ZINOU

Membres

Afficher le profil Afficher son activité

Compteur de contenus
17
Inscription
le 15 août 2011
Dernière visite
le 1 octobre 2011

ZINOU's Achievements

Junior Member (3/12)

Réputation sur la communauté

[Résolu] Votre avis sur des logiciels de nettoyage

ZINOU a répondu à un(e) sujet de ZINOU dans Software

MERCI AMI que signifie les fichiers caches dans antivir on me dit que ce sont des virus
- le 16 septembre 2011
- 7 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

SALUT tout semble ok j'ai verifié java flash player aussi a moins que vous voyez autre verif a faire merci
- le 16 septembre 2011
- 18 réponses
[Résolu] Votre avis sur des logiciels de nettoyage

ZINOU a répondu à un(e) sujet de ZINOU dans Software

je n'y comprends rien lol a ce tuto
- le 16 septembre 2011
- 7 réponses
[Résolu] Votre avis sur des logiciels de nettoyage

ZINOU a répondu à un(e) sujet de ZINOU dans Software

Merci bien.
- le 16 septembre 2011
- 7 réponses
[Résolu] Votre avis sur des logiciels de nettoyage

ZINOU a posté un sujet dans Software

Bonjour, Que pensez-vous des logiciels suivants, ? - Emsisoft anti malware, - Spyware Terminator, - ATF Cleaner. Merci.
- le 15 septembre 2011
- 7 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

voici DelFix v8.3 - Rapport créé le 14/09/2011 à 16:04 # Mis à jour le 04/08/11 à 11h par Xplode # Système d'exploitation : Windows 7 Home Premium (64 bits) [version 6.1.7601] # Nom d'utilisateur : ZINOU - ZINOU-HP (Administrateur) # Exécuté depuis : C:\Users\ZINOU\Downloads\delfix0.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ ~~~~~~ Fichier(s) ~~~~~~ ~~~~~~ Registre ~~~~~~ ~~~~~~ Autre ~~~~~~ ########## EOF - "C:\DelFixSuppr.txt" - [542 octets] ########le rapport de dellfix desinstallation ci dessus je trouve que la machine se porte mieux j'ai verifier les versions de java et d'adobe reader tout est ok oui pour combofix c'est le helper qui m'a dit de l'utilser pour enlever le regedit merci de ton aide
- le 14 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

la machine va mieux apparament j'avais comme symptome l'endroit ou tu clique afficher les icones cachés ce carré clignotait des pages du navigateur s'ouvrait en 4- 5 exemplaires les icones du bureau s'ouvraient et s'executait sans mon accord bref le binzz un helper avait trouvé que c'etait a regedit.exe FORME de virus VOICI MON RAPPORT que tu m'a demandé # DelFix v8.3 - Rapport créé le 14/09/2011 à 14:13 # Mis à jour le 04/08/11 à 11h par Xplode # Système d'exploitation : Windows 7 Home Premium (64 bits) [version 6.1.7601] # Nom d'utilisateur : ZINOU - ZINOU-HP (Administrateur) # Exécuté depuis : C:\Users\ZINOU\Downloads\delfix0.exe # Option [Recherche] ~~~~~~ Dossier(s) ~~~~~~ Présent : C:\Qoobox Présent : C:\ZHP Présent : C:\Program Files (x86)\ZHPDiag Présent : C:\Users\ZINOU\DoctorWeb Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP ~~~~~~ Fichier(s) ~~~~~~ Présent : C:\ComboFix.txt Présent : C:\PhysicalDisk0_MBR.bin Présent : C:\TDSSKiller.2.5.21.0_12.09.2011_10.19.15_log.txt Présent : C:\Windows\grep.exe Présent : C:\Windows\MBR.exe Présent : C:\Windows\NIRCMD.exe Présent : C:\Windows\PEV.exe Présent : C:\Windows\sed.exe Présent : C:\Windows\SWREG.exe Présent : C:\Windows\SWSC.exe Présent : C:\Windows\SWXCACLS.exe Présent : C:\Windows\zip.exe Présent : C:\Users\ZINOU\Desktop\mkv2vob.lnk Présent : C:\Users\ZINOU\Desktop\ZHPDiag.txt Présent : C:\Users\ZINOU\Desktop\ZHPDiag2.exe Présent : C:\Users\ZINOU\Desktop\ZHPFixReport.txt Présent : C:\Users\Public\Desktop\MBRCheck.lnk Présent : C:\Users\Public\Desktop\ZHPDiag.lnk Présent : C:\Users\Public\Desktop\ZHPFix.lnk Présent : C:\Users\Public\Desktop\MBRCheck.lnk Présent : C:\Users\Public\Desktop\ZHPDiag.lnk Présent : C:\Users\Public\Desktop\ZHPFix.lnk Présent : C:\Users\ZINOU\Downloads\ATF-Cleaner.exe Présent : C:\Users\ZINOU\Downloads\ComboFix Présent : C:\Users\ZINOU\Downloads\ComboFix.exe Présent : C:\Users\ZINOU\Downloads\esetsmartinstaller_enu.exe Présent : C:\Users\ZINOU\Downloads\HiJackThis.exe Présent : C:\Users\ZINOU\Downloads\RogueKiller (1).exe Présent : C:\Users\ZINOU\Downloads\RogueKiller (2).exe Présent : C:\Users\ZINOU\Downloads\RogueKiller.exe Présent : C:\Users\ZINOU\Downloads\ZHPDiag2.exe Présent : C:\Users\ZINOU\Downloads\ZHPDiag2.zip ~~~~~~ Registre ~~~~~~ Clé Présente : HKCU\SOFTWARE\IDAVLab Clé Présente : HKLM\Software\IDAVLab Clé Présente : HKLM\Software\TrendMicro\Hijackthis Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe Clé Présente : HKLM\SOFTWARE\Swearware Clé Présente : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DWPROT ~~~~~~ Autre ~~~~~~ -> ESET Online Scanner ... Installé ########## EOF - "C:\DelFixSearch.txt" - [2744 octets] ########## Dans l'attente d'une réponse, merci à toi…
- le 14 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

voici le rapport demandé Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 7712 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 14/09/2011 13:44:51 mbam-log-2011-09-14 (13-44-51).txt Type d'examen: Examen complet (C:\|D:\|E:\|F:\|) Elément(s) analysé(s): 416482 Temps écoulé: 1 heure(s), 32 minute(s), 45 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) D'autre part ATF a nettoyé mon pc merci de vos reponses
- le 14 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

VOI Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 3Q6C9 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4095.2 MB (58% free) System Restore: Activé (Enable) System drive C: has 506 GB (73%) free of 685 GB ---\\ Logged in mode ~ Computer Name: ZINOU-HP ~ User Name: ZINOU ~ All Users Names: ZINOU, UpdatusUser, HomeGroupUser$, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\ZINOU\AppData\Roaming\ ~ %Desktop% : C:\Users\ZINOU\Desktop\ ~ %Favorites% : C:\Users\ZINOU\Favorites\ ~ %LocalAppData% : C:\Users\ZINOU\AppData\Local\ ~ %StartMenu% : C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 506 Go of 685 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 13 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn AMs ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.4/27/2011 - 7:19:30 AM.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.7/14/2009 - 2:39:31 AM.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 - 2:39:52 AM.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.0732B49B250E306F7A6591029AF9885B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.8/10/2011 - 6:36:16 AM.) -- C:\Windows\system32\wininet.dll [1389056] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2/24/2011 - 2:25:30 PM.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:52:21 AM.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.4/27/2011 - 7:41:34 AM.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2/24/2011 - 2:27:26 PM.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.2/24/2011 - 2:07:20 PM.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn AMs ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 6/783 ~ Mes musiques (My Musics) : 707/4934 ~ Mes Videos (My Videos) : 2/459 ~ Mes Favoris (My Favorites) : 5/331 ~ Mes Documents (My Documents) : 40/15260 ~ Mon Bureau (My Desktop) : 0/418 ~ Menu demarrer (Programs) : 6/32 ~ Scan Hidden Files in 12mn AMs ---\\ Processus lancés [MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.1932] [MD5.63A648C5FEB5DE641E1174ACB6CF78C6] - (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888] [PID.1940] [MD5.C11645E219C8C9113A8D9E0500ED25E5] - (.PacketVideo - TwonkyMedia Tray Application.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe [603736] [PID.3048] [MD5.3AF02017597E4C6399FD3E390E601D5E] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3608240] [PID.2008] [MD5.C983E62B6FB74457D173BA93F66F6068] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3384] [MD5.A40432BB46793F3A2AD42E6D23A8290F] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252136] [PID.3552] [MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748336] [PID.4188] [MD5.461A87D7A4304BDA228CF1DBB86D3CE9] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_ActiveX.exe [243360] [PID.3868] [MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.3676] [MD5.457E6B550AABC987AF117ED968C2F3D9] - (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3029208] [PID.] [MD5.B4837FE56D76B2E9EA90E5365CF6A2BE] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.] [MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.] [MD5.DF5A3016052755C910A206058B4A1729] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.] [MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.] [MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [349472] [PID.] [MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.] [MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.] [MD5.3120A421ED14B0186675E295219D441C] - (.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336] [PID.] [MD5.A2ABC52CD8A5B60262B220A17A92EB31] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [378472] [PID.] [MD5.2748912E0E656AE1FB74C4BFDF7BC470] - (...) -- C:\Program Files (x86)\Serveur Media\TwonkyMediaServer.exe [1451608] [PID.] ~ Scan Processes Running in 00mn AMs ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\ZINOU\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé) G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.3 (Activé) G2 - GCE: Preference [user Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo\u003E HTML5 DivX Plus Web Player v.2.1.1.94 (Activé) ~ Scan Google Browser in 00mn AMs ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_27 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.1.0f4.) -- C:\Users\ZINOU\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll ~ Scan Firefox Browser in 00mn AMs ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation R0 - HKUS\S-1-5-21-4247541363-2138921599-923811196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R1 - HKUS\S-1-5-21-4247541363-2138921599-923811196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn AMs ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn AMs ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn AMs ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn AMs ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\Div O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll ~ Scan BHO in 00mn AMs ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [smartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [CamserviceHD] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Dualpix HD\XtrCtrl.exe O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe O4 - HKLM\..\Run: [spywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe O4 - HKLM\..\Run: [spywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [Digital Patrol Update 5] C:\Program Files (x86)\NictaTech Software\Digital Patrol 5\dpatrolu.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ~ Scan Application in 00mn AMs ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files (x86)\Spotify\spotify.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Audacity.lnk . (...) -- C:\Program Files (x86)\Audacity\audacity.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\captimag - Raccourci.lnk . (.Claude Dekokère.) -- C:\Users\ZINOU\Documents\captimag.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\CCleaner64 - Raccourci.lnk . (.Piriform Ltd.) -- C:\Users\ZINOU\Documents\CCleaner64.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\DivX Movies.lnk . (...) -- C:\Users\ZINOU\Videos\DivX Movies O4 - Global Startup: C:\Users\ZINOU\Desktop\Free Music Zilla.lnk . (...) -- C:\Program Files (x86)\Free Music Zilla\FMZilla.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Light Image Resizer 4.lnk . (.ObviousIdea SARL.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Mixxx.lnk . (...) -- C:\Program Files (x86)\DjMixerStudio\mixxx.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\mkv2vob.lnk . (.3r1c.) -- C:\Program Files (x86)\mkv2vob\loader.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\MWAVSCAN.lnk . (...) -- C:\Users\ZINOU\AppData\Local\Temp\mwavscan.exe (.not file.) O4 - Global Startup: C:\Users\ZINOU\Desktop\SmartRipper - Raccourci.lnk . (...) -- C:\Users\ZINOU\Documents\SmartRipper 2.41\SmartRipper.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files (x86)\Spotify\spotify.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QUICKMEDIACONVERTER.lnk . (.CocoonSoftware.) -- C:\Program Files\QuickMediaConverter\QMC.exe ~ Scan Global Startup in 03mn AMs ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: ajouter cette page à vos favoris Orange . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html O8 - Extra context menu item: envoyer le texte sélectionné par sms . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html O8 - Extra context menu item: envoyer par sms . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html O8 - Extra context menu item: envoyer un mail . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll O8 - Extra context menu item: orange.fr . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html O8 - Extra context menu item: traduire la page . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html O8 - Extra context menu item: traduire le texte sélectionné . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ~ Scan IE Menu Contextuel in 00mn AMs ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ~ Scan Winsock in 00mn AMs ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax64.cab ~ Scan Objets ActiveX in 00mn AMs ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home O17 - HKLM\System\CS1\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home O17 - HKLM\System\CS2\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home ~ Scan Domain in 00mn AMs ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll ~ Scan Protocole Additionnel in 00mn AMs ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll ~ Scan SSODL in 00mn AMs ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Emsisoft Anti-Malware 5.1 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O23 - Service: Serveur Média (Serveur Média) . (.PacketVideo - TwonkyMedia Server watchdog.) - C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) . (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ~ Scan Services in 00mn AMs ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn AMs ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForZINOU.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForZINOU] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.A40432BB46793F3A2AD42E6D23A8290F] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [MD5.47C1DE0A890613FFCFF1D67648EEDF90] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.7636713B4F0944045AB4AF7CED5245AB] [APT] [Programme de mise … jour en ligne de Divx] (...) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [MD5.5516C26A6AF8EB4E2CAB48EC98A74398] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [MD5.B114DB354D13A21C1AC2B1807EE2F500] [APT] [Programme de mise … jour en ligne de Real Player] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeLogonTaskS-1-5-21-4247541363-2138921599-923811196-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeScheduledTaskS-1-5-21-4247541363-2138921599-923811196-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [MD5.00000000000000000000000000000000] [APT] [{08513374-DDA9-4C13-A029-4A9BE1EA4C98}] (...) -- C:\Program Files\Alwil Software\Avast5\aswRundll.exe (.not file.) [MD5.1C374EA1D363CE916F2D835C50A9C105] [APT] [{EFE60423-B3F3-499C-94DA-BFAD177043AB}] (...) -- C:\Users\ZINOU\Documents\PROGRAMMES ZINOU\CamStudio20.exe [MD5.00000000000000000000000000000000] [APT] [{F57B0474-CDFE-4EF3-ADAD-542089BDE3D1}] (...) -- C:\Program Files (x86)\NOS\bin\getPlusUninst_Adobe.exe (.not file.) [MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe ~ Scan Scheduled Task in 03mn AMs ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: (SAVRKBootTasks) . (. - .) - C:\Windows\system32\SAVRKBootTasks.sys (.not file.) O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn AMs ---\\ Logiciels installés (O42) O42 - Logiciel: AM-DeadLink 4.4 - (.www.aignes.com.) [HKLM] -- aignesamdeadlink_is1 O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1 O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX 64 O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM] -- WT087420 O42 - Logiciel: Alcor Micro USB Card Reader - (.Nom de votre société.) [HKLM] -- InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F} O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1 O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT087428 O42 - Logiciel: CamStudio - (.Pas de propriétaire.) [HKLM] -- CamStudio O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT087453 O42 - Logiciel: Clean Virus MSN - (.AxBx.) [HKLM] -- Clean Virus MSN_is1 O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: DJ Mix Lite - (.Pas de propriétaire.) [HKLM] -- DJ Mix Lite O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: Deezer Desktop - (.UNKNOWN.) [HKLM] -- DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1 O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT087536 O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM] -- Emsisoft Anti-Malware_is1 O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT087361 O42 - Logiciel: Fotosizer 1.31 - (.Fotosizer.com.) [HKLM] -- Fotosizer O42 - Logiciel: Free Music Zilla - (.FreeMusicZilla.com.) [HKLM] -- Free Music Zilla_is1 O42 - Logiciel: Free Video Joiner 1.1 - (.FreeVideoJoiner.com.) [HKLM] -- {14FA6DD9-92ED-493D-A937-81A78870E08A}_is1 O42 - Logiciel: HP Game Console - (.WildTangent.) [HKLM] -- My HP Game Console O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833} O42 - Logiciel: Hercules Dualpix HD - (.Hercules.) [HKLM] -- {59579B12-97E6-437E-B988-BA032165D355} O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT087480 O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT087485 O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM] -- WT087490 O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM] -- WT087380 O42 - Logiciel: K-Lite Codec Pack 7.2.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: Lame ACM MP3 Codec - (.Pas de propriétaire.) [HKLM] -- LameACM O42 - Logiciel: Light Image Resizer 4.0.6.8 - (.ObviousIdea.) [HKLM] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1 O42 - Logiciel: Live Media Plugin (Todae) - (.Todae.fr.) [HKLM] -- Live Media O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM] -- Microsoft IntelliPoint 8.2 O42 - Logiciel: Mises à jour NVIDIA 1.1.34 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM] -- MusicStationNetstaller O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver O42 - Logiciel: NVIDIA 3D Vision Controller Driver 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA Pilote 3D Vision 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.22.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA Pilote graphique 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: NoVirusThanks Malware Remover Free 3.1 - (.NoVirusThanks Company Srl.) [HKLM] -- {C206F5C2-9C03-4FA1-8927-055E6D90488B}_is1 O42 - Logiciel: Orange Inside - (.Orange.) [HKCU] -- Orange Inside O42 - Logiciel: Orange Installeur version 1.2.2.0 - (.Orange.) [HKLM] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.2.0 O42 - Logiciel: Orange Web Player 1.212788 - (.Orange.) [HKLM] -- Orange Web Player_is1 O42 - Logiciel: Orange WebTV Player 1.29418 - (.Orange.) [HKLM] -- Orange WebTV Player_is1 O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de pilotes Windows - eMPIA Technology Inc, (emAudio) MEDIA (06/22/2007 5.7.0622.0) - (.eMPIA Technology Inc,.) [HKLM] -- A5664D4A72F1AB05DE12885777A69C3EE46F204A O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT087394 O42 - Logiciel: Photo Magician 1.9.2.0 - (.Sheldon Solutions.) [HKLM] -- {AF766933-2E99-4D86-916E-FEA0A482B89E}_is1 O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT087501 O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT087396 O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: QMC - (.Pas de propriétaire.) [HKCU] -- QUICKMEDIACONVERTER O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} O42 - Logiciel: Sansa Media Converter - (.Pas de propriétaire.) [HKLM] -- {FC053571-8507-44E4-8B6D-AACEAB8CA57C} O42 - Logiciel: Sansa Updater - (.SanDisk Corporation.) [HKCU] -- Sansa Updater O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Serveur Média - (.PacketVideo.) [HKLM] -- TwonkyMediaServeur Média O42 - Logiciel: Shuangs Audio Joiner 1.0 - (.ShuangSoft, Inc..) [HKLM] -- Shuangs Audio Joiner_is1 O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM] -- WT087510 O42 - Logiciel: Sophos Anti-Rootkit 1.5.0 - (.Sophos Plc.) [HKLM] -- Sophos-AntiRootkit O42 - Logiciel: Spyware Terminator 2012 - (.Crawler.com.) [HKLM] -- {56736259-613E-4A3B-B428-6235F2E76F44}_is1 O42 - Logiciel: SqueezePlay 7.5.0 - (.Logitech.) [HKLM] -- {09B790E3-21E3-4D1A-8130-AAA9227C9785}_is1 O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab O42 - Logiciel: Total Video Converter 3.61 100319 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.61_is1 O42 - Logiciel: Trojan Remover 6.8.2 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1 O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM] -- WT087513 O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM] -- WT087519 O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM] -- Xvid Video Codec 1.3.0 O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT087533 O42 - Logiciel: barre d'outils Orange - (.Orange.) [HKLM] -- OrangeToolbar O42 - Logiciel: mediAvatar MKV Converter - (.mediAvatar.) [HKLM] -- mediAvatar MKV Converter ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\ASProtect] [HKCU\Software\AVAST Software] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\F-Secure] [HKCU\Software\AppDataLow\LastScanTime] [HKCU\Software\AppDataLow\Software\DivX] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Orange] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Audacity] [HKCU\Software\Auslogics] [HKCU\Software\Avg] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Bits&Coffee] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CocoonSoftware] [HKCU\Software\CyberLink] [HKCU\Software\Cygwin] [HKCU\Software\DVD Decrypter] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Driver Magician] [HKCU\Software\ESET] [HKCU\Software\Eraser] [HKCU\Software\F-Secure] [HKCU\Software\FlasK Development] [HKCU\Software\Fotosizer] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\GridinSoft] [HKCU\Software\Haali] [HKCU\Software\Hercules] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IDAVLab] [HKCU\Software\IM Providers] [HKCU\Software\IPC software] [HKCU\Software\InnoShock] [HKCU\Software\InterVideo] [HKCU\Software\JavaSoft] [HKCU\Software\Lavasoft] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\M4ng] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Muvee Consumer)] [HKCU\Software\MainConcept (Muvee)] [HKCU\Software\Mainconcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\MicroWorld] [HKCU\Software\MooSoft Development] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\NoVirusThanks] [HKCU\Software\Norton] [HKCU\Software\O&O] [HKCU\Software\ObviousIdea] [HKCU\Software\OrangeInside] [HKCU\Software\PC SOFT] [HKCU\Software\PDFCreator] [HKCU\Software\Pegasys Inc.] [HKCU\Software\Policies] [HKCU\Software\Proantivirus Lab] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Ripp-it] [HKCU\Software\SUPERAntiSpyware.com] [HKCU\Software\SWiSHzone.com] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SanDisk] [HKCU\Software\Simply Super Software] [HKCU\Software\Skype] [HKCU\Software\Softonic] [HKCU\Software\Spotify] [HKCU\Software\Spyware Terminator] [HKCU\Software\Sysinternals] [HKCU\Software\TechSmith] [HKCU\Software\Todae] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\Unity] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VFPlugin] [HKCU\Software\VirtuaMedia] [HKCU\Software\VirtualDub.org] [HKCU\Software\Wget] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\aignes] [HKCU\Software\antiufo] [HKCU\Software\chermenin] [HKCU\Software\cybelsoft] [HKCU\Software\madFlac] [HKCU\Software\mediAvatar] [HKCU\Software\mkvconverter] [HKCU\Software\tvp] [HKCU\Software\udse] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\AVG] [HKLM\Software\AVS4YOU] [HKLM\Software\Adobe] [HKLM\Software\Aleesoft] [HKLM\Software\AntiTrojanElite] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\Bits&Coffee] [HKLM\Software\BrowserChoice] [HKLM\Software\CDDB] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Cyberlink] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\DjMixerStudio] [HKLM\Software\ESET] [HKLM\Software\EasyBits] [HKLM\Software\Emsi Software GmbH] [HKLM\Software\Eset] [HKLM\Software\Free Music Zilla] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hercules Technologies] [HKLM\Software\Hercules] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Hitman Pro] [HKLM\Software\IDAVLab] [HKLM\Software\IVIIS] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Khronos] [HKLM\Software\L&H] [HKLM\Software\Lavasoft] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroWorld] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewspaperDirect] [HKLM\Software\Nullsoft] [HKLM\Software\ODBC] [HKLM\Software\ObviousIdea] [HKLM\Software\Orange] [HKLM\Software\PDFComplete] [HKLM\Software\PDFCreator] [HKLM\Software\Panda Software] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Sandisk] [HKLM\Software\ScanSoft] [HKLM\Software\SecureDigitalServices] [HKLM\Software\Sheldon Solutions] [HKLM\Software\Simply Super Software] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Spyware Terminator] [HKLM\Software\Swearware] [HKLM\Software\TerraTec Electronic GmbH] [HKLM\Software\Todae] [HKLM\Software\TrendMicro] [HKLM\Software\TuneUp] [HKLM\Software\TwonkyMedia] [HKLM\Software\USB2800] [HKLM\Software\VideoLAN] [HKLM\Software\Voice] [HKLM\Software\Volatile] [HKLM\Software\Webroot] [HKLM\Software\WildTangent] [HKLM\Software\Win32 Services] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Xvid Team] [HKLM\Software\cybelsoft] [HKLM\Software\iTinySoft] [HKLM\Software\mediAvatar] [HKLM\Software\muvee Technologies] [HKLM\Software\swearware] ~ Scan Softwares in 00mn AMs ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 1/19/2011 - 4:07:20 PM - [23099562] ----D- C:\Program Files\ATI O43 - CFD: 1/19/2011 - 4:07:22 PM - [0] ----D- C:\Program Files\ATI Technologies O43 - CFD: 4/25/2011 - 5:26:22 PM - [195922] ----D- C:\Program Files\Bonjour O43 - CFD: 9/12/2011 - 2:48:04 PM - [763227453] ----D- C:\Program Files\Common Files O43 - CFD: 1/10/2011 - 11:18:36 AM - [930272] ----D- C:\Program Files\DIFX O43 - CFD: 5/16/2011 - 10:35:28 AM - [7727936] ----D- C:\Program Files\DivX O43 - CFD: 2/24/2011 - 11:01:38 AM - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 1/16/2011 - 11:52:46 AM - [2448629] ----D- C:\Program Files\Eraser O43 - CFD: 7/5/2011 - 7:42:02 AM - [0] ----D- C:\Program Files\Google O43 - CFD: 9/24/2010 - 3:29:28 AM - [9779088] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 8/26/2011 - 7:15:22 AM - [7439168] ----D- C:\Program Files\Hitman Pro 3.5 O43 - CFD: 9/24/2010 - 2:54:24 AM - [1705] ----D- C:\Program Files\hp O43 - CFD: 8/10/2011 - 6:57:34 PM - [6654703] ----D- C:\Program Files\Internet Explorer O43 - CFD: 6/13/2011 - 5:20:16 PM - [1939563] ----D- C:\Program Files\iPod O43 - CFD: 6/13/2011 - 5:20:32 PM - [2345448] ----D- C:\Program Files\iTunes O43 - CFD: 9/6/2011 - 1:17:48 PM - [102755868] ----D- C:\Program Files\Java O43 - CFD: 6/4/2011 - 3:18:56 PM - [8995738] ----D- C:\Program Files\ma-config.com O43 - CFD: 7/14/2009 - 9:45:56 AM - [149237810] ----D- C:\Program Files\Microsoft Games O43 - CFD: 8/11/2011 - 7:51:28 AM - [44066413] ----D- C:\Program Files\Microsoft IntelliPoint O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 4/27/2011 - 3:58:52 PM - [593166179] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 7/17/2011 - 7:53:40 AM - [387870] ----D- C:\Program Files\Orange O43 - CFD: 9/24/2010 - 3:18:14 AM - [2178436] ----D- C:\Program Files\PlayReady O43 - CFD: 1/3/2011 - 4:20:16 PM - [80563925] ----D- C:\Program Files\QuickMediaConverter O43 - CFD: 9/24/2010 - 2:48:18 AM - [15791736] ----D- C:\Program Files\Realtek O43 - CFD: 7/14/2009 - 7:32:40 AM - [36813993] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 2/24/2011 - 11:01:36 AM - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 2/24/2011 - 11:01:38 AM - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 7/14/2011 - 7:49:42 AM - [7987385] ----D- C:\Program Files\Windows Live O43 - CFD: 2/24/2011 - 11:01:38 AM - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 2/24/2011 - 11:01:38 AM - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 2/24/2011 - 11:01:38 AM - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 2/24/2011 - 11:01:38 AM - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 2/24/2011 - 11:01:38 AM - [9889997] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 1/25/2011 - 9:06:04 AM - [6580905] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 8/16/2011 - 4:49:48 PM - [682948053] ----D- C:\Program Files\Common Files\BitDefender O43 - CFD: 7/14/2011 - 7:48:40 AM - [60892734] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 12/21/2010 - 7:34:34 PM - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 6/17/2011 - 1:28:16 PM - [12443103] ----D- C:\ProgramData\Adobe O43 - CFD: 1/18/2011 - 10:33:46 AM - [495] ----D- C:\ProgramData\AmUStor O43 - CFD: 1/25/2011 - 9:05:50 AM - [119496704] ----D- C:\ProgramData\Apple O43 - CFD: 1/25/2011 - 9:06:58 AM - [40044144] ----D- C:\ProgramData\Apple Computer O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 7/29/2011 - 7:19:02 AM - [5716] ----D- C:\ProgramData\AVG10 O43 - CFD: 7/30/2011 - 8:55:56 AM - [64642797] ----D- C:\ProgramData\Avira O43 - CFD: 2/5/2011 - 1:58:48 PM - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 7/9/2011 - 5:51:08 PM - [0] ----D- C:\ProgramData\boost_interprocess O43 - CFD: 7/2/2011 - 9:47:32 AM - [155720] --H-D- C:\ProgramData\CanonBJ O43 - CFD: 7/6/2011 - 12:29:28 PM - [96] --H-D- C:\ProgramData\Common Files O43 - CFD: 12/24/2010 - 11:23:06 AM - [144940] ----D- C:\ProgramData\CyberLink O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 5/16/2011 - 10:36:02 AM - [4459924] ----D- C:\ProgramData\DivX O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 5/31/2011 - 7:43:54 AM - [144] ----D- C:\ProgramData\Driver Mender O43 - CFD: 1/10/2011 - 2:57:42 PM - [144] ----D- C:\ProgramData\Driver Whiz O43 - CFD: 7/9/2011 - 4:36:28 PM - [1211] ----D- C:\ProgramData\F-Secure O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 7/4/2011 - 4:59:34 PM - [527024] ----D- C:\ProgramData\Google O43 - CFD: 8/13/2011 - 2:04:22 PM - [4096] ----D- C:\ProgramData\Grisoft O43 - CFD: 12/21/2010 - 10:38:02 AM - [68732165] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 8/26/2011 - 7:14:20 AM - [532280] ----D- C:\ProgramData\Hitman Pro O43 - CFD: 6/4/2011 - 3:18:52 PM - [1278453] ----D- C:\ProgramData\ma-config.com O43 - CFD: 12/24/2010 - 5:29:46 PM - [16803314] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 2/14/2011 - 9:56:50 AM - [8192] ----D- C:\ProgramData\mediAvatar O43 - CFD: 7/28/2011 - 9:21:46 AM - [20892877] ----D- C:\ProgramData\MFAData O43 - CFD: 1/18/2011 - 9:23:12 AM - [144] ----D- C:\ProgramData\Micro Application O43 - CFD: 7/16/2011 - 6:14:10 PM - [328764388] -S--D- C:\ProgramData\Microsoft O43 - CFD: 8/26/2011 - 10:52:44 AM - [57126912] ----D- C:\ProgramData\MicroWorld O43 - CFD: 1/23/2011 - 5:19:52 PM - [717] ----D- C:\ProgramData\MSNRecorderMax O43 - CFD: 1/26/2011 - 8:50:08 PM - [117236835] ----D- C:\ProgramData\muvee Technologies O43 - CFD: 9/24/2010 - 3:21:32 AM - [0] ----D- C:\ProgramData\NewspaperDirect O43 - CFD: 9/14/2011 - 8:05:42 AM - [2285269] ----D- C:\ProgramData\NVIDIA O43 - CFD: 4/27/2011 - 3:56:32 PM - [578505] ----D- C:\ProgramData\NVIDIA Corporation O43 - CFD: 7/9/2011 - 2:59:50 PM - [2022228] ----D- C:\ProgramData\Orange O43 - CFD: 9/3/2011 - 12:35:38 PM - [67671112] ----D- C:\ProgramData\PC Tools O43 - CFD: 1/21/2011 - 1:55:38 PM - [1531990] ----D- C:\ProgramData\Real O43 - CFD: 1/13/2011 - 10:05:06 AM - [33008] ----D- C:\ProgramData\Recovery O43 - CFD: 9/14/2011 - 8:06:28 AM - [11869070] ----D- C:\ProgramData\Serveur Média O43 - CFD: 7/31/2011 - 5:11:46 PM - [7562122] ----D- C:\ProgramData\Simply Super Software O43 - CFD: 2/2/2011 - 2:36:12 PM - [19451154] ----D- C:\ProgramData\Skype O43 - CFD: 9/13/2011 - 3:00:46 PM - [42083243] ----D- C:\ProgramData\Spyware Terminator O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 1/7/2011 - 6:47:06 PM - [187] ----D- C:\ProgramData\Sun O43 - CFD: 2/1/2011 - 3:30:20 PM - [0] ----D- C:\ProgramData\TechSmith O43 - CFD: 9/11/2011 - 1:40:36 PM - [491733] ---AD- C:\ProgramData\Temp O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 1/18/2011 - 11:25:56 AM - [3387632] ----D- C:\ProgramData\TuneUp Software O43 - CFD: 9/24/2010 - 3:21:20 AM - [1873450921] ----D- C:\ProgramData\WildTangent O43 - CFD: 9/24/2010 - 2:54:48 AM - [35063286] ----D- C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268} O43 - CFD: 12/21/2010 - 10:32:22 AM - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} O43 - CFD: 1/18/2011 - 11:24:06 AM - [18225664] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} O43 - CFD: 1/25/2011 - 9:07:10 AM - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} O43 - CFD: 1/8/2011 - 11:07:44 AM - [6755850] ----D- C:\Users\ZINOU\AppData\Roaming\Adobe O43 - CFD: 1/27/2011 - 11:12:56 AM - [21041] ----D- C:\Users\ZINOU\AppData\Roaming\aignes O43 - CFD: 4/7/2011 - 9:02:46 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Apowersoft O43 - CFD: 1/25/2011 - 9:08:12 AM - [211543] ----D- C:\Users\ZINOU\AppData\Roaming\Apple Computer O43 - CFD: 3/15/2011 - 8:13:18 PM - [402] ----D- C:\Users\ZINOU\AppData\Roaming\ArcSoft O43 - CFD: 1/4/2011 - 9:46:12 AM - [2309] ----D- C:\Users\ZINOU\AppData\Roaming\AudioXP O43 - CFD: 2/8/2011 - 11:10:38 AM - [13272] ----D- C:\Users\ZINOU\AppData\Roaming\Auslogics O43 - CFD: 7/6/2011 - 1:19:58 PM - [610] ----D- C:\Users\ZINOU\AppData\Roaming\AVG10 O43 - CFD: 7/30/2011 - 9:03:20 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Avira O43 - CFD: 2/5/2011 - 1:58:52 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\AVS4YOU O43 - CFD: 1/3/2011 - 4:19:58 PM - [18374021] ----D- C:\Users\ZINOU\AppData\Roaming\CocoonSoftware O43 - CFD: 12/24/2010 - 11:23:04 AM - [107] ----D- C:\Users\ZINOU\AppData\Roaming\CyberLink O43 - CFD: 1/8/2011 - 11:08:24 AM - [304699] ----D- C:\Users\ZINOU\AppData\Roaming\DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1 O43 - CFD: 9/13/2011 - 10:51:52 PM - [61698] ----D- C:\Users\ZINOU\AppData\Roaming\Digital Patrol O43 - CFD: 12/27/2010 - 11:16:06 AM - [203530] ----D- C:\Users\ZINOU\AppData\Roaming\DivX O43 - CFD: 8/26/2011 - 10:51:26 AM - [770] ----D- C:\Users\ZINOU\AppData\Roaming\Download Manager O43 - CFD: 6/6/2011 - 1:19:52 PM - [199] ----D- C:\Users\ZINOU\AppData\Roaming\dvdcss O43 - CFD: 7/9/2011 - 4:38:34 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\f-secure O43 - CFD: 5/11/2011 - 5:28:08 PM - [543] ----D- C:\Users\ZINOU\AppData\Roaming\FMZilla O43 - CFD: 3/10/2011 - 4:27:16 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\GetRightToGo O43 - CFD: 12/20/2010 - 4:43:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Google O43 - CFD: 12/28/2010 - 6:12:32 PM - [90809] ----D- C:\Users\ZINOU\AppData\Roaming\Hewlett-Packard O43 - CFD: 9/13/2011 - 5:30:52 PM - [382] ----D- C:\Users\ZINOU\AppData\Roaming\HP Support Assistant O43 - CFD: 12/21/2010 - 10:37:46 AM - [14763] ----D- C:\Users\ZINOU\AppData\Roaming\hpqLog O43 - CFD: 9/13/2011 - 5:30:52 PM - [18115] ----D- C:\Users\ZINOU\AppData\Roaming\HpUpdate O43 - CFD: 12/20/2010 - 3:53:08 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Identities O43 - CFD: 12/22/2010 - 3:20:14 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\InstallShield O43 - CFD: 8/15/2011 - 3:12:00 PM - [23944864] ----D- C:\Users\ZINOU\AppData\Roaming\m4ng O43 - CFD: 12/20/2010 - 3:54:04 PM - [75055] ----D- C:\Users\ZINOU\AppData\Roaming\Macromedia O43 - CFD: 12/24/2010 - 5:31:32 PM - [1035] ----D- C:\Users\ZINOU\AppData\Roaming\Malwarebytes O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Media Center Programs O43 - CFD: 8/17/2011 - 2:49:34 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Media Player Classic O43 - CFD: 2/14/2011 - 9:57:16 AM - [30452938] ----D- C:\Users\ZINOU\AppData\Roaming\mediAvatar O43 - CFD: 1/10/2011 - 2:18:04 PM - [30514540] -S--D- C:\Users\ZINOU\AppData\Roaming\Microsoft O43 - CFD: 1/23/2011 - 5:15:18 PM - [22] ----D- C:\Users\ZINOU\AppData\Roaming\MSNRecorderMax O43 - CFD: 3/7/2011 - 5:45:48 PM - [700175] ----D- C:\Users\ZINOU\AppData\Roaming\muvee Technologies O43 - CFD: 2/14/2011 - 9:57:22 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\NVIDIA O43 - CFD: 8/9/2011 - 12:31:02 PM - [36616] ----D- C:\Users\ZINOU\AppData\Roaming\ObviousIdea O43 - CFD: 7/28/2011 - 7:41:48 AM - [2356856] ----D- C:\Users\ZINOU\AppData\Roaming\Orange O43 - CFD: 9/12/2011 - 1:45:00 PM - [26983] ----D- C:\Users\ZINOU\AppData\Roaming\QuickScan O43 - CFD: 2/5/2011 - 2:13:56 PM - [167656656] ----D- C:\Users\ZINOU\AppData\Roaming\Real O43 - CFD: 3/16/2011 - 1:50:04 PM - [100054319] ----D- C:\Users\ZINOU\AppData\Roaming\SanDisk O43 - CFD: 7/31/2011 - 5:11:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Simply Super Software O43 - CFD: 7/30/2011 - 10:33:38 PM - [1142565] ----D- C:\Users\ZINOU\AppData\Roaming\Skype O43 - CFD: 8/9/2011 - 4:20:56 PM - [2211313] ----D- C:\Users\ZINOU\AppData\Roaming\Spotify O43 - CFD: 9/3/2011 - 1:18:58 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Spyware Terminator O43 - CFD: 5/23/2011 - 2:06:44 PM - [512] ----D- C:\Users\ZINOU\AppData\Roaming\SqueezePlay O43 - CFD: 7/31/2011 - 8:09:28 AM - [328060] ----D- C:\Users\ZINOU\AppData\Roaming\thecleaner O43 - CFD: 6/19/2011 - 10:51:18 AM - [11425790] ----D- C:\Users\ZINOU\AppData\Roaming\Todae O43 - CFD: 1/18/2011 - 11:24:44 AM - [137096] ----D- C:\Users\ZINOU\AppData\Roaming\TuneUp Software O43 - CFD: 7/2/2011 - 1:26:54 PM - [3197764] ----D- C:\Users\ZINOU\AppData\Roaming\uTorrent O43 - CFD: 7/4/2011 - 9:25:44 AM - [1785317] ----D- C:\Users\ZINOU\AppData\Roaming\vlc O43 - CFD: 12/21/2010 - 10:31:10 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\WinBatch O43 - CFD: 1/14/2011 - 4:35:48 PM - [295] ----D- C:\Users\ZINOU\AppData\Roaming\Windows Live Writer O43 - CFD: 12/21/2010 - 5:59:24 PM - [12] ----D- C:\Users\ZINOU\AppData\Roaming\WinRAR O43 - CFD: 1/8/2011 - 11:07:40 AM - [15445816] ----D- C:\Users\ZINOU\AppData\Local\Adobe O43 - CFD: 1/25/2011 - 9:06:12 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\Apple O43 - CFD: 3/15/2011 - 8:57:42 PM - [13124006] ----D- C:\Users\ZINOU\AppData\Local\Apple Computer O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Application Data O43 - CFD: 1/11/2011 - 5:24:06 PM - [673598] ----D- C:\Users\ZINOU\AppData\Local\Apps O43 - CFD: 7/5/2011 - 9:37:22 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\COMODO O43 - CFD: 9/14/2011 - 8:06:36 AM - [37657507] ----D- C:\Users\ZINOU\AppData\Local\CrashDumps O43 - CFD: 12/21/2010 - 6:00:12 PM - [104448] ----D- C:\Users\ZINOU\AppData\Local\CyberLink O43 - CFD: 4/7/2011 - 1:47:42 PM - [186] ----D- C:\Users\ZINOU\AppData\Local\DDMSettings O43 - CFD: 1/11/2011 - 5:24:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\Deployment O43 - CFD: 8/23/2011 - 12:51:12 PM - [1900290] ----D- C:\Users\ZINOU\AppData\Local\Diagnostics O43 - CFD: 2/8/2011 - 10:31:34 AM - [26146304] ----D- C:\Users\ZINOU\AppData\Local\Downloaded Installations O43 - CFD: 8/8/2011 - 9:01:00 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\ElevatedDiagnostics O43 - CFD: 1/21/2011 - 7:28:26 PM - [2779] ----D- C:\Users\ZINOU\AppData\Local\Eraser 6 O43 - CFD: 7/4/2011 - 4:59:36 PM - [7165283] ----D- C:\Users\ZINOU\AppData\Local\Google O43 - CFD: 12/21/2010 - 6:00:08 PM - [934777] ----D- C:\Users\ZINOU\AppData\Local\Hewlett-Packard O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Historique O43 - CFD: 12/21/2010 - 2:28:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\HP MediaSmart Video O43 - CFD: 4/3/2011 - 3:46:16 PM - [1234638317] ----D- C:\Users\ZINOU\AppData\Local\Microsoft O43 - CFD: 6/1/2011 - 6:40:10 PM - [69773] ----D- C:\Users\ZINOU\AppData\Local\Mixxx O43 - CFD: 8/11/2011 - 11:38:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PackageAware O43 - CFD: 1/7/2011 - 6:37:14 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PDFC O43 - CFD: 12/21/2010 - 6:00:10 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PowerCinema O43 - CFD: 5/26/2011 - 10:26:04 AM - [1052] ----D- C:\Users\ZINOU\AppData\Local\Sheldon_Solutions O43 - CFD: 5/11/2011 - 3:43:54 PM - [3226] ----D- C:\Users\ZINOU\AppData\Local\Songr O43 - CFD: 8/9/2011 - 4:18:58 PM - [290630046] ----D- C:\Users\ZINOU\AppData\Local\Spotify O43 - CFD: 7/9/2011 - 4:38:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\Sunbelt Software O43 - CFD: 2/1/2011 - 3:24:26 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\TechSmith O43 - CFD: 9/14/2011 - 10:16:58 AM - [191666] ----D- C:\Users\ZINOU\AppData\Local\Temp O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Temporary Internet Files O43 - CFD: 1/11/2011 - 5:24:18 PM - [210158] ----D- C:\Users\ZINOU\AppData\Local\Unity O43 - CFD: 5/2/2011 - 2:28:38 PM - [137610657] ----D- C:\Users\ZINOU\AppData\Local\VirtualStore O43 - CFD: 1/3/2011 - 4:19:44 PM - [275] ----D- C:\Users\ZINOU\AppData\Local\WDSetup O43 - CFD: 9/12/2011 - 8:12:42 AM - [159744] ----D- C:\Users\ZINOU\AppData\Local\Windows Live O43 - CFD: 1/9/2011 - 2:02:54 PM - [648463] ----D- C:\Users\ZINOU\AppData\Local\Windows Live Writer O43 - CFD: 4/10/2011 - 11:32:26 AM - [2824] ----D- C:\Users\ZINOU\AppData\Local\zoug O43 - CFD: 8/22/2011 - 6:13:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{042DE90B-9309-4C36-A58B-D4FF832994E9} O43 - CFD: 8/16/2011 - 8:56:42 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{07D682C2-88D6-439F-B14E-853755ED630B} O43 - CFD: 9/11/2011 - 9:55:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{0ED77867-F1F5-44C9-9D56-AABB2391BC58} O43 - CFD: 8/29/2011 - 1:44:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{1BF7ADB0-8AA3-49CC-AB58-9FCF54583917} O43 - CFD: 9/12/2011 - 8:12:20 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{1D9708A4-170E-495C-AE69-3E4824BAA2B7} O43 - CFD: 8/23/2011 - 1:51:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{23123C98-4F9B-4D83-92D1-1316CBEF31A8} O43 - CFD: 8/20/2011 - 8:55:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{36169623-578D-46ED-AF0D-5AB667607BD4} O43 - CFD: 8/18/2011 - 4:42:30 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{46B4FDDC-3787-41AE-BE57-A32EBB9C9817} O43 - CFD: 9/7/2011 - 12:11:00 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{49A04078-56B7-4407-B81B-8F89EE42CC19} O43 - CFD: 8/20/2011 - 8:55:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4A78A985-B046-4252-822D-0AB0B874717B} O43 - CFD: 9/6/2011 - 9:36:28 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4F38D26A-E279-4421-859B-C341F73A82C7} O43 - CFD: 9/10/2011 - 1:57:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4FF470B5-8582-4B81-A14D-2C91F52D87F5} O43 - CFD: 9/7/2011 - 12:10:48 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{52589771-E9A8-4C1C-8F8E-24D0F651D757} O43 - CFD: 8/29/2011 - 1:44:58 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5900CCF3-2EBD-4682-98BE-D7495EEF88DA} O43 - CFD: 8/23/2011 - 1:51:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5EB902B3-EDD4-4067-9AD3-C4C87133CBE0} O43 - CFD: 9/1/2011 - 2:28:12 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5F01330B-799E-486C-986C-FC952997C03E} O43 - CFD: 9/8/2011 - 11:19:42 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5F363922-760E-4409-B9F3-1BAA549C44B0} O43 - CFD: 9/9/2011 - 10:35:16 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{611232E4-1ED6-40E7-8E4C-BE8C6EDDBA21} O43 - CFD: 8/22/2011 - 6:13:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{6CB0E8B3-DF62-41B7-899C-F1AFBF21D57A} O43 - CFD: 9/10/2011 - 1:58:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{78BD99D0-66D9-4AD9-B485-3A5B8E68D421} O43 - CFD: 9/11/2011 - 9:56:02 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{7E90DEA2-6E41-4A50-BAD1-B2A568A618B3} O43 - CFD: 9/5/2011 - 7:22:14 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8242AAE1-28D2-45D1-A424-98BA36CE1FD1} O43 - CFD: 9/2/2011 - 1:44:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{839D2294-64BB-4092-9768-F1FC54427368} O43 - CFD: 8/26/2011 - 3:51:00 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8A9B0AD2-409A-45F8-91EC-3B27EB3C83F1} O43 - CFD: 9/1/2011 - 2:28:26 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8E8866AD-1E0D-4384-9986-EB6706E0A31A} O43 - CFD: 8/20/2011 - 8:56:10 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{91677D36-54C9-4144-85B6-FEC9DE7F1AF8} O43 - CFD: 9/9/2011 - 10:35:26 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{AF1BA447-B8D0-4404-97D1-A1718AC5CDE1} O43 - CFD: 9/3/2011 - 8:00:06 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{B3D97126-8E3B-4D03-8949-A6A00F7E3EF7} O43 - CFD: 9/12/2011 - 8:12:32 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{B9B4AEC1-998B-440D-9797-7FE7F53E923D} O43 - CFD: 8/25/2011 - 10:11:02 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{BA2E2C7A-EFAC-467A-8473-6AAC3B74F3A7} O43 - CFD: 9/6/2011 - 9:36:38 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C17343B9-90DD-49E8-8584-CD6F621B6D7A} O43 - CFD: 9/2/2011 - 1:43:52 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C5196FCA-6E02-4160-BCDC-AB60C9B2BA6D} O43 - CFD: 8/20/2011 - 8:56:00 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C972CD00-74E3-43D4-B931-F68F173345A7} O43 - CFD: 8/31/2011 - 1:15:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{CBA3B6FB-0253-4870-935D-13BD60BA9922} O43 - CFD: 9/8/2011 - 11:19:30 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D066336A-CFD0-4DC6-9074-63FA684C9642} O43 - CFD: 9/5/2011 - 7:22:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D566C392-CE4A-40EA-A7C7-7894E8C1DDA4} O43 - CFD: 9/2/2011 - 12:05:10 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D76865D2-FB11-424C-B901-99DB369F6692} O43 - CFD: 9/4/2011 - 7:42:42 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DBED5189-1BA0-4191-A5E6-532AD243D72F} O43 - CFD: 8/31/2011 - 1:15:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DCAF9654-2688-428E-A342-79AA2F504DCE} O43 - CFD: 8/24/2011 - 1:39:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DCCB26DF-7A59-4AFF-9933-150AC1A4DAAB} O43 - CFD: 8/18/2011 - 4:42:20 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{EAEAF148-8B91-4217-BAB8-EB7A94F25546} O43 - CFD: 8/24/2011 - 1:40:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{EAFF6388-6E8C-43A9-8075-54C7A03597D6} O43 - CFD: 9/3/2011 - 7:59:54 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{F357F7B4-719F-4020-B831-51379EDB796C} O43 - CFD: 8/25/2011 - 10:10:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{F4F1AC4D-F6FB-43B5-928D-A029C65A023F} O43 - CFD: 9/4/2011 - 7:42:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{FF4394C4-656D-4ABA-ACB1-13E4E4B73BC1} O43 - CFD: 6/17/2011 - 1:28:14 PM - [164336192] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 2/5/2011 - 4:00:12 PM - [0] ----D- C:\Program Files (x86)\Aleesoft O43 - CFD: 1/27/2011 - 11:10:52 AM - [2423013] ----D- C:\Program Files (x86)\AM-DeadLink O43 - CFD: 1/18/2011 - 10:33:48 AM - [3037097] ----D- C:\Program Files (x86)\AmIcoSingLun O43 - CFD: 8/12/2011 - 1:14:42 PM - [406] ----D- C:\Program Files (x86)\Anti Trojan Elite O43 - CFD: 1/25/2011 - 9:06:12 AM - [2306366] ----D- C:\Program Files (x86)\Apple Software Update O43 - CFD: 9/3/2011 - 5:31:04 PM - [0] ----D- C:\Program Files (x86)\Arovax AntiSpyware O43 - CFD: 12/27/2010 - 9:23:56 PM - [8691689] ----D- C:\Program Files (x86)\Audacity O43 - CFD: 2/8/2011 - 11:10:32 AM - [9226698] ----D- C:\Program Files (x86)\Auslogics O43 - CFD: 7/6/2011 - 1:15:30 PM - [390472] ----D- C:\Program Files (x86)\AVG O43 - CFD: 7/30/2011 - 8:55:56 AM - [157273471] ----D- C:\Program Files (x86)\Avira O43 - CFD: 4/26/2011 - 4:25:28 PM - [5869407] ----D- C:\Program Files (x86)\AviSynth 2.5 O43 - CFD: 2/5/2011 - 2:01:58 PM - [12440153] ----D- C:\Program Files (x86)\AVS4YOU O43 - CFD: 4/25/2011 - 5:26:22 PM - [621242] ----D- C:\Program Files (x86)\Bonjour O43 - CFD: 8/15/2011 - 3:00:48 PM - [8327481] ----D- C:\Program Files (x86)\CamStudio O43 - CFD: 9/12/2011 - 2:48:04 PM - [776709018] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 9/24/2010 - 3:03:10 AM - [1346142688] ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 4/30/2011 - 12:38:02 PM - [2922581] ----D- C:\Program Files (x86)\Deezer O43 - CFD: 5/16/2011 - 10:36:02 AM - [104675483] ----D- C:\Program Files (x86)\DivX O43 - CFD: 4/23/2011 - 3:59:16 PM - [1258073] ----D- C:\Program Files (x86)\DJ Mix Lite O43 - CFD: 5/30/2011 - 5:16:44 PM - [44470061] ----D- C:\Program Files (x86)\DjMixerStudio O43 - CFD: 1/18/2011 - 10:21:00 AM - [1222150] ----D- C:\Program Files (x86)\Driver-Soft O43 - CFD: 8/13/2011 - 3:35:12 PM - [106829922] ----D- C:\Program Files (x86)\EasyBits For Kids O43 - CFD: 9/12/2011 - 7:11:04 AM - [149595880] ----D- C:\Program Files (x86)\Emsisoft Anti-Malware O43 - CFD: 7/26/2011 - 8:27:28 AM - [202166361] ----D- C:\Program Files (x86)\ESET O43 - CFD: 2/8/2011 - 11:37:14 AM - [4212437] ----D- C:\Program Files (x86)\Fotosizer O43 - CFD: 6/8/2011 - 3:38:38 PM - [3553863] ----D- C:\Program Files (x86)\Free Music Zilla O43 - CFD: 1/27/2011 - 3:26:16 PM - [12536570] ----D- C:\Program Files (x86)\Free Video Joiner O43 - CFD: 7/5/2011 - 7:42:02 AM - [31240728] ----D- C:\Program Files (x86)\Google O43 - CFD: 8/14/2011 - 7:20:14 AM - [6172097] ----D- C:\Program Files (x86)\GridinSoft Trojan Killer O43 - CFD: 8/13/2011 - 2:29:22 PM - [41] ----D- C:\Program Files (x86)\Grisoft O43 - CFD: 12/23/2010 - 9:16:10 AM - [26223398] ----D- C:\Program Files (x86)\Hercules O43 - CFD: 12/21/2010 - 10:33:00 AM - [1566519255] ----D- C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 9/24/2010 - 2:58:24 AM - [3123440] ----D- C:\Program Files (x86)\Hp O43 - CFD: 9/24/2010 - 3:21:24 AM - [284033140] ----D- C:\Program Files (x86)\HP Games O43 - CFD: 5/31/2011 - 8:01:18 AM - [177874688] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 1/10/2011 - 3:20:08 PM - [96668] ----D- C:\Program Files (x86)\Intel O43 - CFD: 8/10/2011 - 6:57:34 PM - [5347553] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 6/13/2011 - 5:20:30 PM - [126499047] ----D- C:\Program Files (x86)\iTunes O43 - CFD: 9/11/2011 - 3:43:18 PM - [95889619] ----D- C:\Program Files (x86)\Java O43 - CFD: 6/21/2011 - 9:03:16 AM - [49835545] ----D- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 7/30/2011 - 12:06:10 PM - [6996189] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 2/14/2011 - 9:56:50 AM - [94442582] ----D- C:\Program Files (x86)\mediAvatar O43 - CFD: 7/16/2011 - 6:14:10 PM - [0] ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 1/31/2011 - 1:13:28 PM - [0] ----D- C:\Program Files (x86)\Microsoft Antimalware O43 - CFD: 1/30/2011 - 10:36:56 AM - [34307107] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 6/16/2011 - 8:17:02 AM - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 7/14/2011 - 7:52:26 AM - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 12/20/2010 - 9:43:48 PM - [15715] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2/6/2011 - 3:20:22 PM - [10667746] ----D- C:\Program Files (x86)\mkv2vob O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 1/4/2011 - 3:26:12 PM - [66546585] ----D- C:\Program Files (x86)\MSECache O43 - CFD: 7/16/2011 - 7:59:46 AM - [11804] ----D- C:\Program Files (x86)\MSSOAP O43 - CFD: 12/20/2010 - 4:47:44 PM - [0] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 1/26/2011 - 8:47:26 PM - [40217332] ----D- C:\Program Files (x86)\muvee Technologies O43 - CFD: 9/24/2010 - 3:21:32 AM - [7515506] ----D- C:\Program Files (x86)\NewspaperDirect O43 - CFD: 8/26/2011 - 7:22:00 AM - [19670458] ----D- C:\Program Files (x86)\NoVirusThanks O43 - CFD: 4/26/2011 - 2:12:50 PM - [111596855] ----D- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 5/2/2011 - 8:47:04 AM - [35491648] ----D- C:\Program Files (x86)\ObviousIdea O43 - CFD: 12/20/2010 - 3:49:44 PM - [20281413] R---D- C:\Program Files (x86)\Online Services O43 - CFD: 9/4/2011 - 5:25:34 PM - [47041692] ----D- C:\Program Files (x86)\Orange O43 - CFD: 8/24/2011 - 7:35:12 AM - [0] ----D- C:\Program Files (x86)\Panda Security O43 - CFD: 9/4/2011 - 7:24:10 AM - [144656] ----D- C:\Program Files (x86)\PC Tools Security O43 - CFD: 6/13/2011 - 10:50:10 AM - [30640621] ----D- C:\Program Files (x86)\PDFCreator O43 - CFD: 8/21/2011 - 9:00:10 AM - [183808] ----D- C:\Program Files (x86)\QuickTime O43 - CFD: 6/25/2011 - 6:32:04 PM - [95909788] ----D- C:\Program Files (x86)\Real O43 - CFD: 4/1/2011 - 10:38:08 AM - [51061071] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 7/14/2009 - 7:32:40 AM - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 3/16/2011 - 2:32:26 PM - [85448757] ----D- C:\Program Files (x86)\SanDisk O43 - CFD: 8/10/2011 - 2:07:44 PM - [18056185] ----D- C:\Program Files (x86)\ScanSoft O43 - CFD: 9/14/2011 - 8:05:42 AM - [13736319] ----D- C:\Program Files (x86)\Serveur Media O43 - CFD: 5/26/2011 - 10:25:52 AM - [7170794] ----D- C:\Program Files (x86)\Sheldon Solutions O43 - CFD: 3/10/2011 - 4:33:26 PM - [1575693] ----D- C:\Program Files (x86)\Shuangs Audio Joiner O43 - CFD: 2/2/2011 - 2:36:16 PM - [25623426] R---D- C:\Program Files (x86)\Skype O43 - CFD: 8/16/2011 - 6:46:14 PM - [2873747] ----D- C:\Program Files (x86)\Sophos O43 - CFD: 5/10/2011 - 5:25:04 PM - [5344094] ----D- C:\Program Files (x86)\Spotify O43 - CFD: 9/4/2011 - 9:58:16 AM - [5145259] ----D- C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 9/3/2011 - 1:19:08 PM - [19741681] ----D- C:\Program Files (x86)\Spyware Terminator O43 - CFD: 5/23/2011 - 2:06:24 PM - [43847197] ----D- C:\Program Files (x86)\Squeezebox O43 - CFD: 4/26/2011 - 1:22:54 PM - [768113] ----D- C:\Program Files (x86)\SystemRequirementsLab O43 - CFD: 4/27/2011 - 3:38:42 PM - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 3/9/2011 - 9:39:26 AM - [53257311] ----D- C:\Program Files (x86)\Total Video Converter O43 - CFD: 7/31/2011 - 5:11:56 PM - [10163787] ----D- C:\Program Files (x86)\Trojan Remover O43 - CFD: 8/12/2011 - 8:20:10 PM - [0] ----D- C:\Program Files (x86)\Trojan Remover 1.2 O43 - CFD: 7/14/2009 - 6:57:08 AM - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 12/29/2010 - 5:21:16 PM - [84718031] ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 3/5/2011 - 2:13:58 PM - [0] ----D- C:\Program Files (x86)\Winamp O43 - CFD: 7/14/2011 - 7:54:48 AM - [189778394] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 2/24/2011 - 11:01:40 AM - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 2/24/2011 - 11:01:38 AM - [8278928] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 7/14/2009 - 7:32:40 AM - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 2/24/2011 - 11:01:38 AM - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2/24/2011 - 11:01:40 AM - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2/24/2011 - 11:01:40 AM - [6371452] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 12/21/2010 - 5:59:02 PM - [3886217] ----D- C:\Program Files (x86)\WinRAR O43 - CFD: 6/1/2011 - 10:23:14 AM - [21114589] ----D- C:\Program Files (x86)\Xvid O43 - CFD: 9/14/2011 - 10:21:42 AM - [4182896] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 6/17/2011 - 1:28:18 PM - [3606170] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 8/9/2011 - 4:22:28 PM - [31529878] ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 6/13/2011 - 5:20:16 PM - [86144520] ----D- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 2/5/2011 - 2:02:00 PM - [179547] ----D- C:\Program Files (x86)\Common Files\AVSMedia O43 - CFD: 5/16/2011 - 10:35:02 AM - [24006656] ----D- C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 8/10/2011 - 2:06:34 PM - [8905847] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 9/11/2011 - 3:43:54 PM - [1239723] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 9/24/2010 - 3:11:04 AM - [38513660] ---AD- C:\Program Files (x86)\Common Files\LightScribe O43 - CFD: 9/24/2010 - 3:09:56 AM - [51570] ---AD- C:\Program Files (x86)\Common Files\LS Getting Started O43 - CFD: 7/14/2011 - 7:48:38 AM - [132899986] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 8/26/2011 - 10:52:44 AM - [0] ----D- C:\Program Files (x86)\Common Files\MicroWorld O43 - CFD: 7/16/2011 - 7:59:46 AM - [707584] ----D- C:\Program Files (x86)\Common Files\MSSoap O43 - CFD: 1/26/2011 - 8:47:38 PM - [106494825] ----D- C:\Program Files (x86)\Common Files\muvee Technologies O43 - CFD: 9/4/2011 - 7:24:10 AM - [779696] ----D- C:\Program Files (x86)\Common Files\PC Tools O43 - CFD: 12/22/2010 - 5:52:04 PM - [4740928] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 6/25/2011 - 6:32:24 PM - [0] ----D- C:\Program Files (x86)\Common Files\Real O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 7/14/2009 - 5:20:10 AM - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 12/21/2010 - 7:34:32 PM - [10245619] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 1/19/2011 - 2:53:16 PM - [0] ----D- C:\Program Files (x86)\Common Files\TerraTec O43 - CFD: 12/20/2010 - 3:46:36 PM - [276367460] ----D- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 2/6/2011 - 3:19:44 PM - [8836608] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 6/25/2011 - 6:31:58 PM - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared ~ Scan Program Folder in 34mn AMs ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 11/7/2010 - 6:20:24 PM ---A- . (...) -- C:\Windows\MBR.exe [208896] O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 6/26/2011 - 7:45:56 AM ---A- . (...) -- C:\Windows\PEV.exe [256000] O44 - LFC:[MD5.22104AFBCBF41EF3D3982707268546E5] - 8/16/2011 - 4:04:33 PM ---A- . (...) -- C:\bdlog.txt [8401] O44 - LFC:[MD5.53BA8E9693581FBAB0FBDED7DD143355] - 8/26/2011 - 1:43:25 PM ---A- . (...) -- C:\Windows\REGBK00.ZIP [17080047] O44 - LFC:[MD5.C6FF685E2EA55C3AC5C90B9E7D6930C0] - 8/26/2011 - 6:15:21 AM RSHAD . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\drivers\hitmanpro35.sys [25160] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 8/27/2011 - 6:04:42 AM ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.187472C67377994BBA4A410D2CDCABD1] - 8/27/2011 - 8:55:43 AM ---A- . (...) -- C:\Windows\ntbtlog.txt [296596] O44 - LFC:[MD5.CB8F27F1079A9F140B22508D04E6454B] - 8/30/2011 - 9:53:43 AM ---A- . (...) -- C:\Windows\UPDLL.LOG [1796] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\zip.exe [68096] O44 - LFC:[MD5.3521CD4DC0F1020648836B4777B5DB12] - 9/10/2011 - 12:39:43 PM ---A- . (...) -- C:\Windows\win.ini [891] O44 - LFC:[MD5.D34B612DFBA2D401204E4B6B902DFE8F] - 9/10/2011 - 12:40:18 PM ---A- . (...) -- C:\Windows\Lic.xxx [56] O44 - LFC:[MD5.DCDF3C155B21B4B6346892D2A7E05A7E] - 9/11/2011 - 4:27:48 PM ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 9/12/2011 - 1:44:52 PM ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [60416] O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 9/12/2011 - 1:44:52 PM ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [518144] O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 9/12/2011 - 1:44:52 PM ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [406528] O44 - LFC:[MD5.B70EACB82B9FFDA061199D0E2C67AB2F] - 9/12/2011 - 1:51:37 PM ---A- . (...) -- C:\Windows\PFRO.log [17208] O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 9/12/2011 - 1:53:05 PM ---A- . (...) -- C:\Windows\system.ini [215] O44 - LFC:[MD5.9433D9FB3205899323ADF6BB4158CF9F] - 9/12/2011 - 1:58:02 PM ---A- . (...) -- C:\ComboFix.txt [32439] O44 - LFC:[MD5.7EE4545AD0A03963A5223A36B0E52161] - 9/12/2011 - 9:20:27 AM ---A- . (...) -- C:\TDSSKiller.2.5.21.0_12.09.2011_10.19.15_log.txt [51046] O44 - LFC:[MD5.B198AB98FBEFBFA7746BD98CDB48FBE6] - 9/14/2011 - 7:04:59 AM ---A- . (...) -- C:\aaw7boot.log [2460] O44 - LFC:[MD5.A98B0E8155B37EAF6131735AC84113B0] - 9/14/2011 - 7:05:19 AM -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.E4E715D693BDF668E8CB98552ABAF409] - 9/14/2011 - 7:05:21 AM ---A- . (...) -- C:\Windows\setupact.log [2408] O44 - LFC:[MD5.11B64191A8B3755D03444EE9E359AA49] - 9/14/2011 - 7:20:08 AM ---A- . (...) -- C:\Windows\WindowsUpdate.log [783933] O44 - LFC:[MD5.94F2B6A61A825519F0F36AF3C1A57C82] - 9/3/2011 - 11:22:47 AM RSHAD . (...) -- C:\Windows\system32\drivers\Cat.DB [1800100] O44 - LFC:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 9/3/2011 - 12:18:58 PM RSHAD . (.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\system32\drivers\stflt.sys [51496] O44 - LFC:[MD5.B9FD129D82655A28D9165AFD471B71C1] - 9/4/2011 - 4:27:55 PM ---A- . (...) -- C:\Windows\DirectX.log [75574] O44 - LFC:[MD5.8833455D54C7783B0B11BD58F77B209B] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [525544] O44 - LFC:[MD5.F746FD41625D5FFE4D10A4C0BFE13316] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\java.exe [171808] O44 - LFC:[MD5.DDE850A07810C49B2FE7E45B3BFFF6B2] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [171808] O44 - LFC:[MD5.13A0D57FEB2CC1D543F953BEA2339FCB] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [190752] O44 - LFC:[MD5.8833455D54C7783B0B11BD58F77B209B] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [525544] O44 - LFC:[MD5.F746FD41625D5FFE4D10A4C0BFE13316] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\java.exe [171808] O44 - LFC:[MD5.DDE850A07810C49B2FE7E45B3BFFF6B2] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [171808] O44 - LFC:[MD5.13A0D57FEB2CC1D543F953BEA2339FCB] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [190752] O44 - LFC:[MD5.87832DD7249AAA772CB8AD79C114A0E5] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.826F4268068EB54A7111A94C31428203] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190] O44 - LFC:[MD5.29757208CFED9545C6424DF8EC7D790C] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548] O44 - LFC:[MD5.E5AEADA25BDCA39726FD6395ADF86890] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810] O44 - LFC:[MD5.6B1A790ADD4BBCD07E39D7688754FA3D] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242] O44 - LFC:[MD5.87832DD7249AAA772CB8AD79C114A0E5] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.826F4268068EB54A7111A94C31428203] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106190] O44 - LFC:[MD5.29757208CFED9545C6424DF8EC7D790C] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130548] O44 - LFC:[MD5.E5AEADA25BDCA39726FD6395ADF86890] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfh009.dat [615810] O44 - LFC:[MD5.6B1A790ADD4BBCD07E39D7688754FA3D] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704242] ~ Scan Files in 38mn AMs ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Free Music Zilla\FMZilla.exe" [Enabled] .(.Pas de propriétaire - FMZilla Module.) -- C:\Program Files (x86)\Free Music Zilla\FMZilla.exe ~ Scan Keys in 00mn AMs ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro35.sys . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\Drivers\hitmanpro35.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn AMs ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.CSCD"="camcodec.dll" . (.RenderSoft Software. - CamStudio lossless video codec.) -- C:\Windows\system32\camcodec.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll ~ Scan Keys in 00mn AMs ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\CamserviceHD [Key] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Dualpix HD\XtrCtrl.exe O53 - SMSR:HKLM\...\startupreg\DivX Download Manager [Key] . (.DivX, LLC - DivX Download Manager Service.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe ~ Scan SMSR Keys in 00mn AMs ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn AMs ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ Scan Keys in 00mn AMs ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=153 O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=153 ~ Scan Keys in 00mn AMs ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 6/10/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 7/14/2009 - 2:52:21 AM RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 6/10/2009 - 2:52:20 AM RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.B1224E6B086CD6548315B04AB575A23E] - 7/30/2011 - 11:15:15 AM RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [88288] O58 - SDL:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 7/30/2011 - 11:15:16 AM RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [123784] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 6/10/2009 - 9:34:23 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 7/14/2009 - 2:19:07 AM RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 6/10/2009 - 9:34:28 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.7FDC91FAC8E72F24E3E2B3D22B5E3F63] - 12/20/2010 - 4:43:34 PM RSHAD . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\camfilt2.sys [146728] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 7/14/2009 - 2:52:31 AM RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.A398ED024F739E7BE74ECFFA8A713A89] - 9/24/2010 - 5:43:50 PM RSHAD . (...) -- C:\Windows\system32\drivers\cpqdfw.sys [24376] O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 9/24/2010 - 5:43:50 PM RSHAD . (...) -- C:\Windows\system32\drivers\cqcpu.sys [24376] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 6/10/2009 - 2:47:48 AM RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.8F34C3EDB39A25DDDDE20670B1613386] - 1/10/2011 - 5:59:50 PM RSHAD . (.eMPIA Technology, Inc. - USB EMP Audio Device.) -- C:\Windows\system32\drivers\emAudio64.sys [77824] O58 - SDL:[MD5.9494736E4865F9B3A0A525EE9AB0D991] - 8/20/2010 - 3:45:28 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\system32\drivers\emBDA64.sys [654720] O58 - SDL:[MD5.F18629B95D2F62180E1142F26D184A3D] - 1/7/2011 - 11:02:50 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx WDM Lower filter.) -- C:\Windows\system32\drivers\emFilter64.sys [12608] O58 - SDL:[MD5.612FC1CB117CCF62D3C55488C8AEBD82] - 8/20/2010 - 3:44:48 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\system32\drivers\emOEM64.sys [943872] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 6/10/2009 - 9:34:33 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 7/14/2009 - 9:31:59 PM RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.8ED7D078B21B7E2DB15A69BFCBEE8691] - 12/20/2010 - 2:45:54 PM RSHAD . (.Guillemont Corporation - Stream Class Mini Driver.) -- C:\Windows\system32\drivers\HDvidvx.sys [186496] O58 - SDL:[MD5.C6FF685E2EA55C3AC5C90B9E7D6930C0] - 8/26/2011 - 6:15:21 AM RSHAD . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\drivers\hitmanpro35.sys [25160] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 2/24/2011 - 2:33:35 PM RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.4B7423FCC37664954460AC3E71752B62] - 12/21/2010 - 12:43:10 AM RSHAD . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\hxctlflt.sys [111104] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 4/27/2011 - 7:41:26 AM RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 7/13/2009 - 2:48:04 AM RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.9C4FB231B6E02F84580DE2F00F3C5293] - 12/24/2010 - 6:52:42 PM RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25912] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 6/10/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 7/13/2009 - 2:48:26 AM RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 6/10/2009 - 2:45:46 AM RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 7/13/2009 - 2:45:45 AM RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.ED5873F7DFB2F96D37F13322211B6BDC] - 4/1/2011 - 4:11:08 PM RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [428136] O58 - SDL:[MD5.13089F31AA37CDE1CE3784EE01A48484] - 4/27/2011 - 5:54:04 PM RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2727912] O58 - SDL:[MD5.FD833BEE2FD9BEFDC0AFD1941A306D9E] - 7/12/2011 - 6:13:53 PM RSHAD . (.Sunbelt Software - 64-bit Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [55384] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 7/14/2009 - 9:37:19 PM RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 6/10/2009 - 2:45:45 AM RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 7/13/2009 - 2:45:46 AM RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 7/13/2009 - 2:45:55 AM RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 9/3/2011 - 12:18:58 PM RSHAD . (.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\system32\drivers\stflt.sys [51496] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 7/14/2009 - 2:45:55 AM RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 6/10/2009 - 2:45:55 AM RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 7/30/2011 - 6:52:42 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.4AC11B2250106774F694DF2DB4FFED61] - 3/16/2011 - 5:27:20 PM ---A- . (.InterVideo, Inc. - InterVideo ASPI Shell.) -- C:\Windows\SysWOW64\iviaspi.sys [10368] ~ Scan Drivers in 04mn AMs ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn AMs ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 2/20/2011 - C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys - No object(No service) .(.Emsi Software GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC O64 - Services: CurCS - 7/21/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 7/21/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 8/30/2010 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys - No object(No service) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64 O64 - Services: CurCS - 11/22/2010 - C:\Windows\system32\DRIVERS\Lbd.sys - No object(No service) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD O64 - Services: CurCS - 9/3/2011 - C:\Windows\system32\DRIVERS\stflt.sys - No object(No service) .(.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) - LEGACY_SP_RSDRV2 ~ Scan Services in 02mn AMs ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (...) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (...) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn AMs ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn AMs ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {79085C51-08CA-4B1C-BB72-8DD02BAF58B6} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - Orange : téléphones, forfaits, Internet, actualité, sport, video O69 - SBI: SearchScopes [HKCU] {B4D6826E-799C-4FF7-9FE7-D7F0509737C3} - (Yahoo) - Yahoo! Search - Recherche Web O69 - SBI: SearchScopes [HKCU] {FD5B2C46-96E6-48D0-8373-6AF44AE016D1} - (Wikipedia) - Wikipédia, l'encyclopédie libre ~ Scan Keys in 00mn AMs ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.DFD49939CC7AB1D7332128CDB160EEC9] [sPRF][8/13/2011] (.Arovax Software - Arovax AntiSpyware Installer.) -- C:\Users\ZINOU\Desktop\aas_2.1_setup_153.exe [3599329] [MD5.B00FA0C5D1620797F5DC535A45829A31] [sPRF][8/25/2005] (.Pas de propriétaire - VirtualDub Setup Utility.) -- C:\Users\ZINOU\Desktop\AuxSetup.exe [40960] [MD5.4E5F50EB2D7358C83B5DA85EDF6037D9] [sPRF][8/26/2011] (...) -- C:\Users\ZINOU\Desktop\mwav.exe [136988056] [MD5.94E744FC0CA84284470DC23522C4A324] [sPRF][9/3/2011] (.Pas de propriétaire - PC Tools Installer.) -- C:\Users\ZINOU\Desktop\sdsetup.exe [512992] [MD5.F3246D2E451C71A42A7ED70F4FED3298] [sPRF][4/9/2010] (.Pas de propriétaire - VirtualDub.) -- C:\Users\ZINOU\Desktop\VirtualDub.exe [2668544] [MD5.5CAAFF20C5695611F08ABD954E58DEA2] [sPRF][9/11/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\ZINOU\Desktop\ZHPDiag2.exe [2582227] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608] [MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [sPRF][10/21/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2827728] [MD5.D4B7A651CB12B6C1A4FEB9FB5115CFE7] [sPRF][7/12/2000] (...) -- C:\Windows\Downloaded Program Files\fxfileop.dll [36864] [MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376] [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32] [MD5.A7E770B48CB0B6EB979FA6C518B1B518] [sPRF][5/30/2011] (.Akamai Technologies, Inc. - Download Manager ActiveX Control.) -- C:\Windows\Downloaded Program Files\Manager.exe [707744] [MD5.F43C810230BEAEF1D3BAF3D645B3E46C] [sPRF][3/20/2009] (.CA - eTrust PestPatrol version 5 SDK.) -- C:\Windows\Downloaded Program Files\ppctl.dll [820464] [MD5.823451876778F382B23AFE20EF2DDC20] [sPRF][7/20/2011] (.BitDefender LLC - BitDefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax.dll [1220672] [MD5.E5EC6E96293203461999B2DFEEDE4C4D] [sPRF][7/20/2011] (.BitDefender LLC - BitDefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax64.dll [1373136] [MD5.2FD994827193B68DD301F80BDF744231] [sPRF][4/3/2009] (.Husdawg, LLC - System Requirements Lab.) -- C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll [354608] [MD5.81093A8A1719E11B22B586E10BFDC523] [sPRF][10/31/2001] (...) -- C:\Windows\Downloaded Program Files\uninst.bat [118] ~ Scan Files in 02mn AMs ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{39CE62A2-6D1B-4577-B016-9194036A85E0}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe O87 - FAEL: "{C2434DBF-9BE7-410B-8ADA-53DAF34F5E8D}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe O87 - FAEL: "{74C3B2DE-7835-4D35-9C02-0607FC29A31E}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe O87 - FAEL: "{E0C83026-4359-4677-9597-3DD26928C830}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe O87 - FAEL: "{F8A8EE1C-F2F4-425F-930F-95FA5EBF5894}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe O87 - FAEL: "{6C18A400-1A81-48F2-8E31-AD64360AB28B}" | In - Public - P6 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe O87 - FAEL: "{4D7F5101-AE4F-4378-8F88-ADA452898AA5}" | In - Public - P17 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe O87 - FAEL: "TCP Query User{A5140418-1C56-467B-BE17-C2868C18B9F6}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Public - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "UDP Query User{A79020C3-CCE2-4732-99FE-0F95F829DDF7}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Public - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "{EBA3D638-85E3-4757-B79D-9C7471BE3631}" | In - Public - P6 - FALSE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{18A5E496-7893-42B5-B207-A9C994468B09}" | In - Public - P17 - FALSE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{844AE9FD-5E9F-4EFC-A24F-F3CB0DB582DA}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{37F4A99A-F7F7-4FE6-B8BA-968A628AEB1A}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{AEC3907A-CB3B-404E-9BD0-27BCE3E5D5C3}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "{F31FE4D6-273A-4771-93EC-9C1751C21393}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "TCP Query User{2CC60C9E-6146-4ABA-958F-BCBB13CCAC59}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{366F5B85-A7CA-483F-8889-DC648C231206}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "{3AF625EC-2797-46E7-8817-A6F72BA38DE5}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O87 - FAEL: "TCP Query User{504BB014-7437-4796-89FC-C1CF64374C28}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Private - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "UDP Query User{F3385E37-3C4F-4DAF-849F-DE06C9D10311}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Private - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "TCP Query User{F435FD52-C678-41E4-87E8-A6620764A01B}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{25316F5F-C892-4CCA-B9A6-16D0816ED997}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "{F89B5DD5-6FA7-4718-A82E-F7C789418A77}" | In - Private - P6 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{A183435C-1223-4A28-B75B-6F87B26A60BC}" | In - Private - P17 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{20B09ED6-6663-4516-BAD2-F1170D69FCDC}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{EC0FDE6E-D7E6-43F7-8D53-FDFEE1833244}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{1CD713C4-1B7E-483A-9302-B99C2F25F432}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "{9E5D127B-DE2D-4B3A-8525-38AC3FE306BB}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "{09BC5637-DCE8-46C4-A4A7-B2BD470090FA}" | In - Private - P6 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{B35C2701-D025-419D-BD8D-BB89B6453BCE}" | In - Private - P17 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{B272A3BA-0EFA-48C8-A775-3FA92256F25B}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{69DC73A9-9B3F-4C74-9C11-8BB0F6F30B47}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "TCP Query User{62A1BD43-1EEB-4603-8E52-EAE0A805A120}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "UDP Query User{CA84F0B3-C9FF-497C-9609-E358B31640BE}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "{265D39B1-932B-4844-9EC2-92BEB379E498}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{EAC96B28-F523-4543-B570-C6661E704132}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "TCP Query User{2F5A93BC-42D8-4CE6-84B6-C423B0F71390}C:\program files (x86)\spotify\spotify.exe" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe O87 - FAEL: "UDP Query User{48F2395B-40C2-490E-8F08-04973FDD287D}C:\program files (x86)\spotify\spotify.exe" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe O87 - FAEL: "TCP Query User{59620409-7C8E-44D1-82C2-B4A950E33E4D}C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe" | In - Private - P6 - TRUE | .(.Logitech Inc. - jive.) -- C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe O87 - FAEL: "UDP Query User{C1FF98E6-77E2-497B-A96D-6F7F84BEA37A}C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe" | In - Private - P17 - TRUE | .(.Logitech Inc. - jive.) -- C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe O87 - FAEL: "{AD98CAF7-99AE-4DA3-8C1D-F8622DFA1A62}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe O87 - FAEL: "{583FDBBF-71D3-4333-A344-6FE4FB3C2481}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe O87 - FAEL: "TCP Query User{B826487D-93C7-428C-88EE-FB031CF73B69}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "UDP Query User{37B566DD-9F7F-4BDB-8CA3-0C8266C80C84}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "{D9A0AC3B-0428-4FF9-8319-5DF9585988CC}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe O87 - FAEL: "{A83B0D14-2235-413A-A42B-FD6E28EFC906}" | In - Private - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O87 - FAEL: "{83C45770-DD60-4EC5-87F4-C3F532159271}" | In - Private - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O87 - FAEL: "{1669EF1A-3FC8-4987-96CC-2B056BE78133}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe O87 - FAEL: "{C0C4CC1E-927F-4449-AF32-B3BAE2FC4819}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe O87 - FAEL: "{C404C689-1C10-4460-B30C-C46E9C13286C}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe O87 - FAEL: "{008F7DED-193D-4B89-88BA-0EDD9F196385}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe ~ Scan Firewall in 01mn AMs ---\\ Scan Additionnel (O88) Database Version : 8621 - (29/08/2011) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange ~ Scan Additionnel in 05mn AMs ---\\ Recherche détournement de DNS routeur (O89) Serveur : livebox.livebox.home Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.148.104 209.85.148.106 209.85.148.105 209.85.148.99 209.85.148.147 209.85.148.103 Aliases: www.google.fr www.google.com ~ Scan DNS in 02mn AMs ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 9/2/2011 3029208 | C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe SR - | Auto 6/17/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 7/30/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 7/30/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 3/14/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 4/25/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe SS - | Demand 9/24/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe SS - | Auto 12/20/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 12/20/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 12/21/2010 126520 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Auto 12/21/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe SS - | Demand 12/21/2010 751672 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe SS - | Demand 8/10/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe SS - | Demand 6/13/2011 934176 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 9/24/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SS - | Demand 6/4/2011 420864 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe SS - | Demand 8/18/2011 6144 | (MEMSWEEP2) . (.Sophos Plc.) - C:\Windows\system32\E512.tmp SS - | Disabled 4/27/2011 1012328 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SS - | Disabled 4/26/2011 2218600 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SS - | Auto 2/14/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe SR - | Auto 2/18/2011 501336 | (Serveur Média) . (.PacketVideo.) - C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe SR - | Auto 9/3/2011 1139928 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe SR - | Auto 4/27/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 7/14/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 05mn AMs ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 07mn AMs ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by ZINOU at 9/14/2011 10:23:34 AM ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 09mn AMs End of the scan (1516 lines in 13mn AMs)(0) CI LE RAPPORT VOI Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 3Q6C9 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4095.2 MB (58% free) System Restore: Activé (Enable) System drive C: has 506 GB (73%) free of 685 GB ---\\ Logged in mode ~ Computer Name: ZINOU-HP ~ User Name: ZINOU ~ All Users Names: ZINOU, UpdatusUser, HomeGroupUser$, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\ZINOU\AppData\Roaming\ ~ %Desktop% : C:\Users\ZINOU\Desktop\ ~ %Favorites% : C:\Users\ZINOU\Favorites\ ~ %LocalAppData% : C:\Users\ZINOU\AppData\Local\ ~ %StartMenu% : C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 506 Go of 685 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 13 Go of 13 Go) E:\ CD-ROM drive (Not Inserted) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn AMs ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.4/27/2011 - 7:19:30 AM.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.7/14/2009 - 2:39:31 AM.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 - 2:39:52 AM.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.0732B49B250E306F7A6591029AF9885B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.8/10/2011 - 6:36:16 AM.) -- C:\Windows\system32\wininet.dll [1389056] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2/24/2011 - 2:25:30 PM.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:52:21 AM.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.4/27/2011 - 7:41:34 AM.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2/24/2011 - 2:27:26 PM.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.2/24/2011 - 2:07:20 PM.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn AMs ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 6/783 ~ Mes musiques (My Musics) : 707/4934 ~ Mes Videos (My Videos) : 2/459 ~ Mes Favoris (My Favorites) : 5/331 ~ Mes Documents (My Documents) : 40/15260 ~ Mon Bureau (My Desktop) : 0/418 ~ Menu demarrer (Programs) : 6/32 ~ Scan Hidden Files in 12mn AMs ---\\ Processus lancés [MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.1932] [MD5.63A648C5FEB5DE641E1174ACB6CF78C6] - (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888] [PID.1940] [MD5.C11645E219C8C9113A8D9E0500ED25E5] - (.PacketVideo - TwonkyMedia Tray Application.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe [603736] [PID.3048] [MD5.3AF02017597E4C6399FD3E390E601D5E] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3608240] [PID.2008] [MD5.C983E62B6FB74457D173BA93F66F6068] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.3384] [MD5.A40432BB46793F3A2AD42E6D23A8290F] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252136] [PID.3552] [MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [748336] [PID.4188] [MD5.461A87D7A4304BDA228CF1DBB86D3CE9] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_ActiveX.exe [243360] [PID.3868] [MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.3676] [MD5.457E6B550AABC987AF117ED968C2F3D9] - (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3029208] [PID.] [MD5.B4837FE56D76B2E9EA90E5365CF6A2BE] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.] [MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [PID.] [MD5.DF5A3016052755C910A206058B4A1729] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.] [MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.] [MD5.F2060A34C8A75BC24A9222EB4F8C07BD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [349472] [PID.] [MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.] [MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.] [MD5.3120A421ED14B0186675E295219D441C] - (.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336] [PID.] [MD5.A2ABC52CD8A5B60262B220A17A92EB31] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [378472] [PID.] [MD5.2748912E0E656AE1FB74C4BFDF7BC470] - (...) -- C:\Program Files (x86)\Serveur Media\TwonkyMediaServer.exe [1451608] [PID.] ~ Scan Processes Running in 00mn AMs ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\ZINOU\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [user Data\Default][HomePage] Google G2 - GCE: Preference [user Data\Default] [fnjbmmemklcjgepojigaapkoodmkgbae] DivX HiQ v.2.1.1.94 (Activé) G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.3 (Activé) G2 - GCE: Preference [user Data\Default] [nneajnkjbffgblleaoojgaacokifdkhm] \u003Cvideo\u003E HTML5 DivX Plus Web Player v.2.1.1.94 (Activé) ~ Scan Google Browser in 00mn AMs ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_27 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 3.1.0f4.) -- C:\Users\ZINOU\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll ~ Scan Firefox Browser in 00mn AMs ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Microsoft Corporation R0 - HKUS\S-1-5-21-4247541363-2138921599-923811196-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits, Internet, actualité, sport, video R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing R1 - HKUS\S-1-5-21-4247541363-2138921599-923811196-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Microsoft Corporation R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn AMs ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn AMs ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn AMs ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn AMs ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugi O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites [64Bits] - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} . (.DivX, LLC - DivX Web Player version 2.1.1.94.) -- C:\Program Files (x86)\Div O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll ~ Scan BHO in 00mn AMs ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [smartMenu] . (.Pas de propriétaire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe O4 - HKLM\..\Run: [CamserviceHD] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Dualpix HD\XtrCtrl.exe O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe O4 - HKLM\..\Run: [spywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe O4 - HKLM\..\Run: [spywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [Digital Patrol Update 5] C:\Program Files (x86)\NictaTech Software\Digital Patrol 5\dpatrolu.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ~ Scan Application in 00mn AMs ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files (x86)\Spotify\spotify.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Audacity.lnk . (...) -- C:\Program Files (x86)\Audacity\audacity.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Auslogics Disk Defrag.lnk . (.Auslogics.) -- C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\captimag - Raccourci.lnk . (.Claude Dekokère.) -- C:\Users\ZINOU\Documents\captimag.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\CCleaner64 - Raccourci.lnk . (.Piriform Ltd.) -- C:\Users\ZINOU\Documents\CCleaner64.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\DivX Movies.lnk . (...) -- C:\Users\ZINOU\Videos\DivX Movies O4 - Global Startup: C:\Users\ZINOU\Desktop\Free Music Zilla.lnk . (...) -- C:\Program Files (x86)\Free Music Zilla\FMZilla.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Light Image Resizer 4.lnk . (.ObviousIdea SARL.) -- C:\Program Files (x86)\ObviousIdea\Image Resizer 4\Resize.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Mixxx.lnk . (...) -- C:\Program Files (x86)\DjMixerStudio\mixxx.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\mkv2vob.lnk . (.3r1c.) -- C:\Program Files (x86)\mkv2vob\loader.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\MWAVSCAN.lnk . (...) -- C:\Users\ZINOU\AppData\Local\Temp\mwavscan.exe (.not file.) O4 - Global Startup: C:\Users\ZINOU\Desktop\SmartRipper - Raccourci.lnk . (...) -- C:\Users\ZINOU\Documents\SmartRipper 2.41\SmartRipper.exe O4 - Global Startup: C:\Users\ZINOU\Desktop\Spotify.lnk . (.Spotify Ltd.) -- C:\Program Files (x86)\Spotify\spotify.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\ZINOU\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QUICKMEDIACONVERTER.lnk . (.CocoonSoftware.) -- C:\Program Files\QuickMediaConverter\QMC.exe ~ Scan Global Startup in 03mn AMs ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: ajouter cette page à vos favoris Orange . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html O8 - Extra context menu item: envoyer le texte sélectionné par sms . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html O8 - Extra context menu item: envoyer par sms . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html O8 - Extra context menu item: envoyer un mail . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll O8 - Extra context menu item: orange.fr . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html O8 - Extra context menu item: traduire la page . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html O8 - Extra context menu item: traduire le texte sélectionné . (...) -- C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ~ Scan IE Menu Contextuel in 00mn AMs ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ~ Scan Winsock in 00mn AMs ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {615A1925-0E5B-4767-A65E-3165AEAC32A3} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax64.cab ~ Scan Objets ActiveX in 00mn AMs ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home O17 - HKLM\System\CS1\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home O17 - HKLM\System\CS2\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{D6ABB953-DC56-40DD-B1F4-D0257C834ADA}: DhcpDomain = livebox.home ~ Scan Domain in 00mn AMs ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll ~ Scan Protocole Additionnel in 00mn AMs ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll ~ Scan SSODL in 00mn AMs ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Emsisoft Anti-Malware 5.1 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O23 - Service: Serveur Média (Serveur Média) . (.PacketVideo - TwonkyMedia Server watchdog.) - C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) . (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ~ Scan Services in 00mn AMs ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn AMs ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForZINOU.job [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForZINOU] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.A40432BB46793F3A2AD42E6D23A8290F] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [MD5.47C1DE0A890613FFCFF1D67648EEDF90] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.7636713B4F0944045AB4AF7CED5245AB] [APT] [Programme de mise … jour en ligne de Divx] (...) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [MD5.5516C26A6AF8EB4E2CAB48EC98A74398] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [MD5.B114DB354D13A21C1AC2B1807EE2F500] [APT] [Programme de mise … jour en ligne de Real Player] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeLogonTaskS-1-5-21-4247541363-2138921599-923811196-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.FD8DCAE8AAE888D8BAD0E6C2DAAAFB6D] [APT] [RealUpgradeScheduledTaskS-1-5-21-4247541363-2138921599-923811196-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [MD5.00000000000000000000000000000000] [APT] [{08513374-DDA9-4C13-A029-4A9BE1EA4C98}] (...) -- C:\Program Files\Alwil Software\Avast5\aswRundll.exe (.not file.) [MD5.1C374EA1D363CE916F2D835C50A9C105] [APT] [{EFE60423-B3F3-499C-94DA-BFAD177043AB}] (...) -- C:\Users\ZINOU\Documents\PROGRAMMES ZINOU\CamStudio20.exe [MD5.00000000000000000000000000000000] [APT] [{F57B0474-CDFE-4EF3-ADAD-542089BDE3D1}] (...) -- C:\Program Files (x86)\NOS\bin\getPlusUninst_Adobe.exe (.not file.) [MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [MD5.FDC7C934ADB8C3B51A3C21781B608673] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe ~ Scan Scheduled Task in 03mn AMs ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: (SAVRKBootTasks) . (. - .) - C:\Windows\system32\SAVRKBootTasks.sys (.not file.) O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn AMs ---\\ Logiciels installés (O42) O42 - Logiciel: AM-DeadLink 4.4 - (.www.aignes.com.) [HKLM] -- aignesamdeadlink_is1 O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1 O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX 64 O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM] -- WT087420 O42 - Logiciel: Alcor Micro USB Card Reader - (.Nom de votre société.) [HKLM] -- InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F} O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1 O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1 O42 - Logiciel: AviSynth 2.5 - (.Pas de propriétaire.) [HKLM] -- AviSynth O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM] -- WT087428 O42 - Logiciel: CamStudio - (.Pas de propriétaire.) [HKLM] -- CamStudio O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM] -- WT087453 O42 - Logiciel: Clean Virus MSN - (.AxBx.) [HKLM] -- Clean Virus MSN_is1 O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: DJ Mix Lite - (.Pas de propriétaire.) [HKLM] -- DJ Mix Lite O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: Deezer Desktop - (.UNKNOWN.) [HKLM] -- DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1 O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM] -- WT087536 O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM] -- Emsisoft Anti-Malware_is1 O42 - Logiciel: FATE - (.WildTangent.) [HKLM] -- WT087361 O42 - Logiciel: Fotosizer 1.31 - (.Fotosizer.com.) [HKLM] -- Fotosizer O42 - Logiciel: Free Music Zilla - (.FreeMusicZilla.com.) [HKLM] -- Free Music Zilla_is1 O42 - Logiciel: Free Video Joiner 1.1 - (.FreeVideoJoiner.com.) [HKLM] -- {14FA6DD9-92ED-493D-A937-81A78870E08A}_is1 O42 - Logiciel: HP Game Console - (.WildTangent.) [HKLM] -- My HP Game Console O42 - Logiciel: HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833} O42 - Logiciel: Hercules Dualpix HD - (.Hercules.) [HKLM] -- {59579B12-97E6-437E-B988-BA032165D355} O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM] -- WT087480 O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM] -- WT087485 O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM] -- WT087490 O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM] -- WT087380 O42 - Logiciel: K-Lite Codec Pack 7.2.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: L&H TTS3000 Français - (.Pas de propriétaire.) [HKLM] -- LHTTSFRF O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: Lame ACM MP3 Codec - (.Pas de propriétaire.) [HKLM] -- LameACM O42 - Logiciel: Light Image Resizer 4.0.6.8 - (.ObviousIdea.) [HKLM] -- {EBE030DD-D404-4D92-85E9-8C3624820808}_is1 O42 - Logiciel: Live Media Plugin (Todae) - (.Todae.fr.) [HKLM] -- Live Media O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM] -- Microsoft IntelliPoint 8.2 O42 - Logiciel: Mises à jour NVIDIA 1.1.34 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM] -- MusicStationNetstaller O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver O42 - Logiciel: NVIDIA 3D Vision Controller Driver 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA Pilote 3D Vision 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.22.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA Pilote graphique 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: NoVirusThanks Malware Remover Free 3.1 - (.NoVirusThanks Company Srl.) [HKLM] -- {C206F5C2-9C03-4FA1-8927-055E6D90488B}_is1 O42 - Logiciel: Orange Inside - (.Orange.) [HKCU] -- Orange Inside O42 - Logiciel: Orange Installeur version 1.2.2.0 - (.Orange.) [HKLM] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.2.0 O42 - Logiciel: Orange Web Player 1.212788 - (.Orange.) [HKLM] -- Orange Web Player_is1 O42 - Logiciel: Orange WebTV Player 1.29418 - (.Orange.) [HKLM] -- Orange WebTV Player_is1 O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: Package de pilotes Windows - eMPIA Technology Inc, (emAudio) MEDIA (06/22/2007 5.7.0622.0) - (.eMPIA Technology Inc,.) [HKLM] -- A5664D4A72F1AB05DE12885777A69C3EE46F204A O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM] -- WT087394 O42 - Logiciel: Photo Magician 1.9.2.0 - (.Sheldon Solutions.) [HKLM] -- {AF766933-2E99-4D86-916E-FEA0A482B89E}_is1 O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM] -- WT087501 O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM] -- WT087396 O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: QMC - (.Pas de propriétaire.) [HKCU] -- QUICKMEDIACONVERTER O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} O42 - Logiciel: Sansa Media Converter - (.Pas de propriétaire.) [HKLM] -- {FC053571-8507-44E4-8B6D-AACEAB8CA57C} O42 - Logiciel: Sansa Updater - (.SanDisk Corporation.) [HKCU] -- Sansa Updater O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Serveur Média - (.PacketVideo.) [HKLM] -- TwonkyMediaServeur Média O42 - Logiciel: Shuangs Audio Joiner 1.0 - (.ShuangSoft, Inc..) [HKLM] -- Shuangs Audio Joiner_is1 O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM] -- WT087510 O42 - Logiciel: Sophos Anti-Rootkit 1.5.0 - (.Sophos Plc.) [HKLM] -- Sophos-AntiRootkit O42 - Logiciel: Spyware Terminator 2012 - (.Crawler.com.) [HKLM] -- {56736259-613E-4A3B-B428-6235F2E76F44}_is1 O42 - Logiciel: SqueezePlay 7.5.0 - (.Logitech.) [HKLM] -- {09B790E3-21E3-4D1A-8130-AAA9227C9785}_is1 O42 - Logiciel: System Requirements Lab - (.Pas de propriétaire.) [HKLM] -- SystemRequirementsLab O42 - Logiciel: Total Video Converter 3.61 100319 - (.EffectMatrix Inc..) [HKLM] -- Total Video Converter 3.61_is1 O42 - Logiciel: Trojan Remover 6.8.2 - (.Simply Super Software.) [HKLM] -- Trojan Remover_is1 O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Virtual Villagers - The Secret City - (.WildTangent.) [HKLM] -- WT087513 O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM] -- WT087519 O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM] -- Xvid Video Codec 1.3.0 O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM] -- WT087533 O42 - Logiciel: barre d'outils Orange - (.Orange.) [HKLM] -- OrangeToolbar O42 - Logiciel: mediAvatar MKV Converter - (.mediAvatar.) [HKLM] -- mediAvatar MKV Converter ---\\ HKCU & HKLM Software Keys [HKCU\Software\ALWIL Software] [HKCU\Software\ASProtect] [HKCU\Software\AVAST Software] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\F-Secure] [HKCU\Software\AppDataLow\LastScanTime] [HKCU\Software\AppDataLow\Software\DivX] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Orange] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Audacity] [HKCU\Software\Auslogics] [HKCU\Software\Avg] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\Bits&Coffee] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CocoonSoftware] [HKCU\Software\CyberLink] [HKCU\Software\Cygwin] [HKCU\Software\DVD Decrypter] [HKCU\Software\Digital River] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Driver Magician] [HKCU\Software\ESET] [HKCU\Software\Eraser] [HKCU\Software\F-Secure] [HKCU\Software\FlasK Development] [HKCU\Software\Fotosizer] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\GridinSoft] [HKCU\Software\Haali] [HKCU\Software\Hercules] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IDAVLab] [HKCU\Software\IM Providers] [HKCU\Software\IPC software] [HKCU\Software\InnoShock] [HKCU\Software\InterVideo] [HKCU\Software\JavaSoft] [HKCU\Software\Lavasoft] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\M4ng] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept (Muvee Consumer)] [HKCU\Software\MainConcept (Muvee)] [HKCU\Software\Mainconcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\MicroWorld] [HKCU\Software\MooSoft Development] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\NoVirusThanks] [HKCU\Software\Norton] [HKCU\Software\O&O] [HKCU\Software\ObviousIdea] [HKCU\Software\OrangeInside] [HKCU\Software\PC SOFT] [HKCU\Software\PDFCreator] [HKCU\Software\Pegasys Inc.] [HKCU\Software\Policies] [HKCU\Software\Proantivirus Lab] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Ripp-it] [HKCU\Software\SUPERAntiSpyware.com] [HKCU\Software\SWiSHzone.com] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SanDisk] [HKCU\Software\Simply Super Software] [HKCU\Software\Skype] [HKCU\Software\Softonic] [HKCU\Software\Spotify] [HKCU\Software\Spyware Terminator] [HKCU\Software\Sysinternals] [HKCU\Software\TechSmith] [HKCU\Software\Todae] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\Unity] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VFPlugin] [HKCU\Software\VirtuaMedia] [HKCU\Software\VirtualDub.org] [HKCU\Software\Wget] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\aignes] [HKCU\Software\antiufo] [HKCU\Software\chermenin] [HKCU\Software\cybelsoft] [HKCU\Software\madFlac] [HKCU\Software\mediAvatar] [HKCU\Software\mkvconverter] [HKCU\Software\tvp] [HKCU\Software\udse] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\AVG] [HKLM\Software\AVS4YOU] [HKLM\Software\Adobe] [HKLM\Software\Aleesoft] [HKLM\Software\AntiTrojanElite] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\Bits&Coffee] [HKLM\Software\BrowserChoice] [HKLM\Software\CDDB] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\Cyberlink] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\DjMixerStudio] [HKLM\Software\ESET] [HKLM\Software\EasyBits] [HKLM\Software\Emsi Software GmbH] [HKLM\Software\Eset] [HKLM\Software\Free Music Zilla] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hercules Technologies] [HKLM\Software\Hercules] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Hitman Pro] [HKLM\Software\IDAVLab] [HKLM\Software\IVIIS] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Khronos] [HKLM\Software\L&H] [HKLM\Software\Lavasoft] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroWorld] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewspaperDirect] [HKLM\Software\Nullsoft] [HKLM\Software\ODBC] [HKLM\Software\ObviousIdea] [HKLM\Software\Orange] [HKLM\Software\PDFComplete] [HKLM\Software\PDFCreator] [HKLM\Software\Panda Software] [HKLM\Software\Policies] [HKLM\Software\RTLSetup] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\Safer Networking Limited] [HKLM\Software\Sandisk] [HKLM\Software\ScanSoft] [HKLM\Software\SecureDigitalServices] [HKLM\Software\Sheldon Solutions] [HKLM\Software\Simply Super Software] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Spyware Terminator] [HKLM\Software\Swearware] [HKLM\Software\TerraTec Electronic GmbH] [HKLM\Software\Todae] [HKLM\Software\TrendMicro] [HKLM\Software\TuneUp] [HKLM\Software\TwonkyMedia] [HKLM\Software\USB2800] [HKLM\Software\VideoLAN] [HKLM\Software\Voice] [HKLM\Software\Volatile] [HKLM\Software\Webroot] [HKLM\Software\WildTangent] [HKLM\Software\Win32 Services] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Xvid Team] [HKLM\Software\cybelsoft] [HKLM\Software\iTinySoft] [HKLM\Software\mediAvatar] [HKLM\Software\muvee Technologies] [HKLM\Software\swearware] ~ Scan Softwares in 00mn AMs ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 1/19/2011 - 4:07:20 PM - [23099562] ----D- C:\Program Files\ATI O43 - CFD: 1/19/2011 - 4:07:22 PM - [0] ----D- C:\Program Files\ATI Technologies O43 - CFD: 4/25/2011 - 5:26:22 PM - [195922] ----D- C:\Program Files\Bonjour O43 - CFD: 9/12/2011 - 2:48:04 PM - [763227453] ----D- C:\Program Files\Common Files O43 - CFD: 1/10/2011 - 11:18:36 AM - [930272] ----D- C:\Program Files\DIFX O43 - CFD: 5/16/2011 - 10:35:28 AM - [7727936] ----D- C:\Program Files\DivX O43 - CFD: 2/24/2011 - 11:01:38 AM - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 1/16/2011 - 11:52:46 AM - [2448629] ----D- C:\Program Files\Eraser O43 - CFD: 7/5/2011 - 7:42:02 AM - [0] ----D- C:\Program Files\Google O43 - CFD: 9/24/2010 - 3:29:28 AM - [9779088] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 8/26/2011 - 7:15:22 AM - [7439168] ----D- C:\Program Files\Hitman Pro 3.5 O43 - CFD: 9/24/2010 - 2:54:24 AM - [1705] ----D- C:\Program Files\hp O43 - CFD: 8/10/2011 - 6:57:34 PM - [6654703] ----D- C:\Program Files\Internet Explorer O43 - CFD: 6/13/2011 - 5:20:16 PM - [1939563] ----D- C:\Program Files\iPod O43 - CFD: 6/13/2011 - 5:20:32 PM - [2345448] ----D- C:\Program Files\iTunes O43 - CFD: 9/6/2011 - 1:17:48 PM - [102755868] ----D- C:\Program Files\Java O43 - CFD: 6/4/2011 - 3:18:56 PM - [8995738] ----D- C:\Program Files\ma-config.com O43 - CFD: 7/14/2009 - 9:45:56 AM - [149237810] ----D- C:\Program Files\Microsoft Games O43 - CFD: 8/11/2011 - 7:51:28 AM - [44066413] ----D- C:\Program Files\Microsoft IntelliPoint O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 4/27/2011 - 3:58:52 PM - [593166179] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 7/17/2011 - 7:53:40 AM - [387870] ----D- C:\Program Files\Orange O43 - CFD: 9/24/2010 - 3:18:14 AM - [2178436] ----D- C:\Program Files\PlayReady O43 - CFD: 1/3/2011 - 4:20:16 PM - [80563925] ----D- C:\Program Files\QuickMediaConverter O43 - CFD: 9/24/2010 - 2:48:18 AM - [15791736] ----D- C:\Program Files\Realtek O43 - CFD: 7/14/2009 - 7:32:40 AM - [36813993] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 7/14/2009 - 7:09:28 AM - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 2/24/2011 - 11:01:36 AM - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 2/24/2011 - 11:01:38 AM - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 7/14/2011 - 7:49:42 AM - [7987385] ----D- C:\Program Files\Windows Live O43 - CFD: 2/24/2011 - 11:01:38 AM - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 2/24/2011 - 11:01:38 AM - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 7/14/2009 - 7:32:40 AM - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 2/24/2011 - 11:01:38 AM - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 2/24/2011 - 11:01:38 AM - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 2/24/2011 - 11:01:38 AM - [9889997] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 1/25/2011 - 9:06:04 AM - [6580905] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 8/16/2011 - 4:49:48 PM - [682948053] ----D- C:\Program Files\Common Files\BitDefender O43 - CFD: 7/14/2011 - 7:48:40 AM - [60892734] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 7/14/2009 - 5:20:10 AM - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 12/21/2010 - 7:34:34 PM - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 6/17/2011 - 1:28:16 PM - [12443103] ----D- C:\ProgramData\Adobe O43 - CFD: 1/18/2011 - 10:33:46 AM - [495] ----D- C:\ProgramData\AmUStor O43 - CFD: 1/25/2011 - 9:05:50 AM - [119496704] ----D- C:\ProgramData\Apple O43 - CFD: 1/25/2011 - 9:06:58 AM - [40044144] ----D- C:\ProgramData\Apple Computer O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 7/29/2011 - 7:19:02 AM - [5716] ----D- C:\ProgramData\AVG10 O43 - CFD: 7/30/2011 - 8:55:56 AM - [64642797] ----D- C:\ProgramData\Avira O43 - CFD: 2/5/2011 - 1:58:48 PM - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 7/9/2011 - 5:51:08 PM - [0] ----D- C:\ProgramData\boost_interprocess O43 - CFD: 7/2/2011 - 9:47:32 AM - [155720] --H-D- C:\ProgramData\CanonBJ O43 - CFD: 7/6/2011 - 12:29:28 PM - [96] --H-D- C:\ProgramData\Common Files O43 - CFD: 12/24/2010 - 11:23:06 AM - [144940] ----D- C:\ProgramData\CyberLink O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 5/16/2011 - 10:36:02 AM - [4459924] ----D- C:\ProgramData\DivX O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 5/31/2011 - 7:43:54 AM - [144] ----D- C:\ProgramData\Driver Mender O43 - CFD: 1/10/2011 - 2:57:42 PM - [144] ----D- C:\ProgramData\Driver Whiz O43 - CFD: 7/9/2011 - 4:36:28 PM - [1211] ----D- C:\ProgramData\F-Secure O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 7/4/2011 - 4:59:34 PM - [527024] ----D- C:\ProgramData\Google O43 - CFD: 8/13/2011 - 2:04:22 PM - [4096] ----D- C:\ProgramData\Grisoft O43 - CFD: 12/21/2010 - 10:38:02 AM - [68732165] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 8/26/2011 - 7:14:20 AM - [532280] ----D- C:\ProgramData\Hitman Pro O43 - CFD: 6/4/2011 - 3:18:52 PM - [1278453] ----D- C:\ProgramData\ma-config.com O43 - CFD: 12/24/2010 - 5:29:46 PM - [16803314] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 2/14/2011 - 9:56:50 AM - [8192] ----D- C:\ProgramData\mediAvatar O43 - CFD: 7/28/2011 - 9:21:46 AM - [20892877] ----D- C:\ProgramData\MFAData O43 - CFD: 1/18/2011 - 9:23:12 AM - [144] ----D- C:\ProgramData\Micro Application O43 - CFD: 7/16/2011 - 6:14:10 PM - [328764388] -S--D- C:\ProgramData\Microsoft O43 - CFD: 8/26/2011 - 10:52:44 AM - [57126912] ----D- C:\ProgramData\MicroWorld O43 - CFD: 1/23/2011 - 5:19:52 PM - [717] ----D- C:\ProgramData\MSNRecorderMax O43 - CFD: 1/26/2011 - 8:50:08 PM - [117236835] ----D- C:\ProgramData\muvee Technologies O43 - CFD: 9/24/2010 - 3:21:32 AM - [0] ----D- C:\ProgramData\NewspaperDirect O43 - CFD: 9/14/2011 - 8:05:42 AM - [2285269] ----D- C:\ProgramData\NVIDIA O43 - CFD: 4/27/2011 - 3:56:32 PM - [578505] ----D- C:\ProgramData\NVIDIA Corporation O43 - CFD: 7/9/2011 - 2:59:50 PM - [2022228] ----D- C:\ProgramData\Orange O43 - CFD: 9/3/2011 - 12:35:38 PM - [67671112] ----D- C:\ProgramData\PC Tools O43 - CFD: 1/21/2011 - 1:55:38 PM - [1531990] ----D- C:\ProgramData\Real O43 - CFD: 1/13/2011 - 10:05:06 AM - [33008] ----D- C:\ProgramData\Recovery O43 - CFD: 9/14/2011 - 8:06:28 AM - [11869070] ----D- C:\ProgramData\Serveur Média O43 - CFD: 7/31/2011 - 5:11:46 PM - [7562122] ----D- C:\ProgramData\Simply Super Software O43 - CFD: 2/2/2011 - 2:36:12 PM - [19451154] ----D- C:\ProgramData\Skype O43 - CFD: 9/13/2011 - 3:00:46 PM - [42083243] ----D- C:\ProgramData\Spyware Terminator O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 1/7/2011 - 6:47:06 PM - [187] ----D- C:\ProgramData\Sun O43 - CFD: 2/1/2011 - 3:30:20 PM - [0] ----D- C:\ProgramData\TechSmith O43 - CFD: 9/11/2011 - 1:40:36 PM - [491733] ---AD- C:\ProgramData\Temp O43 - CFD: 7/14/2009 - 7:08:58 AM - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 1/18/2011 - 11:25:56 AM - [3387632] ----D- C:\ProgramData\TuneUp Software O43 - CFD: 9/24/2010 - 3:21:20 AM - [1873450921] ----D- C:\ProgramData\WildTangent O43 - CFD: 9/24/2010 - 2:54:48 AM - [35063286] ----D- C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268} O43 - CFD: 12/21/2010 - 10:32:22 AM - [35253750] ----D- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} O43 - CFD: 1/18/2011 - 11:24:06 AM - [18225664] -SH-D- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} O43 - CFD: 1/25/2011 - 9:07:10 AM - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} O43 - CFD: 1/8/2011 - 11:07:44 AM - [6755850] ----D- C:\Users\ZINOU\AppData\Roaming\Adobe O43 - CFD: 1/27/2011 - 11:12:56 AM - [21041] ----D- C:\Users\ZINOU\AppData\Roaming\aignes O43 - CFD: 4/7/2011 - 9:02:46 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Apowersoft O43 - CFD: 1/25/2011 - 9:08:12 AM - [211543] ----D- C:\Users\ZINOU\AppData\Roaming\Apple Computer O43 - CFD: 3/15/2011 - 8:13:18 PM - [402] ----D- C:\Users\ZINOU\AppData\Roaming\ArcSoft O43 - CFD: 1/4/2011 - 9:46:12 AM - [2309] ----D- C:\Users\ZINOU\AppData\Roaming\AudioXP O43 - CFD: 2/8/2011 - 11:10:38 AM - [13272] ----D- C:\Users\ZINOU\AppData\Roaming\Auslogics O43 - CFD: 7/6/2011 - 1:19:58 PM - [610] ----D- C:\Users\ZINOU\AppData\Roaming\AVG10 O43 - CFD: 7/30/2011 - 9:03:20 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Avira O43 - CFD: 2/5/2011 - 1:58:52 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\AVS4YOU O43 - CFD: 1/3/2011 - 4:19:58 PM - [18374021] ----D- C:\Users\ZINOU\AppData\Roaming\CocoonSoftware O43 - CFD: 12/24/2010 - 11:23:04 AM - [107] ----D- C:\Users\ZINOU\AppData\Roaming\CyberLink O43 - CFD: 1/8/2011 - 11:08:24 AM - [304699] ----D- C:\Users\ZINOU\AppData\Roaming\DeezerDesktop.003CB2DDEA6AC0BFA0D6CFCD9422B800DAC858A3.1 O43 - CFD: 9/13/2011 - 10:51:52 PM - [61698] ----D- C:\Users\ZINOU\AppData\Roaming\Digital Patrol O43 - CFD: 12/27/2010 - 11:16:06 AM - [203530] ----D- C:\Users\ZINOU\AppData\Roaming\DivX O43 - CFD: 8/26/2011 - 10:51:26 AM - [770] ----D- C:\Users\ZINOU\AppData\Roaming\Download Manager O43 - CFD: 6/6/2011 - 1:19:52 PM - [199] ----D- C:\Users\ZINOU\AppData\Roaming\dvdcss O43 - CFD: 7/9/2011 - 4:38:34 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\f-secure O43 - CFD: 5/11/2011 - 5:28:08 PM - [543] ----D- C:\Users\ZINOU\AppData\Roaming\FMZilla O43 - CFD: 3/10/2011 - 4:27:16 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\GetRightToGo O43 - CFD: 12/20/2010 - 4:43:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Google O43 - CFD: 12/28/2010 - 6:12:32 PM - [90809] ----D- C:\Users\ZINOU\AppData\Roaming\Hewlett-Packard O43 - CFD: 9/13/2011 - 5:30:52 PM - [382] ----D- C:\Users\ZINOU\AppData\Roaming\HP Support Assistant O43 - CFD: 12/21/2010 - 10:37:46 AM - [14763] ----D- C:\Users\ZINOU\AppData\Roaming\hpqLog O43 - CFD: 9/13/2011 - 5:30:52 PM - [18115] ----D- C:\Users\ZINOU\AppData\Roaming\HpUpdate O43 - CFD: 12/20/2010 - 3:53:08 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Identities O43 - CFD: 12/22/2010 - 3:20:14 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\InstallShield O43 - CFD: 8/15/2011 - 3:12:00 PM - [23944864] ----D- C:\Users\ZINOU\AppData\Roaming\m4ng O43 - CFD: 12/20/2010 - 3:54:04 PM - [75055] ----D- C:\Users\ZINOU\AppData\Roaming\Macromedia O43 - CFD: 12/24/2010 - 5:31:32 PM - [1035] ----D- C:\Users\ZINOU\AppData\Roaming\Malwarebytes O43 - CFD: 7/14/2009 - 9:44:40 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Media Center Programs O43 - CFD: 8/17/2011 - 2:49:34 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Media Player Classic O43 - CFD: 2/14/2011 - 9:57:16 AM - [30452938] ----D- C:\Users\ZINOU\AppData\Roaming\mediAvatar O43 - CFD: 1/10/2011 - 2:18:04 PM - [30514540] -S--D- C:\Users\ZINOU\AppData\Roaming\Microsoft O43 - CFD: 1/23/2011 - 5:15:18 PM - [22] ----D- C:\Users\ZINOU\AppData\Roaming\MSNRecorderMax O43 - CFD: 3/7/2011 - 5:45:48 PM - [700175] ----D- C:\Users\ZINOU\AppData\Roaming\muvee Technologies O43 - CFD: 2/14/2011 - 9:57:22 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\NVIDIA O43 - CFD: 8/9/2011 - 12:31:02 PM - [36616] ----D- C:\Users\ZINOU\AppData\Roaming\ObviousIdea O43 - CFD: 7/28/2011 - 7:41:48 AM - [2356856] ----D- C:\Users\ZINOU\AppData\Roaming\Orange O43 - CFD: 9/12/2011 - 1:45:00 PM - [26983] ----D- C:\Users\ZINOU\AppData\Roaming\QuickScan O43 - CFD: 2/5/2011 - 2:13:56 PM - [167656656] ----D- C:\Users\ZINOU\AppData\Roaming\Real O43 - CFD: 3/16/2011 - 1:50:04 PM - [100054319] ----D- C:\Users\ZINOU\AppData\Roaming\SanDisk O43 - CFD: 7/31/2011 - 5:11:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Simply Super Software O43 - CFD: 7/30/2011 - 10:33:38 PM - [1142565] ----D- C:\Users\ZINOU\AppData\Roaming\Skype O43 - CFD: 8/9/2011 - 4:20:56 PM - [2211313] ----D- C:\Users\ZINOU\AppData\Roaming\Spotify O43 - CFD: 9/3/2011 - 1:18:58 PM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\Spyware Terminator O43 - CFD: 5/23/2011 - 2:06:44 PM - [512] ----D- C:\Users\ZINOU\AppData\Roaming\SqueezePlay O43 - CFD: 7/31/2011 - 8:09:28 AM - [328060] ----D- C:\Users\ZINOU\AppData\Roaming\thecleaner O43 - CFD: 6/19/2011 - 10:51:18 AM - [11425790] ----D- C:\Users\ZINOU\AppData\Roaming\Todae O43 - CFD: 1/18/2011 - 11:24:44 AM - [137096] ----D- C:\Users\ZINOU\AppData\Roaming\TuneUp Software O43 - CFD: 7/2/2011 - 1:26:54 PM - [3197764] ----D- C:\Users\ZINOU\AppData\Roaming\uTorrent O43 - CFD: 7/4/2011 - 9:25:44 AM - [1785317] ----D- C:\Users\ZINOU\AppData\Roaming\vlc O43 - CFD: 12/21/2010 - 10:31:10 AM - [0] ----D- C:\Users\ZINOU\AppData\Roaming\WinBatch O43 - CFD: 1/14/2011 - 4:35:48 PM - [295] ----D- C:\Users\ZINOU\AppData\Roaming\Windows Live Writer O43 - CFD: 12/21/2010 - 5:59:24 PM - [12] ----D- C:\Users\ZINOU\AppData\Roaming\WinRAR O43 - CFD: 1/8/2011 - 11:07:40 AM - [15445816] ----D- C:\Users\ZINOU\AppData\Local\Adobe O43 - CFD: 1/25/2011 - 9:06:12 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\Apple O43 - CFD: 3/15/2011 - 8:57:42 PM - [13124006] ----D- C:\Users\ZINOU\AppData\Local\Apple Computer O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Application Data O43 - CFD: 1/11/2011 - 5:24:06 PM - [673598] ----D- C:\Users\ZINOU\AppData\Local\Apps O43 - CFD: 7/5/2011 - 9:37:22 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\COMODO O43 - CFD: 9/14/2011 - 8:06:36 AM - [37657507] ----D- C:\Users\ZINOU\AppData\Local\CrashDumps O43 - CFD: 12/21/2010 - 6:00:12 PM - [104448] ----D- C:\Users\ZINOU\AppData\Local\CyberLink O43 - CFD: 4/7/2011 - 1:47:42 PM - [186] ----D- C:\Users\ZINOU\AppData\Local\DDMSettings O43 - CFD: 1/11/2011 - 5:24:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\Deployment O43 - CFD: 8/23/2011 - 12:51:12 PM - [1900290] ----D- C:\Users\ZINOU\AppData\Local\Diagnostics O43 - CFD: 2/8/2011 - 10:31:34 AM - [26146304] ----D- C:\Users\ZINOU\AppData\Local\Downloaded Installations O43 - CFD: 8/8/2011 - 9:01:00 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\ElevatedDiagnostics O43 - CFD: 1/21/2011 - 7:28:26 PM - [2779] ----D- C:\Users\ZINOU\AppData\Local\Eraser 6 O43 - CFD: 7/4/2011 - 4:59:36 PM - [7165283] ----D- C:\Users\ZINOU\AppData\Local\Google O43 - CFD: 12/21/2010 - 6:00:08 PM - [934777] ----D- C:\Users\ZINOU\AppData\Local\Hewlett-Packard O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Historique O43 - CFD: 12/21/2010 - 2:28:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\HP MediaSmart Video O43 - CFD: 4/3/2011 - 3:46:16 PM - [1234638317] ----D- C:\Users\ZINOU\AppData\Local\Microsoft O43 - CFD: 6/1/2011 - 6:40:10 PM - [69773] ----D- C:\Users\ZINOU\AppData\Local\Mixxx O43 - CFD: 8/11/2011 - 11:38:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PackageAware O43 - CFD: 1/7/2011 - 6:37:14 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PDFC O43 - CFD: 12/21/2010 - 6:00:10 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\PowerCinema O43 - CFD: 5/26/2011 - 10:26:04 AM - [1052] ----D- C:\Users\ZINOU\AppData\Local\Sheldon_Solutions O43 - CFD: 5/11/2011 - 3:43:54 PM - [3226] ----D- C:\Users\ZINOU\AppData\Local\Songr O43 - CFD: 8/9/2011 - 4:18:58 PM - [290630046] ----D- C:\Users\ZINOU\AppData\Local\Spotify O43 - CFD: 7/9/2011 - 4:38:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\Sunbelt Software O43 - CFD: 2/1/2011 - 3:24:26 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\TechSmith O43 - CFD: 9/14/2011 - 10:16:58 AM - [191666] ----D- C:\Users\ZINOU\AppData\Local\Temp O43 - CFD: 12/20/2010 - 3:45:56 PM - [0] -SH-D- C:\Users\ZINOU\AppData\Local\Temporary Internet Files O43 - CFD: 1/11/2011 - 5:24:18 PM - [210158] ----D- C:\Users\ZINOU\AppData\Local\Unity O43 - CFD: 5/2/2011 - 2:28:38 PM - [137610657] ----D- C:\Users\ZINOU\AppData\Local\VirtualStore O43 - CFD: 1/3/2011 - 4:19:44 PM - [275] ----D- C:\Users\ZINOU\AppData\Local\WDSetup O43 - CFD: 9/12/2011 - 8:12:42 AM - [159744] ----D- C:\Users\ZINOU\AppData\Local\Windows Live O43 - CFD: 1/9/2011 - 2:02:54 PM - [648463] ----D- C:\Users\ZINOU\AppData\Local\Windows Live Writer O43 - CFD: 4/10/2011 - 11:32:26 AM - [2824] ----D- C:\Users\ZINOU\AppData\Local\zoug O43 - CFD: 8/22/2011 - 6:13:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{042DE90B-9309-4C36-A58B-D4FF832994E9} O43 - CFD: 8/16/2011 - 8:56:42 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{07D682C2-88D6-439F-B14E-853755ED630B} O43 - CFD: 9/11/2011 - 9:55:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{0ED77867-F1F5-44C9-9D56-AABB2391BC58} O43 - CFD: 8/29/2011 - 1:44:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{1BF7ADB0-8AA3-49CC-AB58-9FCF54583917} O43 - CFD: 9/12/2011 - 8:12:20 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{1D9708A4-170E-495C-AE69-3E4824BAA2B7} O43 - CFD: 8/23/2011 - 1:51:28 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{23123C98-4F9B-4D83-92D1-1316CBEF31A8} O43 - CFD: 8/20/2011 - 8:55:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{36169623-578D-46ED-AF0D-5AB667607BD4} O43 - CFD: 8/18/2011 - 4:42:30 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{46B4FDDC-3787-41AE-BE57-A32EBB9C9817} O43 - CFD: 9/7/2011 - 12:11:00 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{49A04078-56B7-4407-B81B-8F89EE42CC19} O43 - CFD: 8/20/2011 - 8:55:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4A78A985-B046-4252-822D-0AB0B874717B} O43 - CFD: 9/6/2011 - 9:36:28 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4F38D26A-E279-4421-859B-C341F73A82C7} O43 - CFD: 9/10/2011 - 1:57:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{4FF470B5-8582-4B81-A14D-2C91F52D87F5} O43 - CFD: 9/7/2011 - 12:10:48 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{52589771-E9A8-4C1C-8F8E-24D0F651D757} O43 - CFD: 8/29/2011 - 1:44:58 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5900CCF3-2EBD-4682-98BE-D7495EEF88DA} O43 - CFD: 8/23/2011 - 1:51:38 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5EB902B3-EDD4-4067-9AD3-C4C87133CBE0} O43 - CFD: 9/1/2011 - 2:28:12 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5F01330B-799E-486C-986C-FC952997C03E} O43 - CFD: 9/8/2011 - 11:19:42 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{5F363922-760E-4409-B9F3-1BAA549C44B0} O43 - CFD: 9/9/2011 - 10:35:16 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{611232E4-1ED6-40E7-8E4C-BE8C6EDDBA21} O43 - CFD: 8/22/2011 - 6:13:18 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{6CB0E8B3-DF62-41B7-899C-F1AFBF21D57A} O43 - CFD: 9/10/2011 - 1:58:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{78BD99D0-66D9-4AD9-B485-3A5B8E68D421} O43 - CFD: 9/11/2011 - 9:56:02 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{7E90DEA2-6E41-4A50-BAD1-B2A568A618B3} O43 - CFD: 9/5/2011 - 7:22:14 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8242AAE1-28D2-45D1-A424-98BA36CE1FD1} O43 - CFD: 9/2/2011 - 1:44:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{839D2294-64BB-4092-9768-F1FC54427368} O43 - CFD: 8/26/2011 - 3:51:00 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8A9B0AD2-409A-45F8-91EC-3B27EB3C83F1} O43 - CFD: 9/1/2011 - 2:28:26 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{8E8866AD-1E0D-4384-9986-EB6706E0A31A} O43 - CFD: 8/20/2011 - 8:56:10 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{91677D36-54C9-4144-85B6-FEC9DE7F1AF8} O43 - CFD: 9/9/2011 - 10:35:26 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{AF1BA447-B8D0-4404-97D1-A1718AC5CDE1} O43 - CFD: 9/3/2011 - 8:00:06 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{B3D97126-8E3B-4D03-8949-A6A00F7E3EF7} O43 - CFD: 9/12/2011 - 8:12:32 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{B9B4AEC1-998B-440D-9797-7FE7F53E923D} O43 - CFD: 8/25/2011 - 10:11:02 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{BA2E2C7A-EFAC-467A-8473-6AAC3B74F3A7} O43 - CFD: 9/6/2011 - 9:36:38 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C17343B9-90DD-49E8-8584-CD6F621B6D7A} O43 - CFD: 9/2/2011 - 1:43:52 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C5196FCA-6E02-4160-BCDC-AB60C9B2BA6D} O43 - CFD: 8/20/2011 - 8:56:00 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{C972CD00-74E3-43D4-B931-F68F173345A7} O43 - CFD: 8/31/2011 - 1:15:46 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{CBA3B6FB-0253-4870-935D-13BD60BA9922} O43 - CFD: 9/8/2011 - 11:19:30 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D066336A-CFD0-4DC6-9074-63FA684C9642} O43 - CFD: 9/5/2011 - 7:22:24 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D566C392-CE4A-40EA-A7C7-7894E8C1DDA4} O43 - CFD: 9/2/2011 - 12:05:10 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{D76865D2-FB11-424C-B901-99DB369F6692} O43 - CFD: 9/4/2011 - 7:42:42 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DBED5189-1BA0-4191-A5E6-532AD243D72F} O43 - CFD: 8/31/2011 - 1:15:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DCAF9654-2688-428E-A342-79AA2F504DCE} O43 - CFD: 8/24/2011 - 1:39:56 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{DCCB26DF-7A59-4AFF-9933-150AC1A4DAAB} O43 - CFD: 8/18/2011 - 4:42:20 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{EAEAF148-8B91-4217-BAB8-EB7A94F25546} O43 - CFD: 8/24/2011 - 1:40:06 PM - [0] ----D- C:\Users\ZINOU\AppData\Local\{EAFF6388-6E8C-43A9-8075-54C7A03597D6} O43 - CFD: 9/3/2011 - 7:59:54 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{F357F7B4-719F-4020-B831-51379EDB796C} O43 - CFD: 8/25/2011 - 10:10:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{F4F1AC4D-F6FB-43B5-928D-A029C65A023F} O43 - CFD: 9/4/2011 - 7:42:52 AM - [0] ----D- C:\Users\ZINOU\AppData\Local\{FF4394C4-656D-4ABA-ACB1-13E4E4B73BC1} O43 - CFD: 6/17/2011 - 1:28:14 PM - [164336192] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 2/5/2011 - 4:00:12 PM - [0] ----D- C:\Program Files (x86)\Aleesoft O43 - CFD: 1/27/2011 - 11:10:52 AM - [2423013] ----D- C:\Program Files (x86)\AM-DeadLink O43 - CFD: 1/18/2011 - 10:33:48 AM - [3037097] ----D- C:\Program Files (x86)\AmIcoSingLun O43 - CFD: 8/12/2011 - 1:14:42 PM - [406] ----D- C:\Program Files (x86)\Anti Trojan Elite O43 - CFD: 1/25/2011 - 9:06:12 AM - [2306366] ----D- C:\Program Files (x86)\Apple Software Update O43 - CFD: 9/3/2011 - 5:31:04 PM - [0] ----D- C:\Program Files (x86)\Arovax AntiSpyware O43 - CFD: 12/27/2010 - 9:23:56 PM - [8691689] ----D- C:\Program Files (x86)\Audacity O43 - CFD: 2/8/2011 - 11:10:32 AM - [9226698] ----D- C:\Program Files (x86)\Auslogics O43 - CFD: 7/6/2011 - 1:15:30 PM - [390472] ----D- C:\Program Files (x86)\AVG O43 - CFD: 7/30/2011 - 8:55:56 AM - [157273471] ----D- C:\Program Files (x86)\Avira O43 - CFD: 4/26/2011 - 4:25:28 PM - [5869407] ----D- C:\Program Files (x86)\AviSynth 2.5 O43 - CFD: 2/5/2011 - 2:01:58 PM - [12440153] ----D- C:\Program Files (x86)\AVS4YOU O43 - CFD: 4/25/2011 - 5:26:22 PM - [621242] ----D- C:\Program Files (x86)\Bonjour O43 - CFD: 8/15/2011 - 3:00:48 PM - [8327481] ----D- C:\Program Files (x86)\CamStudio O43 - CFD: 9/12/2011 - 2:48:04 PM - [776709018] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 9/24/2010 - 3:03:10 AM - [1346142688] ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 4/30/2011 - 12:38:02 PM - [2922581] ----D- C:\Program Files (x86)\Deezer O43 - CFD: 5/16/2011 - 10:36:02 AM - [104675483] ----D- C:\Program Files (x86)\DivX O43 - CFD: 4/23/2011 - 3:59:16 PM - [1258073] ----D- C:\Program Files (x86)\DJ Mix Lite O43 - CFD: 5/30/2011 - 5:16:44 PM - [44470061] ----D- C:\Program Files (x86)\DjMixerStudio O43 - CFD: 1/18/2011 - 10:21:00 AM - [1222150] ----D- C:\Program Files (x86)\Driver-Soft O43 - CFD: 8/13/2011 - 3:35:12 PM - [106829922] ----D- C:\Program Files (x86)\EasyBits For Kids O43 - CFD: 9/12/2011 - 7:11:04 AM - [149595880] ----D- C:\Program Files (x86)\Emsisoft Anti-Malware O43 - CFD: 7/26/2011 - 8:27:28 AM - [202166361] ----D- C:\Program Files (x86)\ESET O43 - CFD: 2/8/2011 - 11:37:14 AM - [4212437] ----D- C:\Program Files (x86)\Fotosizer O43 - CFD: 6/8/2011 - 3:38:38 PM - [3553863] ----D- C:\Program Files (x86)\Free Music Zilla O43 - CFD: 1/27/2011 - 3:26:16 PM - [12536570] ----D- C:\Program Files (x86)\Free Video Joiner O43 - CFD: 7/5/2011 - 7:42:02 AM - [31240728] ----D- C:\Program Files (x86)\Google O43 - CFD: 8/14/2011 - 7:20:14 AM - [6172097] ----D- C:\Program Files (x86)\GridinSoft Trojan Killer O43 - CFD: 8/13/2011 - 2:29:22 PM - [41] ----D- C:\Program Files (x86)\Grisoft O43 - CFD: 12/23/2010 - 9:16:10 AM - [26223398] ----D- C:\Program Files (x86)\Hercules O43 - CFD: 12/21/2010 - 10:33:00 AM - [1566519255] ----D- C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 9/24/2010 - 2:58:24 AM - [3123440] ----D- C:\Program Files (x86)\Hp O43 - CFD: 9/24/2010 - 3:21:24 AM - [284033140] ----D- C:\Program Files (x86)\HP Games O43 - CFD: 5/31/2011 - 8:01:18 AM - [177874688] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 1/10/2011 - 3:20:08 PM - [96668] ----D- C:\Program Files (x86)\Intel O43 - CFD: 8/10/2011 - 6:57:34 PM - [5347553] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 6/13/2011 - 5:20:30 PM - [126499047] ----D- C:\Program Files (x86)\iTunes O43 - CFD: 9/11/2011 - 3:43:18 PM - [95889619] ----D- C:\Program Files (x86)\Java O43 - CFD: 6/21/2011 - 9:03:16 AM - [49835545] ----D- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 7/30/2011 - 12:06:10 PM - [6996189] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 2/14/2011 - 9:56:50 AM - [94442582] ----D- C:\Program Files (x86)\mediAvatar O43 - CFD: 7/16/2011 - 6:14:10 PM - [0] ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 1/31/2011 - 1:13:28 PM - [0] ----D- C:\Program Files (x86)\Microsoft Antimalware O43 - CFD: 1/30/2011 - 10:36:56 AM - [34307107] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 6/16/2011 - 8:17:02 AM - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 7/14/2011 - 7:52:26 AM - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 12/20/2010 - 9:43:48 PM - [15715] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2/6/2011 - 3:20:22 PM - [10667746] ----D- C:\Program Files (x86)\mkv2vob O43 - CFD: 7/14/2009 - 7:32:40 AM - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 1/4/2011 - 3:26:12 PM - [66546585] ----D- C:\Program Files (x86)\MSECache O43 - CFD: 7/16/2011 - 7:59:46 AM - [11804] ----D- C:\Program Files (x86)\MSSOAP O43 - CFD: 12/20/2010 - 4:47:44 PM - [0] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 1/26/2011 - 8:47:26 PM - [40217332] ----D- C:\Program Files (x86)\muvee Technologies O43 - CFD: 9/24/2010 - 3:21:32 AM - [7515506] ----D- C:\Program Files (x86)\NewspaperDirect O43 - CFD: 8/26/2011 - 7:22:00 AM - [19670458] ----D- C:\Program Files (x86)\NoVirusThanks O43 - CFD: 4/26/2011 - 2:12:50 PM - [111596855] ----D- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 5/2/2011 - 8:47:04 AM - [35491648] ----D- C:\Program Files (x86)\ObviousIdea O43 - CFD: 12/20/2010 - 3:49:44 PM - [20281413] R---D- C:\Program Files (x86)\Online Services O43 - CFD: 9/4/2011 - 5:25:34 PM - [47041692] ----D- C:\Program Files (x86)\Orange O43 - CFD: 8/24/2011 - 7:35:12 AM - [0] ----D- C:\Program Files (x86)\Panda Security O43 - CFD: 9/4/2011 - 7:24:10 AM - [144656] ----D- C:\Program Files (x86)\PC Tools Security O43 - CFD: 6/13/2011 - 10:50:10 AM - [30640621] ----D- C:\Program Files (x86)\PDFCreator O43 - CFD: 8/21/2011 - 9:00:10 AM - [183808] ----D- C:\Program Files (x86)\QuickTime O43 - CFD: 6/25/2011 - 6:32:04 PM - [95909788] ----D- C:\Program Files (x86)\Real O43 - CFD: 4/1/2011 - 10:38:08 AM - [51061071] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 7/14/2009 - 7:32:40 AM - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 3/16/2011 - 2:32:26 PM - [85448757] ----D- C:\Program Files (x86)\SanDisk O43 - CFD: 8/10/2011 - 2:07:44 PM - [18056185] ----D- C:\Program Files (x86)\ScanSoft O43 - CFD: 9/14/2011 - 8:05:42 AM - [13736319] ----D- C:\Program Files (x86)\Serveur Media O43 - CFD: 5/26/2011 - 10:25:52 AM - [7170794] ----D- C:\Program Files (x86)\Sheldon Solutions O43 - CFD: 3/10/2011 - 4:33:26 PM - [1575693] ----D- C:\Program Files (x86)\Shuangs Audio Joiner O43 - CFD: 2/2/2011 - 2:36:16 PM - [25623426] R---D- C:\Program Files (x86)\Skype O43 - CFD: 8/16/2011 - 6:46:14 PM - [2873747] ----D- C:\Program Files (x86)\Sophos O43 - CFD: 5/10/2011 - 5:25:04 PM - [5344094] ----D- C:\Program Files (x86)\Spotify O43 - CFD: 9/4/2011 - 9:58:16 AM - [5145259] ----D- C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 9/3/2011 - 1:19:08 PM - [19741681] ----D- C:\Program Files (x86)\Spyware Terminator O43 - CFD: 5/23/2011 - 2:06:24 PM - [43847197] ----D- C:\Program Files (x86)\Squeezebox O43 - CFD: 4/26/2011 - 1:22:54 PM - [768113] ----D- C:\Program Files (x86)\SystemRequirementsLab O43 - CFD: 4/27/2011 - 3:38:42 PM - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 3/9/2011 - 9:39:26 AM - [53257311] ----D- C:\Program Files (x86)\Total Video Converter O43 - CFD: 7/31/2011 - 5:11:56 PM - [10163787] ----D- C:\Program Files (x86)\Trojan Remover O43 - CFD: 8/12/2011 - 8:20:10 PM - [0] ----D- C:\Program Files (x86)\Trojan Remover 1.2 O43 - CFD: 7/14/2009 - 6:57:08 AM - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 12/29/2010 - 5:21:16 PM - [84718031] ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 3/5/2011 - 2:13:58 PM - [0] ----D- C:\Program Files (x86)\Winamp O43 - CFD: 7/14/2011 - 7:54:48 AM - [189778394] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 2/24/2011 - 11:01:40 AM - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 2/24/2011 - 11:01:38 AM - [8278928] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 7/14/2009 - 7:32:40 AM - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 2/24/2011 - 11:01:38 AM - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2/24/2011 - 11:01:40 AM - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2/24/2011 - 11:01:40 AM - [6371452] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 12/21/2010 - 5:59:02 PM - [3886217] ----D- C:\Program Files (x86)\WinRAR O43 - CFD: 6/1/2011 - 10:23:14 AM - [21114589] ----D- C:\Program Files (x86)\Xvid O43 - CFD: 9/14/2011 - 10:21:42 AM - [4182896] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 6/17/2011 - 1:28:18 PM - [3606170] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 8/9/2011 - 4:22:28 PM - [31529878] ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 6/13/2011 - 5:20:16 PM - [86144520] ----D- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 2/5/2011 - 2:02:00 PM - [179547] ----D- C:\Program Files (x86)\Common Files\AVSMedia O43 - CFD: 5/16/2011 - 10:35:02 AM - [24006656] ----D- C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 8/10/2011 - 2:06:34 PM - [8905847] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 9/11/2011 - 3:43:54 PM - [1239723] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 9/24/2010 - 3:11:04 AM - [38513660] ---AD- C:\Program Files (x86)\Common Files\LightScribe O43 - CFD: 9/24/2010 - 3:09:56 AM - [51570] ---AD- C:\Program Files (x86)\Common Files\LS Getting Started O43 - CFD: 7/14/2011 - 7:48:38 AM - [132899986] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 8/26/2011 - 10:52:44 AM - [0] ----D- C:\Program Files (x86)\Common Files\MicroWorld O43 - CFD: 7/16/2011 - 7:59:46 AM - [707584] ----D- C:\Program Files (x86)\Common Files\MSSoap O43 - CFD: 1/26/2011 - 8:47:38 PM - [106494825] ----D- C:\Program Files (x86)\Common Files\muvee Technologies O43 - CFD: 9/4/2011 - 7:24:10 AM - [779696] ----D- C:\Program Files (x86)\Common Files\PC Tools O43 - CFD: 12/22/2010 - 5:52:04 PM - [4740928] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 6/25/2011 - 6:32:24 PM - [0] ----D- C:\Program Files (x86)\Common Files\Real O43 - CFD: 7/14/2009 - 5:20:10 AM - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 7/14/2009 - 5:20:10 AM - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 12/21/2010 - 7:34:32 PM - [10245619] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 1/19/2011 - 2:53:16 PM - [0] ----D- C:\Program Files (x86)\Common Files\TerraTec O43 - CFD: 12/20/2010 - 3:46:36 PM - [276367460] ----D- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 2/6/2011 - 3:19:44 PM - [8836608] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 6/25/2011 - 6:31:58 PM - [352256] ----D- C:\Program Files (x86)\Common Files\xing shared ~ Scan Program Folder in 34mn AMs ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 11/7/2010 - 6:20:24 PM ---A- . (...) -- C:\Windows\MBR.exe [208896] O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 6/26/2011 - 7:45:56 AM ---A- . (...) -- C:\Windows\PEV.exe [256000] O44 - LFC:[MD5.22104AFBCBF41EF3D3982707268546E5] - 8/16/2011 - 4:04:33 PM ---A- . (...) -- C:\bdlog.txt [8401] O44 - LFC:[MD5.53BA8E9693581FBAB0FBDED7DD143355] - 8/26/2011 - 1:43:25 PM ---A- . (...) -- C:\Windows\REGBK00.ZIP [17080047] O44 - LFC:[MD5.C6FF685E2EA55C3AC5C90B9E7D6930C0] - 8/26/2011 - 6:15:21 AM RSHAD . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\drivers\hitmanpro35.sys [25160] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 8/27/2011 - 6:04:42 AM ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.187472C67377994BBA4A410D2CDCABD1] - 8/27/2011 - 8:55:43 AM ---A- . (...) -- C:\Windows\ntbtlog.txt [296596] O44 - LFC:[MD5.CB8F27F1079A9F140B22508D04E6454B] - 8/30/2011 - 9:53:43 AM ---A- . (...) -- C:\Windows\UPDLL.LOG [1796] O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\grep.exe [80412] O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\sed.exe [98816] O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 8/31/2000 - 1:00:00 AM ---A- . (...) -- C:\Windows\zip.exe [68096] O44 - LFC:[MD5.3521CD4DC0F1020648836B4777B5DB12] - 9/10/2011 - 12:39:43 PM ---A- . (...) -- C:\Windows\win.ini [891] O44 - LFC:[MD5.D34B612DFBA2D401204E4B6B902DFE8F] - 9/10/2011 - 12:40:18 PM ---A- . (...) -- C:\Windows\Lic.xxx [56] O44 - LFC:[MD5.DCDF3C155B21B4B6346892D2A7E05A7E] - 9/11/2011 - 4:27:48 PM ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.753BC16326FEE4A421ACB636CCD602F4] - 9/12/2011 - 1:44:52 PM ---A- . (.NirSoft - NirCmd.) -- C:\Windows\NIRCMD.exe [60416] O44 - LFC:[MD5.A46842C9B0C567A5A9584E83A163560C] - 9/12/2011 - 1:44:52 PM ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SWREG.exe [518144] O44 - LFC:[MD5.0297C72529807322B152F517FDB0A9FC] - 9/12/2011 - 1:44:52 PM ---A- . (.SteelWerX - Freeware implementation of SC.EXE.) -- C:\Windows\SWSC.exe [406528] O44 - LFC:[MD5.B70EACB82B9FFDA061199D0E2C67AB2F] - 9/12/2011 - 1:51:37 PM ---A- . (...) -- C:\Windows\PFRO.log [17208] O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 9/12/2011 - 1:53:05 PM ---A- . (...) -- C:\Windows\system.ini [215] O44 - LFC:[MD5.9433D9FB3205899323ADF6BB4158CF9F] - 9/12/2011 - 1:58:02 PM ---A- . (...) -- C:\ComboFix.txt [32439] O44 - LFC:[MD5.7EE4545AD0A03963A5223A36B0E52161] - 9/12/2011 - 9:20:27 AM ---A- . (...) -- C:\TDSSKiller.2.5.21.0_12.09.2011_10.19.15_log.txt [51046] O44 - LFC:[MD5.B198AB98FBEFBFA7746BD98CDB48FBE6] - 9/14/2011 - 7:04:59 AM ---A- . (...) -- C:\aaw7boot.log [2460] O44 - LFC:[MD5.A98B0E8155B37EAF6131735AC84113B0] - 9/14/2011 - 7:05:19 AM -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.E4E715D693BDF668E8CB98552ABAF409] - 9/14/2011 - 7:05:21 AM ---A- . (...) -- C:\Windows\setupact.log [2408] O44 - LFC:[MD5.11B64191A8B3755D03444EE9E359AA49] - 9/14/2011 - 7:20:08 AM ---A- . (...) -- C:\Windows\WindowsUpdate.log [783933] O44 - LFC:[MD5.94F2B6A61A825519F0F36AF3C1A57C82] - 9/3/2011 - 11:22:47 AM RSHAD . (...) -- C:\Windows\system32\drivers\Cat.DB [1800100] O44 - LFC:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 9/3/2011 - 12:18:58 PM RSHAD . (.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\system32\drivers\stflt.sys [51496] O44 - LFC:[MD5.B9FD129D82655A28D9165AFD471B71C1] - 9/4/2011 - 4:27:55 PM ---A- . (...) -- C:\Windows\DirectX.log [75574] O44 - LFC:[MD5.8833455D54C7783B0B11BD58F77B209B] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [525544] O44 - LFC:[MD5.F746FD41625D5FFE4D10A4C0BFE13316] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\java.exe [171808] O44 - LFC:[MD5.DDE850A07810C49B2FE7E45B3BFFF6B2] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [171808] O44 - LFC:[MD5.13A0D57FEB2CC1D543F953BEA2339FCB] - 9/6/2011 - 12:17:49 PM ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [190752] O44 - LFC:[MD5.8833455D54C7783B0B11BD58F77B209B] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [525544] O44 - LFC:[MD5.F746FD41625D5FFE4D10A4C0BFE13316] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\java.exe [171808] O44 - LFC:[MD5.DDE850A07810C49B2FE7E45B3BFFF6B2] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [171808] O44 - LFC:[MD5.13A0D57FEB2CC1D543F953BEA2339FCB] - 9/6/2011 - 12:17:49 PM ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [190752] O44 - LFC:[MD5.87832DD7249AAA772CB8AD79C114A0E5] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.826F4268068EB54A7111A94C31428203] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190] O44 - LFC:[MD5.29757208CFED9545C6424DF8EC7D790C] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548] O44 - LFC:[MD5.E5AEADA25BDCA39726FD6395ADF86890] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810] O44 - LFC:[MD5.6B1A790ADD4BBCD07E39D7688754FA3D] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242] O44 - LFC:[MD5.87832DD7249AAA772CB8AD79C114A0E5] - 9/8/2011 - 10:14:50 AM ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.826F4268068EB54A7111A94C31428203] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106190] O44 - LFC:[MD5.29757208CFED9545C6424DF8EC7D790C] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130548] O44 - LFC:[MD5.E5AEADA25BDCA39726FD6395ADF86890] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfh009.dat [615810] O44 - LFC:[MD5.6B1A790ADD4BBCD07E39D7688754FA3D] - 9/8/2011 - 10:14:50 AM RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704242] ~ Scan Files in 38mn AMs ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Free Music Zilla\FMZilla.exe" [Enabled] .(.Pas de propriétaire - FMZilla Module.) -- C:\Program Files (x86)\Free Music Zilla\FMZilla.exe ~ Scan Keys in 00mn AMs ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\hitmanpro35.sys . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\Drivers\hitmanpro35.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn AMs ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.CSCD"="camcodec.dll" . (.RenderSoft Software. - CamStudio lossless video codec.) -- C:\Windows\system32\camcodec.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll ~ Scan Keys in 00mn AMs ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\CamserviceHD [Key] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Dualpix HD\XtrCtrl.exe O53 - SMSR:HKLM\...\startupreg\DivX Download Manager [Key] . (.DivX, LLC - DivX Download Manager Service.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe ~ Scan SMSR Keys in 00mn AMs ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn AMs ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 ~ Scan Keys in 00mn AMs ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=153 O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=153 ~ Scan Keys in 00mn AMs ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 6/10/2009 - 2:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 7/14/2009 - 2:52:21 AM RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 6/10/2009 - 2:52:20 AM RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 4/27/2011 - 7:41:12 AM RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 7/13/2009 - 2:52:21 AM RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.B1224E6B086CD6548315B04AB575A23E] - 7/30/2011 - 11:15:15 AM RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [88288] O58 - SDL:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 7/30/2011 - 11:15:16 AM RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [123784] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 6/10/2009 - 9:34:23 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 7/14/2009 - 9:41:06 PM RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 7/14/2009 - 2:19:07 AM RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 7/14/2009 - 9:41:10 PM RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 6/10/2009 - 9:34:28 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.7FDC91FAC8E72F24E3E2B3D22B5E3F63] - 12/20/2010 - 4:43:34 PM RSHAD . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\camfilt2.sys [146728] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 7/14/2009 - 2:52:31 AM RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.A398ED024F739E7BE74ECFFA8A713A89] - 9/24/2010 - 5:43:50 PM RSHAD . (...) -- C:\Windows\system32\drivers\cpqdfw.sys [24376] O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 9/24/2010 - 5:43:50 PM RSHAD . (...) -- C:\Windows\system32\drivers\cqcpu.sys [24376] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 6/10/2009 - 2:47:48 AM RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.8F34C3EDB39A25DDDDE20670B1613386] - 1/10/2011 - 5:59:50 PM RSHAD . (.eMPIA Technology, Inc. - USB EMP Audio Device.) -- C:\Windows\system32\drivers\emAudio64.sys [77824] O58 - SDL:[MD5.9494736E4865F9B3A0A525EE9AB0D991] - 8/20/2010 - 3:45:28 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\system32\drivers\emBDA64.sys [654720] O58 - SDL:[MD5.F18629B95D2F62180E1142F26D184A3D] - 1/7/2011 - 11:02:50 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx WDM Lower filter.) -- C:\Windows\system32\drivers\emFilter64.sys [12608] O58 - SDL:[MD5.612FC1CB117CCF62D3C55488C8AEBD82] - 8/20/2010 - 3:44:48 AM RSHAD . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\system32\drivers\emOEM64.sys [943872] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 6/10/2009 - 9:34:33 PM RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 7/14/2009 - 9:31:59 PM RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.8ED7D078B21B7E2DB15A69BFCBEE8691] - 12/20/2010 - 2:45:54 PM RSHAD . (.Guillemont Corporation - Stream Class Mini Driver.) -- C:\Windows\system32\drivers\HDvidvx.sys [186496] O58 - SDL:[MD5.C6FF685E2EA55C3AC5C90B9E7D6930C0] - 8/26/2011 - 6:15:21 AM RSHAD . (.Pas de propriétaire - Hitman Pro 3.5 Support Driver.) -- C:\Windows\system32\drivers\hitmanpro35.sys [25160] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 2/24/2011 - 2:33:35 PM RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.4B7423FCC37664954460AC3E71752B62] - 12/21/2010 - 12:43:10 AM RSHAD . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\hxctlflt.sys [111104] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 4/27/2011 - 7:41:26 AM RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 7/13/2009 - 2:48:04 AM RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.9C4FB231B6E02F84580DE2F00F3C5293] - 12/24/2010 - 6:52:42 PM RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25912] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 6/10/2009 - 2:48:04 AM RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 7/13/2009 - 2:48:04 AM RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 7/13/2009 - 2:48:26 AM RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 4/27/2011 - 7:41:34 AM RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 6/10/2009 - 2:45:46 AM RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 7/13/2009 - 2:45:45 AM RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.ED5873F7DFB2F96D37F13322211B6BDC] - 4/1/2011 - 4:11:08 PM RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [428136] O58 - SDL:[MD5.13089F31AA37CDE1CE3784EE01A48484] - 4/27/2011 - 5:54:04 PM RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2727912] O58 - SDL:[MD5.FD833BEE2FD9BEFDC0AFD1941A306D9E] - 7/12/2011 - 6:13:53 PM RSHAD . (.Sunbelt Software - 64-bit Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [55384] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 7/14/2009 - 9:37:19 PM RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 6/10/2009 - 2:45:45 AM RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 7/13/2009 - 2:45:46 AM RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 7/13/2009 - 2:45:55 AM RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 9/3/2011 - 12:18:58 PM RSHAD . (.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) -- C:\Windows\system32\drivers\stflt.sys [51496] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 7/14/2009 - 2:45:55 AM RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 6/10/2009 - 2:45:55 AM RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 7/30/2011 - 6:52:42 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.4AC11B2250106774F694DF2DB4FFED61] - 3/16/2011 - 5:27:20 PM ---A- . (.InterVideo, Inc. - InterVideo ASPI Shell.) -- C:\Windows\SysWOW64\iviaspi.sys [10368] ~ Scan Drivers in 04mn AMs ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn AMs ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 2/20/2011 - C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys - No object(No service) .(.Emsi Software GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC O64 - Services: CurCS - 7/21/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 7/21/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 8/30/2010 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys - No object(No service) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64 O64 - Services: CurCS - 11/22/2010 - C:\Windows\system32\DRIVERS\Lbd.sys - No object(No service) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD O64 - Services: CurCS - 9/3/2011 - C:\Windows\system32\DRIVERS\stflt.sys - No object(No service) .(.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) - LEGACY_SP_RSDRV2 ~ Scan Services in 02mn AMs ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (...) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (...) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn AMs ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn AMs ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {79085C51-08CA-4B1C-BB72-8DD02BAF58B6} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - Orange : téléphones, forfaits, Internet, actualité, sport, video O69 - SBI: SearchScopes [HKCU] {B4D6826E-799C-4FF7-9FE7-D7F0509737C3} - (Yahoo) - Yahoo! Search - Recherche Web O69 - SBI: SearchScopes [HKCU] {FD5B2C46-96E6-48D0-8373-6AF44AE016D1} - (Wikipedia) - Wikipédia, l'encyclopédie libre ~ Scan Keys in 00mn AMs ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.DFD49939CC7AB1D7332128CDB160EEC9] [sPRF][8/13/2011] (.Arovax Software - Arovax AntiSpyware Installer.) -- C:\Users\ZINOU\Desktop\aas_2.1_setup_153.exe [3599329] [MD5.B00FA0C5D1620797F5DC535A45829A31] [sPRF][8/25/2005] (.Pas de propriétaire - VirtualDub Setup Utility.) -- C:\Users\ZINOU\Desktop\AuxSetup.exe [40960] [MD5.4E5F50EB2D7358C83B5DA85EDF6037D9] [sPRF][8/26/2011] (...) -- C:\Users\ZINOU\Desktop\mwav.exe [136988056] [MD5.94E744FC0CA84284470DC23522C4A324] [sPRF][9/3/2011] (.Pas de propriétaire - PC Tools Installer.) -- C:\Users\ZINOU\Desktop\sdsetup.exe [512992] [MD5.F3246D2E451C71A42A7ED70F4FED3298] [sPRF][4/9/2010] (.Pas de propriétaire - VirtualDub.) -- C:\Users\ZINOU\Desktop\VirtualDub.exe [2668544] [MD5.5CAAFF20C5695611F08ABD954E58DEA2] [sPRF][9/11/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\ZINOU\Desktop\ZHPDiag2.exe [2582227] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608] [MD5.632E0CE38FBCADEAAE28077F4C9C45D5] [sPRF][10/21/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r102.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2827728] [MD5.D4B7A651CB12B6C1A4FEB9FB5115CFE7] [sPRF][7/12/2000] (...) -- C:\Windows\Downloaded Program Files\fxfileop.dll [36864] [MD5.2B1C4C87EB20ADDBA59DCA975E28DFFB] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [741376] [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [sPRF][7/25/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032] [MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][1/5/2009] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32] [MD5.A7E770B48CB0B6EB979FA6C518B1B518] [sPRF][5/30/2011] (.Akamai Technologies, Inc. - Download Manager ActiveX Control.) -- C:\Windows\Downloaded Program Files\Manager.exe [707744] [MD5.F43C810230BEAEF1D3BAF3D645B3E46C] [sPRF][3/20/2009] (.CA - eTrust PestPatrol version 5 SDK.) -- C:\Windows\Downloaded Program Files\ppctl.dll [820464] [MD5.823451876778F382B23AFE20EF2DDC20] [sPRF][7/20/2011] (.BitDefender LLC - BitDefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax.dll [1220672] [MD5.E5EC6E96293203461999B2DFEEDE4C4D] [sPRF][7/20/2011] (.BitDefender LLC - BitDefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax64.dll [1373136] [MD5.2FD994827193B68DD301F80BDF744231] [sPRF][4/3/2009] (.Husdawg, LLC - System Requirements Lab.) -- C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll [354608] [MD5.81093A8A1719E11B22B586E10BFDC523] [sPRF][10/31/2001] (...) -- C:\Windows\Downloaded Program Files\uninst.bat [118] ~ Scan Files in 02mn AMs ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{39CE62A2-6D1B-4577-B016-9194036A85E0}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe O87 - FAEL: "{C2434DBF-9BE7-410B-8ADA-53DAF34F5E8D}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe O87 - FAEL: "{74C3B2DE-7835-4D35-9C02-0607FC29A31E}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe O87 - FAEL: "{E0C83026-4359-4677-9597-3DD26928C830}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe O87 - FAEL: "{F8A8EE1C-F2F4-425F-930F-95FA5EBF5894}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe O87 - FAEL: "{6C18A400-1A81-48F2-8E31-AD64360AB28B}" | In - Public - P6 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe O87 - FAEL: "{4D7F5101-AE4F-4378-8F88-ADA452898AA5}" | In - Public - P17 - TRUE | .(.EasyBits Software AS - EasyBits My First Browser.) -- C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe O87 - FAEL: "TCP Query User{A5140418-1C56-467B-BE17-C2868C18B9F6}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Public - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "UDP Query User{A79020C3-CCE2-4732-99FE-0F95F829DDF7}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Public - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "{EBA3D638-85E3-4757-B79D-9C7471BE3631}" | In - Public - P6 - FALSE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{18A5E496-7893-42B5-B207-A9C994468B09}" | In - Public - P17 - FALSE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{844AE9FD-5E9F-4EFC-A24F-F3CB0DB582DA}" | In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{37F4A99A-F7F7-4FE6-B8BA-968A628AEB1A}" | In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{AEC3907A-CB3B-404E-9BD0-27BCE3E5D5C3}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "{F31FE4D6-273A-4771-93EC-9C1751C21393}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "TCP Query User{2CC60C9E-6146-4ABA-958F-BCBB13CCAC59}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{366F5B85-A7CA-483F-8889-DC648C231206}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "{3AF625EC-2797-46E7-8817-A6F72BA38DE5}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O87 - FAEL: "TCP Query User{504BB014-7437-4796-89FC-C1CF64374C28}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Private - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "UDP Query User{F3385E37-3C4F-4DAF-849F-DE06C9D10311}C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe" | In - Private - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files (x86)\hercules\dualpix hd\xtrctrl.exe O87 - FAEL: "TCP Query User{F435FD52-C678-41E4-87E8-A6620764A01B}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{25316F5F-C892-4CCA-B9A6-16D0816ED997}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\videolan\vlc\vlc.exe O87 - FAEL: "{F89B5DD5-6FA7-4718-A82E-F7C789418A77}" | In - Private - P6 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{A183435C-1223-4A28-B75B-6F87B26A60BC}" | In - Private - P17 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{20B09ED6-6663-4516-BAD2-F1170D69FCDC}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{EC0FDE6E-D7E6-43F7-8D53-FDFEE1833244}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{1CD713C4-1B7E-483A-9302-B99C2F25F432}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "{9E5D127B-DE2D-4B3A-8525-38AC3FE306BB}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\bgtrans.exe O87 - FAEL: "{09BC5637-DCE8-46C4-A4A7-B2BD470090FA}" | In - Private - P6 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{B35C2701-D025-419D-BD8D-BB89B6453BCE}" | In - Private - P17 - TRUE | .(.PacketVideo - TwonkyMedia Server watchdog.) -- C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O87 - FAEL: "{B272A3BA-0EFA-48C8-A775-3FA92256F25B}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "{69DC73A9-9B3F-4C74-9C11-8BB0F6F30B47}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe O87 - FAEL: "TCP Query User{62A1BD43-1EEB-4603-8E52-EAE0A805A120}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "UDP Query User{CA84F0B3-C9FF-497C-9609-E358B31640BE}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "{265D39B1-932B-4844-9EC2-92BEB379E498}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{EAC96B28-F523-4543-B570-C6661E704132}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "TCP Query User{2F5A93BC-42D8-4CE6-84B6-C423B0F71390}C:\program files (x86)\spotify\spotify.exe" | In - Private - P6 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe O87 - FAEL: "UDP Query User{48F2395B-40C2-490E-8F08-04973FDD287D}C:\program files (x86)\spotify\spotify.exe" | In - Private - P17 - TRUE | .(.Spotify Ltd - Spotify.) -- C:\program files (x86)\spotify\spotify.exe O87 - FAEL: "TCP Query User{59620409-7C8E-44D1-82C2-B4A950E33E4D}C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe" | In - Private - P6 - TRUE | .(.Logitech Inc. - jive.) -- C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe O87 - FAEL: "UDP Query User{C1FF98E6-77E2-497B-A96D-6F7F84BEA37A}C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe" | In - Private - P17 - TRUE | .(.Logitech Inc. - jive.) -- C:\program files (x86)\squeezebox\squeezeplay\squeezeplay.exe O87 - FAEL: "{AD98CAF7-99AE-4DA3-8C1D-F8622DFA1A62}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe O87 - FAEL: "{583FDBBF-71D3-4333-A344-6FE4FB3C2481}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe O87 - FAEL: "TCP Query User{B826487D-93C7-428C-88EE-FB031CF73B69}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "UDP Query User{37B566DD-9F7F-4BDB-8CA3-0C8266C80C84}C:\program files (x86)\free music zilla\fmzilla.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files (x86)\free music zilla\fmzilla.exe O87 - FAEL: "{D9A0AC3B-0428-4FF9-8319-5DF9585988CC}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe O87 - FAEL: "{A83B0D14-2235-413A-A42B-FD6E28EFC906}" | In - Private - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O87 - FAEL: "{83C45770-DD60-4EC5-87F4-C3F532159271}" | In - Private - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O87 - FAEL: "{1669EF1A-3FC8-4987-96CC-2B056BE78133}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe O87 - FAEL: "{C0C4CC1E-927F-4449-AF32-B3BAE2FC4819}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe O87 - FAEL: "{C404C689-1C10-4460-B30C-C46E9C13286C}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe O87 - FAEL: "{008F7DED-193D-4B89-88BA-0EDD9F196385}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe ~ Scan Firewall in 01mn AMs ---\\ Scan Additionnel (O88) Database Version : 8621 - (29/08/2011) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange ~ Scan Additionnel in 05mn AMs ---\\ Recherche détournement de DNS routeur (O89) Serveur : livebox.livebox.home Address: 192.168.1.1 Nom : www.l.google.com Addresses: 209.85.148.104 209.85.148.106 209.85.148.105 209.85.148.99 209.85.148.147 209.85.148.103 Aliases: www.google.fr www.google.com ~ Scan DNS in 02mn AMs ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 9/2/2011 3029208 | C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe SR - | Auto 6/17/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 7/30/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 7/30/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 3/14/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 4/25/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe SS - | Demand 9/24/2010 246520 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe SS - | Auto 12/20/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 12/20/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 12/21/2010 126520 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Auto 12/21/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe SS - | Demand 12/21/2010 751672 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe SS - | Demand 8/10/2011 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe SS - | Demand 6/13/2011 934176 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 9/24/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SS - | Demand 6/4/2011 420864 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe SS - | Demand 8/18/2011 6144 | (MEMSWEEP2) . (.Sophos Plc.) - C:\Windows\system32\E512.tmp SS - | Disabled 4/27/2011 1012328 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SS - | Disabled 4/26/2011 2218600 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SS - | Auto 2/14/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe SR - | Auto 2/18/2011 501336 | (Serveur Média) . (.PacketVideo.) - C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe SR - | Auto 9/3/2011 1139928 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe SR - | Auto 4/27/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 7/14/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 05mn AMs ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 07mn AMs ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by ZINOU at 9/14/2011 10:23:34 AM ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 09mn AMs End of the scan (1516 lines in 13mn AMs)(0) CI LE RAPPORT VOICI CI DESSUS LE RAPPORT
- le 14 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

ok je te poste ça demain matin bonne soirée ----- Bonne nouvelle, après 3 heures de scan avec Eset, aucun virus trouvé. Dois-je supprimer le fichier incriminé plus haut ? Merci
- le 13 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

le voici VirusTotal - Free Online Virus, Malware and URL Scanner
- le 13 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

non je veux t'envoyer le resultat du rapport je fais comment car virus total a trouver qq chose
- le 13 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a répondu à un(e) sujet de ZINOU dans Analyses et éradication malwares

je ne vois ou ce trouve le lien que tu decrit merci
- le 13 septembre 2011
- 18 réponses
[Résolu] Problème de virus

ZINOU a posté un sujet dans Analyses et éradication malwares

BJR j'ai eu ce pb bonjour J4AI FAIS UN SCAN en ligne avec F secure il m'a mit une trace dinfection dans le rapport suivant sachant queMBAM ET AVIRA n'on rien trouver comment eradiquer ceci merci voici le rapport Dimanche, Septembre 11, 2011 15:50:11 - 16:31:33 Nom de l'ordinateur : ZINOU-HP Type d'analyse : Recherche de programmes malveillants, de logiciels espions et de rootkits dans le système Cible : C:\ D:\ -------------------------------------------------------------------------------- 1 programme(s) malveillant(s) détecté(s) Suspicious:W32/Malware!Gemini(virus) •C:\USERS\ZINOU\DOWNLOADS\0KCRP1J0.EXE (Non nettoyé & Envoyé) -------------------------------------------------------------------------------- Statistiques Analysé: •Fichiers: 98497 •Système: 7764 •N'a pas été analysé: 356 Actions: •Désinfecté: 0 •Renommé: 0 •Supprimé: 0 •Non nettoyé: 1 •Envoyé: 1 Fichiers qui n'ont pas été analysés : •C:\HIBERFIL.SYS •C:\PAGEFILE.SYS •C:\WINDOWS\TEMP\TMP000007A4A3BA845E995B1720 •C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT •C:\WINDOWS\SYSTEM32\CONFIG\SAM •C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM •C:\WINDOWS\SYSTEM32\CONFIG\SECURITY •C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE •C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT •C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM •C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY •C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE •C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM •C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB •C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB •C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\ROAMING\PEERNETWORKING\B082520C48B5478A6C8B33BAB4AF5240500B81C6.HOMEGROUPCLASSIFIER\BCEFB6336FCE45F2521F9C97887A1E07\GROUPING\DB.MDB •C:\USERS\ZINOU\APPDATA\LOCAL\TEMP\LOW\HSPERFDATA_ZINOU\1532 •C:\USERS\ZINOU\APPDATA\LOCAL\TEMP\HSPERFDATA_ZINOU\4448 •C:\SYSTEM VOLUME INFORMATION\{07AA00D1-D92B-11E0-8DCD-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{07AA00DB-D92B-11E0-8DCD-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{07AA014D-D92B-11E0-8DCD-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{07AA015D-D92B-11E0-8DCD-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{07AA019D-D92B-11E0-8DCD-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{ADFAEA1C-DC36-11E0-946E-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{ADFAEA34-DC36-11E0-946E-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{CDBB84FE-D843-11E0-9A78-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{EE1AE6F0-D9D9-11E0-9E76-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{CDBB84F6-D843-11E0-9A78-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{EE1AE6EF-D9D9-11E0-9E76-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\SYSTEM VOLUME INFORMATION\{ADFAEA39-DC36-11E0-946E-D48564155889}{3808876B-C176-4E48-B7AE-04046E6CC752} •C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\SCANS\HISTORY\CACHEMANAGER\MPSFC.BIN •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\012D15BD426504A5ECF149BC23B01A81_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\02CDB2C70DCB1AA1028C046152460B7B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0167AB1BE6ED31D3C289446E919391F3_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\017D938752F30C9AC963E26B4960638E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0302884D4F3E03DE29C4DD049083BFCD_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\04160B98113E12473994CCB0AB8F76D1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\04B6F0482DD02C3EBCD8D8F57DF03633_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\04C224974DA69CBE8BF1F2B8C04C90D2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0591084DC2138C990B59FBFAB18055B6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\06C8ED6E22E882D7CF739667273F39B1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\07082C9594DB3E430510A46CE7A41E2D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\085C796E123C82BA5FFB3A1B21386FD8_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A29E0B8AB298916C37E6EC872FD5014_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0A34E362ED77C16C71165B6F210776D2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0C7AA2F4D2311B9D2178028A6C38FCE6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0CBAF534E36A9EEF42CE625BF4D39ACB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\066CB37F98D281732ED650EA7E56107E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0EBC13ADA8E2FA3F0E79AF0B3500A5D6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0D039C3BD59CCA8D4EFA935C07005EBD_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0EBCA665A72299538E5AB843D2C70CAF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\105F01E64D7104EB63298D7274EAD830_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\11CD26B9154E2EC24ACA8FAD26A5302E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0E6711B6A45852F26BA4D4ABF942A39D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\0F53C6D47F72CD66700E68C3C54DA959_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1499490AA26707974B39201395FCC53C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\12747F95027CAD6C87DE3666A47FEE55_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1389C7C87D2400B3826801B408C1734E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\143C0645CA690F74797D0FB205FCB2CF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\16D220EE865DB3D128DFC91C1285E879_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1279064A0D7AFF251847F8AED9B09D68_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\16E8E8CD60CB4E749B373968C525CC09_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1596862DCF60F38DDCC7DE3C0A0F2B92_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\175877F21356D42B98C62F1B6FB131C7_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\185C458E202AEF345C8E4D6901256F06_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1BE209BECBD0A43B998C575ABE3551DF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1BEC2ABDE7CF96583964990B9149B310_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1B11E2183BEFFC625051E6577D4C4E17_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1BDC53C74559E4249AF1EAFF7692764B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1C744AF868F87514345F1CE31454375B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1CE96B34459743C95621F820CF8A44CC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1AC0960D28CA446F1F983296BCA8E980_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1CED9396A066F148479C5BAD7B440B88_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1EEED0FD67545C0DEF53C8CD458404A7_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F0499181BC0BBC82844E642F53D01DA_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1FC43B1654E85A65FD2A7423ED536400_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\209E844B5E3417B732394AE35CA312E9_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2037ABB6214CAABD5D1389CB3254D6EA_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20AC04712C5276AD9403CA0AED30EC39_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1FDFEEF341A501F4D6F37EB5D8860A76_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\1F9AED7D069153F8C034B221C298B333_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\210A6CBC1628DB28E33E2C3D66459D6B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\225E5D854494989CEB86F79C9D753E83_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\22306283E04C7B5554779816873853C5_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\216E2D4E7EE57589AF0BB072F5794555_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\23C8D2836BB26A2CA272407825C44CD0_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2324B72749CEBAAB2C53D4E7D18C05FE_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\20B33CE506414BD41345955FB31454B4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\25B1D46CE386E6ED6453FC362894EABE_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2984E7CE53B28F3456CF3A922FE8C31A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2717142ADB24CCDBFF17636944868F34_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\26C89D8F82EFCDAAAB8FFECEE2945C15_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2CC24DF5DB89EF1F35F4DC54E194B5DB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2D09422AC0DEDD98E5FA2851C2FA6C70_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2D6360E65E9F1C29F7D274B76B1A2320_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2AB6123C208FE0766AE33DD34320B01C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\330A39AA8D44C7D6D8FF1037E69352E2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\331611C3F4C24EE88CA853B91D07EF90_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\38750AE063BFFF6266AAF1BC81A6B3B0_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\39271ACF95C134B88A425EDEB82414D4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\39EC8371A0823F22FF3969079D429820_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3A67D7C5971F98279114446FBBF55F3E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2A0A83A5146D80FAB75444258B29944C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C39C54F3081B8AD5821B49A70548B14_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\2D6819735C545D7C2F76FDED07B92049_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C709BF3EB9D2420C24044F525706B30_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D2A1B0C571FF00F72E3E8E4E3E8672D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3B2F42CECBBDE57E063FC58BF454D863_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D5CD50D2714DAFADA7429C14E0715C4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3C77AB510001992007F4F1E9A541068E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3DF1C5834CD1F640C97427F680EA6CA7_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3D72DAA5D460287791512A8AC10C54C8_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3F1B34CBE1C6079A56378E72B32B396F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3F43AA9EB781BAED7DCA2FB624395F43_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\3E9FA0496E569615D7334095D254B2E1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\40F73AF4FBF4EAB001FE30749AD83A83_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4349F3D8989FB08F87131BC2928CDA86_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\42C7F88C795349884045A117FCC4DE47_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44D97AFBEAD5ED37B7201023F912AEED_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\445AB3954444F7450D0B70E71110F674_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4150FB2655F133CA28DD998FB378F9F4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\45211394BC76925E0B63E01D5CB923CA_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44DA8882400D8603014507EB835BCCDE_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4681E4D30D247F2F1982A7A783BF875A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\44F478571553858AEF1794E087C27278_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\47C6B3B8B33F0E945C7F5A31F122AA56_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\46F0380ADB4C275677F3F945C626AE14_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\489286F7F9C7F005539981D249CF9774_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\47E9864121696FA483C4AE01A3291D78_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\49B5CD7FDE705078366A332C7AD678F3_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4A0B568EDCFB7694B9EE0D706FB831C4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4A78F3D7C262E453F145D80685BA460A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4C549E38AE40473694BE4ADDF110683A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4AE2D184CF00820C91FD87A456F03B24_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\49722CA78AD5DBABF55B2FDF1620B4EC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4BCC74BF0A080A8E5DC7E7BB6BC11470_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\50598F58583BDCFA4E8F82D8DAF2DA06_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4CDD172A8A837864037E0289A71C1D60_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4D3435C14D1C00F280A1E3A4EA371E26_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4DB63956E588937D7655C9A1C6920C23_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\4EBF860515E83D41A5927F85B11ED60E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5428329F72A46B23E0372E680FB5F2AD_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\54886F4BEA0D42CB3383E515E29900D1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5284444E60CC21B161E72BD904C4745D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5398F530B9DFB80DE367ED252F43ED9D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\57C1B20F9F9A2AA5DD3995103330C03D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\587E5C9E8A19062BF66166B9E12821AB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5940598032E05E494217142DA039533D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\59C9622D3F02F1BDB5BBEF84AC5EBC48_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\59A754B2BE6C702F102F8CDD4EAB2397_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\598ACB000CD140BD5FB46AA366DBB95A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5A7DDCCD23A0B26C6FBD0ED7C831F1CF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D60E897191230E077B5B6157F53F8BC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5B5F0EE48C11B7262CB157B3C81EB103_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5B3DED653334F7139106338A8CAD03B7_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5DDDE9E828FB5DEDF2AB4F09581C35E6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5E0DE0144FBA421FB5665289FECC4AE2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5E552BC7F83C58FC2F4917633F8B715C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5F5ACD204043CE9825885DC78EE5DD3D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D48D0A148A45D8363ED51BE54503ED2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5D880CA5B244514FF49BEBEE923C01C2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\625CDCECB2B70F22ED3701ECD110305F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\62798AA021F96AB1E202C83AE52E655F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6005C7C0AFBE63BF87D4AE21CA1C9C61_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\5FB39E56AA4F92F47CFF223DD0D34EDC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\640234058140C9081CC609ACE98F64C1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\64D1838A0DE8CD07F48F75F222273C82_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\631F2F16216117395DD3C4C7A219F0FD_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\64DE8457A419C5C31E98FE47D16E4257_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\64C44C8D2C3F3EADE14E29B5A5428107_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\65866DB2CF3AE1C245E456965BB6B97C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6513F68D62875C18DBC3D3F5074276BE_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6709718FA50B4DAD52471F7BC84E2947_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6818937F51B9469EB5DD9BAC85023494_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\697637079EFEC89EBDCBD764AF99DC4A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\67F07861B67D35D643B4FC20B7B8E913_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\698DD9FA9B1DFACF0813F5FC0B1B349C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\661C8EE3C1E6101970ED19B5A5370431_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6AD40442DA892FA090DFFA5CA7F46E06_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6BB40323DBADC14B6977EC6C686D9089_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6B3E88FA64F2AA27BBC27FF57ACB4A28_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6AC795A8FD6C8006474826185F20DF34_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6C35434DCBBCDECF35AB6B312AD8DBF0_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6CAA7D5C1ED76E2421042A4C236C838A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6DAF030BBDD1B9CE6C5051190FA12AB6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6BCA701E303AF130B3ACAA248D56E268_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6FCD66FBD1806D4D374AD6152BCAD3EB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7371177F5191C79E003C3947C93EEA12_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6FA38565583D154ED054B70C6544E917_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\6EA72E53C53E0F97770D137951BC61BC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\744001F8F0D5C4266DD90538C803C9F3_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\746F9C188D7256D9AFE6209BC0AD93AF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\74A5EAE75D89D12CDEDD3292641A4B4B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\762DD1F70AA9F78D396E1BC821A0B6BF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\764C24A64BEE6D494FCAEA3C88B46B0B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\77B07B90A21BE08C881D23033702B851_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\796565B242903632DEE3321331635DB5_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\796FFF18176C38395499BCB1ECDFCF92_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\79F1EFD3F22D8CEB4461165922D876DF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\790BC31A6C87C5DA4633AA910BE39B13_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7B5B1E4A8DA2E6A96BD5969D5A58F33A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7BEB82D87453606B977D0955A95FDDDF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7D0C474AD1076B2CA4DA9234B29E037E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\790FF754BA777B4AF82E6BB03878788A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7D2275C85DE4BE71E985ED655DB5CAFC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7DD2206950BDA7BC8A80546EDAFA31F9_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7AB1DCC639CAA2D8676C5827589D1B3E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7B52EBBADF566FD2C6984557E93D9610_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7E319A31C496883F1B0A9CC439207755_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7E29272FD0FF201D72EE52960371EC37_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7F054DAF8263A9DB16EBBBD9937322DB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7ACF476CDB57C8174A94D08C6743001F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\81363ACDE22347792799A6D5502590D4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8626EDD313E7D5D97F1C4D724B0C90CF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\81F55E3611A35E57211D50DA466951D4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\7F0F93EFCE833A6201D0080E96ECD46A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\86A4AD94B0C48C10409B3250E66D63B4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\86AE9C591AF396C2CB276CAC418508CF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\859DBFFAB03B8213EB185850AA97C2C0_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\820C4A4CB7178A6FC14ABF7A59571B59_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\86C6A6E7B311C11688E612181F10A905_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\871FAEEA4FED9A72C40EB58A075F3111_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\883C3E57074332E5A3C0317FB896E7D4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\898AB4C68EA851449E9467C30D5B4F3F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8B2A36529CF7C6369F88712D1AA0B196_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8B5F170E2CEC17F6238C96405878E1B2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8CECA0B3830A0C91E3B4B4A00AF9F6AF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8DA5FA70C6A879978FB1653A3D307CEC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8F847B2A01A254E079029ED5C38901F0_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\90406F9C709CA99A52FD960D928914F1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\91497E37A13AD93AABE53E452FA2B4B6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\8A7A85BBB68CBA6221DA1F9071C9A6F9_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\916397C6EA34123972A51E572763BE6A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\919BCAFDFDE27C405677B300E08C6948_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\86FE3AD5FA8D1A99780875458BDDA947_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\914F01F0BE61BD74F14BDCB60336CFF4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\94907FE7ED90E6D0572EC5F3E6C5C026_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\94F5C07537A4FC3A58ADAA3E0F679C99_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\94F424E6998B937FB96AB02CC2274BEE_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\94D057CA8C7CDBBBDEDB615E39B27F30_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9C7CFBD281435B24177FDC04FDE697A6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\98F4EF08C31C08EFD40D7F721DE98954_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9DEE590D956B2D8929EECDB87FEE8377_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9E6537C906ABBF4BD92607E24D720CA0_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9CDBA9920517EBB50BB555E2C1DD86AC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\97F481E608FF066592494A7B26EE55B1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9FA5BD57F1B493B7B7372A2E7F96834D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9FEEFE3827597A7902D7149028A902B6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A176C2BDC256E015D5CC09DF4BE6B1A6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\9E5C77FB320520ECF1A55BD7714E6F93_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A16349304885A11BABA40948FD5E5186_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A22AA2D1B942B4D62536BEA37348B069_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A45DCC8C52318CD655731B16E047DEF6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A525C0A9469A44782EE2A2232A9830E8_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A6987212E59086EDCF1EEC5CC4EF0045_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A6A2A193F494CABF9848CB2164B48B20_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A9E6BE08E844E0E7252F78285426309B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A7AF3D0AF811A91AC797242AE164E58C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\A7631F48AB340A229FCE69204B8EACB5_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA08CD96D1E7170C64926AE3B2FF1DE7_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AA0F55F8B0E4EEA05511CA8D46BCBF34_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AAC0D87E04B587832F576443FC834637_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AB2CF1225FD05355D83AB493E4A03777_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AE8D7E30FFE4EF82FC96AA5AAEBBFF97_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AD965A037F18109539B8B7F335B12BC1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AE9812E4AF422A97D4EEBA6A36D54F50_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AEC9E8230780617AA104AC942BB0F721_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AF5D81A24AD00EDAEA70B7D478F3FE70_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B25E7397B2DB7412C9E83F4981B3D2BE_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AFF0B062E3762DE1416FFCB5D3638633_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\AFE2BCA4B7B6D9828F429740E4725227_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B0A6D6F8720FB4C365217713BB4F5FC2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B2891DD02B78C5AE0554FE54E9C8586F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B2F72852FC82B33046918BDC6E15B941_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B3F9EA81D9AD084E4D398AFC6A8E8449_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B7DC5CE272C97DEA61B5079D7E77CB73_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BAB1AEFC0C6B5E01CF46AEA6D88A28A5_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B85C3FCD0ADA2FB3DC5C7E2465A058BD_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B8AEDE88255D7B1185814B08880CB203_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B90BF955218B7B28E61E526D4851D934_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BC629349F94A1F4978B85FEC24987BDA_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BB7C55108E07E481DAC0000BAC7774E1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BDF3EF0421DB47BB1EDC6BDA703B1705_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BE41AE43DFD1BE3E4ACA3A196A14A7F2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\BD15AFA42B5A2D0373DCF3F0F25415E4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C00B850D24681B1AB52CCEA6423DB57D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C2C983CB50A1262ADD764FE1A37AC4F9_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C205FEFEAD8BA97D1EC33C2D99FF3AAF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C4C3D83F65AB9FD83A1D968AAC4BECEB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C79099C323194F790EEF975C482CBD6A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C3D50F97710D32FB0D2BB8E57DF0072E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C7C1A6AE50B899E58E2267B68DDF17A8_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C60A70C363DB0C78E28BE40B7E764678_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C8E30AB48707205E8058A75F76B35CC7_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\C897A6BDCA59FFDEE4912387E0C3CD09_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CB9BEA928184E58D3781B3159D6CE640_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CE5C08E80BE79D65B95F652A176E69AB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CEFC62098811174C877A74F1E26532E4_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CB773E0CF3121A8F76DCBF4F476C5463_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D38B81B4DDC4893A6FEF4D00A92FB532_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CF99A2BCF8782F6606CCB9237B222387_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D3BD5E3D69C05895A3A24C71A5E9C293_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D3ED24212CBD546CD38E92FA6ACF45E6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\CA9D9BDB17BE456E8D9D80DE7D108CF3_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5100EFA02463356D5FA975F696B86F7_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D40E44E8FE01CD802D9881621A0C3B42_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5510E871F2E2BCDD09808F39EFABA57_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5B2D402FA10E553C36708F66FD9B0E3_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D5210A4A4028599759BA48A40E88145C_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D91D8FD6BD03696636F215EF693180AA_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D7D9FA68A9216E2544DB4EC3BD2B11C8_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DA1E4F0826C21734A746E14ABAFDA87B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DA89AE6672C0E6515DA9EC63B132FB69_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\D9440B9B19AAA78D5AB7F35E6692A7A1_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DFB6EA50B6E0D04F1335137C8146C030_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DDE7B8F49BB573E72D79960916EE7D2A_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DB2B098F45EBB8238F06C731E8C4103B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DF7ED1D69E301AC938F6C8ABC68BE5EA_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E0D6136D33BB681C62F73635B769778E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E172F40482DA430B4BF455BFF27D19EB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\DDFD6CA468C2F3C9607D93459987BD44_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E3FF241FFCCA3B1708B1DC866DF6393B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E0618B194435CC45E26C06C149B6C405_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E52A78ED5F8636912E548CF5D333EF93_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E5B0FEA64C97A4C99EF20A0CA2267F1B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E4983B02B6F54CFEF1A056E52B1AF1F6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E79D7CD503DA63BDC057AD08A696E33F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E76B62A59932893D194544F99EEBA73F_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EB28BD84156686CB072E39009F2BAA67_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EBB12E23E15DC6C260A7A7175BF4C282_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\E96AAEFFD5B31F14FAB5A2BAC6D6ADD5_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDDB4FF898CA23D12F2F731D591F50EA_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EE93EFA46B2C83C4940BAC38F76A91C2_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EEF25931953BCE00E1D35D90A17EFC76_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EDF4618993CD0652A34D3153FC439CEB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EF6F0FA0A4146FFBBE5DA886E2ECA735_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EBF69C2BB23081F0C584261777E8C616_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F2C5D63458E84CB72C0B41811003CA42_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F666CE012BF5F4E86C11082CA320498B_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F3F726A7BFD05FBBFB7837F73C6A6090_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\EA68119987EEB470F7B171226EDCFFBB_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F4BD37CB8ADC61AB96FC4E462FD1C1F6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F61B5A0791CEC4A499DEA9C971C9CE8D_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F8386663455F6C40079555E6742ECC31_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F75AF7DC18C983A6C9B073771B3BCBCF_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F9C9515BEE3583B6FCFD5960C80270C5_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\F8D28B31E73491811D6602190D7EB9E8_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FD236297FF0E9350038C7461325BA05E_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FD5FDCB7A6063E13E9CC1A6E5810E281_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FE09646CC0A6C1C269B4557568D92FCC_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FC4AA7606563BDFD42114D22CEAA3A14_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FE1E56967A76C7D0237520F8EC7D22ED_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FEAC3F4719E1E50ACEDFE60BC0E955D6_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FF62B1C79AADC0E06A7B7E32D39EE905_44089525-592D-42B6-BE0B-A3364D776883 •C:\PROGRAMDATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\FFEFE9155DA398283DC33A7208803F32_44089525-592D-42B6-BE0B-A3364D776883 -------------------------------------------------------------------------------- Options Moteurs d'analyse :Options d'analyse : •Analyser les fichiers définis : COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR •Utiliser l'heuristique avancée merci de votre aide
- le 13 septembre 2011
- 18 réponses
Suite à problème sur mon PC

ZINOU a posté un sujet dans Analyses et éradication malwares

BJR je suis handicapé moteur j'ai utilisé hijack this et voici le rapport qu'il m'a genere mais j'arrive pas a le dechiffrer preccisement je vous remercie bcp de votre aide voici le raport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:02:41, on 15/08/2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe C:\Users\ZINOU\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Portail Orange : Actu, Sport, Assistance Internet, Web Mail Orange R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ToolbarOrange.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775b} - mscoree.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: barre d'outils Orange - {c9a6357b-25cc-4bcf-96c1-78736985d412} - mscoree.dll (file missing) O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Arovax AntiSpyware] C:\Program Files (x86)\Arovax AntiSpyware\arovaxantispyware.exe /s O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Agent Serveur Média.lnk = C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html O8 - Extra context menu item: envoyer par sms - C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html O8 - Extra context menu item: envoyer un mail - C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html O8 - Extra context menu item: orange.fr - C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html O8 - Extra context menu item: traduire la page - C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html O8 - Extra context menu item: traduire le texte sélectionné - C:\Users\ZINOU\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: Logiciels gratuits - Orange O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://www.ma-config.com/plugins/MaConfig_5_1_2_3.cab O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (Emsisoft Web Malware Scan) - http://ax.emsisoft.com/emsisoft_webscan.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\x64\maconfservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Orange update Core Service - France Telecom SA - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Serveur Média - PacketVideo - C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13403 bytes merci de vottre aide precieuse
- le 15 août 2011
- 3 réponses

Connexion

ZINOU

Compteur de contenus

Inscription

Dernière visite

ZINOU's Achievements

Junior Member (3/12)

Réputation sur la communauté

[Résolu] Votre avis sur des logiciels de nettoyage

[Résolu] Problème de virus

[Résolu] Votre avis sur des logiciels de nettoyage

[Résolu] Votre avis sur des logiciels de nettoyage

[Résolu] Votre avis sur des logiciels de nettoyage

[Résolu] Problème de virus

[Résolu] Problème de virus

[Résolu] Problème de virus

[Résolu] Problème de virus

[Résolu] Problème de virus

[Résolu] Problème de virus

[Résolu] Problème de virus

[Résolu] Problème de virus

[Résolu] Problème de virus

Suite à problème sur mon PC

Zebulon

Outils en ligne

Naviguer