows\System32\cob-au.rs   [40960]
O44 - LFC:[MD5.65A8302C7551CFE45FAA2BC085C9E7E2] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification DJCTQ.) -- C:\Windows\SysNative\djctq.rs   [15360]
O44 - LFC:[MD5.65A8302C7551CFE45FAA2BC085C9E7E2] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification DJCTQ.) -- C:\Windows\System32\djctq.rs   [15360]
O44 - LFC:[MD5.54B11BB2AFBC3D5EBA9C96F0C1820B9B] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification FPB.) -- C:\Windows\SysNative\fpb.rs   [46592]
O44 - LFC:[MD5.54B11BB2AFBC3D5EBA9C96F0C1820B9B] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification FPB.) -- C:\Windows\System32\fpb.rs   [46592]
O44 - LFC:[MD5.997938D423CE830161CB6059434E3C9F] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification OFLC-NZ.) -- C:\Windows\SysNative\oflc-nz.rs   [45568]
O44 - LFC:[MD5.997938D423CE830161CB6059434E3C9F] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de classification OFLC-NZ.) -- C:\Windows\System32\oflc-nz.rs   [45568]
O44 - LFC:[MD5.EBB73E4E8CA01089CF74ECE506EB7607] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de notation CSRR.) -- C:\Windows\SysNative\csrr.rs   [43520]
O44 - LFC:[MD5.EBB73E4E8CA01089CF74ECE506EB7607] - 09.01.2013 - 14:54:58 ---A- . (.Microsoft - Système de notation CSRR.) -- C:\Windows\System32\csrr.rs   [43520]
O44 - LFC:[MD5.D0C01412FBF59C1C25630C49F0C1B803] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement CERO.) -- C:\Windows\SysNative\cero.rs   [55296]
O44 - LFC:[MD5.D0C01412FBF59C1C25630C49F0C1B803] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement CERO.) -- C:\Windows\System32\cero.rs   [55296]
O44 - LFC:[MD5.51D25C805A01A2C4F930F9720CF51FFE] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement ESRB.) -- C:\Windows\SysNative\esrb.rs   [51712]
O44 - LFC:[MD5.51D25C805A01A2C4F930F9720CF51FFE] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement ESRB.) -- C:\Windows\System32\esrb.rs   [51712]
O44 - LFC:[MD5.4489D5D2CB4BA0799F3FB4625DE181CF] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement GRB.) -- C:\Windows\SysNative\grb.rs   [21504]
O44 - LFC:[MD5.4489D5D2CB4BA0799F3FB4625DE181CF] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement GRB.) -- C:\Windows\System32\grb.rs   [21504]
O44 - LFC:[MD5.4773EB5962548068547214A620E9ACC3] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement OFLC.) -- C:\Windows\SysNative\oflc.rs   [23552]
O44 - LFC:[MD5.4773EB5962548068547214A620E9ACC3] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement OFLC.) -- C:\Windows\System32\oflc.rs   [23552]
O44 - LFC:[MD5.6D540AF9B183FC97DC4CC54369561548] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement PEGI au Portugal.) -- C:\Windows\SysNative\pegi-pt.rs   [20480]
O44 - LFC:[MD5.6D540AF9B183FC97DC4CC54369561548] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement PEGI au Portugal.) -- C:\Windows\System32\pegi-pt.rs   [20480]
O44 - LFC:[MD5.9BB05674E013C35F4DAED51F5015355D] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement PEGI en Finlande.) -- C:\Windows\SysNative\pegi-fi.rs   [20480]
O44 - LFC:[MD5.9BB05674E013C35F4DAED51F5015355D] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement PEGI en Finlande.) -- C:\Windows\System32\pegi-fi.rs   [20480]
O44 - LFC:[MD5.661AE5EAC62C4598DD01795CEB915BAE] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement PEGI.) -- C:\Windows\SysNative\pegi.rs   [20480]
O44 - LFC:[MD5.661AE5EAC62C4598DD01795CEB915BAE] - 09.01.2013 - 14:54:57 ---A- . (.Microsoft - Système de classement PEGI.) -- C:\Windows\System32\pegi.rs   [20480]
O44 - LFC:[MD5.1BCDB508143B517F21BBDAC10F5777BF] - 09.01.2013 - 14:54:49  . (.Microsoft - Système de classification COB-AU.) -- C:\Windows\System32\conhost.exe   [40960]
O44 - LFC:[MD5.61DB428415B8F3E2EF91107185BD83BD] - 06.01.2013 - 04:20:04 ---A- . (...) -- C:\Windows\DirectX.log   [184927]
O44 - LFC:[MD5.74642EB7F8691C23ADC980EAE43C7D04] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - .) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll   [108008]
O44 - LFC:[MD5.CB32B57003EC2B07070BEE32059C4F64] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll   [959976]
O44 - LFC:[MD5.AAF7C6AD7D7AB54018A514B6C2F8CC8A] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\java.exe   [188392]
O44 - LFC:[MD5.CD1A1CFE578B04369E31C4141B26F96E] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\javaw.exe   [188392]
O44 - LFC:[MD5.CB32B57003EC2B07070BEE32059C4F64] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll   [959976]
O44 - LFC:[MD5.E572D74385CD1E6B9ACC9110FA1781DC] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe   [308200]
O44 - LFC:[MD5.B68FC7C0DCC5B99FA1E7D85B357DAC1F] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\SysNative\npDeployJava1.dll   [1081320]
O44 - LFC:[MD5.B68FC7C0DCC5B99FA1E7D85B357DAC1F] - 04.01.2013 - 23:26:13 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll   [1081320]
O44 - LFC:[MD5.843F4E49A11D594988CC9B49EFFFBB3D] - 01.01.2013 - 03:10:38 ---A- . (...) -- C:\Windows\PFRO.log   [765692]
O44 - LFC:[MD5.2ED72B3F76C9368ABC01464DA64DB7AE] - 16.12.2012 - 18:11:22 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll   [46080]
O44 - LFC:[MD5.2ED72B3F76C9368ABC01464DA64DB7AE] - 16.12.2012 - 18:11:22 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll   [46080]
O44 - LFC:[MD5.CB2ABB2DA1E9C977302A78D86D4AE3B0] - 16.12.2012 - 15:45:03 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll   [367616]
O44 - LFC:[MD5.CB2ABB2DA1E9C977302A78D86D4AE3B0] - 16.12.2012 - 15:45:03 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll   [367616]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30.11.2012 - 00:15:43 ---A- . (...) -- C:\Windows\SysNative\locale.nls   [420064]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30.11.2012 - 00:15:43 ---A- . (...) -- C:\Windows\System32\locale.nls   [420064]
O44 - LFC:[MD5.523B9B64F2B6C630A2E0A87116C05F12] - 23.11.2012 - 04:26:31  . (...) -- C:\Windows\System32\win32k.sys   [53904]
O44 - LFC:[MD5.685527DA09EBFB681E98C515978BDEE2] - 24.08.2012 - 19:03:09  . (...) -- C:\Windows\System32\lsasrv.dll   [420064]
O44 - LFC:[MD5.8F69EE5E0EB0779DC3E90DFD8D8E8683] - 23.08.2012 - 10:51:57  . (...) -- C:\Windows\System32\rdpcorets.dll   [1661710]
O44 - LFC:[MD5.45D4B35B1561E1E2248C88E560A85D71] - 17.06.2010 - 17:40:50 ---A- . (...) -- C:\Windows\SysNative\wbload.dll   [53904]
O44 - LFC:[MD5.45D4B35B1561E1E2248C88E560A85D71] - 17.06.2010 - 17:40:50 ---A- . (...) -- C:\Windows\System32\wbload.dll   [53904]
~ Scan Files in 00mn 03s



---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s



---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (MPKS) (O51) (None)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\AdobeCS5ServiceManager  [Key] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite  [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O53 - SMSR:HKLM\...\startupreg\EPSON SX110 Series  [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.exe
O53 - SMSR:HKLM\...\startupreg\ROC_ROC_NT  [Key] . (...) -- C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe
O53 - SMSR:HKLM\...\startupreg\Skype  [Key] . (...) -- C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\StartCCC  [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O53 - SMSR:HKLM\...\startupreg\Steam  [Key] . (.Valve Corporation - Steam.) -- E:\Steam\Steam.exe
O53 - SMSR:HKLM\...\startupreg\SwitchBoard  [Key] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O53 - SMSR:HKLM\...\startupreg\vProt  [Key] . (. - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
~ Scan SMSR Keys in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14.07.2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] - 02.04.2009 - 13:30:14 ---A- . (...) -- C:\Windows\SysWOW64\drivers\ASUSHWIO.SYS   [10296]
~ Scan Drivers in 00mn 00s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.32 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 28.09.2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag)  .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 22.10.2012 - C:\Windows\System32\DRIVERS\avgidsdrivera.sys (AVGIDSDriver)  .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver..) - LEGACY_AVGIDSDRIVER
O64 - Services: CurCS - 15.10.2012 - C:\Windows\System32\DRIVERS\avgidsha.sys (AVGIDSHA)  .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHA
O64 - Services: CurCS - 02.10.2012 - C:\Windows\System32\DRIVERS\avgldx64.sys (Avgldx64)  .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX64
O64 - Services: CurCS - 21.09.2012 - C:\Windows\System32\DRIVERS\avgloga.sys (Avgloga)  .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGA
O64 - Services: CurCS - 05.10.2012 - C:\Windows\System32\DRIVERS\avgmfx64.sys (Avgmfx64)  .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX64
O64 - Services: CurCS - 14.09.2012 - C:\Windows\System32\DRIVERS\avgrkx64.sys (Avgrkx64)  .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX64
O64 - Services: CurCS - 21.09.2012 - C:\Windows\System32\DRIVERS\avgtdia.sys (Avgtdia)  .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIA
O64 - Services: CurCS - 26.12.2012 - C:\Windows\system32\drivers\avgtpx64.sys (avgtp)  .(.AVG Technologies - .) - LEGACY_AVGTP
O64 - Services: CurCS - 21.07.2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (driverhardwarev2x64)  .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64
O64 - Services: CurCS - 30.12.1899 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("avg.install.newtab", false);
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.admin", false);
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.aflt", "babsst");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.dfltLng", "en");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.excTlbr", false);
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.id", "849c6cd500000000000010bf48bce869");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.instlDay", "15688");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.instlRef", "sst");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.rvrt", "false");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.tlbrId", "base");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=849c6cd500000000000010bf48bce8[...]
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.4.9");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.4.9");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar_i.babExt", "");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113357&tt=5012_2");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar_i.excTlbr", false);
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar_i.newTab", false);
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.4.915:34:29");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.crossrider.bic", "13aa3ea0dc381f3a6a1e483b1cac0c74");
O69 - SBI: prefs.js [Damien - 31jy3jpe.default] user_pref("extensions.crossriderapp21810.adsOldValue", 14);
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://isearch.avg.com
~ Scan Keys in 00mn 00s



---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Scan Services in 00mn 00s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.08B04D5673C9283D3DBDBC4F845F049A] [SPRF][20.09.2012] (.AVG Technologies CZ, s.r.o. - AVG UID module.) -- C:\Users\Damien\AppData\Local\Temp\avguidx.dll   [255072]
[MD5.AAB7AC8D97F195CF8282901C6B6D8AF8] [SPRF][20.09.2012] (. - CommonInstaller Application.) -- C:\Users\Damien\AppData\Local\Temp\CommonInstaller.exe   [4720736]
[MD5.251940E083E8DE21B1A65940A49ACA28] [SPRF][06.01.2013] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Damien\AppData\Local\Temp\drm_dyndata_7370014.dll   [204800]
[MD5.3E9B2A232E90FA98DFE3F0866E201883] [SPRF][08.01.2013] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Damien\AppData\Local\Temp\drm_dyndata_7380014.dll   [204800]
[MD5.04C560F55611F8383166A456D2CECE2C] [SPRF][29.09.2012] (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller 11.4 r402.) -- C:\Users\Damien\AppData\Local\Temp\fp_pl_pfs_installer.exe   [10213296]
[MD5.F2F5E2EBE8944E2F5AA8C87F4850658A] [SPRF][14.12.2012] (. - IncrediMail Installer.) -- C:\Users\Damien\AppData\Local\Temp\incredibar_install.exe   [474992]
[MD5.F4F883EAF7F7413A085D9868511AF8A9] [SPRF][07.01.2013] (...) -- C:\Users\Damien\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.5-R1.0-b2543jnks.dll   [17408]
[MD5.F4F883EAF7F7413A085D9868511AF8A9] [SPRF][07.01.2013] (...) -- C:\Users\Damien\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.6-R0.3-b2586jnks.dll   [17408]
[MD5.8062BB041661275E2CC7C699521FF4D7] [SPRF][29.09.2012] (.Logitech - .) -- C:\Users\Damien\AppData\Local\Temp\lgps_lgps.exe   [19481616]
[MD5.3FE0471F53F5F13170A8C7C5266E1A04] [SPRF][27.09.2011] (...) -- C:\Users\Damien\AppData\Local\Temp\LMkRstPt.exe   [101144]
[MD5.CA77CD09F52149CB33FC117396087EBE] [SPRF][20.09.2012] (. - MachineIdCreator Application.) -- C:\Users\Damien\AppData\Local\Temp\MachineIdCreator.exe   [163936]
[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [SPRF][28.10.2012] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\Damien\AppData\Local\Temp\mgsqlite3.dll   [393016]
[MD5.A455E465CD4D710DC9B5ED2B8F9C0B0C] [SPRF][20.09.2012] (. - IntToolbarInstaller Application.) -- C:\Users\Damien\AppData\Local\Temp\oi_{FF67DEBD-0A6E-40CA-96F6-6026AFB4C391}.exe   [12143200]
[MD5.D9DA3FDE1AEE64CEE57D4C57A538A53B] [SPRF][28.10.2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\Damien\AppData\Local\Temp\Shortcut_sweetim_2210-1be9878d.exe   [7739736]
[MD5.EBC6CE2D14774A39878696DDCC48A611] [SPRF][14.11.2012] (.SweetIM Technologies Ltd. - SweetPacks Browser Updater.) -- C:\Users\Damien\AppData\Local\Temp\simbo.exe   [1150808]
[MD5.C6D792E4583FC46DB0953FBF6E46348A] [SPRF][28.10.2012] (.SweetIM Technologies Lt - This installer.) -- C:\Users\Damien\AppData\Local\Temp\SIMEEI2Installer.exe   [2962432]
[MD5.7704B843006444B69486FD27D4660845] [SPRF][28.10.2012] (.SweetIM Technologies Lt - This installer.) -- C:\Users\Damien\AppData\Local\Temp\SIMEEIInstaller.exe   [3380216]
[MD5.F467645711172ECA7FCE253824A09179] [SPRF][03.11.2011] (...) -- C:\Users\Damien\AppData\Local\Temp\sonarinst.exe   [1786688]
[MD5.E3E294B6876F636A41C8A1D325280254] [SPRF][20.09.2012] (. - ToolbarInstaller.) -- C:\Users\Damien\AppData\Local\Temp\ToolbarInstaller.exe   [8212064]
[MD5.065B1CE95FDC5B95AC39E4FE7B4ABF12] [SPRF][04.01.2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Damien\AppData\Local\Temp\uninst1.exe   [378008]
[MD5.F9A091FDD1C96FD0BC9AC8C6EF7F362E] [SPRF][24.11.2012] (...) -- C:\Users\Damien\AppData\Local\Temp\utt8A63.tmp.bat   [53]
[MD5.E03F2F24BCA457A35E1E26732AFE4A2F] [SPRF][09.11.2012] (...) -- C:\Users\Damien\AppData\Local\Temp\vlc-2.0.4-win32.exe   [22912657]
[MD5.AC23C732F2B4EDA487E0D07AB821C617] [SPRF][04.10.2012] (...) -- C:\Users\Damien\AppData\Local\Temp\vy0x3xq3.dll   [140800]
[MD5.91426C831971CD78196B3C4BB0A9E9B5] [SPRF][10.11.2012] (...) -- C:\Users\Damien\AppData\Local\Temp\wajam_install.exe   [417088]
[MD5.887173F53072CD2D238014F4199B35CF] [SPRF][05.05.2010] (...) -- C:\Users\Damien\AppData\Local\Temp\xmlUpdater.exe   [118784]
[MD5.AE7E0C99C5BC7D28325C0CD7885C851F] [SPRF][24.10.2012] (.Yontoo LLC - Installer.) -- C:\Users\Damien\AppData\Local\Temp\YontooSetup-S.exe   [1062504]
[MD5.D9D00D5F6FE341CF91C0787BAA6D1AC1] [SPRF][04.10.2012] (...) -- C:\Users\Damien\AppData\Local\Temp\zklxci1u.dll   [3584]
[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [SPRF][23.06.2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Damien\AppData\Local\Temp\_is1879.exe   [455600]
[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [SPRF][26.05.2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Damien\AppData\Local\Temp\_is7A57.exe   [455600]
[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [SPRF][24.05.2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Damien\AppData\Local\Temp\_isE6D6.exe   [455600]
[MD5.BAFEE8DD8F4BB21BFD3E7D073A1C0EDF] [SPRF][02.11.2012] (...) -- C:\Users\Damien\AppData\Roaming\TheHunterSettings_live.bin   [11866]
[MD5.C25A31B29E74B02FBB296956D750A7EC] [SPRF][20.09.2012] (...) -- C:\Users\Damien\Desktop\pbsetup.exe   [2211840]
~ Scan Files in 00mn 05s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{08576EB9-0D93-4043-B2BF-A79A7063C845}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Installer Application.) -- C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
O87 - FAEL: "{3A5F286D-B9C3-46DA-8295-C5E94FF2BBC6}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Installer Application.) -- C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
O87 - FAEL: "{B4653D14-8932-4EDF-9AA3-F6E62078417F}" |In - Private - P6 - TRUE | .(...) -- E:\World of Warcraft\Launcher.exe (.not file.)
O87 - FAEL: "{F92560DE-83BF-4ADB-8C41-9598FFE09C5F}" |In - Private - P17 - TRUE | .(...) -- E:\World of Warcraft\Launcher.exe (.not file.)
O87 - FAEL: "{7AC714EB-31F5-49DD-AD18-D92906ED06C3}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Blizzard Downloader.) -- E:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
O87 - FAEL: "{161F092F-3130-412E-AA51-307361E72684}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Blizzard Downloader.) -- E:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
O87 - FAEL: "{F2CE3706-B1CD-4140-97CA-A0D81AB0BE49}" |In - Private - P6 - TRUE | .(...) -- E:\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "{3893AB77-0852-4275-A3C9-A411000E559E}" |In - Private - P17 - TRUE | .(...) -- E:\World of Warcraft\Launcher.patch.exe (.not file.)
O87 - FAEL: "TCP Query User{36782695-E17F-4B7A-97F4-A65C329CA7EE}E:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" |In - Private - P6 - TRUE | .(...) -- E:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe (.not file.)
O87 - FAEL: "UDP Query User{D13957B5-10E0-48B0-A926-05AF1374057E}E:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" |In - Private - P17 - TRUE | .(...) -- E:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe (.not file.)
O87 - FAEL: "{FE9222FD-B266-4549-86FF-B1CCC2CE63C9}" |In - Private - P6 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe (.not file.)
O87 - FAEL: "{97BCF344-2307-4C8C-8570-B4167EFE4B2E}" |In - Private - P17 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe (.not file.)
O87 - FAEL: "{0499201D-CE3E-49C6-BE87-75FA778E6D1F}" |In - Private - P6 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe (.not file.)
O87 - FAEL: "{E1F81A31-54CF-4680-84CA-9CF7CDA0CF2B}" |In - Private - P17 - TRUE | .(...) -- C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe (.not file.)
O87 - FAEL: "{44A4662F-A92E-4EE2-A81A-27F12C7E0C92}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{A0118050-BBFC-4724-9BDF-486A8C30B17A}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{D0BB6B46-251D-4769-8880-B28AD8C072F7}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{56A1E866-3D23-4FC9-B5A8-855803950C20}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{4AE07DED-3273-4C59-A92B-FEEFD0A09F66}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- E:\Steam\Steam.exe
O87 - FAEL: "{D9C2FB2F-BBA3-42DB-8928-4E878AC1A850}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- E:\Steam\Steam.exe
O87 - FAEL: "{266C1554-38B8-40AC-9A56-10D4BCC4B195}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
O87 - FAEL: "{47B7D641-4044-4EB8-A4C3-E70A64D833EE}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
O87 - FAEL: "{A282056F-8407-4DB5-8985-37E67498EE88}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Skype\Phone\Skype.exe (.not file.)
O87 - FAEL: "{B51F9CF1-A0C9-426C-A799-12057D4C7D41}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{C72F2638-9185-4E18-A0CF-E27669095584}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O87 - FAEL: "{311EDAD2-10BB-4B18-B94D-0FEB81C283B9}" | In - Private - P6 - TRUE | .(.EA Digital Illusions CE AB - Battlefield 3™.) -- E:\Origin Games\Battlefield 3\bf3.exe
O87 - FAEL: "{A0C65FF9-393C-4BE6-9E62-EE486B66C89C}" | In - Private - P17 - TRUE | .(.EA Digital Illusions CE AB - Battlefield 3™.) -- E:\Origin Games\Battlefield 3\bf3.exe
O87 - FAEL: "{8905A4A8-4057-40F1-A51C-5C8883EA2195}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O87 - FAEL: "{A1C74070-758C-4EB7-AB85-6B2CA562830E}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O87 - FAEL: "{41024D92-1373-4D04-8C53-4BFCA4F134CA}" | In - Public - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
O87 - FAEL: "{CE280771-8C04-43CC-9BE7-CA2E10736DB0}" | In - Public - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
O87 - FAEL: "TCP Query User{2A6F982A-20E9-40F9-A9CF-07F7E803F5D5}E:\program files (x86)\thehunter\launcher\launcher.exe" |In - Private - P6 - TRUE | .(...) -- E:\program files (x86)\thehunter\launcher\launcher.exe (.not file.)
O87 - FAEL: "UDP Query User{BDBF6314-E1F7-4C96-A871-CD7594B54E1E}E:\program files (x86)\thehunter\launcher\launcher.exe" |In - Private - P17 - TRUE | .(...) -- E:\program files (x86)\thehunter\launcher\launcher.exe (.not file.)
O87 - FAEL: "TCP Query User{398B470A-CEBE-455F-A5B9-51A58BE5FD8F}E:\thehunter\launcher\launcher.exe" | In - Private - P6 - TRUE | .(.Expansive Worlds - theHunter Launcher.) -- E:\thehunter\launcher\launcher.exe
O87 - FAEL: "UDP Query User{9F2ECB0A-D047-46D4-BF43-5DEB6F5EFFDD}E:\thehunter\launcher\launcher.exe" | In - Private - P17 - TRUE | .(.Expansive Worlds - theHunter Launcher.) -- E:\thehunter\launcher\launcher.exe
O87 - FAEL: "{AF44B7CD-E10A-4AC9-9CD4-DDD3431DC571}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe
O87 - FAEL: "{2C05C7AF-81E7-49FE-A447-B038D6F3B978}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe
O87 - FAEL: "{66B7A432-505D-4907-8A74-2F6D353FF377}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.)
O87 - FAEL: "{BFC6D9D2-66CC-47AB-8D7C-C060735C84ED}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.)
O87 - FAEL: "TCP Query User{3E09BACA-4C97-4876-982A-2C3377BCD113}D:\program files (x86)\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- D:\program files (x86)\utorrent\utorrent.exe
O87 - FAEL: "UDP Query User{48D6AB46-567A-4E15-9362-9611D734D23D}D:\program files (x86)\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- D:\program files (x86)\utorrent\utorrent.exe
O87 - FAEL: "TCP Query User{87AE11D5-91A6-44B0-832A-6518AC5E7189}D:\program files (x86)\skype\phone\skype.exe" | In - Private - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- D:\program files (x86)\skype\phone\skype.exe
O87 - FAEL: "UDP Query User{AEA0A940-91C2-4371-85E4-A6ABFF139B7C}D:\program files (x86)\skype\phone\skype.exe" | In - Private - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- D:\program files (x86)\skype\phone\skype.exe
O87 - FAEL: "{0C2A3EA6-4711-4AB9-B806-B5E1751A75EB}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
O87 - FAEL: "{A74E45B8-8012-44C1-B7EC-A665388F7C41}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Online Shield Service.) -- C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
O87 - FAEL: "{503C3D63-BC16-4AC3-82A1-A3BA9EDCE563}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Diagnostics.) -- C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
O87 - FAEL: "{15995C81-222B-45AC-A233-CA310C476E0B}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG Diagnostics.) -- C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
O87 - FAEL: "{04CACF8D-D770-4439-B10C-9294008AABB6}" | In - Private - P6 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG E-mail Scanner.) -- C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
O87 - FAEL: "{2B6C34BE-A735-4195-A72D-2685A7DD22C2}" | In - Private - P17 - TRUE | .(.AVG Technologies CZ, s.r.o. - AVG E-mail Scanner.) -- C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
O87 - FAEL: "{C5161EB7-258B-4968-A794-4F81296C6110}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
O87 - FAEL: "{22E1872C-7EB1-48D5-9CA6-2708DFB7A91E}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Battle.net Update Agent.) -- C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
O87 - FAEL: "{3BB29982-F7AF-461F-BA0C-B97F3E5684E8}" | In - Private - P6 - FALSE | .(. - IncrediMail Installer.) -- C:\Users\Damien\AppData\Local\Temp\incredibar_install.exe
O87 - FAEL: "{81F4D2FA-206C-494A-9117-1E284B8737A7}" | In - Private - P17 - FALSE | .(. - IncrediMail Installer.) -- C:\Users\Damien\AppData\Local\Temp\incredibar_install.exe
O87 - FAEL: "TCP Query User{F766EFDF-10D0-4DFB-801B-3884E74D5465}E:\need for speed most wanted\nfs13.exe" | In - Private - P6 - TRUE | .(.Electronic Arts - Need for Speed™ Most Wanted.) -- E:\need for speed most wanted\nfs13.exe
O87 - FAEL: "UDP Query User{61CC5D54-6B48-4CA8-BD0A-0C66B99DDA4C}E:\need for speed most wanted\nfs13.exe" | In - Private - P17 - TRUE | .(.Electronic Arts - Need for Speed™ Most Wanted.) -- E:\need for speed most wanted\nfs13.exe
O87 - FAEL: "{CC00FDE4-C77C-4124-8CD1-223C295220D1}" | In - Private - P6 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
O87 - FAEL: "{C7CD058E-E9D7-4272-B50A-485F8D0E788B}" | In - Private - P17 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
O87 - FAEL: "TCP Query User{DB3C2FEA-B371-4102-A5F6-891B7A229485}C:\users\damien\appdata\local\apps\2.0\w6w9ta70.wd6\4c9pvyh5.9hk\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" | In - Private - P6 - TRUE | .(.Ubisoft.) -- C:\users\d
O87 - FAEL: "UDP Query User{62C6F03A-B5AC-46E9-A8F1-13238D0D5A66}C:\users\damien\appdata\local\apps\2.0\w6w9ta70.wd6\4c9pvyh5.9hk\laun...app_59711684aa47878d_0001.001d_82c2447510b53390\launcher.exe" | In - Private - P17 - TRUE | .(.Ubisoft.) -- C:\users\
O87 - FAEL: "TCP Query User{F413B7EF-1DAB-45D9-9B3F-42AD35DB7AA8}E:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" | In - Private - P6 - TRUE | .(. - GRO Client.) -- E:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe
O87 - FAEL: "UDP Query User{98CBE537-6FD5-4E3E-A15B-FD484FBA21F6}E:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe" | In - Private - P17 - TRUE | .(. - GRO Client.) -- E:\ubisoft\ghost recon online\pdc-live\ghostrecononline.exe
O87 - FAEL: "{BC510CCD-894D-4E96-B82E-54B1116EC852}" | In - Private - P6 - TRUE | .(...) -- E:\Assassin's Creed III\AC3SP.exe
O87 - FAEL: "{3C37E98F-7933-4799-B69B-6E4EED874C8B}" | In - Private - P17 - TRUE | .(...) -- E:\Assassin's Creed III\AC3SP.exe
O87 - FAEL: "{317117C4-2FC6-4CD3-BEB2-2C6D17AB6E97}" | In - Private - P6 - TRUE | .(...) -- E:\Assassin's Creed III\AC3MP.exe
O87 - FAEL: "{4581F924-5CCA-470D-83B3-8E3DA58319D5}" | In - Private - P17 - TRUE | .(...) -- E:\Assassin's Creed III\AC3MP.exe
O87 - FAEL: "{FD5EF707-1BC0-4A8B-8EDF-284D1EB5503C}" | In - Private - P6 - TRUE | .(.Ubisoft - Autopatch system.) -- E:\Assassin's Creed III\AssassinsCreed3.exe
O87 - FAEL: "{4624AB16-DBD5-4868-9A96-020DFE332521}" | In - Private - P17 - TRUE | .(.Ubisoft - Autopatch system.) -- E:\Assassin's Creed III\AssassinsCreed3.exe
O87 - FAEL: "{974421BC-CE53-4D0F-8EFF-A4C14C84CD82}" | In - Private - P6 - TRUE | .(.THQ Inc. - Saints Row®:  The Third™.) -- E:\Steam\SteamApps\common\saints row the third\game_launcher.exe
O87 - FAEL: "{05A735CF-67EE-4F4F-8E0B-36A945DC3F8B}" | In - Private - P17 - TRUE | .(.THQ Inc. - Saints Row®:  The Third™.) -- E:\Steam\SteamApps\common\saints row the third\game_launcher.exe
O87 - FAEL: "{F6046FDD-A40F-40E8-ABE9-DCCC5EB2EC37}" | In - Private - P6 - TRUE | .(.Blizzard Entertainment - Diablo III Retail.) -- E:\Diablo III\Diablo III.exe
O87 - FAEL: "{9AA54F82-1221-47ED-BD01-0752D95427EA}" | In - Private - P17 - TRUE | .(.Blizzard Entertainment - Diablo III Retail.) -- E:\Diablo III\Diablo III.exe
O87 - FAEL: "TCP Query User{D4855BE4-241C-4F7F-8396-E48927C84107}E:\the war z\warz.exe" |In - Private - P6 - TRUE | .(...) -- E:\the war z\warz.exe (.not file.)
O87 - FAEL: "UDP Query User{FB796971-DE70-40AD-903E-6A35A0494612}E:\the war z\warz.exe" |In - Private - P17 - TRUE | .(...) -- E:\the war z\warz.exe (.not file.)
O87 - FAEL: "{C89CF950-28A3-479B-855B-6FD16C399F8E}" | In - Private - P6 - TRUE | .(.Ubisoft - Autopatch system.) -- E:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
O87 - FAEL: "{AED1E406-1A30-4994-9723-2A8E16DC5E38}" | In - Private - P17 - TRUE | .(.Ubisoft - Autopatch system.) -- E:\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
O87 - FAEL: "{875954E2-EAFC-4F2A-9D0E-CAE38F7BBA61}" | In - Private - P6 - TRUE | .(.Ubisoft Entertainment - Far Cry 3.) -- E:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
O87 - FAEL: "{4E0621B8-1200-4C40-9E00-134AE52C0724}" | In - Private - P17 - TRUE | .(.Ubisoft Entertainment - Far Cry 3.) -- E:\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
O87 - FAEL: "{1B057D67-9FA4-48CF-94BD-97C508E62074}" | In - Private - P6 - TRUE | .(.Ubisoft Entertainment - Far Cry 3.) -- E:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
O87 - FAEL: "{C4B449E9-4DC9-482B-80A3-5988CF062C5A}" | In - Private - P17 - TRUE | .(.Ubisoft Entertainment - Far Cry 3.) -- E:\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
O87 - FAEL: "{59DD192F-AA7D-46A8-A836-29376BA9A302}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{393701B7-E02F-4640-B763-552CF4DB8C00}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe
O87 - FAEL: "{CC2C5141-BE18-4EBD-8523-E43F0F4DF6C1}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{DE82B23A-9E58-4D05-B781-F46B65C38932}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe
O87 - FAEL: "{7AE95C10-213D-45E4-9607-A860CBE1EEBB}" | In - Private - P6 - TRUE | .(.Bohemia Interactive - ArmA 2 OA.) -- E:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
O87 - FAEL: "{F91A6A48-6A28-4C7F-B9A3-BDBD2384E12F}" | In - Private - P17 - TRUE | .(.Bohemia Interactive - ArmA 2 OA.) -- E:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
O87 - FAEL: "{70797F8E-4AF7-4C9D-976D-EAF6FBED10A8}" | In - Private - P6 - TRUE | .(. - Setup.) -- E:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
O87 - FAEL: "{AB94B337-395E-4748-A8F6-78E52E0612EC}" | In - Private - P17 - TRUE | .(. - Setup.) -- E:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
O87 - FAEL: "TCP Query User{6E5749C8-B48C-44AA-85A1-C7E220D42A33}C:\program files (x86)\java\jre7\bin\javaw.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\java\jre7\bin\javaw.exe (.not file.)
O87 - FAEL: "UDP Query User{7BCFD413-91D0-4717-8385-5B049CFE8BC5}C:\program files (x86)\java\jre7\bin\javaw.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\java\jre7\bin\javaw.exe (.not file.)
O87 - FAEL: "{8459BA26-21A5-4DA0-B7A0-D7E94F14BD83}" | In - Private - P6 - TRUE | .(.Electronic Arts - FIFA 13.) -- E:\FIFA 13\Game\fifa13.exe
O87 - FAEL: "{6ECFD2E9-BD2F-47F0-AB4A-CED15CB6BE51}" | In - Private - P17 - TRUE | .(.Electronic Arts - FIFA 13.) -- E:\FIFA 13\Game\fifa13.exe
O87 - FAEL: "TCP Query User{A621DBA5-B07F-4F03-98D0-B7A87FA5E45F}C:\program files\java\jre7\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\javaw.exe
O87 - FAEL: "UDP Query User{7FC7FA5E-403B-4388-8B87-05DAADF632D8}C:\program files\java\jre7\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\javaw.exe
O87 - FAEL: "TCP Query User{8A50C1D8-7407-44F7-953C-FCD5A54AD455}E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" | In - Private - P6 - TRUE | .(.Take-Two Interactive Software, Inc..) -- E:\steam\steamapps\common\grand theft auto iv\gtaiv\g
O87 - FAEL: "UDP Query User{3E158AF3-3A00-4615-9637-7A5A61900039}E:\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe" | In - Private - P17 - TRUE | .(.Take-Two Interactive Software, Inc..) -- E:\steam\steamapps\common\grand theft auto iv\gtaiv\
O87 - FAEL: "TCP Query User{42C49403-0AE4-4D33-9616-C19480986390}C:\windows\system32\javaw.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\windows\system32\javaw.exe
O87 - FAEL: "UDP Query User{C7F0ADC6-96F2-447A-B9CB-15C0A6A6F390}C:\windows\system32\javaw.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\windows\system32\javaw.exe
O87 - FAEL: "{A221CA32-3288-4A68-B996-6B9B0358638B}" | In - Private - P6 - TRUE | .(.Sony DADC Austria AG - SecuROM Launcher.) -- E:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
O87 - FAEL: "{1D9C9244-4DAA-4DBD-B995-D1D7CE86C65C}" | In - Private - P17 - TRUE | .(.Sony DADC Austria AG - SecuROM Launcher.) -- E:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
O87 - FAEL: "TCP Query User{2D66C1E8-1B83-46AB-9440-5EB84E8047E0}C:\program files\java\jre7\bin\java.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "UDP Query User{B629DC3C-204C-44DB-9636-C05516D4A675}C:\program files\java\jre7\bin\java.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files\java\jre7\bin\java.exe
O87 - FAEL: "{014E0726-FE1E-49FF-B303-2E1583AD095D}" | In - Private - P6 - TRUE | .(.Bohemia Interactive - ArmA 2.) -- E:\Steam\SteamApps\common\Arma 2\arma2.exe
O87 - FAEL: "{AE54B2E4-A325-4E86-80D9-C772B79077CC}" | In - Private - P17 - TRUE | .(.Bohemia Interactive - ArmA 2.) -- E:\Steam\SteamApps\common\Arma 2\arma2.exe
O87 - FAEL: "TCP Query User{10E67AAC-7C7D-42BB-9735-42083B0893AA}E:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" | In - Private - P6 - TRUE | .(.Bohemia Interactive.) -- E:\steam\steamapps\common\arma 2 operation arrowhea
O87 - FAEL: "UDP Query User{58245E5E-1E0F-41D7-AB69-4EF8C3BFB393}E:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" | In - Private - P17 - TRUE | .(.Bohemia Interactive.) -- E:\steam\steamapps\common\arma 2 operation arrowhe
~ Scan Firewall in 00mn 01s



---\\ Additionnal Scan (O88)
Database Version : v2.10033 - (09/01/2013)
Clés trouvées (Keys found) : 140
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 16
Fichiers trouvés  (Files found) : 5

[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]   =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}]   =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>Adware.Agent
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}]   =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}]   =>Toolbar.Alot
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}]   =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}]   =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}]   =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]   =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}]   =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}]   =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]   =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}]   =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}]   =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}]   =>Toolbar.Alot
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}]   =>Toolbar.Alot
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}]   =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}]   =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}]   =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]   =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Toolbar.Alot
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]   =>Toolbar.Alot
[HKLM\Software\Classes\AppID\escort.dll]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE]   =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\ScriptHelper.EXE]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\YontooIEClient.DLL]   =>Toolbar.Agent
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI]   =>Toolbar.Agent
[HKLM\Software\Classes\AVG Secure Search.PugiObj]   =>Toolbar.Agent
[HKLM\Software\Classes\b]   =>Toolbar.Babylon
[HKLM\Software\Classes\escort.escortIEPane]   =>Toolbar.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc]   =>Toolbar.Babylon
[HKLM\Software\Classes\S]   =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE]   =>Toolbar.Agent
[HKLM\Software\Classes\wajam.WajamBHO]   =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph]   =>PUP.SpecialSavings
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater]   =>Toolbar.Wajam
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater]   =>Toolbar.Wajam
[HKCU\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}]   =>Trojan.Agent
[HKCU\Software\BabylonToolbar]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar]   =>Toolbar.Babylon
[HKCU\Software\Cr_Installer]   =>Adware.VidSaver
[HKCU\Software\DataMngr]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr]   =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\Giant Savings Extension]   =>Adware.VidSaver
[HKCU\Software\Softonic]   =>Toolbar.Conduit
[HKCU\Software\StartSearch]   =>Hijacker.Agent
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Tarma Installer]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_install_RASAPI32]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_install_RASMANCS]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]   =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings Extension]   =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam]   =>Toolbar.Wajam
[HKCU\Software\InstalledBrowserExtensions\215 Apps]   =>PUP.SpecialSavings
[HKLM\Software\Classes\Prod.cap]   =>Adware.Bandoo
[HKLM\Software\Classes\CrossriderApp0021810.BHO]   =>Adware.VidSaver
[HKLM\Software\Classes\CrossriderApp0021810.Sandbox]   =>Adware.VidSaver
[HKLM\Software\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.BHO]   =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.Sandbox]   =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers]   =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{98889811-442D-49DD-99D7-DC866BE87DBC}   =>Toolbar.Babylon
C:\Program Files (x86)\yontoo   =>Toolbar.Alot
C:\Program Files (x86)\AVG Secure Search   =>Toolbar.Agent
C:\Program Files (x86)\BabylonToolbar   =>Toolbar.Babylon
C:\Program Files (x86)\Giant Savings Extension   =>Adware.VidSaver
C:\Program Files (x86)\SweetIM   =>PUP.SweetIM
C:\Program Files (x86)\Common Files\AVG Secure Search   =>Toolbar.Agent
C:\ProgramData\AVG Secure Search   =>Toolbar.Agent
C:\ProgramData\Babylon   =>Toolbar.Babylon
C:\ProgramData\SweetIM   =>PUP.SweetIM
C:\Users\Damien\AppData\Local\AVG Secure Search   =>Toolbar.Agent
C:\Users\Damien\AppData\Local\Giant Savings Extension   =>Adware.VidSaver
C:\Users\Damien\AppData\LocalLow\AVG Secure Search   =>Toolbar.Agent
C:\Users\Damien\AppData\LocalLow\BabylonToolbar   =>Toolbar.Babylon
C:\Users\Damien\AppData\Local\Temp\avg@toolbar   =>Toolbar.Agent
C:\Users\Damien\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc   =>Toolbar.Alot
C:\Users\Damien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph   =>Spyware.GamePlayLabs
C:\Users\Damien\AppData\Local\Temp\Shortcut_sweetim_2210-1be9878d.exe
C:\Users\Damien\AppData\Local\Temp\SIMEEI2Installer.exe
C:\Users\Damien\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Damien\AppData\Local\Temp\incredibar_install.exe
C:\Users\Damien\AppData\Local\Temp\YontooSetup-S.exe
~ Scan Additionnel in 00mn 04s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "03E9C206838F2DA4D82C62C591D2A4CA" . (.Ma-Config.com (64 bits).) -- C:\Windows\Installer\{602C9E30-F838-4AD2-8DC2-265C192D4AAC}\maconfico
O90 - PUC: "0C03C53D24A02C44BB9C323481238CE9" . (.DayZ Commander.) -- C:\Windows\Installer\{D35C30C0-0A42-44C2-BBC9-23431832C89E}\_853F67D554F05449430E7E.exe
O90 - PUC: "0ED9D238CFA898648991D4BBEDDBE3F4" . (.Microsoft Games for Windows - LIVE Redistributable.) -- C:\Windows\Installer\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}\GameForWindowsLiveRedist.exe
O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
O90 - PUC: "1459101E2A01F4642AE34A2FD36A1506" . (.Mumble 1.2.3.) -- C:\Windows\Installer\{E1019541-10A2-464F-A23E-A4F23DA65160}\mumble.ico
O90 - PUC: "19DA96544F74E9D4F89C17E73CD2A71E" . (.Microsoft_VC80_CRT_x86_x64.) -- C:\Windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}\ARPPRODUCTICON.exe
O90 - PUC: "20B91A1DE71869244AB57058F37DD475" . (.Microsoft_VC80_MFC_x86.) -- C:\Windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
O90 - PUC: "224BF55B308B5F1155283B66E61A9BCA" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{B55FB422-B803-11F5-5582-B3666EA1B9AC}\ARPPRODUCTICON.exe
O90 - PUC: "25BBB29DFF28DE24A8C3E460F249A47B" . (.Microsoft_VC80_MFCLOC_x86.) -- C:\Windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
O90 - PUC: "29E590689591463829E0288EF1468FBF" . (.Catalyst Control Center.) -- C:\Windows\Installer\{86095E92-1959-8364-920E-82E81F64F8FB}\ARPPRODUCTICON.exe
O90 - PUC: "2A481405E0B139D506A315E7397EDE3B" . (.AMD Accelerated Video Transcoding.) -- C:\Windows\Installer\{504184A2-1B0E-5D93-603A-517E93E7EDB3}\ARPPRODUCTICON.exe
O90 - PUC: "32FA0F2EF2EF2224A934556EC34CE11F" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}\ARPPRODUCTICON.exe
O90 - PUC: "4E9B274AFFA0B7F42BD56FF4E829A8BA" . (.Microsoft_VC90_MFC_x86_x64.) -- C:\Windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}\ARPPRODUCTICON.exe
O90 - PUC: "52608575376CAEF778198EB4A7FA0596" . (.ccc-utility64.) -- C:\Windows\Installer\{57580625-C673-7FEA-8791-E84B7AAF5069}\ARPPRODUCTICON.exe
O90 - PUC: "56AFD012508FB2A1F438E87272A93E58" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{210DFA65-F805-1A2B-4F83-8E27279AE385}\ARPPRODUCTICON.exe
O90 - PUC: "5DAB1C8C6E456414DA70A3A83D56963C" . (.Microsoft_VC80_MFC_x86_x64.) -- C:\Windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}\ARPPRODUCTICON.exe
O90 - PUC: "63DD66855508B5745A3C280C04191DE4" . (.BF3 Settings Editor.) -- C:\Windows\Installer\{5866DD36-8055-475B-A5C3-82C04091D14E}\favicon.exe
O90 - PUC: "687EE9C2BDD189C4F84A1B9B5B6AB677" . (.Microsoft Games for Windows - LIVE.) -- C:\Windows\Installer\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}\GameForWindowsLiveDash.exe
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.4) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "8075A30087099C542AEFBEFB24B2D3A0" . (.ASUS Utility.) -- C:\Windows\Installer\{003A5708-9078-45C9-A2FE-EBBF422B3D0A}\ARPPRODUCTICON.exe
O90 - PUC: "811CF9E1D156439479EB5EC3EAC5D754" . (.Microsoft_VC80_MFCLOC_x86_x64.) -- C:\Windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}\ARPPRODUCTICON.exe
O90 - PUC: "8F7463F0D15ECCF48826A9D8C0A5FC52" . (.Microsoft_VC80_ATL_x86.) -- C:\Windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe
O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
O90 - PUC: "9DF7AD641CB88AB7891D724F667478B1" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}\ARPPRODUCTICON.exe
O90 - PUC: "A9B58E1ADAFA83D4FA10B620D05D12A3" . (.Logitech GamePanel Software 3.06.109.) -- C:\Windows\Installer\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}\LGDCoreIco
O90 - PUC: "B0F614749856E1956C8F24532D32B041" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{47416F0B-6589-591E-C6F8-4235D2230B14}\ARPPRODUCTICON.exe
O90 - PUC: "B5DEF536D6C2EB94786EA7F6DC22CBA5" . (.Microsoft_VC90_MFC_x86.) -- C:\Windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
O90 - PUC: "B850D529A465A3444B2BE7096C34E255" . (.Microsoft_VC80_ATL_x86_x64.) -- C:\Windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}\ARPPRODUCTICON.exe
O90 - PUC: "C7937558D24AF684793B2ABC2C735239" . (.Microsoft_VC90_ATL_x86_x64.) -- C:\Windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}\ARPPRODUCTICON.exe
O90 - PUC: "CA0B84B9318C4714092474A68857297C" . (.Windows Live ID Sign-in Assistant.) -- C:\Windows\Installer\{9B48B0AC-C813-4174-9042-476A887592C7}\prodicon.ico
O90 - PUC: "CF4F71AEFBDF8FC45A92D28913230D35" . (.Skype™ 6.0.) -- C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe
O90 - PUC: "D0AC3A29DC55D5C4AB59C562002CF062" . (.Microsoft_VC90_CRT_x86_x64.) -- C:\Windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}\ARPPRODUCTICON.exe
O90 - PUC: "D276F30548C6A844F8F8B43CA58C4314" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D7D3814B387BF3A4E8B13521CB9C0E23" . (.ASUS VGA Driver.) -- C:\Windows\Installer\{B4183D7D-B783-4A3F-8E1B-5312BCC9E032}\ARPPRODUCTICON.exe
O90 - PUC: "DD5BACD096CCA172FC302FDBB606DBA8" . (.AMD Media Foundation Decoders.) -- C:\Windows\Installer\{0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}\ARPPRODUCTICON.exe
O90 - PUC: "E873E3303DA65DA4DBBEBC6DB91340C6" . (.Microsoft_VC90_ATL_x86.) -- C:\Windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
O90 - PUC: "F3987040C253281B0EA48A3C33D32AB9" . (.AMD Drag and Drop Transcoding.) -- C:\Windows\Installer\{0407893F-352C-B182-E04A-A8C3333DA29B}\ARPPRODUCTICON.exe
O90 - PUC: "F79EDE5B3A9281A49BEABC3ED32DDE16" . (.Tukui Update Utility.) -- C:\Windows\Installer\{B5EDE97F-29A3-4A18-B9AE-CBE33DD2ED61}\_853F67D554F05449430E7E.exe
~ Scan Files in 00mn 00s



---\\ Random Key Export (O91)
[HKCU\Software\532d78ab26fb844]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\532d78ab26fb844]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\532d78ab26fb844]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\532d78ab26fb844]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\532d78ab26fb844]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\532d78ab26fb844]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\532d78ab26fb844]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\532d78ab26fb844]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\532d78ab26fb844]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\532d78ab26fb844]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\532d78ab26fb844]:INSTALL_FOLDER_NAME="BrowserProtect"
[HKCU\Software\532d78ab26fb844]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\532d78ab26fb844]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\532d78ab26fb844]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\532d78ab26fb844]:PROTECTOR_DLL_NAME="BrowserProtect.dll"
[HKCU\Software\532d78ab26fb844]:PROTECT_EXE_NAME="BrowserProtect.exe"
[HKCU\Software\532d78ab26fb844]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\532d78ab26fb844]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\532d78ab26fb844]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\532d78ab26fb844]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\532d78ab26fb844]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\532d78ab26fb844]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\532d78ab26fb844]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\532d78ab26fb844]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\532d78ab26fb844]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\532d78ab26fb844]:SERVICE_NAME="BrowserProtect"
[HKCU\Software\532d78ab26fb844]:usrcheckbox="0"
[HKCU\Software\532d78ab26fb844]:version="2.5.986.67"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:INSTALL_FOLDER_NAME="BrowserProtect"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:PROTECTOR_DLL_NAME="BrowserProtect.dll"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:PROTECT_EXE_NAME="BrowserProtect.exe"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\532d78ab26fb844]:SERVICE_NAME="BrowserProtect"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:usrcheckbox="0"
[HKLM\Software\Wow6432Node\532d78ab26fb844]:version="2.5.986.67"
~ Scan Export Key Software in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR:='Running, SS:='Stopped)
SR - | Auto 27.07.2012 63960 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 09.01.2013 251400 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28.09.2012 239616 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 06.11.2012 5814392 |  (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
SR - | Auto 22.10.2012 196664 |  (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
SR - | Auto  2443800 |  (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
SR - | Auto 17.12.2007 163840 |  (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.exe
SR - | Auto 11.01.2007 126464 |  (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SS - | Demand 20.09.2012 136896 |  (Futuremark SystemInfo Service) . (.Futuremark Corporation.) - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
SS - | Auto 29.09.2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 29.09.2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03.04.2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Auto 19.06.2012 634632 |  (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 19.07.2012 166720 |  (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SS - | Demand 27.09.2011 359192 |  (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 19.07.2012 277824 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 28.10.2012 427976 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SS - | Demand 05.12.2012 115168 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 02.10.2012 891240 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 30.08.2012 1258856 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto  0 |  (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SS - | Auto  0 |  (SkypeUpdate) . (...) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 27.12.2012 541760 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 02.10.2012 382824 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Demand 19.02.2010 517096 |  (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SR - | Auto 19.07.2012 365376 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto  945480 |  (vToolbarUpdater14.0.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
SS - | Demand 05.10.2012 109064 |  (WajamUpdater) . (.Wajam.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
SS - | Demand 14.07.2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14.07.2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s



---\\ List of CD/DVD Emulators (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite
~ Scan Emulateurs in 00mn 00s



End of the scan (1707 lines in 00mn 26s)(0)