demonge

remoi bon y t'il une personne comme appollo qui puisse m'aider?? merci d'avance

salut à toutes et tous et vi encore moi je pense que je suis au prise d'un hacker en effet j'ai fait un achat en ligne et résa avion et hôtel à Nantes et tout ceci se retourne envers moi et surtout mes ex amies et amis qq'un peut-il m'aider merci d'avance à plus domi vous me dites ce qu'il faut faire je copie et je fais

resalut mon cher apollo bon voilà le rapport demandé je fais tout comme tu me dis ahahah!! # DelFix v8.8 - Rapport créé le 18/06/2012 à 17:15:52 # Mis à jour le 12/02/12 par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (32 bits) # Nom d'utilisateur : loubidounet - NOTREPC (Administrateur) # Exécuté depuis : C:\Users\loubidounet\Downloads\delfix.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\ZHP Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hijackthis Supprimé : C:\Program Files\ZHPDiag Supprimé : C:\Program Files\Trend Micro\Hijackthis ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\AdwCleaner[s1].txt Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\Users\loubidounet\Downloads\adwcleaner.exe Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKLM\SOFTWARE\AdwCleaner Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe ~~~~~~ Autres ~~~~~~ Désinstallé : ESET Online Scanner -> Prefetch Vidé ************************* DelFix[s1].txt - [1227 octets] - [18/06/2012 17:15:52] ########## EOF - C:\DelFix[s1].txt - [1351 octets] ##########

salut et bien ça va mieux nettement je te remercie beaucoup de ton aide j'ai copié aussi ton tuto je vais suivre tes conseils encore merci à plus mon cher apo domi :super:

resalut bon voilà le rapport du scan C:\Users\loubidounet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\1338379e-4840320d a variant of Java/Agent.A trojan deleted - quarantined C:\Users\loubidounet\Documents\Divers jeux\jackpotcity.exe a variant of Win32/PrimeCasino application cleaned by deleting - quarantined C:\Users\loubidounet\Downloads\BandooV3.exe probably a variant of Win32/Adware.Bandoo.AA application cleaned by deleting - quarantined à de suite mon cher apollo

re j'ai déjà supprimé ce truc virtualgirl mon cher apollo mais ça me met toujours ce genre de truc donc j'arrive pas à éliminer complètement dois je faire ce que tu m'as dit??quand même??

bon remoi voilà le rapport de MBAM Malwarebytes' Anti-Malware 1.32 Version de la base de données: 1616 Windows 6.0.6002 Service Pack 2 17/06/2012 12:42:19 mbam-log-2012-06-17 (12-42-19).txt Type de recherche: Examen complet (C:\|I:\|) Eléments examinés: 216944 Temps écoulé: 2 hour(s), 30 minute(s), 41 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) que dois je faire à présent?? merci encore mon cher apollo

salut remoi bon tout ceci pour te dire mon cher apollo que je ne peux pas effectuer le nettoyage avec ZHPFix ça me met à chaque fois ne répond pas et ça se ferme donc je suis bloqué il doit y avoir un autre moyen?? merci d'avance à plus domi

Bon je vais essayer de te copier cela mon cher apollo Lien CJoint.com BFquzyf7Ccs tu me diras si c'est ok?? car 1ère fois que j'emploie ce système merci encore domi

Bonjour à toutes et tous bon voilà je pense que mon pc est infecté voire hakké?? parfois il se met à fonctionner tout seul et aussi on écrit avec word des messages je vous fais parvenir le rapport ADW merci de m'aider # AdwCleaner v1.609 - Rapport créé le 16/06/2012 à 19:08:53 # Mis à jour le 10/06/2012 par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 2 (32 bits) # Nom d'utilisateur : loubidounet - NOTREPC # Exécuté depuis : C:\Users\loubidounet\Downloads\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\loubidounet\AppData\Roaming\EoRezo Dossier Supprimé : C:\Users\loubidounet\AppData\Roaming\ItsLabel Dossier Supprimé : C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\Conduit Dossier Supprimé : C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\ConduitCommon Dossier Supprimé : C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\ConduitEngine Dossier Supprimé : C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\extensions\engine@conduit.com Dossier Supprimé : C:\Program Files\Babylon ***** [Registre] ***** Clé Supprimée : HKCU\Software\EoRezo Clé Supprimée : HKCU\Software\ItsLabel Clé Supprimée : HKLM\SOFTWARE\bandoo Clé Supprimée : HKLM\SOFTWARE\Conduit Clé Supprimée : HKLM\SOFTWARE\ItsLabel Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1 Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1 Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1 Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr Clé Supprimée : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1 Clé Supprimée : HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho Clé Supprimée : HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho.1 Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE ***** [Registre - GUID] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F} ***** [Navigateurs] ***** -\\ Internet Explorer v7.0.6002.18005 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v13.0 (fr) Nom du profil : default Fichier : C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\prefs.js C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\user.js ... Supprimé ! Supprimée : user_pref("CT1460988..clientLogIsEnabled", false); Supprimée : user_pref("CT1460988..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Supprimée : user_pref("CT1460988..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Supprimée : user_pref("CT1460988.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Supprimée : user_pref("CT1460988.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Supprimée : user_pref("CT1460988.BrowserCompStateIsOpen_129634884260937612", true); Supprimée : user_pref("CT1460988.CT1667811.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1667811.alertChannelId", "24183"); Supprimée : user_pref("CT1460988.CT1668860.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1668860.alertChannelId", "24247"); Supprimée : user_pref("CT1460988.CT1668889.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1668889.alertChannelId", "24250"); Supprimée : user_pref("CT1460988.CT1669100.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1669100.alertChannelId", "24264"); Supprimée : user_pref("CT1460988.CT1669115.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1669115.alertChannelId", "24266"); Supprimée : user_pref("CT1460988.CT1670222.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Supprimée : user_pref("CT1460988.CT1670222.AllowNonPrivacy", false); Supprimée : user_pref("CT1460988.CT1670222.AppTrackingLastCheckTime", "Sat Jun 09 2012 11:28:28 GMT+0200"); Supprimée : user_pref("CT1460988.CT1670222.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1670222.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT1460988.CT1670222.FeedLastCount128460900971181341", 250); Supprimée : user_pref("CT1460988.CT1670222.FirstTimeSettingsDone", true); Supprimée : user_pref("CT1460988.CT1670222.FixPageNotFoundUrl", "hxxp://urlseek50.vmn.net/notfound/?actid=EB_TOO[...] Supprimée : user_pref("CT1460988.CT1670222.GroupingInvalidateCache", false); Supprimée : user_pref("CT1460988.CT1670222.GroupingLastCheckTime", "Sat Jun 16 2012 18:50:42 GMT+0200"); Supprimée : user_pref("CT1460988.CT1670222.GroupingLastErrorCode", ""); Supprimée : user_pref("CT1460988.CT1670222.GroupingLastResponse", true); Supprimée : user_pref("CT1460988.CT1670222.GroupingLastServerUpdateTime", "129816524660000000"); Supprimée : user_pref("CT1460988.CT1670222.InvalidateCache", false); Supprimée : user_pref("CT1460988.CT1670222.LanguagePackLastCheckTime", "Sat Jun 16 2012 18:50:43 GMT+0200"); Supprimée : user_pref("CT1460988.CT1670222.LanguagePackReloadInterval", "24"); Supprimée : user_pref("CT1460988.CT1670222.Locale", "fr"); Supprimée : user_pref("CT1460988.CT1670222.RadioLastCheckTime", "Sat Jun 16 2012 18:50:43 GMT+0200"); Supprimée : user_pref("CT1460988.CT1670222.RadioLastUpdateIPServer", "4"); Supprimée : user_pref("CT1460988.CT1670222.RadioLastUpdateServer", "128929877726170000"); Supprimée : user_pref("CT1460988.CT1670222.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=U[...] Supprimée : user_pref("CT1460988.CT1670222.SearchInNewTabLastCheckTime", "Sat Jun 16 2012 18:50:42 GMT+0200"); Supprimée : user_pref("CT1460988.CT1670222.SettingsCheckIntervalMin", 120); Supprimée : user_pref("CT1460988.CT1670222.SettingsInvalidateCache", false); Supprimée : user_pref("CT1460988.CT1670222.SettingsLastCheckTime", "Sat Jun 16 2012 18:50:42 GMT+0200"); Supprimée : user_pref("CT1460988.CT1670222.SettingsLastUpdate", "1337169810"); Supprimée : user_pref("CT1460988.CT1670222.ThirdPartyComponentsLastCheck", "Tue Jun 12 2012 12:04:24 GMT+0200"); Supprimée : user_pref("CT1460988.CT1670222.ThirdPartyComponentsLastUpdate", "1331805999"); Supprimée : user_pref("CT1460988.CT1670222.ToggleComponentState129160824988734312", true); Supprimée : user_pref("CT1460988.CT1670222.ToolbarAlignMode", "SYSTEM"); Supprimée : user_pref("CT1460988.CT1670222.ToolbarName", "myBabylon French"); Supprimée : user_pref("CT1460988.CT1670222.VusualLastUpdateTime", "1250777713"); Supprimée : user_pref("CT1460988.CT1670222.alertChannelId", "24349"); Supprimée : user_pref("CT1460988.CT1670222.globalFirstTimeInfoLastCheckTime", "Fri Jun 08 2012 12:57:56 GMT+0200[...] Supprimée : user_pref("CT1460988.CT1670222.toolbarAppMetaDataLastCheckTime", "Fri Jun 15 2012 20:15:40 GMT+0200"[...] Supprimée : user_pref("CT1460988.CT1670222.toolbarContextMenuLastCheckTime", "Mon Jun 11 2012 21:31:43 GMT+0200"[...] Supprimée : user_pref("CT1460988.CT1670245.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1670245.alertChannelId", "24350"); Supprimée : user_pref("CT1460988.CT1729581.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1729581.alertChannelId", "28311"); Supprimée : user_pref("CT1460988.CT1729585.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1729585.alertChannelId", "28312"); Supprimée : user_pref("CT1460988.CT1729587.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1729587.alertChannelId", "28313"); Supprimée : user_pref("CT1460988.CT1729593.AllowNonPrivacy", false); Supprimée : user_pref("CT1460988.CT1729593.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT1729593.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT1460988.CT1729593.FeedLastCount128460900971181341", 174); Supprimée : user_pref("CT1460988.CT1729593.FixPageNotFoundUrl", "hxxp://urlseek50.vmn.net/notfound/?actid=EB_TOO[...] Supprimée : user_pref("CT1460988.CT1729593.GroupingInvalidateCache", false); Supprimée : user_pref("CT1460988.CT1729593.GroupingLastCheckTime", "Thu Jun 11 2009 19:18:03 GMT+0200"); Supprimée : user_pref("CT1460988.CT1729593.GroupingLastErrorCode", ""); Supprimée : user_pref("CT1460988.CT1729593.GroupingLastResponse", true); Supprimée : user_pref("CT1460988.CT1729593.GroupingLastServerUpdateTime", "128892033942800000"); Supprimée : user_pref("CT1460988.CT1729593.InvalidateCache", false); Supprimée : user_pref("CT1460988.CT1729593.LanguagePackLastCheckTime", "Thu Jun 11 2009 19:18:04 GMT+0200"); Supprimée : user_pref("CT1460988.CT1729593.LanguagePackReloadInterval", "24"); Supprimée : user_pref("CT1460988.CT1729593.Locale", "ru-ru"); Supprimée : user_pref("CT1460988.CT1729593.RadioLastCheckTime", "Thu Jun 11 2009 19:36:41 GMT+0200"); Supprimée : user_pref("CT1460988.CT1729593.RadioLastUpdateIPServer", "4"); Supprimée : user_pref("CT1460988.CT1729593.SettingsInvalidateCache", false); Supprimée : user_pref("CT1460988.CT1729593.SettingsLastUpdate", "1244722594"); Supprimée : user_pref("CT1460988.CT1729593.ThirdPartyComponentsLastCheck", "Thu Jun 11 2009 19:18:03 GMT+0200"); Supprimée : user_pref("CT1460988.CT1729593.ThirdPartyComponentsLastUpdate", "1244722594"); Supprimée : user_pref("CT1460988.CT1729593.ToolbarAlignMode", "SYSTEM"); Supprimée : user_pref("CT1460988.CT1729593.ToolbarName", "myBabylon Russian"); Supprimée : user_pref("CT1460988.CT1729593.VusualLastUpdateTime", "1244722594"); Supprimée : user_pref("CT1460988.CT1729593.alertChannelId", "28315"); Supprimée : user_pref("CT1460988.CT2164362.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT2164362.alertChannelId", "563458"); Supprimée : user_pref("CT1460988.CT2651538.CommunityChanged", true); Supprimée : user_pref("CT1460988.CT2651538.alertChannelId", "1044202"); Supprimée : user_pref("CT1460988.CTID", "CT1670222"); Supprimée : user_pref("CT1460988.CTPBaseServerUrl", "hxxp://grouping.services.conduit.com/"); Supprimée : user_pref("CT1460988.CommunitiesChangesLastCheckTime", "Sat Jun 16 2012 18:52:06 GMT+0200"); Supprimée : user_pref("CT1460988.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingReque[...] Supprimée : user_pref("CT1460988.CommunitiesStatus.CT1670222", 0); Supprimée : user_pref("CT1460988.CommunitiesStatus.CT1729593", 0); Supprimée : user_pref("CT1460988.CommunityChanged", true); Supprimée : user_pref("CT1460988.CurrentServerDate", "16-6-2012"); Supprimée : user_pref("CT1460988.DialogsGetterLastCheckTime", "Thu Jun 14 2012 12:56:23 GMT+0200"); Supprimée : user_pref("CT1460988.DownloadReferralCookieData", ""); Supprimée : user_pref("CT1460988.EMailNotifierPollDate", "Sat Jun 16 2012 19:00:43 GMT+0200"); Supprimée : user_pref("CT1460988.ExternalComponentPollDate129239334295231801", "Wed Jul 28 2010 07:50:43 GMT+020[...] Supprimée : user_pref("CT1460988.ExternalComponentPollDate129251310937161672", "Fri Aug 27 2010 07:52:42 GMT+020[...] Supprimée : user_pref("CT1460988.FeedPollDate128460898315556274", "Sat Jun 16 2012 18:50:43 GMT+0200"); Supprimée : user_pref("CT1460988.FeedPollDate128460899415556929", "Sat Jun 16 2012 18:50:43 GMT+0200"); Supprimée : user_pref("CT1460988.FeedPollDate128460899564463182", "Sat Jun 16 2012 18:50:43 GMT+0200"); Supprimée : user_pref("CT1460988.FeedPollDate128460899661963361", "Sat Jun 16 2012 18:50:43 GMT+0200"); Supprimée : user_pref("CT1460988.FeedPollDate128460899768994715", "Thu Jun 11 2009 19:18:04 GMT+0200"); Supprimée : user_pref("CT1460988.FeedPollDate128479826070094154", "Thu Jun 11 2009 19:18:04 GMT+0200"); Supprimée : user_pref("CT1460988.FeedPollDate128601717394313421", "Sat Jun 16 2012 18:50:43 GMT+0200"); Supprimée : user_pref("CT1460988.FeedTTL128460898315556274", 2); Supprimée : user_pref("CT1460988.FeedTTL128460899415556929", 2); Supprimée : user_pref("CT1460988.FeedTTL128460899564463182", 15); Supprimée : user_pref("CT1460988.FeedTTL128601717394313421", 2); Supprimée : user_pref("CT1460988.FirstServerDate", "16-2-2010"); Supprimée : user_pref("CT1460988.FirstTime", true); Supprimée : user_pref("CT1460988.FirstTimeFF3", true); Supprimée : user_pref("CT1460988.FixPageNotFoundErrors", true); Supprimée : user_pref("CT1460988.GroupingLastCheckTime", "Sat Jun 16 2012 18:50:42 GMT+0200"); Supprimée : user_pref("CT1460988.GroupingLastErrorCode", ""); Supprimée : user_pref("CT1460988.GroupingLastResponse", true); Supprimée : user_pref("CT1460988.GroupingLastServerUpdateTime", "129816525830000000"); Supprimée : user_pref("CT1460988.GroupingServerCheckInterval", 1440); Supprimée : user_pref("CT1460988.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Supprimée : user_pref("CT1460988.HasUserGlobalKeys", true); Supprimée : user_pref("CT1460988.Initialize", true); Supprimée : user_pref("CT1460988.InitializeCommonPrefs", true); Supprimée : user_pref("CT1460988.InstallationAndCookieDataSentCount", 3); Supprimée : user_pref("CT1460988.IsAlertDBUpdated", true); Supprimée : user_pref("CT1460988.IsGrouping", true); Supprimée : user_pref("CT1460988.IsMulticommunity", false); Supprimée : user_pref("CT1460988.IsOpenThankYouPage", true); Supprimée : user_pref("CT1460988.IsOpenUninstallPage", true); Supprimée : user_pref("CT1460988.LanguagePackReloadIntervalMM", 1440); Supprimée : user_pref("CT1460988.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Supprimée : user_pref("CT1460988.LastLogin", "Wed Sep 16 2009 16:50:49 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_2.3.0.4", "Sat Feb 13 2010 15:05:29 GMT+0100"); Supprimée : user_pref("CT1460988.LastLogin_2.5.6.0", "Sat Oct 02 2010 15:22:34 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_2.7.2.0", "Sun May 15 2011 21:19:08 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.10.0.1", "Thu Apr 19 2012 23:25:12 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.12.0.7", "Fri Apr 27 2012 01:18:30 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.12.2.3", "Wed May 30 2012 20:54:14 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.13.0.6", "Sat Jun 16 2012 15:29:06 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.2.5.2", "Mon Jan 17 2011 12:34:00 GMT+0100"); Supprimée : user_pref("CT1460988.LastLogin_3.3.3.2", "Tue Jun 21 2011 17:36:42 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.5.0.12", "Tue Aug 02 2011 03:00:20 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.6.0.10", "Fri Sep 30 2011 23:41:11 GMT+0200"); Supprimée : user_pref("CT1460988.LastLogin_3.7.0.6", "Wed Nov 09 2011 20:22:55 GMT+0100"); Supprimée : user_pref("CT1460988.LastLogin_3.8.0.8", "Sat Dec 10 2011 19:42:38 GMT+0100"); Supprimée : user_pref("CT1460988.LastLogin_3.8.1.0", "Tue Jan 10 2012 14:33:00 GMT+0100"); Supprimée : user_pref("CT1460988.LastLogin_3.9.0.3", "Tue Mar 06 2012 18:08:50 GMT+0100"); Supprimée : user_pref("CT1460988.LatestVersion", "3.13.0.6"); Supprimée : user_pref("CT1460988.LoginCache", 4); Supprimée : user_pref("CT1460988.MCDetectTooltipHeight", "83"); Supprimée : user_pref("CT1460988.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Supprimée : user_pref("CT1460988.MCDetectTooltipWidth", "295"); Supprimée : user_pref("CT1460988.MyGadgetsServerUrl", "hxxp://services.MyStuff.u-page.com/MyStuffService.asmx/Le[...] Supprimée : user_pref("CT1460988.MyGadgetsTrustedDomains", "conduit.com"); Supprimée : user_pref("CT1460988.MyStuffEnabledAtInstallation", true); Supprimée : user_pref("CT1460988.PreviouseCTID", "CT1729593"); Supprimée : user_pref("CT1460988.PreviouseToolbarName", "myBabylon Russian"); Supprimée : user_pref("CT1460988.RadioIsPodcast", false); Supprimée : user_pref("CT1460988.RadioMediaID", "7964517"); Supprimée : user_pref("CT1460988.RadioMediaType", "Media Player"); Supprimée : user_pref("CT1460988.RadioMenuSelectedID", "EBRadioMenu_CT14609887964517"); Supprimée : user_pref("CT1460988.RadioShrinked", "shrinked"); Supprimée : user_pref("CT1460988.RadioStationName", "France%20Info"); Supprimée : user_pref("CT1460988.RadioStationURL", "hxxp://www.radios-direct.fr/flux-franceinfo.asx"); Supprimée : user_pref("CT1460988.SHRINK_TOOLBAR", 1); Supprimée : user_pref("CT1460988.SearchFromAddressBarIsInit", true); Supprimée : user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146[...] Supprimée : user_pref("CT1460988.SearchInNewTabEnabled", true); Supprimée : user_pref("CT1460988.SearchInNewTabIntervalMM", 1440); Supprimée : user_pref("CT1460988.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Supprimée : user_pref("CT1460988.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Supprimée : user_pref("CT1460988.Server", "hxxp://users.conduit.com"); Supprimée : user_pref("CT1460988.ServiceMapLastCheckTime", "Sat Jun 16 2012 18:50:42 GMT+0200"); Supprimée : user_pref("CT1460988.ThirdPartyComponentsInterval", 504); Supprimée : user_pref("CT1460988.ToolbarName", "myBabylon French"); Supprimée : user_pref("CT1460988.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1460988"); Supprimée : user_pref("CT1460988.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Supprimée : user_pref("CT1460988.UserID", "UN20090503151142317"); Supprimée : user_pref("CT1460988.ValidationData_Search", 2); Supprimée : user_pref("CT1460988.ValidationData_Toolbar", 2); Supprimée : user_pref("CT1460988.WeatherNetwork", ""); Supprimée : user_pref("CT1460988.WeatherPollDate", "Sat Jun 16 2012 18:50:44 GMT+0200"); Supprimée : user_pref("CT1460988.WeatherUnit", "C"); Supprimée : user_pref("CT1460988.alertChannelId", "10896"); Supprimée : user_pref("CT1460988.backendstorage._gpl_firstrun10100", "31333139333734313738"); Supprimée : user_pref("CT1460988.backendstorage.ct1670222ads1", "25374225323261647325323225334125354225374225323[...] Supprimée : user_pref("CT1460988.backendstorage.ct1670222current_term", ""); Supprimée : user_pref("CT1460988.backendstorage.ct1670222sdate", "3136"); Supprimée : user_pref("CT1460988.backendstorage.forcd_aoi", "31333139333734313232"); Supprimée : user_pref("CT1460988.backendstorage.forcd_ccid", "4D6F6E7470656C6C696572"); Supprimée : user_pref("CT1460988.backendstorage.forcd_cid", "4652"); Supprimée : user_pref("CT1460988.backendstorage.forcd_ip", "39302E32372E34322E3838"); Supprimée : user_pref("CT1460988.backendstorage.forcd_lcut", "31333230363331323235"); Supprimée : user_pref("CT1460988.backendstorage.forcd_rid", "4139"); Supprimée : user_pref("CT1460988.backendstorage.forcd_zoneid", "3131303931"); Supprimée : user_pref("CT1460988.backendstorage.hxxp://api10_thetrafficstat_net.pid2", "373862396638333838356238[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api15_thetrafficstat_net.pid2", "326338643832383339613634[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api16_thetrafficstat_net.pid2", "373862396638333838356238[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api18_thetrafficstat_net.pid2", "373862396638333838356238[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api19_thetrafficstat_net.pid2", "373862396638333838356238[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api20_thetrafficstat_net.pid2", "373862396638333838356238[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api21_thetrafficstat_net.pid2", "373862396638333838356238[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api22_thetrafficstat_net.pid2", "373862396638333838356238[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api25_thetrafficstat_net.pid2", "326338643832383339613634[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api26_thetrafficstat_net.pid2", "326338643832383339613634[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api28_thetrafficstat_net.pid2", "633031363330653337653538[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api29_thetrafficstat_net.pid2", "633031363330653337653538[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api31_thetrafficstat_net.pid2", "633031363330653337653538[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api32_thetrafficstat_net.pid2", "633031363330653337653538[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://api6_thetrafficstat_net.pid2", "3738623966383338383562383[...] Supprimée : user_pref("CT1460988.backendstorage.hxxp://conduitapp_s3_amazonaws_com._gpl_firstrun10100", "3133313[...] Supprimée : user_pref("CT1460988.backendstorage.shpngrd_evnts", "31"); Supprimée : user_pref("CT1460988.backendstorage.shpngrdglblcfg", "7B7265662020202020203A202762626C6E272C20666565[...] Supprimée : user_pref("CT1460988.clientLogIsEnabled", false); Supprimée : user_pref("CT1460988.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Supprimée : user_pref("CT1460988.ct1670222.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Supprimée : user_pref("CT1460988.ct1670222.AllowNonPrivacy", false); Supprimée : user_pref("CT1460988.ct1670222.CommunityChanged", false); Supprimée : user_pref("CT1460988.ct1670222.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT1460988.ct1670222.FeedLastCount128460900971181341", 250); Supprimée : user_pref("CT1460988.ct1670222.FixPageNotFoundUrl", "hxxp://urlseek50.vmn.net/notfound/?actid=EB_TOO[...] Supprimée : user_pref("CT1460988.ct1670222.GroupingInvalidateCache", false); Supprimée : user_pref("CT1460988.ct1670222.GroupingLastCheckTime", "Thu Jun 11 2009 19:11:00 GMT+0200"); Supprimée : user_pref("CT1460988.ct1670222.GroupingLastErrorCode", ""); Supprimée : user_pref("CT1460988.ct1670222.GroupingLastResponse", true); Supprimée : user_pref("CT1460988.ct1670222.GroupingLastServerUpdateTime", "128886531910300000"); Supprimée : user_pref("CT1460988.ct1670222.InvalidateCache", false); Supprimée : user_pref("CT1460988.ct1670222.LanguagePackLastCheckTime", "Thu Jun 11 2009 17:20:59 GMT+0200"); Supprimée : user_pref("CT1460988.ct1670222.LanguagePackReloadInterval", "24"); Supprimée : user_pref("CT1460988.ct1670222.Locale", "fr"); Supprimée : user_pref("CT1460988.ct1670222.RadioLastCheckTime", "Thu Jun 11 2009 19:11:01 GMT+0200"); Supprimée : user_pref("CT1460988.ct1670222.RadioLastUpdateIPServer", "4"); Supprimée : user_pref("CT1460988.ct1670222.RadioLastUpdateServer", "128869045331400000"); Supprimée : user_pref("CT1460988.ct1670222.SettingsInvalidateCache", false); Supprimée : user_pref("CT1460988.ct1670222.SettingsLastUpdate", "1244172391"); Supprimée : user_pref("CT1460988.ct1670222.ThirdPartyComponentsLastCheck", "Fri Jun 05 2009 17:38:33 GMT+0200"); Supprimée : user_pref("CT1460988.ct1670222.ThirdPartyComponentsLastUpdate", "1244172391"); Supprimée : user_pref("CT1460988.ct1670222.ToolbarAlignMode", "SYSTEM"); Supprimée : user_pref("CT1460988.ct1670222.ToolbarName", "myBabylon French"); Supprimée : user_pref("CT1460988.ct1670222.VusualLastUpdateTime", "1244172391"); Supprimée : user_pref("CT1460988.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Supprimée : user_pref("CT1460988.homepageProtectorEnableByLogin", true); Supprimée : user_pref("CT1460988.initDone", true); Supprimée : user_pref("CT1460988.isAppTrackingManagerOn", true); Supprimée : user_pref("CT1460988.myStuffEnabled", true); Supprimée : user_pref("CT1460988.myStuffPublihserMinWidth", 400); Supprimée : user_pref("CT1460988.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Supprimée : user_pref("CT1460988.myStuffServiceIntervalMM", 1440); Supprimée : user_pref("CT1460988.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Supprimée : user_pref("CT1460988.oldAppsList", "200,128460836995869597,128460837015400818,111,128567848314530999[...] Supprimée : user_pref("CT1460988.revertSettingsEnabled", false); Supprimée : user_pref("CT1460988.searchProtectorDialogDelayInSec", 10); Supprimée : user_pref("CT1460988.searchProtectorEnableByLogin", true); Supprimée : user_pref("CT1460988.testingCtid", ""); Supprimée : user_pref("CT1460988.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Supprimée : user_pref("CT1460988.usagesFlag", 2); Supprimée : user_pref("CT2832594..clientLogIsEnabled", true); Supprimée : user_pref("CT2832594..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Supprimée : user_pref("CT2832594..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Supprimée : user_pref("CT2832594.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Supprimée : user_pref("CT2832594.CTID", "CT2832594"); Supprimée : user_pref("CT2832594.CurrentServerDate", "17-1-2011"); Supprimée : user_pref("CT2832594.DialogsAlignMode", "LTR"); Supprimée : user_pref("CT2832594.DownloadReferralCookieData", ""); Supprimée : user_pref("CT2832594.FirstServerDate", "15-12-2010"); Supprimée : user_pref("CT2832594.FirstTime", true); Supprimée : user_pref("CT2832594.FirstTimeFF3", true); Supprimée : user_pref("CT2832594.FixPageNotFoundErrors", true); Supprimée : user_pref("CT2832594.GroupingServerCheckInterval", 1440); Supprimée : user_pref("CT2832594.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Supprimée : user_pref("CT2832594.HasUserGlobalKeys", true); Supprimée : user_pref("CT2832594.Initialize", true); Supprimée : user_pref("CT2832594.InitializeCommonPrefs", true); Supprimée : user_pref("CT2832594.InstallationAndCookieDataSentCount", 3); Supprimée : user_pref("CT2832594.InstalledDate", "Wed Dec 15 2010 08:42:52 GMT+0100"); Supprimée : user_pref("CT2832594.IsGrouping", false); Supprimée : user_pref("CT2832594.IsMulticommunity", false); Supprimée : user_pref("CT2832594.IsOpenThankYouPage", true); Supprimée : user_pref("CT2832594.IsOpenUninstallPage", true); Supprimée : user_pref("CT2832594.LanguagePackLastCheckTime", "Sun Jan 16 2011 17:00:06 GMT+0100"); Supprimée : user_pref("CT2832594.LanguagePackReloadIntervalMM", 1440); Supprimée : user_pref("CT2832594.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Supprimée : user_pref("CT2832594.LastLogin_3.2.5.2", "Mon Jan 17 2011 12:34:00 GMT+0100"); Supprimée : user_pref("CT2832594.LatestVersion", "3.2.5.2"); Supprimée : user_pref("CT2832594.Locale", "fr"); Supprimée : user_pref("CT2832594.MCDetectTooltipHeight", "83"); Supprimée : user_pref("CT2832594.MCDetectTooltipShow", false); Supprimée : user_pref("CT2832594.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Supprimée : user_pref("CT2832594.MCDetectTooltipWidth", "295"); Supprimée : user_pref("CT2832594.SearchFromAddressBarIsInit", true); Supprimée : user_pref("CT2832594.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT283[...] Supprimée : user_pref("CT2832594.SearchInNewTabEnabled", true); Supprimée : user_pref("CT2832594.SearchInNewTabIntervalMM", 1440); Supprimée : user_pref("CT2832594.SearchInNewTabLastCheckTime", "Mon Jan 17 2011 09:40:38 GMT+0100"); Supprimée : user_pref("CT2832594.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Supprimée : user_pref("CT2832594.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Supprimée : user_pref("CT2832594.SearchInNewTabUserEnabled", false); Supprimée : user_pref("CT2832594.ServiceMapLastCheckTime", "Sun Jan 16 2011 09:40:23 GMT+0100"); Supprimée : user_pref("CT2832594.SettingsLastCheckTime", "Sun Jan 16 2011 18:30:37 GMT+0100"); Supprimée : user_pref("CT2832594.SettingsLastUpdate", "1292849914"); Supprimée : user_pref("CT2832594.ThirdPartyComponentsInterval", 504); Supprimée : user_pref("CT2832594.ThirdPartyComponentsLastCheck", "Sat Jan 08 2011 11:25:25 GMT+0100"); Supprimée : user_pref("CT2832594.ThirdPartyComponentsLastUpdate", "1255348267"); Supprimée : user_pref("CT2832594.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Supprimée : user_pref("CT2832594.UserID", "UN38952905268230547"); Supprimée : user_pref("CT2832594.ValidationData_Search", 0); Supprimée : user_pref("CT2832594.ValidationData_Toolbar", 2); Supprimée : user_pref("CT2832594.alertChannelId", "1224657"); Supprimée : user_pref("CT2832594.backendstorage.activetoolbar", "677265706F"); Supprimée : user_pref("CT2832594.backendstorage.grepolis_current_town_id_fr", "3232373031"); Supprimée : user_pref("CT2832594.backendstorage.grepolis_market", "6672"); Supprimée : user_pref("CT2832594.backendstorage.grepolis_token_fr", "3538326236393932393765346233626433316163396[...] Supprimée : user_pref("CT2832594.backendstorage.grepolis_world_id_fr", "66723133"); Supprimée : user_pref("CT2832594.backendstorage.toolbar_market", "6672"); Supprimée : user_pref("CT2832594.backendstorage.toolbarurl", "687474703A2F2F746F6F6C6261722E696E6E6F67616D65732E[...] Supprimée : user_pref("CT2832594.myStuffEnabled", true); Supprimée : user_pref("CT2832594.myStuffPublihserMinWidth", 400); Supprimée : user_pref("CT2832594.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Supprimée : user_pref("CT2832594.myStuffServiceIntervalMM", 1440); Supprimée : user_pref("CT2832594.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Supprimée : user_pref("CT2832594.testingCtid", ""); Supprimée : user_pref("CT2832594.toolbarAppMetaDataLastCheckTime", "Sun Jan 16 2011 09:40:23 GMT+0100"); Supprimée : user_pref("CT2832594.toolbarContextMenuLastCheckTime", "Wed Dec 15 2010 08:42:53 GMT+0100"); Supprimée : user_pref("CT2832594.usagesFlag", 2); Supprimée : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT1460988"); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1670222/CT1460988[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1044202/1039913/FR", "\"0\"[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/10896/10676/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1112915/1108619/FR", "\"0\"[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1224657/1220330/FR", "\"0\"[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/24183/23680/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/24247/23744/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/24250/23747/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/24264/23761/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/24266/23763/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/24349/23846/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/24350/23847/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/28311/27793/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/28312/27794/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/28313/27795/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/28315/27797/FR", "\"0\""); Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/563458/559322/FR", "\"0\"")[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"")[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1670222", [...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2832594", [...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1460988",[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=11/8/20[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1670222&octid=[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1670222/CT1460988[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2832594/CT2832594[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/maxi.gif", "[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play_mini.gi[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...] Supprimée : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"686[...] Supprimée : user_pref("CommunityToolbar.EngineOwner", "CT2832594"); Supprimée : user_pref("CommunityToolbar.EngineOwnerGuid", "{6cba65db-3377-4af1-b6d8-2d57106ad569}"); Supprimée : user_pref("CommunityToolbar.EngineOwnerToolbarId", "innogames_france"); Supprimée : user_pref("CommunityToolbar.IsEngineShown", true); Supprimée : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Supprimée : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\loubidounet\\AppData\\Roaming\\Mozi[...] Supprimée : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6"); Supprimée : user_pref("CommunityToolbar.MyGadgetsIntervalMM", 1440); Supprimée : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2832594"); Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{6cba65db-3377-4af1-b6d8-2d57106ad569}"); Supprimée : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "innogames_france"); Supprimée : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.live.com/results.aspx?FORM[...] Supprimée : user_pref("CommunityToolbar.ToolbarsList", "CT1460988,ConduitEngine,CT2832594"); Supprimée : user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2832594"); Supprimée : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Jun 08 2011 17:02:42 GMT+02[...] Supprimée : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Supprimée : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Jun 21 2011 09:36:49 GMT+0200"); Supprimée : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Supprimée : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true); Supprimée : user_pref("CommunityToolbar.alert.locale", "en"); Supprimée : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Supprimée : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Jun 21 2011 11:20:37 GMT+0200"); Supprimée : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); Supprimée : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Supprimée : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Supprimée : user_pref("CommunityToolbar.alert.showTrayIcon", false); Supprimée : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Supprimée : user_pref("CommunityToolbar.alert.userId", "{81011630-84af-43f4-a6f1-12950a7dc93c}"); Supprimée : user_pref("CommunityToolbar.globalUserId", "02bb05b9-1c5f-4dab-a847-2fcecf13864d"); Supprimée : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Supprimée : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Supprimée : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jun 13 2012 11:42:1[...] Supprimée : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Supprimée : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jun 15 2012 20:15:48 GMT+020[...] Supprimée : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Supprimée : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true); Supprimée : user_pref("CommunityToolbar.notifications.locale", "en"); Supprimée : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Supprimée : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jun 15 2012 20:15:40 GMT+0200"); Supprimée : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Supprimée : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Supprimée : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Supprimée : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Supprimée : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Supprimée : user_pref("CommunityToolbar.notifications.userId", "fed14401-a690-4ae3-8291-9b676919fb62"); Supprimée : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon May 30 2011 01:55:15 GMT+0200"); Supprimée : user_pref("ConduitEngine.BrowserCompStateIsOpen_155966543099408607", true); Supprimée : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Jun 21 2011 11:20:40 GMT+0200"); Supprimée : user_pref("ConduitEngine.FirstServerDate", "12/23/2010 10"); Supprimée : user_pref("ConduitEngine.FirstTime", true); Supprimée : user_pref("ConduitEngine.FirstTimeFF3", true); Supprimée : user_pref("ConduitEngine.HasUserGlobalKeys", true); Supprimée : user_pref("ConduitEngine.Initialize", true); Supprimée : user_pref("ConduitEngine.InitializeCommonPrefs", true); Supprimée : user_pref("ConduitEngine.InstalledDate", "Wed Dec 15 2010 08:42:50 GMT+0100"); Supprimée : user_pref("ConduitEngine.IsMulticommunity", false); Supprimée : user_pref("ConduitEngine.IsOpenThankYouPage", false); Supprimée : user_pref("ConduitEngine.IsOpenUninstallPage", true); Supprimée : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Jun 21 2011 11:20:40 GMT+0200"); Supprimée : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Jan 17 2011 14:34:30 GMT+0100"); Supprimée : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Tue Jun 21 2011 18:36:41 GMT+0200"); Supprimée : user_pref("ConduitEngine.PublisherContainerWidth", 45); Supprimée : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Supprimée : user_pref("ConduitEngine.SettingsLastCheckTime", "Tue Jun 21 2011 18:36:41 GMT+0200"); Supprimée : user_pref("ConduitEngine.UserID", "UN07330861858111637"); Supprimée : user_pref("ConduitEngine.counterAppsAdded", 2); Supprimée : user_pref("ConduitEngine.engineLocale", "fr"); Supprimée : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Jun 21 2011 11:20:40 GMT+0200"); Supprimée : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Tue Jun 21 2011 17:36:41 GMT+0200"); Supprimée : user_pref("ConduitEngine.initDone", true); Supprimée : user_pref("ConduitEngine.isAppTrackingManagerOn", true); Supprimée : user_pref("ConduitEngine.usagesFlag", 1); Supprimée : user_pref("browser.search.defaultenginename", "Web Search"); Supprimée : user_pref("browser.search.order.1", "Web Search"); Supprimée : user_pref("browser.search.selectedEngine", "Web Search"); Supprimée : user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/"); -\\ Google Chrome v [impossible d'obtenir la version] Fichier : C:\Users\loubidounet\AppData\Local\Google\Chrome\User Data\Default\Preferences Supprimée : "homepage": "hxxp://www.searchqu.com/", ************************* AdwCleaner[s1].txt - [45303 octets] - [16/06/2012 19:08:53] ########## EOF - C:\AdwCleaner[s1].txt - [45432 octets] ########## à plus domi

salut à toutes et tous mon windows live doit être infecté car d'autres personnes et amies recoivent des messages de moi en anglais et là je n'arrive plus à me connecter correctement que faire ?? merci voici un tit rapport Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011 Run by loubidounet at 30/10/2011 01:44:35 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v7.0.6002.18005 MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut) ---\\ Windows Product Information Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : MQ3CQ Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2814 MB (51% free) System Restore: Activé (Enable) System drive C: has 106 GB (36%) free of 286 GB ---\\ Logged in mode ~ Computer Name: NOTREPC ~ User Name: loubidounet ~ All Users Names: loubidounet, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\loubidounet\AppData\Roaming\ ~ %Desktop% : C:\Users\loubidounet\Desktop\ ~ %Favorites% : C:\Users\loubidounet\Favorites\ ~ %LocalAppData% : C:\Users\loubidounet\AppData\Local\ ~ %StartMenu% : C:\Users\loubidounet\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 106 Go of 286 Go) D:\ CD-ROM drive (Not Inserted) E:\ Floppy drive, Flash card reader, USB Key (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.24/09/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.C9551BC170B717B5C9BAEEE972BF3409] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/10/2011 - 17:15:15.) -- C:\Windows\system32\wininet.dll [834048] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.24/09/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.20/08/2008 - 04:05:52.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.15/06/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.24/09/2009 - 07:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.24/09/2009 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.15/06/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/09/2009 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/06/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.24/09/2009 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/09/2009 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.24/09/2009 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.24/09/2009 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 5/1585 ~ Mes musiques (My Musics) : 266/736 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 2/31 ~ Mes Documents (My Documents) : 65/3105 ~ Mon Bureau (My Desktop) : 1/4 ~ Menu demarrer (Programs) : 7/30 ~ Scan Hidden Files in 00mn 03s ---\\ Processus lancés [MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.] [MD5.7AF5A466CF4AECA28E3DCBCF5B6FD220] - (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [PID.2044] [MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3722416] [PID.352] [MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.852] [MD5.CB2B9EB1447D8A264E46948DF46C1212] - (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [1038136] [PID.1820] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2136] [MD5.B30476357EA885420BDFB9A26EE97816] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872] [PID.2232] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2272] [MD5.0B82EFCF8D6CA4B6AD91154DDBCD575A] - (.FreeDownloadManager.ORG - Free Download Manager.) -- C:\Program Files\Free Download Manager\fdm.exe [3399727] [PID.4176] [MD5.F14219FC767F1383526AB423F278A8E3] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [210520] [PID.4260] [MD5.FEDDD3579FEE51A9873D856DF3933C68] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [151552] [PID.4964] [MD5.D03EE270D6D1A47C06845F04A80A413D] - (.Yahoo! Inc. - Yahoo! Messenger Tray.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe [79160] [PID.5404] [MD5.DF105989C770C6AB43970A2CC0B9561A] - (.Pas de propriétaire - Logiciel Wallpaper.) -- C:\Program Files\Wallpaper\Wallpaper.exe [233472] [PID.2252] [MD5.4E5585800B561FBEF64B27425365A36F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [PID.4560] [MD5.83F4BA8B8CDA4F063AA2002955A508A9] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.4444] [MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [696320] [PID.2068] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5764] [MD5.24A4AD50C9B79C47DA3414B82B94C71C] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.1.) -- C:\Windows\system32\nvvsvc.exe [196608] [PID.] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.] [MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768] [PID.] [MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.] [MD5.B95CCACA32C821547AC666DC867F0552] - (.Carbonite, Inc. (www.carbonite.com) - Carbonite Secure Backup Engines.) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [1699784] [PID.] [MD5.C5052FB77AA42ED440F9F6B4E37145A9] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [869672] [PID.] [MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.] [MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.] [MD5.4999D340B0D6B3E47666CF5E25C9C8F3] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [447784] [PID.] [MD5.DB3D19F850C6EB32BDCB9BC0836ACDDB] - (.Microsoft Corporation - Service de cliché instantané de volumes Mic.) -- C:\Windows\system32\vssvc.exe [1055232] [PID.] [MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.] ~ Scan Processes Running in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\loubidounet\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] http://www.google.com'>http://www.google.com ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\prefs.js C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\user.js M3 - MFPP: Plugins - [loubidounet] -- C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\searchplugins\bing.xml M3 - MFPP: Plugins - [loubidounet] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [loubidounet] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [loubidounet] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [loubidounet] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [loubidounet] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [loubidounet] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [loubidounet] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [loubidounet - iopyguum.default] http://www.searchqu.com'>http://www.searchqu.com M2 - MFEP: prefs.js [loubidounet - iopyguum.default\engine@conduit(37).com] [] Conduit Engine v3.3.0.19 (.Conduit Ltd..) M2 - MFEP: prefs.js [loubidounet - iopyguum.default\engine@conduit(54).com] [] Conduit Engine v3.3.0.19 (.Conduit Ltd..) M2 - MFEP: prefs.js [loubidounet - iopyguum.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..) M2 - MFEP: prefs.js [loubidounet - iopyguum.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [loubidounet - iopyguum.default\{6cba65db-3377-4af1-b6d8-2d57106ad569}(38)] [] InnoGames France Community Toolbar v3.3.0.19 (.Conduit Ltd..) M2 - MFEP: prefs.js [loubidounet - iopyguum.default\{6cba65db-3377-4af1-b6d8-2d57106ad569}(55)] [] InnoGames France Community Toolbar v3.3.0.19 (.Conduit Ltd..) M2 - MFEP: prefs.js [loubidounet - iopyguum.default\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [babylon] myBabylon EnglishBB Community Toolbar v3.7.0.6 (.Conduit Ltd..) M2 - MFEP: prefs.js [loubidounet - iopyguum.default\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}] [] Adobe DLM (powered by getPlus®) v1.6.2.97 (.NOS Microsystems Ltd..) P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Exent Technologies Ltd. - Exent® AOD Gecko Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npExentCtl.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] - (.Yahoo! Inc. - Yahoo Application State Plugin version 1.0.0.7.) -- C:\Program Files\Yahoo!\Shared\npYState.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.the VideoLAN Team - Version 1.1.11, copyright 1996-2011 The VideoLAN Team<br><a href="http.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@yahoo.com/BrowserPlus,version=2.9.8] - (.Yahoo! Inc. - BrowserPlus -- Improve your browser! -- http://browserplus.yahoo.com/.) -- C:\Users\loubidounet\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wuuta.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll R3 - URLSearchHook: YTNavAssist.YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} . (.Yahoo! Inc. - Yahoo! Toolbar Nav Assistant plugin.) (2011, 1, 21, 01) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} . (.Hewlett-Packard Co. - Leo (Framework) - add-on for Internet Explo.) -- C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Packard Bell - BAE.dll.) -- C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- "C:\Program Files\Microsoft\BingBar\BingExt.dll" ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe O4 - HKLM\..\Run: [uSB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [smpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [Wallpaper] . (.Pas de propriétaire - Logiciel Wallpaper.) -- C:\Program Files\Wallpaper\Wallpaper.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe O4 - HKCU\..\Run: [speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe O4 - HKCU\..\Run: [Free Download Manager] . (.FreeDownloadManager.ORG - Free Download Manager.) -- C:\Program Files\Free Download Manager\fdm.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [smpcSys] . (.Packard Bell BV - SmpSys.exe.) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [MsnMsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [Wallpaper] . (.Pas de propriétaire - Logiciel Wallpaper.) -- C:\Program Files\Wallpaper\Wallpaper.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [speech Recognition] . (.Microsoft Corporation - Reconnaissance vocale.) -- C:\Windows\Speech\Common\sapisvr.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [Free Download Manager] . (.FreeDownloadManager.ORG - Free Download Manager.) -- C:\Program Files\Free Download Manager\fdm.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-783858161-2492766651-2310231542-1000\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\loubidounet\Desktop\Documents - Raccourci.lnk . (...) -- C:\Users\loubidounet\Documents O4 - Global Startup: C:\Users\loubidounet\Desktop\NeroStartSmart - Raccourci.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe O4 - Global Startup: C:\Users\loubidounet\Desktop\PhotoFiltre - Raccourci.lnk . (.Antonio Da Cruz.) -- C:\Users\loubidounet\Downloads\PhotoFiltre\PhotoFiltre.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\dfrgui.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\dfrgui.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Disk Cleanup.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\cleanmgr.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk . (.PokerStars.) -- C:\Program Files\PokerStars\PokerStarsUpdate.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UNWISE - Raccourci.lnk . (...) -- C:\Program Files\Kinstone digital focus\UNWISE.EXE O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk . (.Yahoo! Inc..) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O4 - Global Startup: C:\Users\loubidounet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\YesMessenger.lnk . (...) -- C:\Program Files\YesMessenger\YesMessenger.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\Windows\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~3\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll O8 - Extra context menu item: Tout télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - (.not file.) - file:\\C:\Program Files\Free Download Manager\dlfvideo.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} . (...) -- C:\Program Files\PokerStars\main.ico O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {58ECB495-38F0-49cb-A538-10282ABF65E7} . (.Hewlett-Packard Co. - Leo (Toolbar Extensions) - add-on for Internet Explorer.) -- C:\Program Files\HP\Smart Web Pr O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {700259D7-1666-479a-93B1-3250410481E8} . (.Hewlett-Packard Co. - Leo (Toolbar Extensions) - add-on for Internet Explorer.) -- C:\Program Files\HP\Smart Web Pr O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~3\Office12\REFBARH.ICO ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{E10D9495-B1C5-4947-8E4A-411DA28ECF1C}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{E10D9495-B1C5-4947-8E4A-411DA28ECF1C}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{C1850DF3-B262-4BDF-9A37-62C62509DEF3}: NameServer = 213.36.80.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{C1850DF3-B262-4BDF-9A37-62C62509DEF3}: NameServer = 213.36.80.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.Google - Google Desktop.) - c:\progra~1\google\google~3\goec62~1.dll ~ Scan AppInit DLL in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: CarboniteService (CarboniteService) . (.Carbonite, Inc. (www.carbonite.com) - Carbonite Secure Backup Engines.) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 178.1.) - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Extension de garantie-loubidounet.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.8E99C96119DCF1207091C45743E03531] [APT] [Extension de garantie-loubidounet] (.Packard Bell BV.) -- C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [V‚rification de la mise … niveau de Carbonite] (...) -- C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{31C4145E-D743-402A-BA3D-832492598766}] (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.) ~ Scan Scheduled Task in 00mn 03s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 8 - (.Pas de propriétaire.) [HKLM] -- AdobeReader O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1} O42 - Logiciel: Browser Address Error Redirector - (.Pas de propriétaire.) [HKLM] -- {3EE33958-7381-4E7B-A4F3-6E43098E9E9C} O42 - Logiciel: Carbonite - (.Carbonite.) [HKLM] -- Carbonite Backup O42 - Logiciel: Carbonite - (.Pas de propriétaire.) [HKLM] -- Carbonite O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Google BAE - (.Pas de propriétaire.) [HKLM] -- GoogleBAE O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: GoogleDesktop - (.Pas de propriétaire.) [HKLM] -- GoogleDesktop O42 - Logiciel: GoogleToolbar - (.Pas de propriétaire.) [HKLM] -- GoogleToolbar O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {B3FED300-806C-11E0-A0D0-B8AC6F97B88E} O42 - Logiciel: HDReg France - (.Acxiom.) [HKLM] -- {0ED40D2A-7131-4FE7-941E-5C329336F712} O42 - Logiciel: HP Customer Participation Program 9.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Deskjet All-In-One Software 9.0 - (.HP.) [HKLM] -- {706BB40A-4102-4c89-8107-DC68C4EBD19B} O42 - Logiciel: HP Imaging Device Functions 9.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart Essential 2.01 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Smart Web Printing - (.Nom de votre société.) [HKLM] -- {415CDA53-9100-476F-A7B2-476691E117C7} O42 - Logiciel: HP Solution Center 9.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {8C6027FD-53DC-446D-BB75-CACD7028A134} O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE} O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM] -- {487B0B9B-DCD4-440D-89A0-A6EDE1A545A3} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: INSTALL - (.Bewan.) [HKLM] -- {34EB32F7-28AD-4757-A0E3-A29E0B131FC7} O42 - Logiciel: Infocentre Rev. 2.0 - (.Pas de propriétaire.) [HKLM] -- Infocentre O42 - Logiciel: Java 6 Update 29 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: KINSTONE USB PC Camera - (.Pas de propriétaire.) [HKLM] -- {41E496B5-47F4-11D6-9BBB-00E0987BB2CD} O42 - Logiciel: Kinstone digital focus - (.Pas de propriétaire.) [HKLM] -- Kinstone digital focus O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Metaboli - (.Pas de propriétaire.) [HKLM] -- METABOLI O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2} O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- Money2005b O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Outlook Social Connector 32 bits - (.Microsoft Corporation.) [HKLM] -- {95140000-004E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit - (.Microsoft Corporation.) [HKLM] -- {95140000-007D-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673} O42 - Logiciel: Microsoft Works 9 SE - (.Pas de propriétaire.) [HKLM] -- works9se O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr) O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {980B9958-1239-4FC5-8C88-AC5650321036} O42 - Logiciel: Nero 8 Essentials - (.Pas de propriétaire.) [HKLM] -- Nero8 O42 - Logiciel: Packard Bell ImageWriter - (.Pas de propriétaire.) [HKLM] -- ImageWriter O42 - Logiciel: Packard Bell LCD Test - (.Pas de propriétaire.) [HKLM] -- LCDTest O42 - Logiciel: Packard Bell Updator - (.Pas de propriétaire.) [HKLM] -- Updator O42 - Logiciel: Picasa 2 - (.Google, Inc..) [HKLM] -- Picasa2 O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: Picasa2 - (.Pas de propriétaire.) [HKLM] -- Picasa_2 O42 - Logiciel: Player Metaboli - (.Pas de propriétaire.) [HKLM] -- {2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7} O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM] -- PokerStars O42 - Logiciel: Protégez vos données - (.Carbonite Inc..) [HKLM] -- Carbonite Setup Lite O42 - Logiciel: Realtek HD Audio V6.0.1.5618 - (.Pas de propriétaire.) [HKLM] -- AUDIO_REALTEK O42 - Logiciel: SeaTools for Windows - (.Seagate Technology.) [HKLM] -- {98613C99-1399-416C-A07C-1EE1C585D872} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{65EA4836-B5A3-4C1D-8883-0C35E471003A} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: SetUp My PC - (.Pas de propriétaire.) [HKLM] -- SETUPMYPC_FR O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004} O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2596560) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2964DDE1-4925-4DF1-AF2C-0A36B3442228} O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027} O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Video NVIDIA V163.96 - (.Pas de propriétaire.) [HKLM] -- VIDEO_NVIDIA_GOB O42 - Logiciel: Wallpaper - (.Silver76.) [HKLM] -- Wallpaper O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {BCF16F16-AC0E-4ABE-A9EF-412CF484BA51} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {C861504E-2F57-4F95-AB0A-C7C7D8E46A4E} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live Provider for Microsoft Outlook Social Connector 32-bit - (.Microsoft Corporation.) [HKLM] -- {95140000-0079-0409-0000-0000000FF1CE} O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF} O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C} O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0} O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live Sync ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {D65F8E34-C050-4E6C-86DB-D2B9075749A0} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Yahoo! BrowserPlus 2.9.8 - (.Yahoo! Inc..) [HKCU] -- Yahoo! BrowserPlus O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger O42 - Logiciel: Yahoo! Software Update - (.Pas de propriétaire.) [HKLM] -- Yahoo! Software Update O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion O42 - Logiciel: YesMessenger 2.5.05 - (.YesMessenger.) [HKLM] -- YesMessenger_is1 O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: ubi.com - (.Pas de propriétaire.) [HKLM] -- {AEDDF5A3-29CE-11D5-A8C2-000102246AAE} ---\\ HKCU & HKLM Software Keys [HKCU\Software\AC3Filter] [HKCU\Software\ALWIL Software] [HKCU\Software\AVAST Software] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\Exent] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Binary Noise] [HKCU\Software\Carbonite] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\DivXNetworks] [HKCU\Software\EoRezo] [HKCU\Software\Exent] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Freeware] [HKCU\Software\FriendFinder] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Gemtek] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\Hot-TV] [HKCU\Software\IM Providers] [HKCU\Software\ItsLabel] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Mediachance] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\PDF Suite 2010] [HKCU\Software\Packard Bell] [HKCU\Software\Policies] [HKCU\Software\Skype] [HKCU\Software\Speed-Downloading] [HKCU\Software\Stdin2] [HKCU\Software\Totem] [HKCU\Software\Trolltech] [HKCU\Software\Ubi Soft] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR SFX] [HKCU\Software\Windows Live Writer] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKLM\Software\ALWIL Software] [HKLM\Software\AVAST Software] [HKLM\Software\AVS4YOU] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Audible] [HKLM\Software\Bandoo] [HKLM\Software\Bewan] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] [HKLM\Software\DivXNetworks] [HKLM\Software\EasyBits] [HKLM\Software\Exent] [HKLM\Software\FreeDownloadManager.ORG] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\Intel] [HKLM\Software\ItsLabel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KINSTONE Corporation] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Maxicours] [HKLM\Software\MiKit4] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NEC Computers International] [HKLM\Software\NOS] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NeroDigital] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\PACKARD BELL] [HKLM\Software\PB_EBAY] [HKLM\Software\PB_FIRSTCHOICE] [HKLM\Software\PB_KODAK] [HKLM\Software\PB_METABOLI] [HKLM\Software\PocketSoft] [HKLM\Software\Policies] [HKLM\Software\RegisteredApplications] [HKLM\Software\SPsoft] [HKLM\Software\SRS Labs] [HKLM\Software\Skink] [HKLM\Software\Sonic] [HKLM\Software\Speed-Downloading] [HKLM\Software\SymDebug] [HKLM\Software\Symantec] [HKLM\Software\TerraVirtual] [HKLM\Software\TrendMicro] [HKLM\Software\UBISOFT] [HKLM\Software\Ubi Soft Entertainment Inc.] [HKLM\Software\Ubi Soft] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\Waves Audio] [HKLM\Software\WholeSecurity] [HKLM\Software\Windows] [HKLM\Software\Yahoo] [HKLM\Software\ZSMC] [HKLM\Software\mozilla.org] [HKLM\Software\webtogo] [HKLM\Software\zbshareware] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 06/09/2011 - 13:52:34 - [169016987] ----D- C:\Program Files\Adobe O43 - CFD: 25/04/2010 - 10:16:54 - [233276460] ----D- C:\Program Files\Alwil Software O43 - CFD: 03/05/2009 - 14:29:48 - [2183952] ----D- C:\Program Files\Babylon O43 - CFD: 19/11/2008 - 19:05:26 - [5785376] ----D- C:\Program Files\Carbonite O43 - CFD: 23/10/2011 - 13:09:32 - [1001064417] ----D- C:\Program Files\Common Files O43 - CFD: 03/11/2008 - 19:43:12 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 28/10/2011 - 13:47:40 - [18300471] ----D- C:\Program Files\Free Download Manager O43 - CFD: 12/02/2011 - 18:20:34 - [186616576] ----D- C:\Program Files\Google O43 - CFD: 19/08/2008 - 19:48:16 - [4719714] ----D- C:\Program Files\HDReg O43 - CFD: 12/02/2011 - 18:48:34 - [130009368] ----D- C:\Program Files\HP O43 - CFD: 04/05/2011 - 09:16:58 - [10941454] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 14/10/2011 - 03:28:10 - [1560887] ----D- C:\Program Files\Internet Explorer O43 - CFD: 23/10/2011 - 13:08:56 - [88600452] ----D- C:\Program Files\Java O43 - CFD: 04/11/2008 - 00:21:44 - [490416] ----D- C:\Program Files\Kinstone digital focus O43 - CFD: 18/11/2009 - 18:34:38 - [4091251] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 10/12/2010 - 16:28:00 - [0] ----D- C:\Program Files\Micro Application O43 - CFD: 22/03/2011 - 22:33:56 - [22828817] ----D- C:\Program Files\Microsoft O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games O43 - CFD: 21/07/2010 - 12:44:36 - [597563650] ----D- C:\Program Files\Microsoft Office O43 - CFD: 14/10/2011 - 03:29:20 - [38412395] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 17/12/2008 - 19:03:32 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 07/11/2008 - 19:59:46 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 07/11/2008 - 19:56:52 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 16/12/2010 - 04:07:06 - [146453974] ----D- C:\Program Files\Microsoft Works O43 - CFD: 27/06/2010 - 03:01:14 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 28/08/2010 - 03:19:42 - [99342446] ----D- C:\Program Files\Movie Maker O43 - CFD: 01/10/2011 - 06:34:16 - [37162556] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 07/11/2008 - 19:59:56 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 03/11/2008 - 20:49:30 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 19/08/2008 - 19:54:08 - [346437459] ----D- C:\Program Files\Nero O43 - CFD: 19/08/2008 - 19:55:24 - [0] ----D- C:\Program Files\NeroInstall.bak O43 - CFD: 04/11/2008 - 00:01:50 - [611696351] ----D- C:\Program Files\Packard Bell O43 - CFD: 15/11/2008 - 18:16:50 - [20188221] ----D- C:\Program Files\Player Metaboli O43 - CFD: 19/11/2009 - 15:13:36 - [56380470] ----D- C:\Program Files\PokerStars O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 19/08/2008 - 19:48:54 - [10614072] ----D- C:\Program Files\Seagate O43 - CFD: 11/11/2009 - 22:45:14 - [803556] ----D- C:\Program Files\Trend Micro O43 - CFD: 29/10/2009 - 18:24:44 - [9202051] ----D- C:\Program Files\ubi.com O43 - CFD: 29/10/2009 - 18:22:14 - [0] ----D- C:\Program Files\UBISOFT O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 16/07/2011 - 12:14:46 - [12106378] ----D- C:\Program Files\USB Disk Security O43 - CFD: 22/04/2011 - 10:04:22 - [196944] ----D- C:\Program Files\vghd O43 - CFD: 13/12/2008 - 20:08:34 - [84897356] ----D- C:\Program Files\VideoLAN O43 - CFD: 04/11/2008 - 00:21:16 - [1210686] ----D- C:\Program Files\Vimicro O43 - CFD: 06/11/2008 - 21:54:54 - [2682119] ----D- C:\Program Files\Wallpaper O43 - CFD: 25/09/2009 - 03:08:46 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 25/09/2009 - 03:08:46 - [2737152] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 25/09/2009 - 03:08:44 - [4490624] ----D- C:\Program Files\Windows Defender O43 - CFD: 25/09/2009 - 03:08:46 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 09/08/2011 - 06:58:50 - [192254367] ----D- C:\Program Files\Windows Live O43 - CFD: 14/10/2011 - 03:28:10 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 15/10/2010 - 03:21:50 - [4498121] ----D- C:\Program Files\Windows Media Player O43 - CFD: 03/11/2008 - 19:43:12 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 25/09/2009 - 03:08:46 - [13528738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 17/11/2009 - 04:17:56 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 25/09/2009 - 03:08:46 - [7758901] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 10/11/2010 - 04:20:40 - [0] ----D- C:\Program Files\WinRAR O43 - CFD: 03/05/2011 - 15:27:38 - [0] ----D- C:\Program Files\Wireless 802.11g Monitor O43 - CFD: 10/12/2010 - 16:54:48 - [39765848] ----D- C:\Program Files\Yahoo! O43 - CFD: 06/12/2010 - 18:45:02 - [6787346] ----D- C:\Program Files\YesMessenger O43 - CFD: 30/10/2011 - 01:45:00 - [4244451] ----D- C:\Program Files\ZHPDiag O43 - CFD: 06/09/2011 - 13:52:46 - [3606170] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 13/12/2008 - 19:53:36 - [0] ----D- C:\Program Files\Common Files\AVSMedia O43 - CFD: 19/07/2010 - 10:45:54 - [86016] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 05/11/2008 - 18:58:16 - [457237] ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 05/11/2008 - 18:58:46 - [4999856] ----D- C:\Program Files\Common Files\HP O43 - CFD: 15/11/2008 - 18:03:50 - [5231193] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 23/10/2011 - 13:09:32 - [1258951] ----D- C:\Program Files\Common Files\Java O43 - CFD: 09/08/2011 - 06:58:24 - [443707057] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 19/08/2008 - 19:54:40 - [143523079] ----D- C:\Program Files\Common Files\Nero O43 - CFD: 29/10/2009 - 18:24:42 - [662081] ----D- C:\Program Files\Common Files\PocketSoft O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 10/11/2008 - 22:12:24 - [520120] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 21/07/2010 - 12:47:36 - [46328572] ----D- C:\Program Files\Common Files\System O43 - CFD: 17/12/2008 - 18:04:22 - [290506338] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 03/11/2008 - 22:59:16 - [19073310] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD: 06/09/2011 - 15:26:34 - [128654334] ----D- C:\ProgramData\Adobe O43 - CFD: 03/11/2008 - 20:04:10 - [15743140] ----D- C:\ProgramData\Alice O43 - CFD: 25/04/2010 - 10:16:54 - [208277771] ----D- C:\ProgramData\Alwil Software O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 15/11/2008 - 16:50:36 - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 03/11/2008 - 19:43:12 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 19/11/2008 - 19:05:26 - [563393635] ----D- C:\ProgramData\Carbonite O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 21/10/2011 - 15:57:52 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 03/11/2008 - 19:43:12 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 10/12/2010 - 16:28:32 - [1503889] ----D- C:\ProgramData\Google O43 - CFD: 05/11/2008 - 19:03:00 - [5335605] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 08/12/2010 - 19:36:56 - [23663741] ----D- C:\ProgramData\HP O43 - CFD: 02/07/2011 - 10:49:40 - [766] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 12/02/2011 - 18:48:34 - [0] ----D- C:\ProgramData\HPSSUPPLY O43 - CFD: 05/01/2009 - 20:07:24 - [3289456] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 03/11/2008 - 19:43:12 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 22/03/2011 - 22:34:10 - [318268866] -S--D- C:\ProgramData\Microsoft O43 - CFD: 14/10/2011 - 03:09:42 - [245600] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 03/11/2008 - 19:43:12 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 19/08/2008 - 19:54:08 - [5393490] ----D- C:\ProgramData\Nero O43 - CFD: 24/01/2011 - 20:43:36 - [306232] ----D- C:\ProgramData\NOS O43 - CFD: 12/06/2009 - 10:10:08 - [140694] ----D- C:\ProgramData\NVIDIA O43 - CFD: 15/11/2008 - 18:04:24 - [9973670] ----D- C:\ProgramData\Player Metaboli O43 - CFD: 10/12/2010 - 17:49:24 - [39550607] ----D- C:\ProgramData\Skype O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 12/04/2010 - 16:55:52 - [365] ----D- C:\ProgramData\Sun O43 - CFD: 10/11/2008 - 22:11:06 - [260725] ----D- C:\ProgramData\Symantec O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 05/11/2008 - 19:04:28 - [236] ----D- C:\ProgramData\WEBREG O43 - CFD: 01/12/2008 - 21:30:42 - [394526] ----D- C:\ProgramData\WLInstaller O43 - CFD: 10/12/2010 - 16:54:48 - [23721315] ----D- C:\ProgramData\Yahoo! O43 - CFD: 31/03/2011 - 09:03:58 - [202060] ----D- C:\ProgramData\Yahoo! Companion O43 - CFD: 16/07/2011 - 12:14:50 - [0] ----D- C:\ProgramData\Zbshareware Lab O43 - CFD: 14/05/2009 - 20:41:06 - [0] -SH-D- C:\Users\loubidounet\AppData\Roaming\.# O43 - CFD: 06/09/2011 - 13:58:48 - [9229514] ----D- C:\Users\loubidounet\AppData\Roaming\Adobe O43 - CFD: 15/11/2008 - 16:50:36 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\AVS4YOU O43 - CFD: 21/07/2010 - 12:26:34 - [199] ----D- C:\Users\loubidounet\AppData\Roaming\dvdcss O43 - CFD: 02/03/2009 - 19:50:22 - [6694] ----D- C:\Users\loubidounet\AppData\Roaming\EoRezo O43 - CFD: 30/10/2011 - 01:43:26 - [191065] ----D- C:\Users\loubidounet\AppData\Roaming\Free Download Manager O43 - CFD: 04/11/2008 - 15:36:44 - [35458] ----D- C:\Users\loubidounet\AppData\Roaming\Google O43 - CFD: 26/09/2009 - 10:32:24 - [195860] ----D- C:\Users\loubidounet\AppData\Roaming\HP O43 - CFD: 12/02/2011 - 18:38:14 - [65536] ----D- C:\Users\loubidounet\AppData\Roaming\HPAppData O43 - CFD: 11/10/2009 - 17:13:30 - [43997] ----D- C:\Users\loubidounet\AppData\Roaming\HpUpdate O43 - CFD: 03/11/2008 - 19:56:20 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\Identities O43 - CFD: 03/11/2008 - 20:03:18 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\InstallShield O43 - CFD: 23/02/2009 - 19:26:40 - [216472] ----D- C:\Users\loubidounet\AppData\Roaming\ItsLabel O43 - CFD: 03/11/2008 - 22:09:32 - [140745] ----D- C:\Users\loubidounet\AppData\Roaming\Macromedia O43 - CFD: 05/01/2009 - 20:07:30 - [1693206] ----D- C:\Users\loubidounet\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\Media Center Programs O43 - CFD: 17/02/2009 - 07:52:48 - [159] ----D- C:\Users\loubidounet\AppData\Roaming\Media Player Classic O43 - CFD: 06/09/2011 - 13:58:48 - [2189569] -S--D- C:\Users\loubidounet\AppData\Roaming\Microsoft O43 - CFD: 10/11/2008 - 18:14:26 - [64528866] ----D- C:\Users\loubidounet\AppData\Roaming\Mozilla O43 - CFD: 07/11/2008 - 19:49:44 - [228711] ----D- C:\Users\loubidounet\AppData\Roaming\Nero O43 - CFD: 06/11/2008 - 20:00:06 - [37] ----D- C:\Users\loubidounet\AppData\Roaming\Packard Bell O43 - CFD: 19/10/2010 - 18:21:20 - [188] ----D- C:\Users\loubidounet\AppData\Roaming\PDF Software O43 - CFD: 19/10/2010 - 18:31:58 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\PeerNetworking O43 - CFD: 11/05/2011 - 12:24:24 - [1670762] ----D- C:\Users\loubidounet\AppData\Roaming\Skype O43 - CFD: 13/12/2010 - 17:05:24 - [93080] ----D- C:\Users\loubidounet\AppData\Roaming\skypePM O43 - CFD: 03/11/2008 - 19:56:46 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\Symantec O43 - CFD: 01/10/2009 - 18:46:12 - [13824] ----D- C:\Users\loubidounet\AppData\Roaming\Template O43 - CFD: 29/10/2009 - 18:24:50 - [29611] ----D- C:\Users\loubidounet\AppData\Roaming\ubi.com O43 - CFD: 06/10/2009 - 17:52:44 - [30874055111] ----D- C:\Users\loubidounet\AppData\Roaming\vghd O43 - CFD: 21/10/2011 - 16:09:54 - [2876491] ----D- C:\Users\loubidounet\AppData\Roaming\vlc O43 - CFD: 23/02/2009 - 19:26:44 - [2316703] ----D- C:\Users\loubidounet\AppData\Roaming\Wallpaper O43 - CFD: 09/09/2011 - 00:40:54 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\Windows Live Writer O43 - CFD: 07/11/2008 - 19:52:26 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\WinRAR O43 - CFD: 10/12/2010 - 16:56:18 - [546613] ----D- C:\Users\loubidounet\AppData\Roaming\Yahoo! O43 - CFD: 16/07/2011 - 12:14:50 - [0] ----D- C:\Users\loubidounet\AppData\Roaming\Zbshareware Lab O43 - CFD: 06/08/2011 - 15:31:30 - [21231458] ----D- C:\Users\loubidounet\AppData\Local\Adobe O43 - CFD: 13/12/2008 - 22:27:06 - [31048609] ----D- C:\Users\loubidounet\AppData\Local\Ahead O43 - CFD: 03/11/2008 - 19:46:28 - [0] -SH-D- C:\Users\loubidounet\AppData\Local\Application Data O43 - CFD: 19/10/2010 - 18:32:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\Apps O43 - CFD: 21/10/2011 - 15:57:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\eMule O43 - CFD: 10/12/2010 - 16:28:32 - [438103119] ----D- C:\Users\loubidounet\AppData\Local\Google O43 - CFD: 03/11/2008 - 19:46:28 - [0] -SH-D- C:\Users\loubidounet\AppData\Local\Historique O43 - CFD: 08/12/2008 - 19:03:30 - [7732431] ----D- C:\Users\loubidounet\AppData\Local\HP O43 - CFD: 06/09/2011 - 13:58:48 - [822593669] ----D- C:\Users\loubidounet\AppData\Local\Microsoft O43 - CFD: 17/11/2008 - 19:46:30 - [1492871] ----D- C:\Users\loubidounet\AppData\Local\Microsoft Games O43 - CFD: 06/11/2008 - 21:21:18 - [203780] ----D- C:\Users\loubidounet\AppData\Local\Microsoft Help O43 - CFD: 05/11/2008 - 18:41:20 - [246775] ----D- C:\Users\loubidounet\AppData\Local\MigWiz O43 - CFD: 10/11/2008 - 18:14:26 - [709411080] ----D- C:\Users\loubidounet\AppData\Local\Mozilla O43 - CFD: 13/06/2009 - 16:00:56 - [165799114] ----D- C:\Users\loubidounet\AppData\Local\Packard Bell O43 - CFD: 19/11/2009 - 15:27:06 - [888687] ----D- C:\Users\loubidounet\AppData\Local\PokerStars O43 - CFD: 16/08/2011 - 16:20:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\Solid State Networks O43 - CFD: 30/10/2011 - 01:43:06 - [28093858] ----D- C:\Users\loubidounet\AppData\Local\Temp O43 - CFD: 03/11/2008 - 19:46:28 - [0] -SH-D- C:\Users\loubidounet\AppData\Local\Temporary Internet Files O43 - CFD: 04/11/2008 - 00:28:30 - [28398415] ----D- C:\Users\loubidounet\AppData\Local\VirtualStore O43 - CFD: 29/10/2011 - 21:53:20 - [73728] ----D- C:\Users\loubidounet\AppData\Local\Windows Live O43 - CFD: 09/09/2011 - 00:40:58 - [650191] ----D- C:\Users\loubidounet\AppData\Local\Windows Live Writer O43 - CFD: 10/12/2010 - 16:56:18 - [120275] ----D- C:\Users\loubidounet\AppData\Local\Yahoo O43 - CFD: 10/12/2010 - 16:55:06 - [13916710] ----D- C:\Users\loubidounet\AppData\Local\Yahoo! O43 - CFD: 11/10/2011 - 21:34:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{00519BD2-0DD3-4DC7-A73B-1422DF490BA0} O43 - CFD: 10/09/2011 - 11:42:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{00BCB0D8-2697-47CC-B3E3-B1A033D64954} O43 - CFD: 02/09/2011 - 10:47:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{01282DFD-7FCD-4CAC-8F70-67BC01015C53} O43 - CFD: 09/10/2011 - 20:51:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0178B8B5-0FB2-4E89-B4A2-2BA6F1EE6C1C} O43 - CFD: 30/08/2011 - 19:03:50 - [0] ----D- C:\Users\loubidounet\AppData\Local\{02939C59-3FD9-4A6B-B691-CDD9A5CB4115} O43 - CFD: 27/07/2011 - 10:44:50 - [0] ----D- C:\Users\loubidounet\AppData\Local\{035E0262-5EE2-4EE1-9A94-69B82F33BDCA} O43 - CFD: 19/09/2011 - 15:46:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{043C2532-2F37-4E7D-90D5-80FF6D463114} O43 - CFD: 27/09/2011 - 18:43:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{04F8F192-78F6-4F9A-AE7F-0F8D227B85D3} O43 - CFD: 10/08/2011 - 15:39:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{055646D4-165F-4C40-BF76-1731F25D8735} O43 - CFD: 28/09/2011 - 06:43:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{05AB054B-60DE-419E-8A38-F62AD7B6118C} O43 - CFD: 28/07/2011 - 10:45:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{06FEBEF3-4E2A-402B-BF93-62510774B378} O43 - CFD: 12/08/2011 - 15:34:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{070DD428-7E09-4697-9F8A-32D5A4C90F0A} O43 - CFD: 14/10/2011 - 22:12:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{07B18CFE-70CD-4B43-B832-CF260D6C9D8B} O43 - CFD: 21/10/2011 - 22:22:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{07ED317B-1E2B-40A6-915A-DF46ADE02F37} O43 - CFD: 27/10/2011 - 06:41:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{08209FF7-83CC-42D9-A077-1C495CA6E3BD} O43 - CFD: 16/08/2011 - 15:47:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{08A4864B-64E6-4C73-933D-6510A88079F9} O43 - CFD: 14/10/2011 - 22:11:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{090BE12A-1860-4E51-889E-14CC1B4861A6} O43 - CFD: 22/08/2011 - 15:39:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0A346972-A8F0-4BF8-B1C6-059FBE3E1E0B} O43 - CFD: 17/08/2011 - 07:01:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0AB2B107-2092-48C3-890F-E1B1B8E36895} O43 - CFD: 15/09/2011 - 11:50:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0C313FEF-9C95-4289-B701-82CB256E8390} O43 - CFD: 26/10/2011 - 18:40:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0DB7EB42-240E-489B-9901-764461C76B28} O43 - CFD: 17/09/2011 - 13:53:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0DFEA16A-23F6-4280-8123-9CB0376B5CFE} O43 - CFD: 03/10/2011 - 06:54:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0E2E0B65-ED3D-4487-8619-C2B860BF19FD} O43 - CFD: 02/09/2011 - 10:47:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0F141E52-A146-4F54-A972-CE088198452D} O43 - CFD: 15/10/2011 - 22:13:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{0FA98BA6-5E32-48F3-BE67-9736067E96CE} O43 - CFD: 04/10/2011 - 18:55:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{102E61C3-F671-47E1-A1DA-CC4AA17F0F8C} O43 - CFD: 20/07/2011 - 22:33:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{10344C6B-E636-4DDA-8C98-F47C03C11583} O43 - CFD: 22/08/2011 - 03:02:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{10EAE6FB-D61D-4D7C-A4D7-2AC4EEA38B02} O43 - CFD: 26/05/2011 - 08:13:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{10F23615-1641-4CE3-8D71-30C31F0D5148} O43 - CFD: 09/08/2011 - 06:50:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{121669BE-DCF3-43D7-A808-778BE97EC857} O43 - CFD: 29/07/2011 - 10:46:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1275257D-250B-4423-8524-98145EF96773} O43 - CFD: 02/08/2011 - 16:19:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{12EE6D4F-0F7E-4034-9B3D-388A666C645E} O43 - CFD: 22/09/2011 - 18:41:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{12FDB824-F02A-4B1F-9BA4-05AD341212D7} O43 - CFD: 15/10/2011 - 10:12:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1353683E-F537-4F55-B3BA-A3EB21C74BE1} O43 - CFD: 19/10/2011 - 10:18:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{13A4B2E0-5B08-4DE3-862F-ECDBE393E65F} O43 - CFD: 10/09/2011 - 23:43:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{14356607-D8A7-4B76-BFA9-D37311648C8C} O43 - CFD: 04/05/2011 - 08:50:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{14634772-6395-4292-A539-D289207C97B9} O43 - CFD: 29/07/2011 - 22:46:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{14B4392D-B68D-469D-A580-F7ECBF10C92F} O43 - CFD: 29/10/2011 - 09:52:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{14FBAF74-5293-4ECE-9C02-449A2157E5F1} O43 - CFD: 08/09/2011 - 11:39:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{155612CD-374F-49C4-8A2A-36F0AF672A3B} O43 - CFD: 09/08/2011 - 06:50:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{178DCE2C-E6EC-4E6B-91C4-3A768FB8B933} O43 - CFD: 24/08/2011 - 06:58:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{183F98C5-E7A7-4341-907E-C981C6BE4662} O43 - CFD: 05/09/2011 - 23:24:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{18842E74-35CE-4198-BCDE-DE9E345873AD} O43 - CFD: 02/10/2011 - 18:53:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1A76D7C8-3AF4-4D03-A6CD-EE41EB707959} O43 - CFD: 24/10/2011 - 10:25:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1B348394-3FF0-49A4-AE60-8AC06A8EF4B9} O43 - CFD: 11/08/2011 - 06:48:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1B500224-3119-40A4-859E-3CC5FBA078DF} O43 - CFD: 25/08/2011 - 19:00:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1BCE9203-1BFD-449E-B481-2A138033A545} O43 - CFD: 02/09/2011 - 23:19:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1E6526F2-4DED-4FB8-A782-DF1D18929108} O43 - CFD: 27/09/2011 - 18:43:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1F445361-D2CA-4E09-9F0F-D0264888CB9F} O43 - CFD: 26/08/2011 - 19:01:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{1F899F17-D105-48E5-9BD0-7133ABFF1A33} O43 - CFD: 30/09/2011 - 18:50:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2036CCEE-9332-4B4F-AF3F-3BDD1AA54B62} O43 - CFD: 18/10/2011 - 22:17:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{20D808EE-F9C8-4679-BA11-2F7F4B941E6E} O43 - CFD: 06/09/2011 - 23:36:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2121FD07-58D9-4EB8-BC85-491C506AA47B} O43 - CFD: 19/07/2011 - 10:31:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{21B2C78B-27AD-4C13-AD33-1132C4AB9BFD} O43 - CFD: 30/06/2011 - 22:03:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{21D1E4B9-C578-41B3-9147-72AC9A652FFE} O43 - CFD: 11/09/2011 - 23:44:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2232B0F4-8A55-4E15-A0F0-2C936DD778D1} O43 - CFD: 02/08/2011 - 16:19:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{22A868F8-D26C-48B2-ABFE-3217936A94D4} O43 - CFD: 13/09/2011 - 23:48:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{236CFDA4-891F-4A1A-AD24-035191E7C606} O43 - CFD: 10/10/2011 - 21:23:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{24958D91-DAC6-4984-9699-98A3886B5FC7} O43 - CFD: 21/09/2011 - 15:49:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{24983CDD-600D-49A8-B20D-94C815B84B0F} O43 - CFD: 12/10/2011 - 09:35:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2498D5C0-0489-45B1-BB81-C1A36CF30EFC} O43 - CFD: 08/10/2011 - 20:50:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{24F3ABAF-BF28-47C3-847E-515BCE57DF09} O43 - CFD: 01/09/2011 - 10:46:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2534E718-FF29-4B01-9F3C-EC1EAE2B907F} O43 - CFD: 19/08/2011 - 19:04:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{253BF416-3E89-4D7C-9314-F5C5A6309F62} O43 - CFD: 29/08/2011 - 03:02:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{253D7301-3B5A-4238-8E8F-E185C333F8E1} O43 - CFD: 08/06/2011 - 08:49:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{256CCA98-3241-447A-966F-A4244D7FE688} O43 - CFD: 19/10/2011 - 22:19:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{284AF082-9F64-4E99-B8D0-45D865AA9781} O43 - CFD: 15/05/2011 - 09:01:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{29007BE8-B5DA-47C3-891A-611F77CD6FEB} O43 - CFD: 16/06/2011 - 10:05:48 - [0] ----D- C:\Users\loubidounet\AppData\Local\{294C2460-5A73-4460-A04A-071787F906E8} O43 - CFD: 21/07/2011 - 10:34:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{29968C9B-C52D-4B39-97C6-77176DEB01E8} O43 - CFD: 29/08/2011 - 15:03:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2A7B8EDB-0D52-4926-8534-6F344CDF2798} O43 - CFD: 14/09/2011 - 23:49:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2ABB087E-998D-4D0F-92FE-AD47D9549B2D} O43 - CFD: 28/08/2011 - 15:01:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2B67A741-1251-4F65-882D-399E758E1004} O43 - CFD: 07/06/2011 - 08:34:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2BE13F7F-0531-4DCC-B471-9C6C13F30DEF} O43 - CFD: 02/05/2011 - 00:48:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2C90C902-6707-43DC-919E-4B0A6399E28D} O43 - CFD: 28/08/2011 - 15:01:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2D564DBD-B234-47BF-BD2F-3C0A99EC8545} O43 - CFD: 28/06/2011 - 10:00:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2E76CD52-23B1-4B47-A9A7-DD04B2F40065} O43 - CFD: 03/06/2011 - 06:55:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2EC46BFA-8582-419F-ACDC-61A2CA804918} O43 - CFD: 13/10/2011 - 09:43:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2F84B46F-837B-4059-9EDF-A7F4F1AE5B7C} O43 - CFD: 03/10/2011 - 18:54:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{2F8D4E2A-C01D-4F02-87A3-FC9B6B1F2883} O43 - CFD: 22/10/2011 - 22:23:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3098777E-8102-4778-8192-81CD165A08ED} O43 - CFD: 07/07/2011 - 20:37:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3099AAF9-85CF-49B6-A81A-518101EFDC84} O43 - CFD: 20/08/2011 - 09:34:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{30AA29D4-D859-4537-B4C1-4AFB43F5A86D} O43 - CFD: 23/08/2011 - 18:48:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{31D5CBE0-5149-493E-9AE6-EE8EBA438AFC} O43 - CFD: 16/10/2011 - 10:14:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{31F12E8C-AF17-4A03-A2CB-9424DE371D55} O43 - CFD: 12/07/2011 - 21:30:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{326A4B94-384A-4A99-90E4-9208F834AA77} O43 - CFD: 05/06/2011 - 07:30:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{328F6783-5C83-46D3-B646-D35B57A44111} O43 - CFD: 19/08/2011 - 07:03:50 - [0] ----D- C:\Users\loubidounet\AppData\Local\{32F49FE5-A389-429C-9F5F-386CA8E7DCAE} O43 - CFD: 18/07/2011 - 22:31:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{33683613-7035-4936-9372-5B206DCF66DA} O43 - CFD: 27/07/2011 - 22:45:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{33A6B353-25A6-4A21-997E-4DBD6FE43F4C} O43 - CFD: 14/07/2011 - 09:32:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{341E5EBE-A32F-46A7-B05C-7E8F91FDC4D1} O43 - CFD: 10/10/2011 - 21:23:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3460FDDD-865E-428F-A3A6-C1F8FA311C5C} O43 - CFD: 30/09/2011 - 06:49:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{349228D1-BAC3-43DE-B270-46A1576AB299} O43 - CFD: 24/07/2011 - 10:41:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3602CBFC-E161-4E18-B233-8A6AF7F1F5AE} O43 - CFD: 09/09/2011 - 23:41:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3705A9DD-149E-4CB2-8283-49791648DC99} O43 - CFD: 14/09/2011 - 23:50:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{37CC8A3B-42F5-454C-B328-3FAE443C55CB} O43 - CFD: 25/07/2011 - 22:42:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{387F906F-B9EA-4B51-ADD5-FEFF2E25CFB9} O43 - CFD: 24/10/2011 - 22:26:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{396237EA-CAC1-45D5-843D-C5BE9443F11B} O43 - CFD: 14/08/2011 - 22:21:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{39993ECB-9E18-407E-8A31-0622C02B6CB5} O43 - CFD: 11/08/2011 - 18:48:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{399C30A2-8AAE-43CD-87A9-A0136DA371A8} O43 - CFD: 25/05/2011 - 07:24:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3B21E6E3-E251-47FD-973F-E778069627F0} O43 - CFD: 28/10/2011 - 18:44:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3B2C0A2E-6963-4A4B-9AD3-AB5FADA27077} O43 - CFD: 12/09/2011 - 11:45:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3D913A39-3CC5-44F4-9072-DFE4F5295C2F} O43 - CFD: 21/06/2011 - 10:29:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3E4DAE6A-540C-4D54-95FE-4A7CE61C4DB9} O43 - CFD: 19/09/2011 - 01:56:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3F88CD43-8A57-45FC-B48D-0D994DD9ED24} O43 - CFD: 01/10/2011 - 06:51:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{3F9C6BBA-F91E-4E1D-96A9-BD66FED5D98E} O43 - CFD: 20/10/2011 - 10:19:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{40396885-2FE2-4910-B269-F66F888FB5C6} O43 - CFD: 14/07/2011 - 21:33:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4076C6E7-9FC1-4716-B753-876AC2CD9341} O43 - CFD: 06/08/2011 - 15:11:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{408F0B86-B55B-49E1-BC12-704BBB2BFD54} O43 - CFD: 22/09/2011 - 06:41:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{40D2DE78-CA7F-428E-A630-8EE7318EA822} O43 - CFD: 27/09/2011 - 06:42:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{41331AB2-266C-43B9-A3AF-49846DE4BDE2} O43 - CFD: 11/10/2011 - 21:34:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{42D69B6B-9B8C-4A60-B25A-A3AB91B3E59D} O43 - CFD: 15/08/2011 - 22:34:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{432A72F7-CEA1-4573-9FF9-5B8414492AD2} O43 - CFD: 07/06/2011 - 20:35:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{436ED7F9-527D-48AC-9A9C-AAE760400DE4} O43 - CFD: 18/10/2011 - 22:17:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{43EA79B6-766C-4BB4-B328-48F613BA8AD2} O43 - CFD: 07/10/2011 - 08:46:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4426FF6B-9EB7-483E-A3AF-DB333B587110} O43 - CFD: 19/06/2011 - 10:26:50 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4507F07A-49E7-40C9-85E0-2B13B81D1263} O43 - CFD: 27/08/2011 - 11:10:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4577CA39-AEAE-4D7E-A525-F0CB364F2573} O43 - CFD: 18/08/2011 - 19:03:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{45B25C91-0C80-4E42-AFAE-A93F9A0823CF} O43 - CFD: 10/06/2011 - 21:37:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{45D02D7B-7217-4C6C-8CE1-E76A5086A7D1} O43 - CFD: 21/08/2011 - 15:01:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{45D2AD54-91B5-490A-80EB-269685191AA0} O43 - CFD: 16/08/2011 - 15:46:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{45E9876D-7E5B-4AA5-B9A5-07EE84F5223D} O43 - CFD: 11/10/2011 - 09:33:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{46C2CA6A-21A8-4DA4-8055-CF8766047718} O43 - CFD: 26/07/2011 - 10:43:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{472F1B6B-29E5-40A6-9077-BAB348CD9602} O43 - CFD: 08/09/2011 - 11:39:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{477F21EB-9C18-4CC3-BD8D-2320D000E25F} O43 - CFD: 22/07/2011 - 22:39:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4782D71D-B082-4212-B8F3-20DE4F196D00} O43 - CFD: 22/08/2011 - 15:39:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{479FE21A-AADE-4B20-8828-41CD8CB0255F} O43 - CFD: 20/10/2011 - 10:19:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{47BC4F63-B7EA-43F3-8A93-AAC047B3413F} O43 - CFD: 15/10/2011 - 22:13:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4834B030-8166-40B7-91A7-5AC83CE87C18} O43 - CFD: 10/09/2011 - 23:42:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4A1C78A3-F5FE-40EA-B249-BD97902CB75C} O43 - CFD: 28/05/2011 - 08:23:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4A49668B-5434-494C-B273-0DC00A3466B8} O43 - CFD: 10/10/2011 - 09:22:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4B13A4E7-E36F-4FF7-90CB-174F0D5606DB} O43 - CFD: 23/09/2011 - 19:09:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4B32E1A5-45F8-449D-B0D7-327DDF4D6822} O43 - CFD: 21/10/2011 - 10:21:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4BD456CE-62AA-43E2-AAFD-D84E1A9722C1} O43 - CFD: 07/10/2011 - 20:48:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4BFCBC18-7517-470D-98AE-1DF5F0409C42} O43 - CFD: 06/09/2011 - 11:35:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4C140F8E-BA89-488F-BE3E-E4FA79E5CA21} O43 - CFD: 05/09/2011 - 23:24:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4C6BB456-5A13-4ACF-8AB2-FB9BD322DB87} O43 - CFD: 25/09/2011 - 09:47:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4DDBFDA3-B8DD-4BAF-82CB-807282229628} O43 - CFD: 23/10/2011 - 22:24:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4E1EB2F1-481A-4597-A95E-C3D898C59445} O43 - CFD: 28/08/2011 - 03:01:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4E4CE944-2EA5-49DA-9EB9-E55DE543FE18} O43 - CFD: 01/10/2011 - 18:51:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4E7041A4-8F3E-479F-874F-34924743A6EA} O43 - CFD: 30/09/2011 - 06:49:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4F3D445D-C5CD-4738-85B7-8C09DD1D9D2A} O43 - CFD: 19/08/2011 - 07:03:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4F7CE9BC-690E-44F1-AB09-C0BFAD3C6407} O43 - CFD: 09/09/2011 - 11:40:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{4F800297-1001-4095-A062-11FEAC0F34A9} O43 - CFD: 09/10/2011 - 08:50:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{509FBCF1-5401-407B-A786-558593E44910} O43 - CFD: 22/09/2011 - 18:42:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{50EAA466-E1CA-42B4-AE58-1D559F64C91E} O43 - CFD: 27/09/2011 - 06:42:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{531FF634-31AD-4DFA-A7C5-951ED9FF47AE} O43 - CFD: 29/10/2011 - 21:53:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{53357671-5C97-4D5C-AC44-7C6F945B87C4} O43 - CFD: 17/09/2011 - 13:53:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{535423D2-0E36-4ACA-817C-7730FF371C4A} O43 - CFD: 10/09/2011 - 11:41:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{53FFE332-0D8D-41C4-A707-37480D34F3FE} O43 - CFD: 06/09/2011 - 11:35:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{553DD67F-B3DD-47FA-B5EF-281AE5B30171} O43 - CFD: 26/06/2011 - 09:57:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{55BE5BE4-9FAC-47E7-9B22-4AC146EC312F} O43 - CFD: 21/09/2011 - 03:48:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5637EBEE-4B9C-4F50-B212-29429AE900DC} O43 - CFD: 02/10/2011 - 06:52:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{569D34F0-B0FC-47DE-83E3-E5FC767BB7B1} O43 - CFD: 12/09/2011 - 23:46:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{56B54B03-5E59-4AEC-B8A3-6ABCC076B313} O43 - CFD: 20/07/2011 - 10:33:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5823BE2C-5878-4CE6-8821-FA1693E8EC29} O43 - CFD: 19/09/2011 - 01:55:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{583AB0CB-5855-4E0E-BE8C-849C8FECF26F} O43 - CFD: 17/10/2011 - 22:16:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{590F073C-7464-4BB3-8A64-ABD1D0CB64DE} O43 - CFD: 17/08/2011 - 19:02:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{59505C8F-28BF-44CB-9F3C-4EA6CC1CA94B} O43 - CFD: 13/08/2011 - 21:47:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{59587D5D-CD66-4EFC-BBC6-2E4B672D8704} O43 - CFD: 18/08/2011 - 19:03:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{59EC0E1A-266F-4B14-B864-668E508E8A8D} O43 - CFD: 23/09/2011 - 19:09:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5A040BA0-DD07-4288-8465-1AA83DF5E4F3} O43 - CFD: 19/06/2011 - 22:27:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5A54FD81-182B-44B9-AE80-72A7384ADB36} O43 - CFD: 07/09/2011 - 11:38:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5AAF1AFA-B25C-4EB1-919B-F642A4157419} O43 - CFD: 11/06/2011 - 09:38:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5AFB0CB8-BCCD-4BF0-8650-57FBF26D1D5F} O43 - CFD: 05/10/2011 - 06:56:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5B213F42-691C-4FD8-9CF1-C3D0A732A62C} O43 - CFD: 07/10/2011 - 08:47:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5B3F7A7B-9E52-4EB3-B833-1FD9E148E4E4} O43 - CFD: 18/07/2011 - 09:48:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5B4107D0-4583-44A0-82DF-689D78754B35} O43 - CFD: 21/06/2011 - 22:30:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5CF4751C-2DBB-499F-8484-E022DD4CCFD8} O43 - CFD: 25/06/2011 - 21:56:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5D282C8A-1D2C-403A-894F-A1817A9A844A} O43 - CFD: 18/08/2011 - 07:02:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{5D57DB84-7F9F-43F4-B710-62ED00530A50} O43 - CFD: 29/06/2011 - 22:02:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{60502C6A-3FA4-4E67-8A2E-6D5FF2C556D5} O43 - CFD: 09/08/2011 - 19:10:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{60B866D9-BBF3-4DFC-A448-85468918F8D7} O43 - CFD: 04/09/2011 - 11:21:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{60FF2471-D653-41C2-90F3-7017437E2040} O43 - CFD: 10/10/2011 - 09:23:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{616DC1CE-2617-406F-B5D9-E6BD2B9B3F6B} O43 - CFD: 05/10/2011 - 18:58:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{622C0A5B-EA7D-42F2-A108-FB04133EB5D8} O43 - CFD: 17/06/2011 - 10:24:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{623D5F3B-9E3A-45CD-B772-A71A8B927F77} O43 - CFD: 20/08/2011 - 09:34:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{624B3CE8-6E61-42BD-9FA9-81973A6DFAFE} O43 - CFD: 29/08/2011 - 15:03:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6290069C-3694-42E9-92B1-3E3A47D3E65D} O43 - CFD: 04/10/2011 - 18:56:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{62F727FF-C5CE-4675-9039-CD8CDA14C613} O43 - CFD: 25/07/2011 - 10:42:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{639752B7-7DA3-4BDC-B01D-09EA2A836251} O43 - CFD: 28/10/2011 - 06:43:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{65CB01EC-D768-4A8E-AB80-A54ED5D26663} O43 - CFD: 27/10/2011 - 18:42:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{660544F0-80A6-4BB7-88D6-41004D4EDFBF} O43 - CFD: 04/07/2011 - 21:48:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{668F1DEC-56DE-45DA-B711-E6362CE922C8} O43 - CFD: 09/06/2011 - 08:55:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{668FF057-FFBC-4BEC-B168-7E949DB3A1E9} O43 - CFD: 16/07/2011 - 21:46:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{66A2797B-438D-447B-8053-91968A9277F9} O43 - CFD: 05/09/2011 - 11:23:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{66DA97CE-B6D5-4B3B-8242-021468C31881} O43 - CFD: 11/09/2011 - 11:43:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6816E861-D02C-47AC-BAC7-5EBA1E3EE048} O43 - CFD: 03/09/2011 - 23:21:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{68B040A0-F779-451C-82B7-CA5AB0DE936A} O43 - CFD: 16/05/2011 - 09:15:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{694536CC-5129-45D3-94D5-30AA0666F3B0} O43 - CFD: 14/08/2011 - 10:21:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{694BFA72-BBDE-4827-8AA1-4EBD093D8B6F} O43 - CFD: 17/09/2011 - 11:53:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{69617798-C2E6-42FC-B62C-A3F227FE3881} O43 - CFD: 01/05/2011 - 00:48:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6A91EF77-A368-4A21-ABE2-E67AE90D51F8} O43 - CFD: 13/07/2011 - 09:31:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6AF4F822-698F-41B4-9564-94B8F02AE648} O43 - CFD: 10/07/2011 - 09:26:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6B4E8934-D8F3-4893-9392-5DA2545B74E0} O43 - CFD: 25/09/2011 - 21:48:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6BFFB184-6A88-428A-9840-BFB8FA196020} O43 - CFD: 26/09/2011 - 17:17:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6C1F7334-5258-43A0-8D82-654ED67E5BB4} O43 - CFD: 04/09/2011 - 23:23:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6D0532FD-2DD0-4ABE-BE84-105761E8A113} O43 - CFD: 29/09/2011 - 06:48:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6DF743A3-AD14-4273-B598-C494AA47C578} O43 - CFD: 15/06/2011 - 09:12:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6E3F1000-C6A8-45BB-9755-DD46DC852BC2} O43 - CFD: 12/06/2011 - 23:21:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6E85613C-9686-4589-9F3D-E79D07D407C2} O43 - CFD: 27/06/2011 - 21:59:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6ED6CDC6-A94D-4B8D-B9D2-7957CBF2E13D} O43 - CFD: 11/06/2011 - 21:38:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6F128184-75C6-44CD-85C5-099CEF8C0DF4} O43 - CFD: 08/10/2011 - 08:49:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6F265895-5106-456D-A5FA-FB3F4D8B2911} O43 - CFD: 29/10/2011 - 21:52:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{6F52ECBA-6A92-42C1-9ECF-BD39F013CD0D} O43 - CFD: 15/07/2011 - 21:34:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{700A40FA-8140-4AAB-AE16-0602E48430C5} O43 - CFD: 15/10/2011 - 10:12:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{707C018F-5B20-413A-8AB9-1B741BFEE934} O43 - CFD: 30/08/2011 - 07:03:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{70817E12-5A39-4E74-9864-BE3C1E0536B0} O43 - CFD: 01/10/2011 - 06:51:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7272D50F-50F4-4085-9DC5-7B9F17B33B0C} O43 - CFD: 25/06/2011 - 09:55:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{73612ED9-A49D-4376-8DAF-5B75FBA570FA} O43 - CFD: 29/09/2011 - 18:49:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{737C3050-D372-4FD2-8B81-E962D0F03F10} O43 - CFD: 24/09/2011 - 21:32:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{74640119-3BF5-480D-8336-E8B207AE94C2} O43 - CFD: 07/09/2011 - 23:38:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{74C715FE-606D-4E59-ADBA-3EEF901B6282} O43 - CFD: 10/06/2011 - 09:36:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{753CE60E-C687-4984-954B-3EBFEF6F89AF} O43 - CFD: 02/08/2011 - 06:47:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{75F91BA4-1BBF-473E-A31B-8AE45950B9A8} O43 - CFD: 15/09/2011 - 23:51:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{76441786-6EDF-4B30-B9C9-C1CC60298BCE} O43 - CFD: 17/08/2011 - 07:01:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{764CD3E5-045C-44A5-B861-6B66227FB2B5} O43 - CFD: 01/09/2011 - 10:46:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{77C6F010-AC2D-49DA-94B4-BBFEBCA116FB} O43 - CFD: 21/08/2011 - 15:01:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7878429E-B494-4CF0-A55F-9163013A7CD3} O43 - CFD: 21/08/2011 - 03:00:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{78B25D87-A51C-489E-AC05-71A9582974EF} O43 - CFD: 03/09/2011 - 23:21:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{78C8715C-7D18-4C3F-BC0A-37ED909B0B86} O43 - CFD: 09/06/2011 - 20:55:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{78C9E3DC-DD0B-47E4-AFE0-4A911EDABA71} O43 - CFD: 09/08/2011 - 19:10:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{796F5992-1AFC-4FA8-9C21-7385629995FC} O43 - CFD: 03/07/2011 - 21:47:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{79B3DFEC-6C87-4D12-A282-2E5F37ACCB41} O43 - CFD: 22/08/2011 - 03:02:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{79C1C06A-9472-42CC-9D66-41A5D5341BD6} O43 - CFD: 04/10/2011 - 06:55:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7A698A09-D162-4AD6-81EE-462539204880} O43 - CFD: 16/10/2011 - 22:14:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7B705C6B-EA29-4BA1-9573-77AEEB916F18} O43 - CFD: 15/09/2011 - 11:50:48 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7BC5A6D2-004E-453A-ACEC-C52FA6C82B83} O43 - CFD: 02/10/2011 - 18:53:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7D974D03-C9F1-4927-9436-920DDFDBD72E} O43 - CFD: 29/04/2011 - 10:53:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7DE0090B-F4E2-4CC2-AAD5-A1194E73C29B} O43 - CFD: 25/08/2011 - 06:59:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{7EC84B80-9897-4DE4-8862-D09FDE2FA400} O43 - CFD: 13/09/2011 - 23:47:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{805A90DD-4CD2-4BFA-A0CA-70FCB8FDCB6E} O43 - CFD: 08/07/2011 - 08:37:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8066653F-38CC-48FE-81F7-71CFEF65B109} O43 - CFD: 06/09/2011 - 23:36:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{806E82EC-105B-4ADD-AEDE-A635767D6F8C} O43 - CFD: 27/10/2011 - 18:42:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{80C92270-697F-4222-8C5A-64D4C2E7379B} O43 - CFD: 23/07/2011 - 22:40:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8204F3A7-D082-4165-AFF6-027414070C68} O43 - CFD: 19/09/2011 - 15:46:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{82F9E178-B866-44D7-9A26-14044E5154E5} O43 - CFD: 01/07/2011 - 10:04:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8362CA3E-A8F9-4693-9C27-675A6DA4FD45} O43 - CFD: 24/09/2011 - 09:31:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8415E2A3-87E6-4EBD-863E-E9CC90A70959} O43 - CFD: 20/09/2011 - 03:46:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{848A61C6-3FDE-4190-9E02-253A7439E4BB} O43 - CFD: 19/08/2011 - 19:04:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{849064ED-26A8-44F9-8CE6-46B3ACECC1F0} O43 - CFD: 08/10/2011 - 08:48:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{84E6898B-A00F-4EC7-8275-D1238DF3BA4F} O43 - CFD: 22/07/2011 - 10:39:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8509BCD1-D2A7-47FC-9317-40848A6591F7} O43 - CFD: 12/09/2011 - 11:45:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{85435C65-52CE-4781-A964-AAF1F68061C9} O43 - CFD: 14/08/2011 - 10:20:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{867C9B6E-0961-4FC7-BE88-2AFA361CB605} O43 - CFD: 29/09/2011 - 06:48:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8914F31F-A229-4A70-A3DF-9524C22FB71C} O43 - CFD: 25/10/2011 - 15:55:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{895A34B1-11CF-4FD3-8C99-70556E25DE83} O43 - CFD: 13/07/2011 - 21:31:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{896C3785-EEFE-460D-921D-256F9277A67D} O43 - CFD: 15/08/2011 - 22:33:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{89F275E7-18EC-4294-ADB8-8A2FE34EE1A1} O43 - CFD: 13/10/2011 - 21:44:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{89FA6DA6-F374-41BE-BC9A-5191DEACD4DB} O43 - CFD: 27/04/2011 - 10:32:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8A6B02E9-78DB-4BAE-A971-C2A6A5FA2312} O43 - CFD: 28/09/2011 - 18:44:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8B09314D-4C40-42AE-8B4F-4C524505CB33} O43 - CFD: 27/06/2011 - 09:58:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8C92393B-44C3-4EAA-B69A-5DEAA66AF768} O43 - CFD: 29/04/2011 - 22:53:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8CED0E22-B102-41F5-8CFC-D097CDC3B73E} O43 - CFD: 31/08/2011 - 22:45:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8D217428-2859-4558-A32B-A9EFFB8F5DB5} O43 - CFD: 25/08/2011 - 06:59:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8D825166-000B-4966-A6CB-7582F42845A0} O43 - CFD: 18/06/2011 - 22:26:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8D9E800B-4A54-4D74-8EBF-29FB50B33680} O43 - CFD: 14/09/2011 - 11:48:48 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8EA8CB5D-3B29-4255-9612-0D2D6E4B13EA} O43 - CFD: 25/04/2011 - 21:57:50 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8F00CD7D-B217-46D0-B98C-FA013CF3EF7B} O43 - CFD: 29/06/2011 - 10:01:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8F08D295-00DC-4D87-81F3-79676832D667} O43 - CFD: 30/08/2011 - 07:03:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{8F68FE50-9626-4B9E-A4A5-0ED5E2BEA455} O43 - CFD: 23/06/2011 - 22:32:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{900DB140-FFF3-42D7-9BE9-5E80D88DB9EC} O43 - CFD: 11/08/2011 - 18:48:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{91EB3CF8-2E3D-4DB5-8B20-7BCF80DF70FB} O43 - CFD: 15/09/2011 - 23:51:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{92B07AFD-FEB9-4A49-9D7F-39EB0FCC98E9} O43 - CFD: 05/10/2011 - 18:57:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{92FA3B6C-AF1C-4EFF-8CCF-0C796B460F85} O43 - CFD: 30/07/2011 - 23:01:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9411E7BB-3326-4308-901C-E1975120EA5B} O43 - CFD: 12/06/2011 - 11:21:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{956E9CBC-A6CE-44C4-9DAA-334A9670E010} O43 - CFD: 22/10/2011 - 22:23:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{95D93409-52CA-45EA-81C0-D52D9D26070C} O43 - CFD: 13/08/2011 - 21:47:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{96BE358B-301D-4C53-B785-813F27852B53} O43 - CFD: 06/10/2011 - 18:59:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{96E90409-FE52-4E48-949B-A4629A79F63C} O43 - CFD: 15/06/2011 - 21:12:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{97EEF67C-183C-400E-89C8-702252755CAF} O43 - CFD: 18/09/2011 - 01:54:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9804C11E-9350-4AAF-9108-4EF01D0C4373} O43 - CFD: 12/10/2011 - 21:36:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{983AD7BE-8C6C-4D05-9BBF-774A4E97593C} O43 - CFD: 28/07/2011 - 22:45:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{988F75C2-E745-43D3-AE8E-0EF68793308C} O43 - CFD: 24/10/2011 - 22:25:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9A3549E5-B7D1-4825-BB72-9E553EE1947E} O43 - CFD: 14/10/2011 - 10:11:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9B310FE6-0681-46E0-9C0B-5CCEF0FF6F67} O43 - CFD: 22/09/2011 - 06:41:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9B996CAC-B6D1-42BB-8BBA-DD2C77C79373} O43 - CFD: 26/10/2011 - 18:40:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9BE46919-1A9B-4C85-80B0-BF9019825949} O43 - CFD: 22/05/2011 - 06:49:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9C56C5DE-4547-4F12-96CD-FDB9BA4549FC} O43 - CFD: 11/09/2011 - 23:44:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9C817CA0-6966-40D2-AE0C-2F86CD57BC2E} O43 - CFD: 31/08/2011 - 10:45:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9C8AE00E-601C-4EBC-A39C-A9E8A1B0ADD6} O43 - CFD: 10/07/2011 - 21:27:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9C9AA12F-0353-46F7-82AE-FBF08C647EF7} O43 - CFD: 21/08/2011 - 03:01:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9E16AAF6-A134-4A1E-BAC5-9C5F61872226} O43 - CFD: 14/06/2011 - 21:11:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9F0C7135-A93E-4AB1-8217-03422202A174} O43 - CFD: 26/04/2011 - 22:32:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9F6B733A-C3BA-497F-8E99-CBA77B3B777A} O43 - CFD: 17/08/2011 - 19:01:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{9FE20AC9-B10B-4862-B248-129BEFFD478E} O43 - CFD: 06/06/2011 - 20:33:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A14A9D3B-D14F-402F-ADAE-671AEA3D058A} O43 - CFD: 06/08/2011 - 15:11:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A1B886C6-0846-40BE-8937-1EAC47C23095} O43 - CFD: 01/05/2011 - 12:48:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A224502E-5049-4477-BB9D-B3838FF0C105} O43 - CFD: 13/10/2011 - 09:42:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A286DF09-381A-4B86-80C1-02820CE77AC9} O43 - CFD: 20/10/2011 - 22:20:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A37A298C-C13C-491C-834A-8CC62DAB4DC9} O43 - CFD: 31/07/2011 - 11:02:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A48A2E39-800E-4DB5-95E9-AAFD79E523FF} O43 - CFD: 27/08/2011 - 11:10:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A4E3D882-5957-4894-80C4-85885FFE4CE5} O43 - CFD: 31/08/2011 - 22:45:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A520D53F-BBC0-4347-9FE1-9A8003B2C3E3} O43 - CFD: 16/09/2011 - 11:52:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A5F7AF33-06DF-4427-8FA7-681D8EA0CC5D} O43 - CFD: 09/10/2011 - 20:51:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A740037D-D8D6-4E21-B03A-E9FBB1E78167} O43 - CFD: 14/05/2011 - 09:01:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A7B46D2D-11DC-4A8F-AD43-7F9B74A51C3A} O43 - CFD: 16/09/2011 - 11:52:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A82277E5-F676-4E15-9332-EEAB64538C21} O43 - CFD: 28/04/2011 - 22:53:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A89B2BED-61BE-4390-9A5A-3F64A5805DE8} O43 - CFD: 26/06/2011 - 21:57:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A9776A18-42B8-419E-84DA-01D85D9FB6CD} O43 - CFD: 28/04/2011 - 10:52:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A98C9D5D-E351-4324-A0C3-023149D414FA} O43 - CFD: 24/08/2011 - 18:58:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{A9C59328-E0F0-4B16-BDD5-3D1AA2612A54} O43 - CFD: 04/07/2011 - 09:48:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{AB2746C3-F70C-45E2-9FF5-37369C8476E2} O43 - CFD: 05/07/2011 - 23:05:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{AB27C128-0950-4682-9CA0-AE2AB19F4395} O43 - CFD: 31/08/2011 - 10:44:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{AB8583A9-2BE1-46C2-87D8-EE4E89AED387} O43 - CFD: 16/09/2011 - 23:53:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ACA79C4C-5135-4BC5-B40C-C13269496877} O43 - CFD: 04/09/2011 - 11:21:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ACEF73B7-1446-4A52-8B9E-6BCD7E2BFBCF} O43 - CFD: 11/07/2011 - 09:28:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ADA45313-3A92-4EF9-B7C2-3076C869FB61} O43 - CFD: 18/06/2011 - 10:25:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ADCF1611-17A5-461B-93C5-ECD3CE1D9984} O43 - CFD: 22/10/2011 - 10:22:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ADF927F4-23FD-4214-84A9-666EBF115D47} O43 - CFD: 05/09/2011 - 11:23:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{AF8CC594-BFA7-47F8-97FF-E063D361A224} O43 - CFD: 22/06/2011 - 22:31:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{AFA74CEC-F5EF-4C28-8CFC-BA94A5C7974E} O43 - CFD: 14/09/2011 - 11:49:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{AFDA8608-1E97-42CC-9F89-0D0D6BBD7864} O43 - CFD: 08/09/2011 - 23:39:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{AFDF10E9-3A9C-4749-9F80-E43B4EA85AA2} O43 - CFD: 15/07/2011 - 09:33:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B0CFC203-4097-4580-98B5-EA7EB02A7684} O43 - CFD: 09/09/2011 - 11:40:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B133D4E4-B1CD-4041-8194-F660D31D64D7} O43 - CFD: 26/10/2011 - 06:40:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B1AD4A58-6FD1-423D-8A4C-4AE3CCDDEB2A} O43 - CFD: 26/05/2011 - 20:14:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B1E63AAD-61A6-49B6-86D3-99EC3CC86424} O43 - CFD: 05/06/2011 - 02:30:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B2048FFB-8CDA-499B-925F-BB793514FEDE} O43 - CFD: 01/08/2011 - 15:44:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B21D451D-6060-4F77-A11F-436FD01AC57E} O43 - CFD: 25/09/2011 - 21:48:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B271E66A-F3A9-460C-ADD6-B0DE5CC2D88D} O43 - CFD: 28/09/2011 - 06:44:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B38EDEB1-ABF1-43DE-BEDA-AF716160DCF8} O43 - CFD: 20/09/2011 - 15:47:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B4D02B9A-BEDB-439A-8D1A-B9D4DE71A640} O43 - CFD: 23/09/2011 - 07:09:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B4D274C6-9EF2-42C9-9DBD-5C31024DB386} O43 - CFD: 14/08/2011 - 22:21:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B503D0E8-3378-4133-ABAC-47D473FCDD0E} O43 - CFD: 11/08/2011 - 06:47:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B54525AA-6A53-4981-9D9D-159E44B17EEC} O43 - CFD: 26/04/2011 - 09:58:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B5D6ACC4-492E-4C55-A7FB-5F59AEAC2AFD} O43 - CFD: 22/10/2011 - 10:22:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B64543CE-40F2-474A-A6EA-0D427F4A1FBA} O43 - CFD: 05/07/2011 - 09:49:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B6C3D7FD-2AD9-48DD-A164-68F58CA31D6A} O43 - CFD: 03/10/2011 - 06:53:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B6DCC187-0E67-4BAD-87C5-E77D83DB3E58} O43 - CFD: 13/09/2011 - 11:46:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B6F8BAEE-9FF0-406C-B17F-01753A0AC589} O43 - CFD: 23/08/2011 - 06:47:48 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B738EE6E-41B5-4288-901D-F14A5F98C4F4} O43 - CFD: 04/09/2011 - 23:22:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B7F4B1FB-D0B0-42C3-86FC-491CE884CC2E} O43 - CFD: 17/06/2011 - 22:24:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B84BB2CD-2A54-4EAE-AA57-18AC4E45266A} O43 - CFD: 21/10/2011 - 10:21:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B8C9B9EC-C5F9-481C-8981-9C7581507C5B} O43 - CFD: 03/08/2011 - 16:44:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{B9DB8AF2-E5DA-47AE-9129-F86C278A2DE9} O43 - CFD: 19/10/2011 - 10:18:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BB29FC6B-AB48-4947-8F0B-C0C098B2725B} O43 - CFD: 30/08/2011 - 19:04:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BC801F07-9479-4579-B317-BD7066C43F73} O43 - CFD: 23/07/2011 - 10:40:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BC954FB1-48B3-4C25-86CE-82737F0AE336} O43 - CFD: 25/09/2011 - 09:47:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BCC27D1E-48E8-4B24-AF19-7685E633DDC5} O43 - CFD: 30/09/2011 - 18:50:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BCD83088-9054-4631-8B09-A33CD88A37B6} O43 - CFD: 24/09/2011 - 21:31:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BD06E2DD-5A88-41B4-B842-A58196F05363} O43 - CFD: 23/06/2011 - 10:32:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BD6A3849-5036-4F79-889B-BA7645B9A7DD} O43 - CFD: 03/05/2011 - 00:49:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BE03F645-D96C-42D5-8C1D-01986924072A} O43 - CFD: 24/09/2011 - 09:31:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BE56C0FA-198A-474E-9DA3-C18E6B6128F6} O43 - CFD: 16/10/2011 - 22:14:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BE7A31BA-C8E1-460B-B3A9-D7308A5FDD09} O43 - CFD: 10/08/2011 - 15:39:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{BEA70EA0-FB94-48A4-8483-65B2408689F6} O43 - CFD: 14/10/2011 - 10:11:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C21F1A71-FA9F-4E47-AB77-6EB2CF9937CC} O43 - CFD: 20/09/2011 - 15:47:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C23A79DF-BAFB-4815-96A9-F3634D345C7E} O43 - CFD: 07/09/2011 - 11:37:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C260273B-5688-494C-9EDC-8E3AA638B20C} O43 - CFD: 23/10/2011 - 22:24:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C27C7CF4-3883-4F7E-AF17-1D06871353CE} O43 - CFD: 06/10/2011 - 06:58:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C305ED89-6305-447F-81B8-514A2559AD41} O43 - CFD: 26/08/2011 - 07:01:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C4174FC9-F8AF-4647-95C9-7A474573A9FF} O43 - CFD: 21/09/2011 - 03:48:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C41A1BEF-5363-42AA-8A43-6F7E709211A8} O43 - CFD: 20/10/2011 - 22:20:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C4AED01E-AAE7-47BD-97B5-CA239FEF0BE5} O43 - CFD: 19/07/2011 - 22:32:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C4E6A21F-B02D-43AC-8871-B576CC16D8D2} O43 - CFD: 19/10/2011 - 22:18:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C561FED9-FFE9-4C8D-BBAE-9822C20E85E9} O43 - CFD: 18/08/2011 - 07:02:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C663E23D-38B0-4B35-9A9A-195729DA231F} O43 - CFD: 16/07/2011 - 09:36:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C68DD851-FD5C-4E1A-9406-86AB905F4702} O43 - CFD: 01/07/2011 - 22:05:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C6A2CCD2-FC37-49FF-9AAC-5A76265FB25D} O43 - CFD: 05/06/2011 - 19:30:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C6B83C00-8C8C-4ACD-89EA-DDDAB6EAD1F6} O43 - CFD: 01/09/2011 - 22:46:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C6C238D7-35A7-4123-BC56-50618BB2F239} O43 - CFD: 08/10/2011 - 20:49:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C74499A2-A0EC-406C-8176-2FE51F378366} O43 - CFD: 23/10/2011 - 10:24:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C7B72C99-066D-47B2-81F5-0284411B567F} O43 - CFD: 16/10/2011 - 10:14:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C80988F5-D193-46F4-9CE9-7A95786C4C82} O43 - CFD: 17/10/2011 - 10:15:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C821B57E-1AB5-4552-BC70-FF6A8C9175C0} O43 - CFD: 09/08/2011 - 07:10:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{C9D857F5-87EF-46AA-82BA-A43B5008FA91} O43 - CFD: 12/08/2011 - 15:34:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CA774874-31A1-4F80-AE8E-FA76F669A542} O43 - CFD: 05/10/2011 - 06:57:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CAC705AA-BDA6-4B6C-8C01-EA0D91AE2DC0} O43 - CFD: 18/09/2011 - 01:54:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CACD06D3-2A41-43BD-A4A7-FE162959F698} O43 - CFD: 20/09/2011 - 03:47:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CACEE38C-D5C7-460F-A0BA-637AAE622EAF} O43 - CFD: 04/10/2011 - 06:55:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CADEA8E7-E2DC-4BAA-8A06-CDD2D84D1833} O43 - CFD: 09/07/2011 - 21:20:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CB12AC3B-47C5-4FE3-8730-537C99B22221} O43 - CFD: 12/10/2011 - 21:35:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CB204613-893C-4ACD-9E8C-91AC965AF257} O43 - CFD: 20/06/2011 - 22:28:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CBEEF456-0E9A-4745-9CFF-501A9E158BF5} O43 - CFD: 27/04/2011 - 22:52:14 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CC265F01-A5B3-454A-80E0-536886CCD149} O43 - CFD: 13/10/2011 - 21:43:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CC6BE982-583A-4040-A637-D261ECCE3B7E} O43 - CFD: 09/09/2011 - 23:41:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CCEC75C3-7933-4077-9DEE-2D68A071E4BE} O43 - CFD: 11/10/2011 - 09:33:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CCF65EEB-4FB5-4509-B8E0-2D7AACDD5DD3} O43 - CFD: 25/10/2011 - 15:55:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CD343A88-5CD1-4812-A95F-8E6B70166979} O43 - CFD: 03/07/2011 - 09:46:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CD6CEA10-0F5E-4636-B6C1-BBA98AAF96ED} O43 - CFD: 23/09/2011 - 07:09:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CDF04FED-3946-48B4-9A0E-E31E2044BD16} O43 - CFD: 24/10/2011 - 10:25:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CE3FBD8E-4F64-4779-9CD8-347CF878A65C} O43 - CFD: 18/10/2011 - 10:16:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CE60A0F1-B60E-4E2F-9747-2531D6AD2535} O43 - CFD: 18/10/2011 - 10:16:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CE8647CF-B164-43D0-98B3-77CEDCE32DEC} O43 - CFD: 08/06/2011 - 21:09:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CE940CC5-4D1E-4C26-A7D7-C209A2C2E88F} O43 - CFD: 21/07/2011 - 22:34:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CF3E8E1B-EE93-4BE5-BF43-C7D0CAB58DE9} O43 - CFD: 07/10/2011 - 20:47:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{CFCE14E8-0516-4471-8C9F-3D0B66E24BF5} O43 - CFD: 31/07/2011 - 23:02:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D10B8858-F0AD-4E2E-AEF4-6C09F5A1AF8C} O43 - CFD: 22/06/2011 - 10:31:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D10EE360-9555-428E-9AFF-D88620B2DCFF} O43 - CFD: 15/08/2011 - 10:32:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D1438EDC-D56F-4E40-AFFE-45D37D6F766A} O43 - CFD: 28/08/2011 - 03:00:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D1A94F41-242A-44A9-8655-94802FAD5B1C} O43 - CFD: 28/09/2011 - 18:44:48 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D2E059DA-64BA-4532-9012-40E992BF34B6} O43 - CFD: 24/08/2011 - 06:58:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D2FB5942-09E6-4BD1-8C2D-05F6645FE8A5} O43 - CFD: 25/04/2011 - 09:57:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D3902CEC-0354-4939-AE6F-A83855B9500B} O43 - CFD: 28/10/2011 - 18:44:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D448E193-B04D-45C7-A046-0641F92DE232} O43 - CFD: 24/07/2011 - 22:41:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D49B12F7-7D8C-4029-A0F5-F46DEA0970ED} O43 - CFD: 30/04/2011 - 10:54:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D5837210-1E5F-4E3E-98E9-42FC579CCCA8} O43 - CFD: 08/07/2011 - 20:38:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D693AB15-3BE0-470E-87C1-C54B60BEEDE5} O43 - CFD: 06/06/2011 - 08:33:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D7CD6B29-F388-417C-8134-EA527AF3E6ED} O43 - CFD: 25/08/2011 - 19:00:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D83D9025-C5B2-4654-92E2-9042AB4B8BE5} O43 - CFD: 11/09/2011 - 11:43:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D877A49D-F156-441C-A490-3520FCD7D164} O43 - CFD: 02/05/2011 - 12:48:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{D90F861B-FFFE-4065-812F-E10FDF8406C5} O43 - CFD: 23/10/2011 - 10:23:54 - [0] ----D- C:\Users\loubidounet\AppData\Local\{DA418E1B-DDD8-4622-9F61-B2DCBBCB3353} O43 - CFD: 04/05/2011 - 06:41:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{DB2C85D4-D42D-46E4-814C-1BEEC414D0A1} O43 - CFD: 21/09/2011 - 15:48:48 - [0] ----D- C:\Users\loubidounet\AppData\Local\{DB9C046C-1525-4C11-A732-AC59D44F13D1} O43 - CFD: 30/07/2011 - 10:47:18 - [0] ----D- C:\Users\loubidounet\AppData\Local\{DBC3F07B-4841-4B75-8AAA-C3161087EC73} O43 - CFD: 11/07/2011 - 21:28:48 - [0] ----D- C:\Users\loubidounet\AppData\Local\{DDC01F6B-6356-44E9-B13A-48A02AB6C494} O43 - CFD: 16/06/2011 - 22:06:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{DE4A46A7-B9C4-4C6A-B4D0-0DC9E6C8B0B8} O43 - CFD: 03/09/2011 - 11:20:32 - [0] ----D- C:\Users\loubidounet\AppData\Local\{DE9CA1C6-E8B0-46DC-86F9-9E8744CDDB77} O43 - CFD: 06/10/2011 - 06:58:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E07C1DE2-93AE-4836-A7F6-10ECF30DE78B} O43 - CFD: 26/09/2011 - 17:18:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E0CF8EB1-7775-4D6D-A60C-5D654827D5AD} O43 - CFD: 29/09/2011 - 18:48:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E14DEE9C-9F49-4B36-B29E-AC7C3C6CCB90} O43 - CFD: 28/10/2011 - 06:43:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E16A5985-604C-41A2-B9EF-237E0A29609D} O43 - CFD: 02/10/2011 - 06:52:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E195A382-A7D2-49EB-BFD1-B658D7A0FB11} O43 - CFD: 17/09/2011 - 11:53:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E1B8B377-7BAE-4585-AF9E-015314D7DD82} O43 - CFD: 09/10/2011 - 08:50:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E24D6CF4-170C-4AC1-BFC3-78E5D4D70F8A} O43 - CFD: 15/08/2011 - 10:33:10 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E2D0F15A-39E5-4102-AB72-F5E74BCEF3D0} O43 - CFD: 17/10/2011 - 10:15:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E3E8D488-01AE-486D-B195-4FEB4C7745A1} O43 - CFD: 12/09/2011 - 23:46:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E410ECA3-3EA9-4EBD-A95E-AC0C813E7CF0} O43 - CFD: 23/08/2011 - 18:48:34 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E46011A7-9FEC-4D44-8187-B425D8B1015B} O43 - CFD: 29/08/2011 - 03:02:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E562C546-7AB8-4BA4-AC13-88C47D392EAA} O43 - CFD: 14/06/2011 - 09:10:28 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E5AD75F9-F284-4A9B-A202-EB423E3BC396} O43 - CFD: 07/09/2011 - 23:38:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E821AB4B-B633-444D-B43D-D391A1C6DBC3} O43 - CFD: 27/10/2011 - 06:42:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E92B37FF-6D42-4CA9-B793-DF6B060444FB} O43 - CFD: 26/10/2011 - 06:39:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E96B2D06-F007-4BE1-ACC7-A2D9BC6DC778} O43 - CFD: 17/07/2011 - 21:47:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{E9F6AF05-9AF7-4AF3-A8C4-B8CC576D470D} O43 - CFD: 29/10/2011 - 09:52:04 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EA78CA0B-FF47-4776-B78F-FD73B8C6A63B} O43 - CFD: 16/09/2011 - 23:52:58 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EAE40B09-B5E2-4E0E-94F6-3AD327283FCC} O43 - CFD: 09/08/2011 - 07:10:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EB085A7A-180A-412F-B2E8-F5CC254DD53B} O43 - CFD: 18/09/2011 - 13:55:30 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EC6C1997-B6FF-47D1-A112-724964F9EC1F} O43 - CFD: 28/06/2011 - 22:00:50 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ECA4476F-72CA-438F-B84B-FAB1AE387F90} O43 - CFD: 23/08/2011 - 06:47:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ED3DC5D3-6431-4382-B9F5-F55C471AA6A2} O43 - CFD: 30/06/2011 - 10:02:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ED434838-AE9E-4996-B098-615B03554D18} O43 - CFD: 17/10/2011 - 22:16:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{ED6EF5E7-06F1-4272-B720-32332F16EB33} O43 - CFD: 26/08/2011 - 07:00:56 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EE1953C7-E06E-46D0-A1CD-4654E7851AC4} O43 - CFD: 13/05/2011 - 15:03:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EE587610-F620-4201-B1CC-C20FDAEEB1D9} O43 - CFD: 29/05/2011 - 08:39:44 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EE8DBC51-9F44-4871-A41A-65BFE5927078} O43 - CFD: 24/04/2011 - 21:57:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EF0B6A9C-D9D8-461F-85AF-807F97877BB8} O43 - CFD: 12/07/2011 - 09:29:36 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EFBAB111-BD78-44D7-93A7-CA19CC95A9E8} O43 - CFD: 06/10/2011 - 18:59:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{EFFFD531-B238-4607-B96A-5482BE7FD67A} O43 - CFD: 24/08/2011 - 18:59:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F113FB43-702C-40B8-8B31-3A05DF0E42CD} O43 - CFD: 17/07/2011 - 09:47:24 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F396252E-5332-4D3C-9BA8-0FF467AA3C92} O43 - CFD: 20/06/2011 - 10:28:12 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F5EDB185-3E31-4A4D-93C8-BE4520C72CA4} O43 - CFD: 03/09/2011 - 11:20:42 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F5F66C70-59DF-4845-90A3-B3C56CD3B952} O43 - CFD: 09/07/2011 - 09:19:46 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F7532148-1D21-49E4-B13F-42EB0C828CD4} O43 - CFD: 13/08/2011 - 09:46:26 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F776DB84-E320-446F-8C5F-D7207F6121CA} O43 - CFD: 08/09/2011 - 23:40:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F7997AFF-4347-453C-A4C5-D7ED5ED66889} O43 - CFD: 03/10/2011 - 18:54:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F7B68B4D-F195-42DF-AABE-70CE5C36E237} O43 - CFD: 13/08/2011 - 09:46:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F8235BEC-0C8F-4C7A-8B4C-83AAF4BDE453} O43 - CFD: 03/08/2011 - 16:44:22 - [0] ----D- C:\Users\loubidounet\AppData\Local\{F8EA885B-99EB-425A-B6BB-E377BF3CE0E8} O43 - CFD: 07/07/2011 - 08:37:00 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FAC3A56D-D725-4DFB-9FC4-42ADEC1F8E03} O43 - CFD: 26/07/2011 - 22:44:16 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FB556F21-D25A-4BA3-8065-3F03BE1B014A} O43 - CFD: 26/08/2011 - 19:01:38 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FB66F44D-B70A-4106-91DF-3D9B953C806F} O43 - CFD: 01/10/2011 - 18:52:02 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FB746209-B9DC-4820-AB56-957DBBFCBD56} O43 - CFD: 21/10/2011 - 22:21:50 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FC88FC4B-25A9-468C-9004-06535F5E0032} O43 - CFD: 02/09/2011 - 23:20:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FD3AF143-82FA-43AB-AF15-7673634D1981} O43 - CFD: 18/09/2011 - 13:55:20 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FDEAC932-B3E5-4527-A83A-957DA8F5AEF2} O43 - CFD: 01/09/2011 - 22:47:08 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FE5A74F0-6E98-4012-913C-6B37607B9236} O43 - CFD: 12/10/2011 - 09:34:52 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FEC05430-0BCD-4989-9499-498F65E3D61E} O43 - CFD: 13/09/2011 - 11:47:06 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FF297A2B-642E-4375-9628-BF9C6212FF41} O43 - CFD: 03/05/2011 - 12:49:40 - [0] ----D- C:\Users\loubidounet\AppData\Local\{FFE81598-5207-48D1-BA9A-70A27F4D36BC} ~ Scan Program Folder in 00mn 28s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.9F20C126DF5FBEAD7110282A8C2424A5] - 30/10/2011 - 00:24:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1350403] O44 - LFC:[MD5.8E5BBBBB4B6AE29C0B075FB681A3B95F] - 29/10/2011 - 19:59:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.C5A3E269666AC11FE7D2EDF9C8A42A95] - 29/10/2011 - 08:55:48 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1495948] O44 - LFC:[MD5.01B6F1180D690E462791B2357E7A58DC] - 29/10/2011 - 08:55:48 ---A- . (...) -- C:\Windows\system32\perfc009.dat [103872] O44 - LFC:[MD5.A214C2FBA015FB7431C3A31E6A91AA7B] - 29/10/2011 - 08:55:48 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [126420] O44 - LFC:[MD5.60E033BEE23B9FA0AF1E2C19EF23D980] - 29/10/2011 - 08:55:48 ---A- . (...) -- C:\Windows\system32\perfh009.dat [595798] O44 - LFC:[MD5.15A0128892CCA7A4C5ED11056AF3A224] - 29/10/2011 - 08:55:48 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [678804] O44 - LFC:[MD5.D248D0DB24D9E01AA7F2E42A9758E8C0] - 23/10/2011 - 12:08:58 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_29-b11.log [3075] O44 - LFC:[MD5.E68FB7BADEB2EC88E9EFEBA485EED294] - 17/10/2011 - 12:07:51 ---A- . (...) -- C:\Windows\PFRO.log [182480] O44 - LFC:[MD5.9FB1EA143509CF6EAF7680E602135F92] - 14/10/2011 - 02:30:38 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [381624] O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 10/10/2011 - 08:22:45 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [414368] O44 - LFC:[MD5.AFBF77A659ABEA37EBE3994656970CF2] - 03/10/2011 - 04:06:16 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [157472] O44 - LFC:[MD5.9225A1067BC2858575B9787BB3ECC4FD] - 03/10/2011 - 04:06:15 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [145184] O44 - LFC:[MD5.9D1379B60113E70C75592B02538E84D6] - 03/10/2011 - 04:06:14 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [145184] O44 - LFC:[MD5.3107D5460A32130EAFE9BEAA12EE2251] - 03/10/2011 - 04:06:03 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [472808] ~ Scan Files in 00mn 04s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.voxacm160"="vct3216.acm" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\Windows\system32\vct3216.acm O52 - TDSD: \Drivers32\"msacm.scg726"="scg726.acm" . (.SHARP Corporation - SHARP G.726 ACM Audio Decoder.) -- C:\Windows\system32\scg726.acm O52 - TDSD: \Drivers32\"msacm.alf2cd"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\Windows\system32\alf2cd.acm O52 - TDSD: \Drivers32\"msacm.ac3acm"="AC3ACM.acm" . (.fccHandler - AC-3 ACM Decompressor.) -- C:\Windows\system32\AC3ACM.acm O52 - TDSD: \Drivers32\"vidc.dvsd"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\system32\mcdvd_32.dll O52 - TDSD: \Drivers32\"vidc.xvid"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivXNetworks, Inc. - DivX Video for Windows Codec.) -- C:\Windows\system32\DivX.dll O52 - TDSD: \Drivers32\"vidc.ffds"="ff_vfw.dll" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"vct3216.acm"="Voxware Compression Toolkit" . (.Voxware, Inc. - Voxware Audio Compression Manager Driver.) -- C:\Windows\system32\vct3216.acm O52 - TDSD: \drivers.desc\"scg726.acm"="Sharp G.726 Audio Decoder" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"alf2cd.acm"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\Windows\system32\alf2cd.acm O52 - TDSD: \drivers.desc\"AC3ACM.acm"="AC-3 ACM Decompressor" . (.fccHandler - AC-3 ACM Decompressor.) -- C:\Windows\system32\AC3ACM.acm O52 - TDSD: \drivers.desc\"mcdvd_32.dll"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\system32\mcdvd_32.dll O52 - TDSD: \drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \drivers.desc\"divx.dll"="DivX 5.0.5 Codec" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"mpg4c32.dll"="MS MPEG-4 v1,2,3 driver 4.1.0.3927" . (...) -- (.not file.) ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 25/04/2010 - 21:36:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568] O58 - SDL:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 25/04/2010 - 21:36:26 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616] O58 - SDL:[MD5.36239E24470A3DD81FAE37510953CC6C] - 25/04/2010 - 21:36:38 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392] O58 - SDL:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 26/04/2011 - 21:38:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200] O58 - SDL:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 25/04/2010 - 21:37:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856] O58 - SDL:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 25/04/2010 - 21:36:36 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.BF79E659C506674C0497CC9C61F1A165] - 19/08/2008 - 03:42:42 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [2432] O58 - SDL:[MD5.2C41CD49D82D5FD85C72D57B6CA25471] - 19/08/2008 - 03:42:42 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [2560] O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.C2B26AF5DA2E31FD3221D2B21FAE6249] - 18/11/2009 - 14:53:50 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [19160] O58 - SDL:[MD5.00C4A0992D4EA5520AC12DB4FD11C3E3] - 18/11/2009 - 14:54:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.91D44AA2A61006136DA32118A179BF12] - 11/05/2007 - 15:40:42 ---A- . (.Ralink Technology Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\system32\drivers\netr73.sys [329728] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.00832A21237BA36901B5A3E499F2E197] - 17/09/2008 - 22:55:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 178.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7379872] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.4876E7C3184BDF50EDE043FEF616B867] - 20/08/2008 - 11:23:20 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor32.sys [115744] O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 23/02/2009 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.219CA9A36D6DE2EC04F958C907673436] - 20/08/2008 - 18:22:50 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2134424] O58 - SDL:[MD5.283392AF1860ECDB5E0F8EBD7F3D72DF] - 02/11/2006 - 08:30:56 ---A- . (.Realtek Corporation - Realtek 8101/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [44544] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.1E41295EAC56589EFD9DC3CA14BF3FEC] - 19/03/2004 - 17:11:22 ---A- . (.VM - Video streaming and Capture Device Driver.) -- C:\Windows\system32\drivers\usbVM31b.sys [90968] O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 13s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 06/09/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 21/01/2008 - C:\Windows\system32\drivers\nvraid.sys - NVIDIA nForce RAID Driver (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) - LEGACY_NVRAID O64 - Services: CurCS - 14/11/2007 - C:\Program Files\Player Metaboli\X4HSX32Ex.sys - X4HSX32Ex(X4HSX32Ex) .(.Exent Technologies Ltd. - X4HSX32Ex Kernel Mode Driver.) - LEGACY_X4HSX32EX ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [loubidounet - iopyguum.default] user_pref("CT1460988.CT1670222.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx? O69 - SBI: prefs.js [loubidounet - iopyguum.default] user_pref("CT1460988.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=2&q="); O69 - SBI: prefs.js [loubidounet - iopyguum.default] user_pref("CT2832594.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2832594&q="); O69 - SBI: prefs.js [loubidounet - iopyguum.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT1670222/CT1460988", "\"1310989086\""); O69 - SBI: prefs.js [loubidounet - iopyguum.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2832594/CT2832594", "\"1292849914\""); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} - (Web Search) - http://www.searchqu.com O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo! Search) - http://fr.search.yahoo.com ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.F257F39EF22CD7BDF3D774C514345F6B] [sPRF][02/01/2009] (...) -- C:\Users\loubidounet\AppData\Local\syeqgkw.bat [96] [MD5.862F2A7BA146DFFB99323D9D69DF064E] [sPRF][12/11/2009] (...) -- C:\Users\loubidounet\AppData\Local\wgpehqa.bat [95] [MD5.0E2281AEC56203CA6A9E1848F7DBDF5A] [sPRF][19/10/2011] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\loubidounet\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe [909088] [MD5.A1A85B616648F17728B002F4A0614966] [sPRF][06/08/2004] (.Microsoft® Corporation - Programme de désinstallation de Money.) -- C:\Users\loubidounet\AppData\Local\Temp\mny431F.exe [45056] [MD5.1108B166160D6023AF76435B074052B6] [sPRF][20/01/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\loubidounet\AppData\Local\Temp\_isC986.exe [455600] [MD5.1108B166160D6023AF76435B074052B6] [sPRF][20/01/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\loubidounet\AppData\Local\Temp\_isE540.exe [455600] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608] [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{72ABE4ED-1AA1-4E95-8BFE-08EF1E3684D2}" | In - Public - P6 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O87 - FAEL: "{D6F4800F-2DE5-4E94-9634-89E93AE68DD4}" | In - Public - P17 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe O87 - FAEL: "TCP Query User{B3BD6BDA-6C4F-4D19-87F5-62ED5F7CF9BA}C:\program files\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{1C1ACBE8-2A97-4E4C-8AFC-B363F43E26FE}C:\program files\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{145F9318-1B9E-4F3C-827F-6BEE8EF95683}C:\program files\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{8529B3BD-AFC2-45B5-B058-4F8D9ED15DB5}C:\program files\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "TCP Query User{18ABD8BB-4402-4997-BE01-6166EAD27958}C:\program files\its label\itstv\itstv.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\its label\itstv\itstv.exe (.not file.) O87 - FAEL: "UDP Query User{A6B74ED9-6DF9-4033-9081-F80A94B777D5}C:\program files\its label\itstv\itstv.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\its label\itstv\itstv.exe (.not file.) O87 - FAEL: "{D91EA0DC-0E9F-43C1-B504-152D2FF843E8}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe O87 - FAEL: "TCP Query User{0CC81136-23E2-4F21-AD2B-D2AEC6949513}C:\users\loubidounet\downloads\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\loubidounet\downloads\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{16D6495E-B3ED-4086-BDFC-4AFBF3ED5D93}C:\users\loubidounet\downloads\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\loubidounet\downloads\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{A0E55C2F-C493-48AA-8561-1435E6EFAB8F}C:\users\loubidounet\downloads\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\loubidounet\downloads\vlc\vlc.exe O87 - FAEL: "UDP Query User{7B68DCEA-F6F9-41F4-9B0D-B23A2A28270F}C:\users\loubidounet\downloads\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\loubidounet\downloads\vlc\vlc.exe O87 - FAEL: "TCP Query User{B68B269C-EF20-4A48-8395-C9CCEA554E1A}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "UDP Query User{25147D35-D38E-44BA-B97B-7169EDB9AA2C}C:\program files\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "{D0462DCF-A2D0-46EC-8343-B8DBE301E277}" |In - Public - P6 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.) O87 - FAEL: "{362FF8D2-8D24-4812-A48C-E479749C3688}" |In - Public - P17 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.) O87 - FAEL: "TCP Query User{060C2AB1-06B4-4459-826A-76AB9E616156}C:\program files\yahoo!\messenger\yahoomessenger.exe" | In - Private - P6 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\program files\yahoo!\messenger\yahoomessenger.exe O87 - FAEL: "UDP Query User{578B105B-1E91-4AE6-8E2E-2424F5472749}C:\program files\yahoo!\messenger\yahoomessenger.exe" | In - Private - P17 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\program files\yahoo!\messenger\yahoomessenger.exe O87 - FAEL: "TCP Query User{B821BA2A-3723-4F8A-A375-3CEAF03033DE}C:\program files\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{C8BC6C0E-5379-4AF6-AA7D-BE7AB27856ED}C:\program files\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{B97925E8-988B-49B1-98F1-44EA09379014}C:\users\loubidounet\downloads\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\loubidounet\downloads\vlc\vlc.exe O87 - FAEL: "UDP Query User{103F9777-0303-46F4-B0D5-A19A3E8F150A}C:\users\loubidounet\downloads\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\loubidounet\downloads\vlc\vlc.exe O87 - FAEL: "TCP Query User{5E694696-F936-490E-A73B-9DEFBFEC20BD}C:\program files\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{CD4B48DD-3131-4D11-83DD-7BE1FD29002A}C:\program files\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe ~ Scan Firewall in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 8786 - (28/10/2011) Clés trouvées (Keys found) : 33 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 9 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.bandoocore] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.bandoocore.1] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.resourcesmngr] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.resourcesmngr.1] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.settingsmngr] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.settingsmngr.1] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.statisticmngr] =>Adware.Bandoo [HKLM\Software\Classes\bandoocore.statisticmngr.1] =>Adware.Bandoo [HKLM\Software\Classes\eorezobho.eobho] =>PUP.Eorezo [HKLM\Software\Classes\eorezobho.eobho.1] =>PUP.Eorezo [HKLM\Software\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8a96af9e-4074-43b7-bea3-87217bda74c8}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{b0d071a1-36b3-4757-a126-14c89c56013a}] =>PUP.Eorezo [HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}] =>PUP.Eorezo [HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{bb76a90b-2b4c-4378-8506-9a2b6e16943c}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}] =>Adware.Bandoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo [HKLM\Software\Bandoo] =>Adware.Bandoo [HKCU\Software\eorezo] =>PUP.Eorezo [HKCU\Software\ItsLabel] =>PUP.ItsLabel [HKLM\Software\ItsLabel] =>PUP.ItsLabel [HKCU\Software\Totem] =>Adware.VirtualGirl C:\Program Files\Babylon =>Toolbar.Babylon C:\Program Files\vghd =>Adware.VirtualGirl C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtuaGirl HD =>Adware.VirtualGirl C:\Users\loubidounet\AppData\Roaming\EoRezo =>PUP.Eorezo C:\Users\loubidounet\AppData\Roaming\ItsLabel =>PUP.ItsLabel C:\Users\loubidounet\AppData\Roaming\vghd =>Adware.VirtualGirl C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\Conduit =>Toolbar.Conduit C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\ConduitEngine =>Toolbar.Conduit C:\Users\loubidounet\AppData\Roaming\Mozilla\Firefox\Profiles\iopyguum.default\Extensions\engine@conduit.com =>Toolbar.Conduit ~ Scan Additionnel in 00mn 08s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 06/09/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 06/09/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SS - | Demand 22/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe SR - | Auto 19/11/2008 1699784 | (CarboniteService) . (.Carbonite, Inc. (www.carbonite.com).) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe SS - | Demand 19/08/2008 29744 | Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe SS - | Auto 19/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 19/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 28/06/2009 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 19/08/2008 869672 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SR - | Demand 19/08/2008 447784 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe SR - | Auto 17/09/2008 196608 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 19/08/2008 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe SR - | Auto 10/12/2010 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe ~ Scan Services in 00mn 09s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by loubidounet at 30/10/2011 01:46:12 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys C:\Windows\system32\drivers\nvstor32.sys NVIDIA Corporation NVIDIA nForce SATA Driver 1 ntkrnlpa!IofCallDriver[0x82E80912] -> \Device\Harddisk0\DR0[0x86BED210] 3 CLASSPNP[0x807BE8B3] -> ntkrnlpa!IofCallDriver[0x82E80912] -> [0x855C8A18] 5 acpi[0x8069B6BC] -> ntkrnlpa!IofCallDriver[0x82E80912] -> \Device\00000054[0x85FBE610] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 11s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by loubidounet at 30/10/2011 01:46:14 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 13s End of the scan (1869 lines in 01mn 39s)(0) ben voilà si une sympa personne peut m'aider ?? car je suis toujours bloqué par hotmail et j'ai des mais qui recoivent de messages de soi disant moi en anglais

LOrsque je branche mon imprimante à mon pc et que je fais imprim, un pavé apparait avec un triangle jaune contenant un ! et inscrit à l'intérieur : communication indisponible, l'imprimante ne peut communiquer avec l'ordinateur. le pavé d'impression me dit que mon imprimante est inactive

bonjour j'ai un portable compacq et je ne peux olus imprimer avec ma lexmark x 2650 j'ai déjà demandé une aide au fournisseur il m'a demandé de faire manip avec windods defender pour enlever sécurité mais toujours même problème que faire, merci d'avance domi

resalut thanos excuses moi mais c'est vrai je n'ai plus de pubs intempestives par contre j'ai du mal à ouvrir certains dossiers où j'ai des fichiers excel et words j'ai éliminé emule et quand je me connecte avec msn n'importe lequel on m'envoie des pages d'autres sites bon j'attends ta réponse et encore merci d'avance bon week end dominik

voilà le dernier rapport jack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:49:05, on 18/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\vghd\vghd.exe C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\vghd\VirtuaGirl_downloader.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Downloads\Software\RSIT.exe C:\Program Files\Trend Micro\HijackThis\loubidounet.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redi...amp;key=IESTART R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKCU\..\Run: [iMC] C:\Program Files\FriendFinder\FriendFinder Messenger 4\imc.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{C1850DF3-B262-4BDF-9A37-62C62509DEF3}: NameServer = 213.36.80.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\google\google~3\goec62~1.dll c:\progra~1\bandoo\bndhook.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe -- End of file - 10978 bytes à plus dominik

voici les logs info.txt logfile of random's system information tool 1.06 2009-11-18 18:49:09 ======Uninstall list====== -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} 802.11g USB Wireless LAN Card-->C:\Program Files\InstallShield Installation Information\{0A043D3C-2471-420B-AD24-94817FE79C5E}\setup.exe -runfromtemp -l0x040c -removeonly Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader* Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001} Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Bandoo-->C:\Program Files\Bandoo\PreUninstall.exe Brain Coaching-->C:\Program Files\Micro Application\Brain Coaching\Desinstaller.exe Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll" Carbonite-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Carbonite* Carbonite-->C:\Program Files\Carbonite\Carbonite Backup\CarboniteSetup.exe /remove eMule-->"C:\Program Files\eMule\Uninstall.exe" Free Download Manager 3.0-->C:\Program Files\Free Download Manager\uninst.exe FriendFinder Messenger v4.1-->MsiExec.exe /I{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A} Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1} Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE* Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH* Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop* GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar* HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712} HijackThis 2.0.2-->"C:\Users\loubidounet\Downloads\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{706BB40A-4102-4c89-8107-DC68C4EBD19B}\setup\hpzscr01.exe -datfile hposcr14.dat HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7} HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3} Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre* INSTALL-->"C:\Program Files\InstallShield Installation Information\{34EB32F7-28AD-4757-A0E3-A29E0B131FC7}\setup.exe" -runfromtemp -l0x040c -pri -wifi -bewan -removeonly Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Kinstone digital focus-->C:\PROGRA~1\KINSTO~1\UNWISE.EXE C:\PROGRA~1\KINSTO~1\INSTALL.LOG KINSTONE USB PC Camera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41E496B5-47F4-11D6-9BBB-00E0987BB2CD}\setup.exe" -l0x9 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Metaboli-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *METABOLI* Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Money-->C:\Users\loubidounet\Downloads\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works 9 SE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9se* Microsoft Works-->MsiExec.exe /I{0214A441-A4AB-43A8-8DEF-2F73C5364673} Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C} Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21} Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3} Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223} Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8* Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter* Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest* Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator* Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Picasa2-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Picasa_2* Player Metaboli-->"C:\Program Files\Player Metaboli\Uninstall.exe" PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars Protégez vos données-->"C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled /uninstall Realtek HD Audio V6.0.1.5618-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK* Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 Satsuki Decoder Pack-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F} Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR* Skype 3.6.2.248-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE* Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} ubi.com-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}\Setup.exe" -l0x40c UNINSTALL-L0x40c -uninst Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331} Update for Outlook 2007 Junk Email Filter (kb975960)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F1AB1BED-7477-4D5A-BD0C-04C2109459A5} VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} Video NVIDIA V163.96-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA_GOB* VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe Wallpaper-->C:\Program Files\Wallpaper\uninst.exe Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B} Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC} Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE YesMessenger 2.3.26-->"C:\Program Files\YesMessenger\unins000.exe" ======Security center information====== AV: avast! antivirus 4.8.1282 [VPS 081114-0] AS: Windows Defender AS: avast! antivirus 4.8.1282 [VPS 081114-0] ======System event log====== Computer Name: notrepc Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 28620 Source Name: Microsoft-Windows-Servicing Time Written: 20090211185523.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: notrepc Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 28588 Source Name: Microsoft-Windows-Servicing Time Written: 20090211185523.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: notrepc Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 28583 Source Name: Microsoft-Windows-Servicing Time Written: 20090211185523.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: notrepc Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 28580 Source Name: Microsoft-Windows-Servicing Time Written: 20090211185523.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: notrepc Event Code: 4376 Message: Servicing a requis un redémarrage pour terminer la définition du package KB948610(Update) à l’état Installation demandée(Install Requested) Record Number: 28576 Source Name: Microsoft-Windows-Servicing Time Written: 20090211185523.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: notrepc Event Code: 8194 Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {4d3927b7-6cad-4c1f-9d0a-4b9aa4506ddc} Record Number: 588 Source Name: VSS Time Written: 20081103183139.000000-000 Event Type: Erreur User: Computer Name: notrepc Event Code: 8194 Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {4d3927b7-6cad-4c1f-9d0a-4b9aa4506ddc} Record Number: 575 Source Name: VSS Time Written: 20081103180409.000000-000 Event Type: Erreur User: Computer Name: notrepc Event Code: 8194 Message: Erreur du service de cliché instantané des volumes : erreur lors de l’interrogation de l’interface IVssWriterCallback. hr = 0x80070005. Cette erreur est souvent due à des paramètres de sécurité incorrects dans le processus du rédacteur ou du demandeur. Opération : Données du rédacteur en cours de collecte Contexte : ID de classe du rédacteur: {e8132975-6f93-4464-a53e-1050253ae220} Nom du rédacteur: System Writer ID d’instance du rédacteur: {4d3927b7-6cad-4c1f-9d0a-4b9aa4506ddc} Record Number: 573 Source Name: VSS Time Written: 20081103180338.000000-000 Event Type: Erreur User: Computer Name: notrepc Event Code: 10 Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé. Record Number: 540 Source Name: Microsoft-Windows-WMI Time Written: 20081103174225.000000-000 Event Type: Erreur User: Computer Name: notrepc Event Code: 1008 Message: Le service Windows Search tente de supprimer l’ancien catalogue. Record Number: 536 Source Name: Microsoft-Windows-Search Time Written: 20081103174222.000000-000 Event Type: Avertissement User: =====Security event log===== Computer Name: notrepc Event Code: 4905 Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : NOTREPC$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x850 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x1081d78c Record Number: 59227 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090213201058.195823-000 Event Type: Succès de l'audit User: Computer Name: notrepc Event Code: 4904 Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : NOTREPC$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x850 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x1081d78c Record Number: 59226 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090213201058.194823-000 Event Type: Succès de l'audit User: Computer Name: notrepc Event Code: 4905 Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : NOTREPC$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x850 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x107d489b Record Number: 59225 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090213200921.881823-000 Event Type: Succès de l'audit User: Computer Name: notrepc Event Code: 4904 Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : NOTREPC$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x850 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x107d489b Record Number: 59224 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090213200921.881823-000 Event Type: Succès de l'audit User: Computer Name: notrepc Event Code: 4905 Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée. Sujet : ID de sécurité : S-1-5-18 Nom du compte : NOTREPC$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 Processus : ID du processus : 0x850 Nom du processus : C:\Windows\System32\VSSVC.exe Source de l’événement : Nom de la source : VSSAudit ID de la source de l’événement : 0x1078c516 Record Number: 59223 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090213200740.699823-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by loubidounet at 2009-11-18 18:48:59 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 170 GB (58%) free of 293 GB Total RAM: 2815 MB (62% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:49:05, on 18/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\vghd\vghd.exe C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\vghd\VirtuaGirl_downloader.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Downloads\Software\RSIT.exe C:\Program Files\Trend Micro\HijackThis\loubidounet.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redi...amp;key=IESTART R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKCU\..\Run: [iMC] C:\Program Files\FriendFinder\FriendFinder Messenger 4\imc.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{C1850DF3-B262-4BDF-9A37-62C62509DEF3}: NameServer = 213.36.80.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\google\google~3\goec62~1.dll c:\progra~1\bandoo\bndhook.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe -- End of file - 10978 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Extension de garantie-loubidounet.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}] HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}] EoBho Class - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-20 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-15 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-20 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-10-21 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-07 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] BandooIEPlugin Class - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2009-09-29 1863616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-07-28 882416] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-20 256112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-05-07 6139904] "Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "Wallpaper"=C:\Program Files\Wallpaper\Wallpaper.exe [2007-08-21 233472] "Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-01-23 4363504] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-01-14 1688872] "Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2008-01-21 49664] "IMC"=C:\Program Files\FriendFinder\FriendFinder Messenger 4\imc.exe [2008-01-14 4053102] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-28 39408] "Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-10-21 3399727] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\loubidounet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe Notification de cadeaux MSN.lnk - C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="c:\progra~1\google\google~3\goec62~1.dll c:\progra~1\bandoo\bndhook.dll " [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2009-11-18 18:48:59 ----D---- C:\rsit 2009-11-18 17:34:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-11-17 03:17:55 ----D---- C:\Program Files\Windows Portable Devices 2009-11-17 03:02:20 ----A---- C:\Windows\system32\UIAnimation.dll 2009-11-17 03:02:19 ----A---- C:\Windows\system32\UIRibbonRes.dll 2009-11-17 03:02:19 ----A---- C:\Windows\system32\UIRibbon.dll 2009-11-17 03:01:58 ----A---- C:\Windows\system32\WMPhoto.dll 2009-11-17 03:01:57 ----A---- C:\Windows\system32\cdd.dll 2009-11-17 03:01:56 ----A---- C:\Windows\system32\XpsRasterService.dll 2009-11-17 03:01:56 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2009-11-17 03:01:56 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2009-11-17 03:01:56 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2009-11-17 03:01:56 ----A---- C:\Windows\system32\d3d10warp.dll 2009-11-17 03:01:56 ----A---- C:\Windows\system32\d2d1.dll 2009-11-17 03:01:55 ----A---- C:\Windows\system32\XpsPrint.dll 2009-11-17 03:01:55 ----A---- C:\Windows\system32\WindowsCodecs.dll 2009-11-17 03:01:55 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2009-11-17 03:01:55 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2009-11-17 03:01:55 ----A---- C:\Windows\system32\OpcServices.dll 2009-11-17 03:01:55 ----A---- C:\Windows\system32\dxdiagn.dll 2009-11-17 03:01:55 ----A---- C:\Windows\system32\dxdiag.exe 2009-11-17 03:01:54 ----A---- C:\Windows\system32\xpsservices.dll 2009-11-17 03:01:54 ----A---- C:\Windows\system32\FntCache.dll 2009-11-17 03:01:54 ----A---- C:\Windows\system32\DWrite.dll 2009-11-17 03:01:54 ----A---- C:\Windows\system32\d3d11.dll 2009-11-17 03:01:54 ----A---- C:\Windows\system32\d3d10level9.dll 2009-11-17 03:01:54 ----A---- C:\Windows\system32\d3d10core.dll 2009-11-17 03:01:54 ----A---- C:\Windows\system32\d3d10_1core.dll 2009-11-17 03:01:53 ----A---- C:\Windows\system32\dxgi.dll 2009-11-17 03:01:53 ----A---- C:\Windows\system32\d3d10_1.dll 2009-11-17 03:01:53 ----A---- C:\Windows\system32\d3d10.dll 2009-11-17 03:01:29 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2009-11-17 03:01:29 ----A---- C:\Windows\system32\wpdbusenum.dll 2009-11-17 03:01:29 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2009-11-17 03:01:26 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\WPDSp.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\wpdshext.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\wpd_ci.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2009-11-17 03:01:24 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2009-11-17 03:00:33 ----A---- C:\Windows\system32\oleaccrc.dll 2009-11-17 03:00:32 ----A---- C:\Windows\system32\UIAutomationCore.dll 2009-11-17 03:00:32 ----A---- C:\Windows\system32\oleacc.dll 2009-11-12 19:23:42 ----A---- C:\cleannavi.txt 2009-11-12 19:23:09 ----D---- C:\Program Files\Navilog1 2009-11-11 21:45:13 ----D---- C:\Program Files\Trend Micro 2009-11-11 04:36:14 ----A---- C:\Windows\system32\WSDApi.dll 2009-11-04 16:21:20 ----A---- C:\Windows\system32\mshtml.dll 2009-11-01 10:18:50 ----D---- C:\Program Files\Adobe 2009-10-29 17:24:48 ----D---- C:\Users\loubidounet\AppData\Roaming\ubi.com 2009-10-29 17:24:48 ----A---- C:\Windows\patchw32.dll 2009-10-29 17:24:41 ----D---- C:\Program Files\Common Files\PocketSoft 2009-10-29 17:24:40 ----D---- C:\Program Files\ubi.com 2009-10-29 17:22:12 ----D---- C:\Program Files\UBISOFT 2009-10-29 14:11:41 ----D---- C:\Program Files\PokerStars 2009-10-28 05:15:18 ----A---- C:\Windows\system32\wmp.dll 2009-10-28 05:15:15 ----A---- C:\Windows\system32\unregmp2.exe 2009-10-28 05:15:12 ----A---- C:\Windows\system32\wmploc.DLL 2009-10-27 09:00:16 ----A---- C:\Windows\system32\wups2.dll 2009-10-27 09:00:16 ----A---- C:\Windows\system32\wucltux.dll 2009-10-27 09:00:16 ----A---- C:\Windows\system32\wuaueng.dll 2009-10-27 09:00:16 ----A---- C:\Windows\system32\wuauclt.exe 2009-10-27 09:00:02 ----A---- C:\Windows\system32\wups.dll 2009-10-27 09:00:02 ----A---- C:\Windows\system32\wudriver.dll 2009-10-27 09:00:02 ----A---- C:\Windows\system32\wuapi.dll 2009-10-27 08:59:56 ----A---- C:\Windows\system32\wuwebv.dll 2009-10-27 08:59:56 ----A---- C:\Windows\system32\wuapp.exe 2009-10-23 12:54:06 ----D---- C:\Downloads 2009-10-21 17:49:51 ----D---- C:\Users\loubidounet\AppData\Roaming\Free Download Manager 2009-10-21 17:48:25 ----D---- C:\Program Files\Free Download Manager 2009-10-21 17:26:01 ----D---- C:\Program Files\Microsoft Office Outlook Connector ======List of files/folders modified in the last 1 months====== 2009-11-18 18:49:05 ----D---- C:\Windows\prefetch 2009-11-18 18:49:02 ----D---- C:\Windows\Temp 2009-11-18 18:40:39 ----AD---- C:\Windows\System32 2009-11-18 18:40:39 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-11-18 18:40:38 ----D---- C:\Windows\inf 2009-11-18 18:34:03 ----D---- C:\Program Files\eoRezo 2009-11-18 17:34:34 ----AD---- C:\Windows\system32\drivers 2009-11-18 17:34:32 ----RD---- C:\Program Files 2009-11-18 17:19:30 ----D---- C:\Windows\system32\Tasks 2009-11-18 16:54:58 ----SHD---- C:\System Volume Information 2009-11-17 09:01:18 ----SHD---- C:\Windows\Installer 2009-11-17 09:01:18 ----HD---- C:\Config.Msi 2009-11-17 09:01:18 ----A---- C:\Windows\win.ini 2009-11-17 09:00:45 ----D---- C:\Windows\twain_32 2009-11-17 03:36:10 ----D---- C:\Windows\rescache 2009-11-17 03:18:00 ----D---- C:\Windows 2009-11-17 03:17:55 ----D---- C:\Windows\system32\fr-FR 2009-11-17 03:17:54 ----D---- C:\Windows\system32\wbem 2009-11-17 03:17:53 ----D---- C:\Windows\system32\zh-TW 2009-11-17 03:17:53 ----D---- C:\Windows\system32\zh-HK 2009-11-17 03:17:53 ----D---- C:\Windows\system32\zh-CN 2009-11-17 03:17:53 ----D---- C:\Windows\system32\uk-UA 2009-11-17 03:17:53 ----D---- C:\Windows\system32\tr-TR 2009-11-17 03:17:53 ----D---- C:\Windows\system32\th-TH 2009-11-17 03:17:53 ----D---- C:\Windows\system32\sv-SE 2009-11-17 03:17:53 ----D---- C:\Windows\system32\sr-Latn-CS 2009-11-17 03:17:53 ----D---- C:\Windows\system32\sl-SI 2009-11-17 03:17:53 ----D---- C:\Windows\system32\sk-SK 2009-11-17 03:17:53 ----D---- C:\Windows\system32\ru-RU 2009-11-17 03:17:53 ----D---- C:\Windows\system32\ro-RO 2009-11-17 03:17:53 ----D---- C:\Windows\system32\pt-PT 2009-11-17 03:17:53 ----D---- C:\Windows\system32\pt-BR 2009-11-17 03:17:53 ----D---- C:\Windows\system32\pl-PL 2009-11-17 03:17:53 ----D---- C:\Windows\system32\nl-NL 2009-11-17 03:17:53 ----D---- C:\Windows\system32\nb-NO 2009-11-17 03:17:53 ----D---- C:\Windows\system32\lv-LV 2009-11-17 03:17:53 ----D---- C:\Windows\system32\lt-LT 2009-11-17 03:17:53 ----D---- C:\Windows\system32\ko-KR 2009-11-17 03:17:53 ----D---- C:\Windows\system32\ja-JP 2009-11-17 03:17:53 ----D---- C:\Windows\system32\it-IT 2009-11-17 03:17:53 ----D---- C:\Windows\system32\hu-HU 2009-11-17 03:17:53 ----D---- C:\Windows\system32\hr-HR 2009-11-17 03:17:53 ----D---- C:\Windows\system32\he-IL 2009-11-17 03:17:53 ----D---- C:\Windows\system32\fi-FI 2009-11-17 03:17:53 ----D---- C:\Windows\system32\et-EE 2009-11-17 03:17:53 ----D---- C:\Windows\system32\es-ES 2009-11-17 03:17:53 ----D---- C:\Windows\system32\en-US 2009-11-17 03:17:53 ----D---- C:\Windows\system32\el-GR 2009-11-17 03:17:53 ----D---- C:\Windows\system32\de-DE 2009-11-17 03:17:53 ----D---- C:\Windows\system32\da-DK 2009-11-17 03:17:53 ----D---- C:\Windows\system32\cs-CZ 2009-11-17 03:17:53 ----D---- C:\Windows\system32\bg-BG 2009-11-17 03:17:53 ----D---- C:\Windows\system32\ar-SA 2009-11-17 03:02:28 ----D---- C:\Windows\winsxs 2009-11-17 03:02:27 ----D---- C:\Windows\system32\catroot 2009-11-17 03:02:11 ----D---- C:\Windows\system32\catroot2 2009-11-16 18:49:43 ----D---- C:\Users\loubidounet\AppData\Roaming\vlc 2009-11-16 18:37:48 ----D---- C:\Users\loubidounet\AppData\Roaming\dvdcss 2009-11-11 15:32:41 ----D---- C:\Program Files\Windows Mail 2009-11-11 15:18:14 ----D---- C:\ProgramData\Microsoft Help 2009-11-05 18:36:21 ----A---- C:\Windows\system32\mrt.exe 2009-11-05 15:52:55 ----D---- C:\ProgramData\Adobe 2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe 2009-11-01 10:18:59 ----D---- C:\Program Files\Common Files\Adobe 2009-10-29 17:40:33 ----HD---- C:\Program Files\InstallShield Installation Information 2009-10-29 17:24:41 ----D---- C:\Program Files\Common Files 2009-10-28 17:39:57 ----D---- C:\Program Files\Mozilla Firefox 2009-10-28 09:34:40 ----D---- C:\Program Files\Windows Media Player 2009-10-23 14:24:00 ----D---- C:\Windows\Tasks 2009-10-22 20:11:57 ----SD---- C:\Windows\Downloaded Program Files 2009-10-21 18:14:26 ----D---- C:\Windows\Microsoft.NET 2009-10-21 18:13:31 ----RSD---- C:\Windows\assembly 2009-10-21 17:26:02 ----D---- C:\Program Files\Common Files\System 2009-10-21 17:25:38 ----DC---- C:\Windows\system32\DRVSTORE 2009-10-21 17:25:36 ----D---- C:\Program Files\Windows Live ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152] R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792] R2 X4HSX32Ex;X4HSX32Ex; \??\C:\Program Files\Player Metaboli\X4HSX32Ex.Sys [2007-11-14 29856] R3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] R3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424] R3 netr73;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2007-05-11 329728] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872] R3 RTL8169;Pilote Realtek 8169 NT; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544] R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] R3 ZSMC301b;Look 312P; C:\Windows\System32\Drivers\usbVM31b.sys [2004-03-19 90968] S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160] S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904] S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] S4 nvrd32;NVIDIA nForce RAID Driver; C:\Windows\system32\drivers\nvrd32.sys [2007-10-31 124960] S4 nvsmu;nvsmu; C:\Windows\system32\drivers\nvsmu.sys [2007-10-12 13312] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2009-09-29 1516480] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 CarboniteService;CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [2008-08-18 1699784] R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-19 29744] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-28 182768] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- à vous de jouer bonne chance à plus dominik

voilà le rapport MBAM Malwarebytes' Anti-Malware 1.41 Version de la base de données: 3193 Windows 6.0.6002 Service Pack 2 18/11/2009 18:34:03 mbam-log-2009-11-18 (18-34-03).txt Type de recherche: Examen complet (C:\|I:\|) Eléments examinés: 252281 Temps écoulé: 55 minute(s), 2 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\eoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. C:\Program Files\eoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully. C:\Users\loubidounet\Downloads\Dossier setup\Dossier T.V\ItsTV\eoRezo\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully. C:\Users\loubidounet\Downloads\Dossier setup\Dossier T.V\ItsTV\eoRezo\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.

resalut bon voici le rapport Fix Navipromo version 4.0.5 commencé le 12/11/2009 19:23:42,70 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 10.11.2009 à 18h00 par IL-MAFIOSO Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2 X86-based PC ( Multiprocessor Free : Intel® Pentium® Dual CPU E2200 @ 2.20GHz ) BIOS : Default System BIOS USER : loubidounet ( Not Administrator ! ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1282 [VPS 081114-0] 4.8.1282 (Activated) C:\ (Local Disk) - NTFS - Total:286 Go (Free:186 Go) D:\ (CD or DVD) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur C:\Windows\prefetch\kvawbm*.pf supprimé ! C:\Users\loubidounet\AppData\Local\kvawbm.exe supprimé ! C:\Users\loubidounet\AppData\Local\kvawbm.dat supprimé ! C:\Users\loubidounet\AppData\Local\kvawbm_nav.dat supprimé ! C:\Users\loubidounet\AppData\Local\kvawbm_navps.dat supprimé ! Nettoyage contenu C:\Windows\Temp effectué ! Nettoyage contenu C:\Users\LOUBID~1\AppData\Local\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok Certificat Egroup supprimé ! Certificat Electronic-Group supprimé ! Certificat OOO-Favorit supprimé ! *** Scan terminé 12/11/2009 19:37:37,81 *** merci j'attends votre suite??

voici un rapport qui peut m'aider merci Zonk?? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:46:17, on 11/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Free Download Manager\fdm.exe C:\Windows\System32\mobsync.exe C:\Users\loubidounet\AppData\Local\cxvrgc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\vghd\vghd.exe C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Wallpaper\Wallpaper.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\vghd\VirtuaGirl_downloader.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Users\loubidounet\Downloads\HiJackThis.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/redi...amp;key=IESTART R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKCU\..\Run: [wcsqk] "c:\users\loubidounet\appdata\local\wcsqk.exe" wcsqk O4 - HKCU\..\Run: [iMC] C:\Program Files\FriendFinder\FriendFinder Messenger 4\imc.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [cxvrgc] "c:\users\loubidounet\appdata\local\cxvrgc.exe" cxvrgc O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{C1850DF3-B262-4BDF-9A37-62C62509DEF3}: NameServer = 213.36.80.1 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\google\google~3\goec62~1.dll c:\progra~1\bandoo\bndhook.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe -- End of file - 11154 bytes voilà j'espère que cela vous servira à plus dom

resalut à tous j'ai changé de pseudo et de pc mais j'ai un gros souci avec celui ci j'ai du mal à télécharger et voir mes propres dossiers depuis 2 jours je vous fais un hijack et je vous poste à vous de jouer merci d'avance dominik ogfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:59:26, on 11/11/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Free Download Manager\fdm.exe C:\Windows\System32\mobsync.exe C:\Users\loubidounet\AppData\Local\cxvrgc.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\vghd\vghd.exe C:\Users\loubidounet\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\vghd\VirtuaGirl_downloader.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Users\loubidounet\Downloads\HiJackThis.exe