Kamalh

Membres

Afficher le profil Afficher son activité

Compteur de contenus
3
Inscription
le 15 septembre 2011
Dernière visite
le 21 septembre 2011

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par Kamalh

Analyse de rapport Ad-Remover

Kamalh a répondu à un(e) sujet de Kamalh dans Analyses et éradication malwares

J'ai suivi tes indications et voici les 3 rapports: AdwCleaner.txt: # AdwCleaner v1.306 - Rapport créé le 16/09/2011 à 17:36:37 # Mis à jour le 14/09/11 à 13h par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Simon - PORTABLE_SIMON (Administrateur) # Exécuté depuis : C:\Users\Simon\Desktop\adwcleaner.exe # Option [suppression] ***** [KillNav] ***** Aucun navigateur n'était en cours d'exécution. ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** Clé Supprimée : HKCU\Software\EoRezo ***** [Registre (64 bits)] ***** [x64] Clé Supprimée : HKLM64\SOFTWARE\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F} ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v6.0.2 (fr) Profil : 80rxxshe.default Fichier : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\80rxxshe.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1166 octets] - [15/09/2011 18:18:48] AdwCleaner[s1].txt - [1131 octets] - [16/09/2011 17:36:37] ########## EOF - C:\AdwCleaner[s1].txt - [1259 octets] ########## mbam-log-2011-09-16 (18-46-32).txt: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 7727 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 16/09/2011 18:46:32 mbam-log-2011-09-16 (18-46-32).txt Type d'examen: Examen complet (C:\|D:\|F:\|) Elément(s) analysé(s): 462100 Temps écoulé: 54 minute(s), 19 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\EoRezo\eorezo.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\program files (x86)\ad-remover\quarantine\C\program files (x86)\EoRezo\eorezobho.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\program files (x86)\ad-remover\quarantine\C\Users\Simon\AppData\Roaming\EoRezo\EoRezo\softwareupdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully. c:\program files (x86)\ad-remover\quarantine\C\Users\Simon\AppData\Roaming\EoRezo\EoRezo\softwareupdatehp.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully. ZHPDiag.txt: Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011 Run by Simon at 16/09/2011 18:53:33 Web site : [url=http://www.premiumorange.com/zeb-help-process/zhpdiag.html]ZHPDiag Outil de diagnostic[/url] ---\\ Web Browser MSIE: Internet Explorer v8.0.7601.17514 MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut) ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 9YQTR Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4007 MB (59% free) System Restore: Activé (Enable) System drive C: has 97 GB (65%) free of 149 GB ---\\ Logged in mode ~ Computer Name: PORTABLE_SIMON ~ User Name: Simon ~ All Users Names: UpdatusUser, Simon, HomeGroupUser$, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Simon\AppData\Roaming\ ~ %Desktop% : C:\Users\Simon\Desktop\ ~ %Favorites% : C:\Users\Simon\Favorites\ ~ %LocalAppData% : C:\Users\Simon\AppData\Local\ ~ %StartMenu% : C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 97 Go of 149 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 391 Go of 426 Go) E:\ CD-ROM drive (Free 0 Go of 0 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 466 Go) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.30/04/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.1A36497983C867FB85FF1DCD4933015F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/08/2011 - 07:20:53.) -- C:\Windows\system32\wininet.dll [1188864] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.04/05/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.30/04/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.04/05/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.04/05/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 3/8 ~ Mes musiques (My Musics) : 9/42 Mes Videos (My Videos) : 2/2 (Modified) ~ Mes Favoris (My Favorites) : 2/35 ~ Mes Documents (My Documents) : 1/3308 ~ Mon Bureau (My Desktop) : 2/12124 ~ Menu demarrer (Programs) : 7/35 ~ Scan Hidden Files in 00mn 13s ---\\ Processus lancés [MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.2124] [MD5.5BB1F77C8AF725A15EC9366498D275BB] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992] [PID.2248] [MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.2292] [MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3236] [MD5.D5C19842C2271327CA20511C30FFEED3] - (.Sonix Technology Co., Ltd. - CameraMonitor Application.) -- C:\Windows\vsnp2uvc.exe [909824] [PID.3332] [MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] - (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400] [PID.4396] [MD5.79A3B950988F8D2B81906D0C0473158B] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.4428] [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4460] [MD5.FD22B00049F775E952371E9C3DAC631B] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536] [PID.4504] [MD5.7E7C0EB0F46307C18A5C46C346F549D4] - (...) -- C:\ExpressGateUtil\VAWinAgent.exe [21504] [PID.4524] [MD5.22EC0852DBF032A93D8DA697065FA189] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336] [PID.4544] [MD5.E66B40FF945DB80B2FA3D5D62CC27010] - (.cyberlink - brs.) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048] [PID.4552] [MD5.72860972F8196EBB3C896F53D2B95470] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe [150528] [PID.4600] [MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840] [PID.4608] [MD5.DC73E11DC27E7D9AEF884EBE816C4240] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440] [PID.4656] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.4680] [MD5.879D74337173A6D630D3D06184D354C1] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736] [PID.4704] [MD5.90368C19808AC9376BA21B85642D3ECB] - (.CyberLink - MediaEspresso DeviceDetector.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [965728] [PID.5504] [MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.5152] [MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.] [MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.] [MD5.20757C632ACA98B73FB022C5B87F3753] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184] [PID.] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.] [MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.] [MD5.20F6F19FE9E753F2780DC2FA083AD597] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [37664] [PID.] [MD5.1C87705CCB2F60172B0FC86B5D82F00D] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [387944] [PID.] [MD5.0ADF410187B71C9B855721C8D59CEC7A] - (...) -- C:\ExpressGateUtil\VAWinService.exe [77312] [PID.] [MD5.616F6E52CAE254727A886BA8EDA1BEEA] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.] [MD5.D41861E56E7552C13674D7F147A02464] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.] [MD5.7F32D4C47A50E7223491E8FB9359907D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.] [MD5.4E5C5D88EB0A8D21824D5A3EB7327E69] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2255464] [PID.] [MD5.2C16648A12999AE69A9EBF41974B0BA2] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://fr.msn.com]MSN : Hotmail, Messenger, Bing, Actualité et Sport[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://asus.msn.com]Asus | MSN[/url] R0 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://asus.msn.com]Asus | MSN[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://www.microsoft.com]Microsoft Corporation[/url] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://www.microsoft.com]Microsoft Corporation[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com]Search Microsoft.com[/url] R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE64.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch [64Bits] - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} . (.Google Inc. - Fast Search.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O3 - Toolbar: avast! WebRep [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - avast! WebRep Plugin.) -- C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE64.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe O4 - HKLM\..\Run: [snp2uvc] . (.Sonix Technology Co., Ltd. - CameraMonitor Application.) -- C:\Windows\vsnp2uvc.exe O4 - HKLM\..\Run: [intelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\wscript.exe O4 - HKLM\..\Run: [intelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKLM\..\Wow6432Node\Run: [updateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [updateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [Nuance PDF Reader-reminder] . (.Nuance Communications, Inc. - Ereg.) -- C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe O4 - HKLM\..\Wow6432Node\Run: [FLxHCIm] . (.Windows (R) Win 7 DDK provider - Fresco Logic.) -- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe O4 - HKLM\..\Wow6432Node\Run: [sonicMasterTray] . (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Wow6432Node\Run: [VAWinAgent] . (...) -- C:\ExpressGateUtil\VAWinAgent.exe O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe O4 - HKLM\..\Wow6432Node\Run: [bDRegion] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O4 - HKLM\..\Wow6432Node\Run: [updatePSTShortCut] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\Run: [iSUSPM] . (.Acresso Corporation - Acresso Software Manager.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-2227420497-4197156197-720462558-1001-2227420497-4197156197-720462558-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Simon\Desktop\AD-R.lnk . (...) -- C:\Program Files (x86)\Ad-Remover\main.exe O4 - Global Startup: C:\Users\Simon\Desktop\Magic Workstation.lnk . (.Magic Technology.) -- D:\Magic Workstation\MagicWorkstation.exe O4 - Global Startup: C:\Users\Simon\Desktop\MWS Online Play.lnk . (.Magi-Soft Development.) -- D:\Magic Workstation\MWSPlay.exe O4 - Global Startup: C:\Users\Simon\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\Simon\Desktop\Texmaker.lnk . (...) -- C:\Program Files (x86)\Texmaker\texmaker.exe O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Simon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpNameServer = 192.168.55.55 O17 - HKLM\System\CCS\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpNameServer = 192.168.250.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpDomain = rooms.iriga O17 - HKLM\System\CCS\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpDomain = mobile.lan O17 - HKLM\System\CS1\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpNameServer = 192.168.55.55 O17 - HKLM\System\CS1\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpNameServer = 192.168.250.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpDomain = rooms.iriga O17 - HKLM\System\CS1\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpDomain = mobile.lan O17 - HKLM\System\CS2\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpNameServer = 192.168.55.55 O17 - HKLM\System\CS2\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpNameServer = 192.168.250.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{3E9B6CB2-34AB-4A15-BC34-B5DC313E6516}: DhcpDomain = rooms.iriga O17 - HKLM\System\CS2\Services\Tcpip\..\{7C072159-2F04-4A6F-885A-6DE9D87A57CD}: DhcpDomain = mobile.lan ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll ~ Scan Winlogon in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 280.) - C:\Windows\system32\nvinitx.dll ~ Scan AppInit DLL in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) - C:\Windows\system32\FBAgent.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) . (.ASUS - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Product - 2011/03/04 20:54:00 (CLKMSVC10_38F51D56) . (.CyberLink - CyberLink KM Service.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) . (.Intel(R) Corporation - Turbo Boost Monitor Service.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: VideAceWindowsService (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.3ACABCA6A8DB71B7F19C8A7523AE1846] [APT] [ACMON] (.ASUS.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [MD5.F4DCD4912B185C3AAEB92A7040832AD1] [APT] [ASUS Live Update] (...) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [MD5.180E79B16063F7DFD005DC021AC543C6] [APT] [ASUS P4G] (.ASUS.) -- C:\Program Files\P4G\BatteryLife.exe [MD5.BC3DA234CDA880578526DAB028F40268] [APT] [ASUS SmartLogon Console Sensor] (.ASUS.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [MD5.5BB1F77C8AF725A15EC9366498D275BB] [APT] [ATKOSD2] (.ASUS.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [MD5.90368C19808AC9376BA21B85642D3ECB] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [MD5.92B476DD52794881A4B91A5529C2706B] [APT] [{23CDBA1A-D4F1-45E1-A6A5-7C70381B1F8D}] (...) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe [MD5.5D539617604E953FD2DF852F4B51A383] [APT] [{68550D31-B7C4-4CBE-BFCF-10304A2017AC}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe ~ Scan Scheduled Task in 00mn 04s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (ATKWMIACPIIO) . (.ASUS - ATK WMIACPI Utility.) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM] -- {E657B243-9AD4-4ECC-BE81-4CCF8D667FD0} O42 - Logiciel: ASUS Video Magic - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: ASUS Video Magic - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM] -- ASUS WebStorage O42 - Logiciel: ASUS_Screensaver - (.Pas de propriétaire.) [HKLM] -- ASUS_Screensaver O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- InstallShield_{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Bookworm Deluxe - (.Oberon Media Inc..) [HKLM] -- Bookworm Deluxe O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Call of Duty: Black Ops - (.Treyarch.) [HKLM] -- Steam App 42700 O42 - Logiciel: Call of Duty: Black Ops - Multiplayer - (.Treyarch.) [HKLM] -- Steam App 42710 O42 - Logiciel: Cooking Dash - (.Oberon Media Inc..) [HKLM] -- Cooking Dash O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384} O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: ExpressGate Cloud - (.Asus.) [HKLM] -- InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart All-In-One Driver Software 13.0 Rel. 2 - (.HP.) [HKLM] -- {988329F4-A1A1-4D51-803C-EF2725A97627} O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {918A9082-6287-4D25-9002-5E5D5E4971CB} O42 - Logiciel: Magic Workstation 0.94f - (.Magic Technology.) [HKLM] -- Magic Workstation_is1 O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft IntelliPoint 8.1 - (.Microsoft.) [HKLM] -- Microsoft IntelliPoint 8.1 O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{E64BA721-2310-4B55-BE5A-2925F9706192} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Mises à jour NVIDIA 1.4.28 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr) O42 - Logiciel: Mozilla Thunderbird (6.0.2) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird (6.0.2) O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 280.19 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA Pilote graphique 280.26 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: Napoleon: Total War - (.The Creative Assembly.) [HKLM] -- Steam App 34030 O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: Plants vs Zombies - (.Oberon Media Inc..) [HKLM] -- Plants vs Zombies O42 - Logiciel: R for Windows 2.13.0 - (.R Development Core Team.) [HKLM] -- R for Windows 2.13.0_is1 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5729F1AE-5895-468F-9165-BAD161C9E982} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{65EA4836-B5A3-4C1D-8883-0C35E471003A} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870 O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: TeX Live 2010 - (.Pas de propriétaire.) [HKCU] -- TeXLive2010 O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client O42 - Logiciel: Texmaker - (.Pas de propriétaire.) [HKLM] -- Texmaker O42 - Logiciel: USB2.0 UVC 2M WebCam - (.Sonix.) [HKLM] -- USB2.0 UVC 2M WebCam O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553110) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{05D27A23-8E87-46B5-9EAF-F5B4DE7CCCA0} O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: World of Goo - (.Oberon Media Inc..) [HKLM] -- World of Goo O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast ---\\ HKCU & HKLM Software Keys [HKCU\Software\ATK0100] [HKCU\Software\AVAST Software] [HKCU\Software\Ad-Remover] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Avira] [HKCU\Software\Bugsplat] [HKCU\Software\ClassesB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\ECAREME] [HKCU\Software\Elantech] [HKCU\Software\FLEXnet] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Hewlett-Packard] [HKCU\Software\I.R.I.S.] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\Iris] [HKCU\Software\Lake] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Magic Workstation] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Mio] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Mumble] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Oberon Media] [HKCU\Software\Pando Networks] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\RegisteredApplications] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Skype] [HKCU\Software\Softonic] [HKCU\Software\The Creative Assembly] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\Yahoo] [HKCU\Software\Zeon] [HKCU\Software\cybelsoft] [HKCU\Software\xm1] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATK0100] [HKLM\Software\AVAST Software] [HKLM\Software\AdwCleaner] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CoreSecurity] [HKLM\Software\Cyberlink] [HKLM\Software\DTS] [HKLM\Software\ECAREME] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Mio] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Oberon Media] [HKLM\Software\Pando Networks] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\R-core] [HKLM\Software\RTLSetup] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Riot Games] [HKLM\Software\SONIX] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\ScanSoft] [HKLM\Software\Skype] [HKLM\Software\SonicFocus] [HKLM\Software\Sonic] [HKLM\Software\Valve] [HKLM\Software\VideACE] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Yahoo] [HKLM\Software\Zeon] [HKLM\Software\asus] [HKLM\Software\cybelsoft] [HKLM\Software\mozilla.org] [HKLM\Software\syncables] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 05/03/2011 - 06:43:54 - [1518345] ----D- C:\Program Files\ASUS O43 - CFD: 29/04/2011 - 14:25:14 - [169960150] ----D- C:\Program Files\AVAST Software O43 - CFD: 26/07/2011 - 18:42:24 - [135066] ----D- C:\Program Files\Bonjour O43 - CFD: 21/08/2011 - 14:23:58 - [8458144] ----D- C:\Program Files\CCleaner O43 - CFD: 01/06/2011 - 20:20:02 - [101758030] ----D- C:\Program Files\Common Files O43 - CFD: 04/05/2011 - 16:51:18 - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 05/03/2011 - 06:40:46 - [11876568] ----D- C:\Program Files\Elantech O43 - CFD: 05/03/2011 - 06:38:54 - [3772580] ----D- C:\Program Files\Fresco Logic Inc O43 - CFD: 05/03/2011 - 06:01:00 - [318960] ----D- C:\Program Files\Google O43 - CFD: 24/05/2011 - 18:18:00 - [242697] ----D- C:\Program Files\HP O43 - CFD: 05/03/2011 - 06:44:10 - [1430726] ----D- C:\Program Files\Intel O43 - CFD: 16/08/2011 - 17:46:18 - [5183665] ----D- C:\Program Files\Internet Explorer O43 - CFD: 23/08/2011 - 20:00:58 - [1951827] ----D- C:\Program Files\iPod O43 - CFD: 23/08/2011 - 20:01:08 - [2358288] ----D- C:\Program Files\iTunes O43 - CFD: 14/07/2009 - 09:45:56 - [149237810] ----D- C:\Program Files\Microsoft Games O43 - CFD: 30/04/2011 - 15:12:34 - [50171159] ----D- C:\Program Files\Microsoft IntelliPoint O43 - CFD: 29/04/2011 - 22:10:04 - [594846] ----D- C:\Program Files\Microsoft Office O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 19/08/2011 - 22:31:26 - [513067180] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 05/03/2011 - 06:48:12 - [13858491] ----D- C:\Program Files\P4G O43 - CFD: 29/04/2011 - 23:40:46 - [62601375] ----D- C:\Program Files\R O43 - CFD: 05/03/2011 - 06:41:42 - [18185136] ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 04/05/2011 - 16:51:14 - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 04/05/2011 - 16:51:18 - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 04/05/2011 - 16:51:18 - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 04/05/2011 - 16:51:18 - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:40 - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 04/05/2011 - 16:51:18 - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 04/05/2011 - 16:51:18 - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 04/05/2011 - 16:51:18 - [12520404] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 01/06/2011 - 20:20:02 - [6580905] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 05/03/2011 - 06:30:16 - [15974334] ----D- C:\Program Files\Common Files\Intel O43 - CFD: 20/08/2011 - 12:06:20 - [66397030] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 03/05/2011 - 11:27:52 - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 05/03/2011 - 06:40:54 - [495] ----D- C:\ProgramData\AmUStor O43 - CFD: 01/06/2011 - 20:19:52 - [81926144] ----D- C:\ProgramData\Apple O43 - CFD: 23/08/2011 - 20:00:56 - [66232176] ----D- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 20/08/2011 - 16:29:48 - [2282] ----D- C:\ProgramData\ASUS WebStorage O43 - CFD: 29/04/2011 - 14:25:14 - [9373431] ----D- C:\ProgramData\AVAST Software O43 - CFD: 21/08/2011 - 14:42:30 - [55692910] ----D- C:\ProgramData\Avira O43 - CFD: 02/05/2011 - 23:51:40 - [63935] ----D- C:\ProgramData\CyberLink O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 05/03/2011 - 06:00:42 - [19852288] ----D- C:\ProgramData\Downloaded Installations O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 05/03/2011 - 06:00:44 - [3991919] ----D- C:\ProgramData\FLEXnet O43 - CFD: 05/03/2011 - 06:01:04 - [12707] ----D- C:\ProgramData\Google O43 - CFD: 24/05/2011 - 18:25:52 - [103971] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 24/05/2011 - 18:27:14 - [13136797] ----D- C:\ProgramData\HP O43 - CFD: 24/05/2011 - 18:22:28 - [8988] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 05/03/2011 - 06:32:06 - [1898] ----D- C:\ProgramData\Intel O43 - CFD: 19/08/2011 - 21:03:54 - [1225371] ----D- C:\ProgramData\ma-config.com O43 - CFD: 16/09/2011 - 17:47:44 - [7346083] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 29/04/2011 - 22:11:56 - [276452200] -S--D- C:\ProgramData\Microsoft O43 - CFD: 15/09/2011 - 14:09:02 - [65262] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 02/05/2011 - 17:48:40 - [486] ----D- C:\ProgramData\Nuance O43 - CFD: 19/08/2011 - 22:36:40 - [5290065] ----D- C:\ProgramData\NVIDIA O43 - CFD: 05/03/2011 - 06:34:20 - [880873] ----D- C:\ProgramData\NVIDIA Corporation O43 - CFD: 05/03/2011 - 06:12:04 - [1543603] ----D- C:\ProgramData\OberonGameConsole O43 - CFD: 13/08/2011 - 15:37:48 - [1966] ----D- C:\ProgramData\P4G O43 - CFD: 21/05/2011 - 11:52:56 - [1594] ----D- C:\ProgramData\Partner O43 - CFD: 30/07/2011 - 12:39:38 - [0] ----D- C:\ProgramData\PlayFirst O43 - CFD: 15/09/2011 - 11:58:50 - [17274] ----D- C:\ProgramData\PMB Files O43 - CFD: 05/03/2011 - 06:00:44 - [1275444] ----D- C:\ProgramData\ScanSoft O43 - CFD: 10/07/2011 - 13:03:48 - [42625036] ----D- C:\ProgramData\Skype O43 - CFD: 02/07/2011 - 16:53:10 - [1302373] ----D- C:\ProgramData\Skype Extras O43 - CFD: 05/03/2011 - 06:41:46 - [8886] ----D- C:\ProgramData\SonicFocus O43 - CFD: 08/09/2011 - 13:33:30 - [6897] ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 30/07/2011 - 12:50:18 - [323868] ---AD- C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 29/04/2011 - 18:38:04 - [3726290] ----D- C:\ProgramData\Trend Micro O43 - CFD: 24/05/2011 - 18:27:28 - [208] ----D- C:\ProgramData\WEBREG O43 - CFD: 13/08/2011 - 15:33:04 - [893135] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} O43 - CFD: 29/04/2011 - 18:24:46 - [3238384] ----D- C:\Users\Simon\AppData\Roaming\Adobe O43 - CFD: 01/06/2011 - 20:22:56 - [212149] ----D- C:\Users\Simon\AppData\Roaming\Apple Computer O43 - CFD: 20/08/2011 - 16:29:50 - [16089019] ----D- C:\Users\Simon\AppData\Roaming\Asus WebStorage O43 - CFD: 07/09/2011 - 23:12:30 - [0] ----D- C:\Users\Simon\AppData\Roaming\Avira O43 - CFD: 02/05/2011 - 23:51:12 - [2518] ----D- C:\Users\Simon\AppData\Roaming\CyberLink O43 - CFD: 13/08/2011 - 15:33:28 - [249392] ----D- C:\Users\Simon\AppData\Roaming\Dropbox O43 - CFD: 20/08/2011 - 16:28:48 - [0] ----D- C:\Users\Simon\AppData\Roaming\EeeStorageUploader O43 - CFD: 02/05/2011 - 17:48:40 - [252] ----D- C:\Users\Simon\AppData\Roaming\FLEXnet O43 - CFD: 24/05/2011 - 18:27:56 - [178782] ----D- C:\Users\Simon\AppData\Roaming\HP O43 - CFD: 29/04/2011 - 11:08:40 - [0] ----D- C:\Users\Simon\AppData\Roaming\Identities O43 - CFD: 08/08/2011 - 20:25:22 - [25798] ----D- C:\Users\Simon\AppData\Roaming\inkscape O43 - CFD: 19/08/2011 - 22:34:42 - [0] ----D- C:\Users\Simon\AppData\Roaming\InstallShield O43 - CFD: 19/08/2011 - 22:37:10 - [0] ----D- C:\Users\Simon\AppData\Roaming\Intel Corporation O43 - CFD: 30/04/2011 - 15:14:16 - [461] ----D- C:\Users\Simon\AppData\Roaming\LolClient O43 - CFD: 29/04/2011 - 18:24:48 - [1831] ----D- C:\Users\Simon\AppData\Roaming\Macromedia O43 - CFD: 16/09/2011 - 17:48:04 - [2482847] ----D- C:\Users\Simon\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 09:44:40 - [0] ----D- C:\Users\Simon\AppData\Roaming\Media Center Programs O43 - CFD: 20/08/2011 - 11:43:00 - [3396479] -S--D- C:\Users\Simon\AppData\Roaming\Microsoft O43 - CFD: 04/06/2011 - 11:32:46 - [14636478] ----D- C:\Users\Simon\AppData\Roaming\Mozilla O43 - CFD: 09/09/2011 - 13:05:28 - [1375787] ----D- C:\Users\Simon\AppData\Roaming\Mumble O43 - CFD: 02/05/2011 - 17:48:40 - [12] ----D- C:\Users\Simon\AppData\Roaming\Nuance O43 - CFD: 02/05/2011 - 23:52:00 - [229152] ----D- C:\Users\Simon\AppData\Roaming\NVIDIA O43 - CFD: 30/07/2011 - 12:39:38 - [2958] ----D- C:\Users\Simon\AppData\Roaming\PlayFirst O43 - CFD: 08/09/2011 - 17:35:42 - [2030522] ----D- C:\Users\Simon\AppData\Roaming\Skype O43 - CFD: 03/07/2011 - 00:03:10 - [20544] ----D- C:\Users\Simon\AppData\Roaming\skypePM O43 - CFD: 03/07/2011 - 12:17:24 - [1866776] ----D- C:\Users\Simon\AppData\Roaming\The Creative Assembly O43 - CFD: 04/06/2011 - 11:32:46 - [223617876] ----D- C:\Users\Simon\AppData\Roaming\Thunderbird O43 - CFD: 13/08/2011 - 15:37:22 - [1688896] ----D- C:\Users\Simon\AppData\Roaming\vlc O43 - CFD: 27/05/2011 - 22:35:44 - [0] ----D- C:\Users\Simon\AppData\Roaming\Windows Live Writer O43 - CFD: 31/07/2011 - 00:46:14 - [12] ----D- C:\Users\Simon\AppData\Roaming\WinRAR O43 - CFD: 02/05/2011 - 17:31:10 - [19574] ----D- C:\Users\Simon\AppData\Roaming\xm1 O43 - CFD: 24/05/2011 - 18:24:26 - [0] ----D- C:\Users\Simon\AppData\Roaming\Yahoo! O43 - CFD: 02/05/2011 - 17:48:36 - [183603] ----D- C:\Users\Simon\AppData\Roaming\Zeon O43 - CFD: 22/05/2011 - 11:03:34 - [0] ----D- C:\Users\Simon\AppData\Local\Activision O43 - CFD: 01/06/2011 - 20:20:12 - [0] ----D- C:\Users\Simon\AppData\Local\Apple O43 - CFD: 01/06/2011 - 20:21:32 - [4317535] ----D- C:\Users\Simon\AppData\Local\Apple Computer O43 - CFD: 29/04/2011 - 11:07:58 - [0] -SH-D- C:\Users\Simon\AppData\Local\Application Data O43 - CFD: 02/05/2011 - 23:51:14 - [2032] ----D- C:\Users\Simon\AppData\Local\Cyberlink O43 - CFD: 19/08/2011 - 21:29:42 - [1223029] ----D- C:\Users\Simon\AppData\Local\Diagnostics O43 - CFD: 21/08/2011 - 14:28:58 - [0] ----D- C:\Users\Simon\AppData\Local\Google O43 - CFD: 29/04/2011 - 11:07:58 - [0] -SH-D- C:\Users\Simon\AppData\Local\Historique O43 - CFD: 24/05/2011 - 18:27:12 - [345357] ----D- C:\Users\Simon\AppData\Local\HP O43 - CFD: 13/09/2011 - 19:51:10 - [359487473] ----D- C:\Users\Simon\AppData\Local\Microsoft O43 - CFD: 13/09/2011 - 19:49:50 - [173037] ----D- C:\Users\Simon\AppData\Local\Microsoft Games O43 - CFD: 13/05/2011 - 21:00:38 - [300996] ----D- C:\Users\Simon\AppData\Local\Microsoft Help O43 - CFD: 30/05/2011 - 20:55:48 - [453] ----D- C:\Users\Simon\AppData\Local\MiTAC_International_Corpo O43 - CFD: 08/09/2011 - 10:44:18 - [187889135] ----D- C:\Users\Simon\AppData\Local\Mozilla O43 - CFD: 15/09/2011 - 11:58:58 - [172293] ----D- C:\Users\Simon\AppData\Local\PMB Files O43 - CFD: 29/04/2011 - 11:08:10 - [40960] ----D- C:\Users\Simon\AppData\Local\Power2Go O43 - CFD: 16/09/2011 - 18:51:50 - [15594820] ----D- C:\Users\Simon\AppData\Local\Temp O43 - CFD: 29/04/2011 - 11:07:58 - [0] -SH-D- C:\Users\Simon\AppData\Local\Temporary Internet Files O43 - CFD: 21/06/2011 - 20:48:24 - [6734234] ----D- C:\Users\Simon\AppData\Local\Thunderbird O43 - CFD: 07/09/2011 - 22:51:50 - [166184] ----D- C:\Users\Simon\AppData\Local\VirtualStore O43 - CFD: 15/09/2011 - 19:28:54 - [69632] ----D- C:\Users\Simon\AppData\Local\Windows Live O43 - CFD: 27/05/2011 - 22:35:54 - [372494] ----D- C:\Users\Simon\AppData\Local\Windows Live Writer O43 - CFD: 07/08/2011 - 22:38:22 - [0] ----D- C:\Users\Simon\AppData\Local\{00EC9F05-7FA6-4D26-804D-DAD10A2A59D2} O43 - CFD: 11/07/2011 - 18:21:28 - [0] ----D- C:\Users\Simon\AppData\Local\{02700E88-8D9D-4001-B6A7-D68F08EB733C} O43 - CFD: 11/08/2011 - 20:42:00 - [0] ----D- C:\Users\Simon\AppData\Local\{027367E4-766D-4ED9-B1DC-FC94244C805C} O43 - CFD: 31/05/2011 - 21:52:10 - [0] ----D- C:\Users\Simon\AppData\Local\{04B9AFB4-A8EC-4B02-B581-874AA1AECAD1} O43 - CFD: 21/06/2011 - 18:05:28 - [0] ----D- C:\Users\Simon\AppData\Local\{08F20CE8-ABB9-4451-9EAC-B72972AC1FAE} O43 - CFD: 13/07/2011 - 18:41:58 - [0] ----D- C:\Users\Simon\AppData\Local\{09B4D146-F920-4BF4-B590-8A36CC017104} O43 - CFD: 13/09/2011 - 17:27:54 - [0] ----D- C:\Users\Simon\AppData\Local\{0CE5A6C2-F824-445D-8394-3189D4EECE8A} O43 - CFD: 05/08/2011 - 19:16:18 - [0] ----D- C:\Users\Simon\AppData\Local\{0DBF8804-832A-4A28-9A2B-F93B499D4FFE} O43 - CFD: 26/07/2011 - 18:27:20 - [0] ----D- C:\Users\Simon\AppData\Local\{0E585FE0-2BAF-456B-87B3-22AABCACE95A} O43 - CFD: 10/08/2011 - 20:27:42 - [0] ----D- C:\Users\Simon\AppData\Local\{11DCFEA2-7063-443C-8DD2-8DCCCA41354D} O43 - CFD: 10/08/2011 - 20:27:30 - [0] ----D- C:\Users\Simon\AppData\Local\{11EBF9A6-B844-4E9D-844D-9250E7FEBDCA} O43 - CFD: 20/08/2011 - 13:07:22 - [0] ----D- C:\Users\Simon\AppData\Local\{130A07B2-13D8-4F83-8D0E-B6F9F97FFC19} O43 - CFD: 17/08/2011 - 17:52:24 - [0] ----D- C:\Users\Simon\AppData\Local\{1479696E-4096-4E4F-BFFE-BA30278D6558} O43 - CFD: 02/06/2011 - 10:20:08 - [0] ----D- C:\Users\Simon\AppData\Local\{14A48122-23F3-4EDF-9501-41BFD509D67C} O43 - CFD: 30/05/2011 - 10:22:02 - [0] ----D- C:\Users\Simon\AppData\Local\{1529BEF3-9DAB-4B19-AA21-CD48B6DF3F1A} O43 - CFD: 05/08/2011 - 20:21:48 - [0] ----D- C:\Users\Simon\AppData\Local\{156B118C-61AC-407C-AF2E-F9D550C40D04} O43 - CFD: 02/08/2011 - 18:09:36 - [0] ----D- C:\Users\Simon\AppData\Local\{19C45E82-7FFC-4AE9-891A-76FF5624A70F} O43 - CFD: 19/08/2011 - 22:37:30 - [0] ----D- C:\Users\Simon\AppData\Local\{1AC9DB8C-9B68-429F-8CA7-B6E1907B4B7C} O43 - CFD: 16/08/2011 - 20:15:16 - [0] ----D- C:\Users\Simon\AppData\Local\{1D1A6F20-CCEE-44F8-A1D4-3ABDB0ED11EE} O43 - CFD: 24/08/2011 - 20:15:52 - [0] ----D- C:\Users\Simon\AppData\Local\{1D7FB589-1821-487F-82AB-836308DC8E74} O43 - CFD: 04/08/2011 - 18:06:34 - [0] ----D- C:\Users\Simon\AppData\Local\{1F2C952D-BF8B-463B-B8EE-D86E6E5FDA55} O43 - CFD: 28/08/2011 - 20:53:16 - [0] ----D- C:\Users\Simon\AppData\Local\{1F766F6F-11C0-45EF-B1B6-4012B87B4884} O43 - CFD: 23/06/2011 - 08:42:18 - [0] ----D- C:\Users\Simon\AppData\Local\{22F6F023-1FFE-4F96-B11E-C7106B31E69E} O43 - CFD: 30/08/2011 - 21:42:36 - [0] ----D- C:\Users\Simon\AppData\Local\{24AB53AA-4238-4F34-A4FB-E91EE0AFE700} O43 - CFD: 17/06/2011 - 18:15:18 - [0] ----D- C:\Users\Simon\AppData\Local\{278B0928-F99C-47AF-AB4E-827FEB8CBB27} O43 - CFD: 04/06/2011 - 11:28:24 - [0] ----D- C:\Users\Simon\AppData\Local\{27BC23FE-938A-4559-B9A2-02CFB20EFF2E} O43 - CFD: 10/08/2011 - 18:21:58 - [0] ----D- C:\Users\Simon\AppData\Local\{28805982-F29E-4858-9D55-E75C36E44070} O43 - CFD: 07/08/2011 - 18:29:52 - [0] ----D- C:\Users\Simon\AppData\Local\{2C54D0E7-BE10-4B36-8729-5C477DB0EA64} O43 - CFD: 22/08/2011 - 20:50:32 - [0] ----D- C:\Users\Simon\AppData\Local\{2CA606C8-F01C-4FA4-8897-47A10EDC7724} O43 - CFD: 15/08/2011 - 22:35:08 - [0] ----D- C:\Users\Simon\AppData\Local\{2E5FA4C1-3529-4B0E-BF3F-664CEAF408AC} O43 - CFD: 22/07/2011 - 18:00:12 - [0] ----D- C:\Users\Simon\AppData\Local\{2E757AE4-F82A-4ECE-BF23-C0E3402E822C} O43 - CFD: 19/08/2011 - 12:23:50 - [0] ----D- C:\Users\Simon\AppData\Local\{312706EA-3751-46FA-B72F-E20CCD70B84B} O43 - CFD: 25/07/2011 - 18:26:42 - [0] ----D- C:\Users\Simon\AppData\Local\{341239D5-7C8B-44BF-8CA1-3770E2C87237} O43 - CFD: 27/05/2011 - 10:10:50 - [0] ----D- C:\Users\Simon\AppData\Local\{34DE378C-1F17-4EC4-9C5C-02D030DB059B} O43 - CFD: 25/06/2011 - 12:07:26 - [0] ----D- C:\Users\Simon\AppData\Local\{3555E8EC-B274-4040-8C38-5256BBBCBC82} O43 - CFD: 15/09/2011 - 19:28:34 - [0] ----D- C:\Users\Simon\AppData\Local\{37C931B0-5969-44A9-A20A-B0B415D8B07F} O43 - CFD: 19/08/2011 - 22:37:42 - [0] ----D- C:\Users\Simon\AppData\Local\{3C90B1B3-4F6F-48C4-BB79-A4582B8A054F} O43 - CFD: 13/08/2011 - 15:40:30 - [0] ----D- C:\Users\Simon\AppData\Local\{3D998918-B21C-4768-9D61-DD6BB36D9589} O43 - CFD: 12/06/2011 - 12:40:26 - [0] ----D- C:\Users\Simon\AppData\Local\{3E48E8FD-4571-44DE-9C67-F86F4E9192A1} O43 - CFD: 09/09/2011 - 11:49:18 - [0] ----D- C:\Users\Simon\AppData\Local\{3EAB732E-FD0B-4B00-93FB-CCF47CF21771} O43 - CFD: 22/08/2011 - 20:50:00 - [0] ----D- C:\Users\Simon\AppData\Local\{3F22412E-1FA9-48A8-84D8-93547572064F} O43 - CFD: 22/06/2011 - 19:01:00 - [0] ----D- C:\Users\Simon\AppData\Local\{404ED8C1-7B35-4D03-A0B3-0ABE3D9ADC4E} O43 - CFD: 19/08/2011 - 12:24:00 - [0] ----D- C:\Users\Simon\AppData\Local\{40814BBB-E494-436A-BAED-970392B2914F} O43 - CFD: 04/07/2011 - 18:37:28 - [0] ----D- C:\Users\Simon\AppData\Local\{43D019AE-F7DB-4344-88A3-4135854F9445} O43 - CFD: 20/08/2011 - 11:11:34 - [0] ----D- C:\Users\Simon\AppData\Local\{4429CF98-3B2D-4C26-9262-012501ADCE07} O43 - CFD: 21/08/2011 - 11:10:22 - [0] ----D- C:\Users\Simon\AppData\Local\{47B3F895-8E31-4173-B8AC-C98981CEDEF6} O43 - CFD: 09/06/2011 - 08:19:06 - [0] ----D- C:\Users\Simon\AppData\Local\{4877A8C3-21F6-4908-A080-E6708BBBEB6A} O43 - CFD: 18/07/2011 - 20:01:24 - [0] ----D- C:\Users\Simon\AppData\Local\{4915592F-7D23-480A-BBE2-9B8F240B4BE4} O43 - CFD: 09/07/2011 - 11:04:54 - [0] ----D- C:\Users\Simon\AppData\Local\{4B710BC2-FCF7-4640-8141-82DB0DF7C98C} O43 - CFD: 03/06/2011 - 18:07:50 - [0] ----D- C:\Users\Simon\AppData\Local\{4BA7DFA6-6710-4E9C-83E3-390289FB185B} O43 - CFD: 06/08/2011 - 09:01:16 - [0] ----D- C:\Users\Simon\AppData\Local\{51B40316-0338-45B7-AAE9-C81BA919732C} O43 - CFD: 24/06/2011 - 18:14:30 - [0] ----D- C:\Users\Simon\AppData\Local\{51BA880E-9B37-4270-8BF8-3AE58EF9DCC8} O43 - CFD: 14/06/2011 - 18:22:22 - [0] ----D- C:\Users\Simon\AppData\Local\{51C61361-3C73-46F8-BB68-0031DB95ED8E} O43 - CFD: 20/08/2011 - 13:07:12 - [0] ----D- C:\Users\Simon\AppData\Local\{51EA7181-FEA9-47DA-8800-7D7001D89320} O43 - CFD: 25/05/2011 - 12:02:32 - [0] ----D- C:\Users\Simon\AppData\Local\{56152107-C592-49F6-919F-E337D4705D51} O43 - CFD: 21/08/2011 - 11:10:34 - [0] ----D- C:\Users\Simon\AppData\Local\{561F0D00-C1A3-4104-A741-12D72D47FB86} O43 - CFD: 16/06/2011 - 20:03:36 - [0] ----D- C:\Users\Simon\AppData\Local\{569F28EC-D030-4158-B87B-5643737EB8B3} O43 - CFD: 06/07/2011 - 18:13:04 - [0] ----D- C:\Users\Simon\AppData\Local\{56F7E6BE-6981-4406-B496-F2502C618861} O43 - CFD: 30/07/2011 - 12:27:18 - [0] ----D- C:\Users\Simon\AppData\Local\{570E6124-8C2B-4222-952C-66A9DD3D9F97} O43 - CFD: 19/08/2011 - 17:38:40 - [0] ----D- C:\Users\Simon\AppData\Local\{57481B7B-5E4B-40E7-80A8-4025316BD587} O43 - CFD: 15/07/2011 - 18:28:16 - [0] ----D- C:\Users\Simon\AppData\Local\{581F43B9-76B2-4DC8-BC82-2293338BAD22} O43 - CFD: 28/05/2011 - 10:37:06 - [0] ----D- C:\Users\Simon\AppData\Local\{59574C72-2FCC-43BD-81C5-72B785AA0A21} O43 - CFD: 07/08/2011 - 18:29:42 - [0] ----D- C:\Users\Simon\AppData\Local\{5A7FB0E0-579D-40B3-850D-82C117BDBA60} O43 - CFD: 06/08/2011 - 21:20:24 - [0] ----D- C:\Users\Simon\AppData\Local\{5A9712BC-0CE3-4027-A0FB-D4360FBB3C1D} O43 - CFD: 17/06/2011 - 20:02:14 - [0] ----D- C:\Users\Simon\AppData\Local\{5AB5006B-374C-4B99-8323-91B7EC21E5B8} O43 - CFD: 24/05/2011 - 13:03:04 - [0] ----D- C:\Users\Simon\AppData\Local\{5BA7385E-D832-43CC-90E9-822820E77243} O43 - CFD: 20/08/2011 - 12:03:50 - [0] ----D- C:\Users\Simon\AppData\Local\{5E540AA9-62AD-441E-B3A8-D6CF9AE388FE} O43 - CFD: 30/08/2011 - 21:42:46 - [0] ----D- C:\Users\Simon\AppData\Local\{5FC1D109-FC4F-49CB-992A-505CEE4958EF} O43 - CFD: 10/08/2011 - 18:22:08 - [0] ----D- C:\Users\Simon\AppData\Local\{60A39786-A27F-45FD-9746-309D3F004B77} O43 - CFD: 05/08/2011 - 20:21:38 - [0] ----D- C:\Users\Simon\AppData\Local\{63F2A49F-D833-4D24-9D5B-DE63C834D9BF} O43 - CFD: 26/06/2011 - 12:08:44 - [0] ----D- C:\Users\Simon\AppData\Local\{69CFE0E4-DEF2-4800-B47A-80C872980A01} O43 - CFD: 20/08/2011 - 11:11:44 - [0] ----D- C:\Users\Simon\AppData\Local\{6A0FD1D5-CBC5-47F9-89DC-472772927145} O43 - CFD: 27/08/2011 - 17:30:16 - [0] ----D- C:\Users\Simon\AppData\Local\{6D5D0835-E9D7-48BE-ADEA-DF545C2A748D} O43 - CFD: 16/08/2011 - 17:49:32 - [0] ----D- C:\Users\Simon\AppData\Local\{6DC3675D-F5E0-4D1C-9C43-10934B8F0A89} O43 - CFD: 23/08/2011 - 19:59:12 - [0] ----D- C:\Users\Simon\AppData\Local\{6E859BDA-ACCE-45CE-A92F-35C15A085CE6} O43 - CFD: 12/08/2011 - 18:11:24 - [0] ----D- C:\Users\Simon\AppData\Local\{6FD24BC9-06AF-4B73-8D91-AE8E84B27133} O43 - CFD: 28/07/2011 - 18:35:24 - [0] ----D- C:\Users\Simon\AppData\Local\{71643C26-2394-417B-A773-FA66D26B6F54} O43 - CFD: 23/05/2011 - 22:52:02 - [0] ----D- C:\Users\Simon\AppData\Local\{75DA480E-90E0-447A-8C84-2E3CA0F9D803} O43 - CFD: 06/08/2011 - 21:20:12 - [0] ----D- C:\Users\Simon\AppData\Local\{76C5F757-4314-46FF-AB62-9E4EC28D84F6} O43 - CFD: 09/09/2011 - 11:49:08 - [0] ----D- C:\Users\Simon\AppData\Local\{7884D8FE-E526-4A06-A8B8-47699731F828} O43 - CFD: 30/06/2011 - 19:57:42 - [0] ----D- C:\Users\Simon\AppData\Local\{7A6C5C2B-63C1-44E3-BFA9-A69412E489BF} O43 - CFD: 15/09/2011 - 19:28:46 - [0] ----D- C:\Users\Simon\AppData\Local\{7B12A3F9-31BD-4AB8-9210-4E97B6D7AB0D} O43 - CFD: 07/06/2011 - 18:40:44 - [0] ----D- C:\Users\Simon\AppData\Local\{7B91F521-C960-4C7D-951E-DCF1C0A351B8} O43 - CFD: 12/08/2011 - 18:11:12 - [0] ----D- C:\Users\Simon\AppData\Local\{803F4A13-A5E6-44F2-8C5C-3AB0ED140C4B} O43 - CFD: 10/06/2011 - 18:07:08 - [0] ----D- C:\Users\Simon\AppData\Local\{8229011D-DB18-408A-B18D-AF270E5679F7} O43 - CFD: 08/09/2011 - 21:37:54 - [0] ----D- C:\Users\Simon\AppData\Local\{82530806-47DC-4F56-A6DE-2EE13CF60AB5} O43 - CFD: 23/07/2011 - 11:15:34 - [0] ----D- C:\Users\Simon\AppData\Local\{82C1143B-6603-4016-B203-2B04D45351FB} O43 - CFD: 26/08/2011 - 20:10:34 - [0] ----D- C:\Users\Simon\AppData\Local\{83FF1F8A-644A-4D8C-9AA0-E80CB73C0BC6} O43 - CFD: 09/08/2011 - 18:31:36 - [0] ----D- C:\Users\Simon\AppData\Local\{85906F01-36D4-4ECE-83E8-B8735887A523} O43 - CFD: 29/05/2011 - 19:44:48 - [0] ----D- C:\Users\Simon\AppData\Local\{8793BF18-26DE-416E-96D4-2218F84FE7DC} O43 - CFD: 26/06/2011 - 00:08:06 - [0] ----D- C:\Users\Simon\AppData\Local\{87FD22FB-3365-41A3-9125-9D6F2FEEBE8B} O43 - CFD: 07/08/2011 - 22:38:32 - [0] ----D- C:\Users\Simon\AppData\Local\{895B0B69-61CE-4A3E-AB02-1243A0199D64} O43 - CFD: 06/06/2011 - 18:28:40 - [0] ----D- C:\Users\Simon\AppData\Local\{8BE9DDBD-6633-4A70-8A6B-E2547C7E5BB1} O43 - CFD: 20/08/2011 - 12:04:00 - [0] ----D- C:\Users\Simon\AppData\Local\{8F46A592-7E7B-4860-BA3A-F9C3CAAA873F} O43 - CFD: 16/08/2011 - 17:49:20 - [0] ----D- C:\Users\Simon\AppData\Local\{8F4FB952-B030-422C-B687-730C284BE828} O43 - CFD: 27/06/2011 - 18:14:54 - [0] ----D- C:\Users\Simon\AppData\Local\{90908835-7B0A-4194-8671-B9174FF601EB} O43 - CFD: 23/06/2011 - 20:51:06 - [0] ----D- C:\Users\Simon\AppData\Local\{90974AD4-12A4-4B48-BC8C-28E5B468D6A4} O43 - CFD: 13/09/2011 - 17:27:54 - [0] ----D- C:\Users\Simon\AppData\Local\{93859180-71F7-4E33-882B-A035E50779B3} O43 - CFD: 31/08/2011 - 18:35:12 - [0] ----D- C:\Users\Simon\AppData\Local\{939BE22C-BA83-4093-9F2B-52483415C5EA} O43 - CFD: 31/07/2011 - 11:03:02 - [0] ----D- C:\Users\Simon\AppData\Local\{93E1E39E-CC18-4DAC-A04C-DE89519C4FBE} O43 - CFD: 17/07/2011 - 21:25:34 - [0] ----D- C:\Users\Simon\AppData\Local\{94CC241E-AC85-4A3A-807F-51920FD69957} O43 - CFD: 14/07/2011 - 10:54:02 - [0] ----D- C:\Users\Simon\AppData\Local\{94DFD98F-8DA1-442F-9D54-47259A556E12} O43 - CFD: 03/07/2011 - 17:54:02 - [0] ----D- C:\Users\Simon\AppData\Local\{99B7AF2C-416D-4474-ABEB-88F12CA77468} O43 - CFD: 01/06/2011 - 18:46:54 - [0] ----D- C:\Users\Simon\AppData\Local\{9E54A5DB-A66E-489C-BB26-13D3E075567C} O43 - CFD: 16/08/2011 - 20:15:04 - [0] ----D- C:\Users\Simon\AppData\Local\{9F0564F7-4B06-4C31-BB2C-7C3E6EF071DA} O43 - CFD: 29/07/2011 - 17:58:42 - [0] ----D- C:\Users\Simon\AppData\Local\{A0AB9DEC-3728-4D48-B930-59768FA573EB} O43 - CFD: 03/08/2011 - 18:29:54 - [0] ----D- C:\Users\Simon\AppData\Local\{A1A249F9-AEEF-4EBF-AAB3-696DDB5325F0} O43 - CFD: 01/07/2011 - 18:03:08 - [0] ----D- C:\Users\Simon\AppData\Local\{A4478696-BB37-45BD-84C5-02BD1C57AAE6} O43 - CFD: 20/06/2011 - 22:56:42 - [0] ----D- C:\Users\Simon\AppData\Local\{A8CD35F4-A610-498F-BD5A-12BFB5EF35DD} O43 - CFD: 22/08/2011 - 20:50:44 - [0] ----D- C:\Users\Simon\AppData\Local\{A907C239-1885-46FD-B7E5-0A2FA91AFE4D} O43 - CFD: 11/06/2011 - 11:42:12 - [0] ----D- C:\Users\Simon\AppData\Local\{AFDDF7DE-85F6-4969-B054-05172DBC9B2B} O43 - CFD: 15/06/2011 - 19:24:58 - [0] ----D- C:\Users\Simon\AppData\Local\{B32CF596-6D80-4CE7-B5CD-980A46622A25} O43 - CFD: 10/08/2011 - 20:48:24 - [0] ----D- C:\Users\Simon\AppData\Local\{B5359798-A6F9-4BE1-83BB-FEB6E1C3D40B} O43 - CFD: 30/05/2011 - 10:21:12 - [0] ----D- C:\Users\Simon\AppData\Local\{B5748EE8-9B9F-4479-A5A9-9E8170DF423B} O43 - CFD: 01/08/2011 - 18:17:10 - [0] ----D- C:\Users\Simon\AppData\Local\{B59010F9-4309-47C3-9DFE-8C40C46F833A} O43 - CFD: 12/07/2011 - 18:28:22 - [0] ----D- C:\Users\Simon\AppData\Local\{B5B90714-ED14-42DF-B8BA-9D233D6A37FC} O43 - CFD: 28/06/2011 - 18:16:42 - [0] ----D- C:\Users\Simon\AppData\Local\{B6461CCB-E02C-4A0A-977E-C3155C6186EB} O43 - CFD: 11/08/2011 - 20:41:48 - [0] ----D- C:\Users\Simon\AppData\Local\{BACACB18-063F-47AE-AA51-1C03BF6A7B1B} O43 - CFD: 21/07/2011 - 12:21:40 - [0] ----D- C:\Users\Simon\AppData\Local\{BCF0CCDB-F59B-4B73-9CE9-3110F1B02960} O43 - CFD: 05/08/2011 - 19:16:06 - [0] ----D- C:\Users\Simon\AppData\Local\{C3A0C932-D091-4EFE-A2C5-86C94BB5C829} O43 - CFD: 13/06/2011 - 10:47:08 - [0] ----D- C:\Users\Simon\AppData\Local\{C4EA832D-B607-44C1-95F7-8AE16B4B4E87} O43 - CFD: 08/09/2011 - 21:38:04 - [0] ----D- C:\Users\Simon\AppData\Local\{C572ECC0-8207-4A11-9299-D6F6AFCF86C2} O43 - CFD: 15/08/2011 - 22:35:36 - [0] ----D- C:\Users\Simon\AppData\Local\{C63B2F82-F74E-417C-9F75-006FB4196E6B} O43 - CFD: 16/07/2011 - 10:53:26 - [0] ----D- C:\Users\Simon\AppData\Local\{CAF586D2-04DF-4CD4-8327-5AD2043CCB83} O43 - CFD: 24/07/2011 - 10:49:14 - [0] ----D- C:\Users\Simon\AppData\Local\{CB21A129-08F1-4250-A6E2-0A6948C9F71D} O43 - CFD: 24/08/2011 - 20:15:40 - [0] ----D- C:\Users\Simon\AppData\Local\{CBDA3D15-0129-44BF-B85F-46B6B20077CE} O43 - CFD: 27/07/2011 - 18:57:04 - [0] ----D- C:\Users\Simon\AppData\Local\{CDB10600-5572-40A9-8C53-EC18EAC80E8C} O43 - CFD: 03/07/2011 - 04:29:52 - [0] ----D- C:\Users\Simon\AppData\Local\{D0CEA2F6-DA6F-4FD2-A844-D4373E35EBAC} O43 - CFD: 12/09/2011 - 18:46:46 - [0] ----D- C:\Users\Simon\AppData\Local\{D1EA1A6D-9BE6-4B70-ACB9-43955A3F0FD5} O43 - CFD: 26/05/2011 - 09:09:56 - [0] ----D- C:\Users\Simon\AppData\Local\{D2EDD844-558A-4AB4-A96E-E680EBA85093} O43 - CFD: 19/07/2011 - 18:53:08 - [0] ----D- C:\Users\Simon\AppData\Local\{D3D24F53-7DFB-42F9-82DD-167EC6BCCF0B} O43 - CFD: 31/08/2011 - 18:35:00 - [0] ----D- C:\Users\Simon\AppData\Local\{D5243766-08A4-489B-8157-5A0257D242C9} O43 - CFD: 06/08/2011 - 10:12:52 - [0] ----D- C:\Users\Simon\AppData\Local\{D8A2C579-16F2-41AE-8EB9-D728A12B34FC} O43 - CFD: 10/07/2011 - 11:48:48 - [0] ----D- C:\Users\Simon\AppData\Local\{DC5B7793-3EC4-4B85-8AC7-66F5CD998B8B} O43 - CFD: 05/06/2011 - 11:29:38 - [0] ----D- C:\Users\Simon\AppData\Local\{DCAE484C-E87C-4085-A977-9752D1C2A720} O43 - CFD: 08/06/2011 - 19:17:00 - [0] ----D- C:\Users\Simon\AppData\Local\{DCB8DF97-CC63-421B-9F82-CBB399EE95C1} O43 - CFD: 08/07/2011 - 18:20:30 - [0] ----D- C:\Users\Simon\AppData\Local\{DF3E79A7-3816-4E56-ABE2-A0E940C883EE} O43 - CFD: 20/07/2011 - 18:11:16 - [0] ----D- C:\Users\Simon\AppData\Local\{DF476E0C-C426-4C43-A631-6B89B9E071D6} O43 - CFD: 09/08/2011 - 18:31:26 - [0] ----D- C:\Users\Simon\AppData\Local\{DF8068A9-BFAF-4D11-8C6B-87A94F7CB24D} O43 - CFD: 22/08/2011 - 20:50:00 - [0] ----D- C:\Users\Simon\AppData\Local\{DFA47E39-29D9-4110-9063-F2E270083697} O43 - CFD: 05/07/2011 - 18:28:06 - [0] ----D- C:\Users\Simon\AppData\Local\{E04A02D5-38F6-4EF6-BC66-08F45A8BF89E} O43 - CFD: 12/09/2011 - 18:46:34 - [0] ----D- C:\Users\Simon\AppData\Local\{E10C8C50-4C19-4601-A6EF-02C661F387B0} O43 - CFD: 06/08/2011 - 09:01:28 - [0] ----D- C:\Users\Simon\AppData\Local\{E33C526A-FB19-465C-8B4B-C61E1410FA9F} O43 - CFD: 26/08/2011 - 20:10:46 - [0] ----D- C:\Users\Simon\AppData\Local\{E3B48EFD-30B4-47FA-82AD-56C1DE65702E} O43 - CFD: 27/05/2011 - 22:36:18 - [0] ----D- C:\Users\Simon\AppData\Local\{E406981E-4888-44CB-A972-84D078D54875} O43 - CFD: 10/08/2011 - 20:48:14 - [0] ----D- C:\Users\Simon\AppData\Local\{E4898195-8FE9-4137-B597-389BA1A10F72} O43 - CFD: 27/08/2011 - 17:30:06 - [0] ----D- C:\Users\Simon\AppData\Local\{E7F7709B-76E1-44C9-B5DA-D76A5F21A495} O43 - CFD: 29/06/2011 - 18:22:24 - [0] ----D- C:\Users\Simon\AppData\Local\{E8F1EF20-8C23-417A-88F3-B6444C6A01F0} O43 - CFD: 16/07/2011 - 22:54:02 - [0] ----D- C:\Users\Simon\AppData\Local\{E986C877-7128-4034-8D7B-9AACCD8D0E9E} O43 - CFD: 09/06/2011 - 20:19:42 - [0] ----D- C:\Users\Simon\AppData\Local\{EB884A84-08B0-4C20-BFE0-ACB6E3E19864} O43 - CFD: 23/08/2011 - 19:59:24 - [0] ----D- C:\Users\Simon\AppData\Local\{ED3D5DBD-B498-4EC7-9CCA-EC296351180B} O43 - CFD: 04/06/2011 - 23:29:00 - [0] ----D- C:\Users\Simon\AppData\Local\{EE0ED4C5-A326-47B1-AAF6-8BD6EA351EE1} O43 - CFD: 13/06/2011 - 01:30:16 - [0] ----D- C:\Users\Simon\AppData\Local\{F04CC751-2998-4F8A-A27D-C3160018B933} O43 - CFD: 05/08/2011 - 18:14:42 - [0] ----D- C:\Users\Simon\AppData\Local\{F42B68F7-5A1E-416D-8C42-C742B97ABFD0} O43 - CFD: 19/08/2011 - 17:38:52 - [0] ----D- C:\Users\Simon\AppData\Local\{F4707298-AF37-4A04-8980-F579D1396F78} O43 - CFD: 07/07/2011 - 19:48:04 - [0] ----D- C:\Users\Simon\AppData\Local\{F4B28F80-DA0E-42D2-BA7E-C937739694E5} O43 - CFD: 17/08/2011 - 17:52:14 - [0] ----D- C:\Users\Simon\AppData\Local\{F7673E10-309B-43C0-88B9-CD318DA2F407} O43 - CFD: 28/08/2011 - 20:53:28 - [0] ----D- C:\Users\Simon\AppData\Local\{F7823C48-9F48-45DF-BC0A-F29D52702068} O43 - CFD: 13/08/2011 - 15:18:08 - [0] ----D- C:\Users\Simon\AppData\Local\{FB4D9438-29C8-49D5-884B-BDD97E4D09A4} O43 - CFD: 02/07/2011 - 12:02:24 - [0] ----D- C:\Users\Simon\AppData\Local\{FD0F4C8E-308A-41E1-992F-67DDB808DC95} O43 - CFD: 08/09/2011 - 20:09:54 - [211967441] ----D- C:\Program Files (x86)\Ad-Remover O43 - CFD: 05/03/2011 - 06:40:54 - [3037097] ----D- C:\Program Files (x86)\AmIcoSingLun O43 - CFD: 07/07/2011 - 19:58:16 - [2428606] ----D- C:\Program Files (x86)\Apple Software Update O43 - CFD: 16/08/2011 - 17:59:04 - [186108861] ----D- C:\Program Files (x86)\ASUS O43 - CFD: 21/08/2011 - 14:42:30 - [153232771] ----D- C:\Program Files (x86)\Avira O43 - CFD: 26/07/2011 - 18:42:24 - [628555] ----D- C:\Program Files (x86)\Bonjour O43 - CFD: 19/08/2011 - 22:39:02 - [629844604] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 05/03/2011 - 06:54:10 - [1261733639] ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 21/08/2011 - 14:29:12 - [38252643] ----D- C:\Program Files (x86)\Google O43 - CFD: 13/08/2011 - 15:18:46 - [0] ----D- C:\Program Files (x86)\GRETECH O43 - CFD: 24/05/2011 - 18:24:00 - [343618554] ----D- C:\Program Files (x86)\HP O43 - CFD: 13/08/2011 - 15:37:10 - [84101002] ----D- C:\Program Files (x86)\Inkscape O43 - CFD: 20/08/2011 - 16:31:36 - [106817615] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 19/08/2011 - 22:35:02 - [38341478] ----D- C:\Program Files (x86)\Intel O43 - CFD: 16/08/2011 - 17:46:18 - [5718511] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 23/08/2011 - 20:01:08 - [122400899] ----D- C:\Program Files (x86)\iTunes O43 - CFD: 19/08/2011 - 21:03:56 - [6511189] ----D- C:\Program Files (x86)\ma-config.com O43 - CFD: 16/09/2011 - 17:47:44 - [7017356] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 29/04/2011 - 18:26:20 - [0] ----D- C:\Program Files (x86)\Microsoft O43 - CFD: 29/04/2011 - 22:12:20 - [577351558] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 16/06/2011 - 00:04:18 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 29/04/2011 - 22:12:18 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 29/04/2011 - 22:10:00 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 01/05/2011 - 11:04:06 - [3726168] ----D- C:\Program Files (x86)\Microsoft Works O43 - CFD: 02/05/2011 - 16:38:20 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 30/05/2011 - 20:56:12 - [0] ----D- C:\Program Files (x86)\Mio O43 - CFD: 08/09/2011 - 10:44:08 - [35681140] ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 07/09/2011 - 11:37:30 - [38373883] ----D- C:\Program Files (x86)\Mozilla Thunderbird O43 - CFD: 29/04/2011 - 22:12:24 - [26521] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 05/03/2011 - 06:15:56 - [154033] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 30/05/2011 - 21:06:54 - [32512873] ----D- C:\Program Files (x86)\Mumble O43 - CFD: 05/03/2011 - 06:00:44 - [45049512] ----D- C:\Program Files (x86)\Nuance O43 - CFD: 19/08/2011 - 22:31:12 - [86925673] ----D- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 29/04/2011 - 18:28:26 - [7460142] ----D- C:\Program Files (x86)\Pando Networks O43 - CFD: 16/08/2011 - 18:03:22 - [75694785] ----D- C:\Program Files (x86)\QuickTime O43 - CFD: 20/08/2011 - 11:48:14 - [15893395] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 20/08/2011 - 11:30:02 - [15141858] R---D- C:\Program Files (x86)\Skype O43 - CFD: 08/09/2011 - 12:03:34 - [50740712] ----D- C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 05/03/2011 - 06:12:42 - [169308348] ----D- C:\Program Files (x86)\syncables O43 - CFD: 05/03/2011 - 06:41:58 - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 02/05/2011 - 17:30:58 - [54697742] ----D- C:\Program Files (x86)\Texmaker O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 01/06/2011 - 20:46:10 - [82679395] ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 03/05/2011 - 11:27:52 - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 20/08/2011 - 12:06:38 - [115477637] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 04/05/2011 - 16:51:22 - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 04/05/2011 - 16:51:20 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 04/05/2011 - 16:51:20 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 04/05/2011 - 16:51:20 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 04/05/2011 - 16:51:22 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 27/08/2011 - 13:46:48 - [4142972] ----D- C:\Program Files (x86)\WinRAR O43 - CFD: 27/05/2011 - 22:59:40 - [0] ----D- C:\Program Files (x86)\Yahoo! O43 - CFD: 16/09/2011 - 18:54:00 - [4014804] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 23/08/2011 - 20:00:56 - [96662340] ----D- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 29/04/2011 - 22:12:18 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 24/05/2011 - 18:20:28 - [531477] ----D- C:\Program Files (x86)\Common Files\Hewlett-Packard O43 - CFD: 24/05/2011 - 18:20:30 - [5665956] ----D- C:\Program Files (x86)\Common Files\HP O43 - CFD: 05/03/2011 - 06:43:46 - [3261625] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 05/03/2011 - 06:30:14 - [13799665] ----D- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 19/08/2011 - 22:39:02 - [7581] ----D- C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 20/08/2011 - 12:06:20 - [225014860] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 05/03/2011 - 06:11:26 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media O43 - CFD: 05/03/2011 - 06:37:24 - [162236] ----D- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 06/09/2011 - 19:38:48 - [411432] ----D- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 03/05/2011 - 11:27:52 - [44307943] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 05/03/2011 - 06:01:26 - [198465132] ----D- C:\Program Files (x86)\Common Files\Windows Live ~ Scan Program Folder in 00mn 38s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.CD7341893E28D2D1C938E8E6E64ADA0F] - 16/09/2011 - 17:53:34 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1712728] O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 16/09/2011 - 17:48:17 ---A- . (...) -- C:\Windows\SysNative\acovcnt.exe [45056] O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 16/09/2011 - 17:48:17 RSHAD . (...) -- C:\Windows\system32\acovcnt.exe [45056] O44 - LFC:[MD5.23C40D9EBFBD6353299038234005CE46] - 16/09/2011 - 17:48:15 ---A- . (...) -- C:\Windows\setupact.log [2850] O44 - LFC:[MD5.BD3D45ECF7625AAA61DBB2A0661DF334] - 16/09/2011 - 17:48:14 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.AFC7FD3061B0570EB76557928B668BAC] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1580460] O44 - LFC:[MD5.6FDF129038BF61CF24D5C9E815FF31C9] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [110140] O44 - LFC:[MD5.3CBC580EA10BBA341B027B55435E160F] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [134506] O44 - LFC:[MD5.040567405EEFDDBB2C9046FBEACAEA91] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [627420] O44 - LFC:[MD5.A1B4626B373A461E8B1E9179A549981E] - 16/09/2011 - 16:50:01 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [715892] O44 - LFC:[MD5.AFC7FD3061B0570EB76557928B668BAC] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1580460] O44 - LFC:[MD5.6FDF129038BF61CF24D5C9E815FF31C9] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [110140] O44 - LFC:[MD5.3CBC580EA10BBA341B027B55435E160F] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [134506] O44 - LFC:[MD5.040567405EEFDDBB2C9046FBEACAEA91] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [627420] O44 - LFC:[MD5.A1B4626B373A461E8B1E9179A549981E] - 16/09/2011 - 16:50:01 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [715892] O44 - LFC:[MD5.4EEF933E67084E616AF90897108E4E9C] - 15/09/2011 - 17:18:54 ---A- . (...) -- C:\AdwCleaner[R1].txt [1166] O44 - LFC:[MD5.3AA94FD00F3D82D709629ADD56E6636D] - 15/09/2011 - 11:36:25 ---A- . (...) -- C:\Ad-Report-SCAN[2].txt [5078] O44 - LFC:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 07/09/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [123784] O44 - LFC:[MD5.B1224E6B086CD6548315B04AB575A23E] - 07/09/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [88288] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/09/2011 - 12:57:23 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 31/08/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416] O44 - LFC:[MD5.4FE02E2ABFC7D8385D7F4F5C134B6C3D] - 21/08/2011 - 18:01:19 ---A- . (...) -- C:\Windows\SysNative\AutoRunFilter.ini [2266] O44 - LFC:[MD5.4FE02E2ABFC7D8385D7F4F5C134B6C3D] - 21/08/2011 - 18:01:19 RSHAD . (...) -- C:\Windows\system32\AutoRunFilter.ini [2266] O44 - LFC:[MD5.428EC3C89450BA36B77D4A7A155A7C93] - 21/08/2011 - 18:01:08 ---A- . (...) -- C:\Windows\SysNative\ServiceFilter.ini [1350] O44 - LFC:[MD5.428EC3C89450BA36B77D4A7A155A7C93] - 21/08/2011 - 18:01:08 RSHAD . (...) -- C:\Windows\system32\ServiceFilter.ini [1350] O44 - LFC:[MD5.92C704590FCEDDA971B7A77945DCCDA4] - 20/08/2011 - 10:47:46 ---A- . (.Pas de propriétaire - About Page.) -- C:\Windows\SysNative\RtNicProp64.dll [74272] O44 - LFC:[MD5.49A88E6CD77939F5F7D443628A18A317] - 20/08/2011 - 10:47:46 ---A- . (.Realtek Semiconductor Corporation - RTNUninst.) -- C:\Windows\SysNative\RTNUninst64.dll [107552] O44 - LFC:[MD5.92C704590FCEDDA971B7A77945DCCDA4] - 20/08/2011 - 10:47:46 RSHAD . (.Pas de propriétaire - About Page.) -- C:\Windows\system32\RtNicProp64.dll [74272] O44 - LFC:[MD5.EE082E06A82FF630351D1E0EBBD3D8D0] - 20/08/2011 - 10:47:46 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\system32\drivers\Rt64win7.sys [539240] O44 - LFC:[MD5.49A88E6CD77939F5F7D443628A18A317] - 20/08/2011 - 10:47:46 RSHAD . (.Realtek Semiconductor Corporation - RTNUninst.) -- C:\Windows\system32\RTNUninst64.dll [107552] O44 - LFC:[MD5.2FDAEC4B02729C48C0FD1B0B4695995B] - 19/08/2011 - 21:34:43 RSHAD . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [557848] O44 - LFC:[MD5.2D4A51E3D0137B22466472D1420846A7] - 19/08/2011 - 21:30:03 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\SysNative\OpenCL.dll [67176] O44 - LFC:[MD5.2D4A51E3D0137B22466472D1420846A7] - 19/08/2011 - 21:30:03 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\system32\OpenCL.dll [67176] O44 - LFC:[MD5.6B60F1B8D93EC46B022BF296068E181A] - 19/08/2011 - 21:30:03 ---A- . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 280.26.) -- C:\Windows\SysNative\nvwgf2umx.dll [8355944] O44 - LFC:[MD5.6B60F1B8D93EC46B022BF296068E181A] - 19/08/2011 - 21:30:03 RSHAD . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 280.26.) -- C:\Windows\system32\nvwgf2umx.dll [8355944] O44 - LFC:[MD5.CB0483F5C79EDA101AD603FEFADC0D78] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\SysNative\nvdispco64.dll [1519720] O44 - LFC:[MD5.09F7E98136C13B4C41CF0CA448B7BDAD] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\SysNative\nvgenco64.dll [1453160] O44 - LFC:[MD5.F6A33FE1896951C81FBB06F89BB77CC8] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 280.26.) -- C:\Windows\SysNative\nvcuda.dll [7254632] O44 - LFC:[MD5.F6A33FE1896951C81FBB06F89BB77CC8] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 280.26.) -- C:\Windows\system32\nvcuda.dll [7254632] O44 - LFC:[MD5.1B887B61A5E001CDC7F733EDC1327F1D] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 280.2.) -- C:\Windows\SysNative\nvcuvid.dll [2532456] O44 - LFC:[MD5.1B887B61A5E001CDC7F733EDC1327F1D] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 280.2.) -- C:\Windows\system32\nvcuvid.dll [2532456] O44 - LFC:[MD5.3AF3DAC8DD7FF6B9FC90551642F46902] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 280.26.) -- C:\Windows\SysNative\nvcuvenc.dll [2222184] O44 - LFC:[MD5.3AF3DAC8DD7FF6B9FC90551642F46902] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 280.26.) -- C:\Windows\system32\nvcuvenc.dll [2222184] O44 - LFC:[MD5.D332D01F8B2FD019D2C817D7A0F809C4] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\SysNative\nvoglv64.dll [22470248] O44 - LFC:[MD5.28EB9A79B9F2E1DB6D71C6B54D4B8664] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 280.26.) -- C:\Windows\SysNative\nvcompiler.dll [24692840] O44 - LFC:[MD5.28EB9A79B9F2E1DB6D71C6B54D4B8664] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 280.26.) -- C:\Windows\system32\nvcompiler.dll [24692840] O44 - LFC:[MD5.321135AE3A4547231CFA830820829AEC] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Optimus Playback MFT, Version 280.26.) -- C:\Windows\SysNative\nvoptimusmft.dll [369256] O44 - LFC:[MD5.321135AE3A4547231CFA830820829AEC] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Optimus Playback MFT, Version 280.26.) -- C:\Windows\system32\nvoptimusmft.dll [369256] O44 - LFC:[MD5.F575E8B9DF344DE93B1277EDE7D2F630] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Video Decoder MFT, Version 280.26.) -- C:\Windows\SysNative\nvdecodemft.dll [362600] O44 - LFC:[MD5.F575E8B9DF344DE93B1277EDE7D2F630] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA Video Decoder MFT, Version 280.26.) -- C:\Windows\system32\nvdecodemft.dll [362600] O44 - LFC:[MD5.A1F2BA9CB0B251032B1FB14A2BD33440] - 19/08/2011 - 21:30:02 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 280.26.) -- C:\Windows\SysNative\nvd3dumx.dll [15064168] O44 - LFC:[MD5.CB0483F5C79EDA101AD603FEFADC0D78] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\system32\nvdispco64.dll [1519720] O44 - LFC:[MD5.09F7E98136C13B4C41CF0CA448B7BDAD] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\system32\nvgenco64.dll [1453160] O44 - LFC:[MD5.D332D01F8B2FD019D2C817D7A0F809C4] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\system32\nvoglv64.dll [22470248] O44 - LFC:[MD5.A1F2BA9CB0B251032B1FB14A2BD33440] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 280.26.) -- C:\Windows\system32\nvd3dumx.dll [15064168] O44 - LFC:[MD5.CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\system32\drivers\nvlddmkm.sys [12909672] O44 - LFC:[MD5.2E5DE4423BF6D1C44609FEBED7B1FF0F] - 19/08/2011 - 21:30:02 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\system32\drivers\nvpciflt.sys [27240] O44 - LFC:[MD5.71308A15265B6A89E5B51C9635085562] - 03/08/2011 - 12:50:00 ---A- . (...) -- C:\Windows\SysNative\nvinfo.pb [7383] O44 - LFC:[MD5.71308A15265B6A89E5B51C9635085562] - 03/08/2011 - 12:50:00 RSHAD . (...) -- C:\Windows\system32\nvinfo.pb [7383] ~ Scan Files in 00mn 58s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\ASUS Screen Saver Protector [Key] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam.) -- D:\Programmes\Steam\Steam.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 30/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 30/04/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.499AF6F57CF093642D647CAFC006DEAA] - 29/04/2011 - 18:13:01 RSHAD . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [22360] O58 - SDL:[MD5.54EDF58577868BAF01D25D8359F9E84F] - 29/04/2011 - 18:13:13 RSHAD . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [64344] O58 - SDL:[MD5.E69CDC2D04A0A4B338A933C44BDB0FD4] - 29/04/2011 - 18:13:24 RSHAD . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [31064] O58 - SDL:[MD5.22F7ED60F9FA6272AF7F35813CA548D6] - 29/04/2011 - 18:17:59 RSHAD . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [600920] O58 - SDL:[MD5.BE84EFCD3CDD11DDCC79F3ECAB47E827] - 29/04/2011 - 18:18:01 RSHAD . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [287064] O58 - SDL:[MD5.0BF5483E5FB88D85638708E7D56300D8] - 29/04/2011 - 18:16:23 RSHAD . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [53592] O58 - SDL:[MD5.F8633CDD09647A64EE8DB550630427FF] - 02/03/2010 - 09:45:23 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1594368] O58 - SDL:[MD5.B1224E6B086CD6548315B04AB575A23E] - 21/08/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [88288] O58 - SDL:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 21/08/2011 - 22:13:41 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [123784] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.05B0DCDA418E297A1B4CD8D7B8ADE403] - 08/09/2010 - 12:39:31 RSHAD . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\system32\drivers\ETD.sys [129024] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.D0ADBCF2A5316D23EF67DFAA02D5D544] - 05/03/2011 - 01:25:40 RSHAD . (.Fresco Logic - xHCI Bus Driver.) -- C:\Windows\system32\drivers\FLxHCIc.sys [210944] O58 - SDL:[MD5.F9B6DB9727AD2F14ECF84E43EB5279F7] - 05/03/2011 - 01:25:40 RSHAD . (.Fresco Logic - xHCI Hub Driver.) -- C:\Windows\system32\drivers\FLxHCIh.sys [49664] O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 01/06/2011 - 12:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - 05/03/2011 - 01:34:26 RSHAD . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\system32\drivers\HECIx64.sys [56344] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 04/05/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.2FDAEC4B02729C48C0FD1B0B4695995B] - 19/08/2011 - 08:53:44 RSHAD . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [557848] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 30/04/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.0AC9E321D604BE48A0D72B69BA484BDC] - 28/11/2010 - 14:23:15 RSHAD . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd64.sys [12252192] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.FC727061C0F47C8059E88E05D5C8E381] - 14/10/2010 - 17:28:15 RSHAD . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\system32\drivers\IntcDAud.sys [317440] O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 RSHAD . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\system32\drivers\kbfiltr.sys [15416] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 16/09/2011 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0] - 19/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 280.26.) -- C:\Windows\system32\drivers\nvlddmkm.sys [12909672] O58 - SDL:[MD5.2E5DE4423BF6D1C44609FEBED7B1FF0F] - 19/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 280.26.) -- C:\Windows\system32\drivers\nvpciflt.sys [27240] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 30/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 30/04/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.EE082E06A82FF630351D1E0EBBD3D8D0] - 20/08/2011 - 10:47:46 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [539240] O58 - SDL:[MD5.A0C2C3D4C03C4FB896CFC53873784178] - 05/03/2011 - 10:06:01 RSHAD . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2647528] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.1BC348CF6BAA90EC8E533EF6E6A69933] - 10/06/2009 - 21:35:57 RSHAD . (.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190 Ethernet Device.) -- C:\Windows\system32\drivers\SiSG664.sys [56832] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.3D35D7F8A91FA5127EE052BE41BD87D3] - 28/01/2010 - 04:04:13 RSHAD . (.Sonix Technology Co., Ltd. - USBCAMD for Sonix UVC.) -- C:\Windows\system32\drivers\sncduvc.sys [35328] O58 - SDL:[MD5.C98375D19F9E9966F6201BAE65FB3728] - 07/09/2010 - 10:19:37 RSHAD . (.Sonix Technology Co., Ltd. - UVC Camera Streaming Driver.) -- C:\Windows\system32\drivers\snp2uvc.sys [1800832] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.B355581A9DA34C92E2DBAFA410D2F829] - 05/03/2011 - 01:07:28 RSHAD . (...) -- C:\Windows\system32\drivers\TurboB.sys [13832] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] ~ Scan Drivers in 00mn 03s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 03/07/2009 - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - No object(No service) .(.ASUS - Memory mapping Driver.) - LEGACY_ASMMAP64 O64 - Services: CurCS - 18/04/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - No object(No service) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 26/07/2010 - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - No object(No service) .(.ASUS - ATK WMIACPI Utility.) - LEGACY_ATKWMIACPIIO O64 - Services: CurCS - 07/09/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 07/09/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 02/07/2011 - C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys - No object(No service) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64 O64 - Services: CurCS - 03/08/2011 - C:\Windows\system32\DRIVERS\nvpciflt.sys - No object(No service) .(.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) - LEGACY_NVPCIFLT O64 - Services: CurCS - 17/04/2010 - C:\Windows\system32\DRIVERS\TurboB.sys - No object (No service) .(...) - LEGACY_TURBOB ~ Scan Services in 00mn 01s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - [url=http://search.live.com]Bing[/url] O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - [url=http://search.live.com]Bing[/url] O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - [url=http://www.google.com]Google[/url] O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [url=http://www.google.com]Google[/url] ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.BD850A328EEFE88A23DA8E3A6B428ECC] [sPRF][06/09/2011] (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Users\Simon\AppData\Local\Temp\insAACF.tmp.exe [12430696] [MD5.9A5A1D2BD77241922A75B538560FE2DE] [sPRF][15/09/2011] (...) -- C:\Users\Simon\Desktop\adwcleaner.exe [471476] [MD5.E8269245566BE948F6A219135B434160] [sPRF][07/09/2011] (.Trend Micro Inc. - HijackThis.) -- C:\Users\Simon\Desktop\HiJackThis.exe [401720] [MD5.31B66CC197BE80F499538597FCFE3FBF] [sPRF][16/09/2011] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\Simon\Desktop\mbam-setup-1.51.2.1300.exe [9852544] [MD5.5CAAFF20C5695611F08ABD954E58DEA2] [sPRF][29/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Simon\Desktop\ZHPDiag2.exe [2582227] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{24C1BCBC-A10B-458E-80D4-08B617497B04}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Cinema 10 Main Program.) -- C:\Program Files (x86)\Cyberlink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe O87 - FAEL: "{90ACD568-52AC-4E16-82DE-0EB8DD147312}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{18EF261B-C7A7-4309-B40D-E95353C7727C}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{84F4FA07-9758-41DA-BDBE-45690F41FA2F}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{5890457F-CC50-4FE2-8A70-FF67EEF3811C}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{CF68744F-EECB-4D95-9574-84824FE88868}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "TCP Query User{6066BC56-4DB5-4C56-BF56-C3C0EB8E5B4C}C:\riot games\league of legends\lol.launcher.exe" | In - Private - P6 - TRUE | .(...) -- C:\riot games\league of legends\lol.launcher.exe O87 - FAEL: "UDP Query User{319EF21A-A54B-4C9E-B0A7-C60FC00F89CC}C:\riot games\league of legends\lol.launcher.exe" | In - Private - P17 - TRUE | .(...) -- C:\riot games\league of legends\lol.launcher.exe O87 - FAEL: "{BBCDBEA8-6F48-420D-BD6D-D5D3A9AE3FDB}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- D:\Programmes\Steam\Steam.exe O87 - FAEL: "{4A55F4F2-6574-45E2-A435-844313F287D1}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- D:\Programmes\Steam\Steam.exe O87 - FAEL: "{B7302095-284F-4424-9EB3-54CCEF3E8A87}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe O87 - FAEL: "{B7B11A80-AD4A-4262-A5DE-D8845983B194}" | In - Private - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe O87 - FAEL: "{FC9169A2-E7B8-40A7-9B4A-319F6D9C3ECB}" | In - Private - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe O87 - FAEL: "{FDE67862-EBCA-4EDE-A7E4-E0D87AAB8708}" | In - Private - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe O87 - FAEL: "{0ACC5940-5EAC-447C-A74A-BB0AB2E24633}" | In - Private - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe O87 - FAEL: "{0465C88E-827A-4E80-BA20-E84B095E1ECA}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O87 - FAEL: "TCP Query User{DE362749-759D-42B1-BF7E-DF690CAD4E4E}D:\programmes\steam\steam.exe" | In - Public - P6 - TRUE | .(.Valve Corporation - Steam.) -- D:\programmes\steam\steam.exe O87 - FAEL: "UDP Query User{D132A511-D612-4057-B9D0-B7C6D9CACCA5}D:\programmes\steam\steam.exe" | In - Public - P17 - TRUE | .(.Valve Corporation - Steam.) -- D:\programmes\steam\steam.exe O87 - FAEL: "{870809E8-DC82-4928-B984-E48DF360EFC4}" | In - Public - P6 - TRUE | .(.The Creative Assembly Ltd - Napoleon: Total War.) -- D:\Programmes\Steam\SteamApps\common\napoleon total war\Napoleon.exe O87 - FAEL: "{CCBE8646-C1B2-4300-B25D-1104389F73FD}" | In - Public - P17 - TRUE | .(.The Creative Assembly Ltd - Napoleon: Total War.) -- D:\Programmes\Steam\SteamApps\common\napoleon total war\Napoleon.exe O87 - FAEL: "{2D52625A-CC36-415E-80D5-10C463C79482}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{359FF996-6CFF-4C12-9975-ACC931BA9D79}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{87237983-40EC-41C4-925E-B0D92A2C99EE}" | In - Public - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe O87 - FAEL: "{AE798487-0127-4959-ADC8-82BC390743AC}" | In - Public - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe O87 - FAEL: "{AF55AF33-5DB8-48D8-9EED-E0BD06B4FAE0}" | In - Public - P6 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe O87 - FAEL: "{52C006C1-761D-4258-B8A3-5F86D8F8113F}" | In - Public - P17 - TRUE | .(...) -- D:\Programmes\Steam\SteamApps\common\call of duty black ops\BlackOps.exe O87 - FAEL: "{AB0992B4-EAFF-4C7F-B166-D4FC6EDE089D}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{5C846C5D-0B0C-4C7D-A381-967C81EBA520}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe O87 - FAEL: "{1A57242F-DB63-4AA1-9C3C-71C642A3E83E}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe O87 - FAEL: "{C92D5A84-ED11-4AA2-8671-C62047E75B6F}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{1C6A418E-613D-4C74-99F8-0190032C09D8}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{5043ACAD-E9A8-4B0D-A0DD-A3CC055457D6}" | In - Public - P6 - TRUE | .(...) -- C:\Riot Games\League of Legends\lol.launcher.exe O87 - FAEL: "{C08CB73E-4971-4D12-8CF2-FC44D9086425}" | In - Public - P17 - TRUE | .(...) -- C:\Riot Games\League of Legends\lol.launcher.exe O87 - FAEL: "{0E385544-95A9-476E-89A6-4A6E0CA9EEEA}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe ~ Scan Firewall in 00mn 03s ---\\ Scan Additionnel (O88) Database Version : 8634 - (29/08/2011) Clés trouvées (Keys found) : 2 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO ~ Scan Additionnel in 00mn 05s ---\\ Recherche détournement de DNS routeur (O89) Serveur : UnKnown Address: 127.0.0.1 ~ Scan DNS in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 05/03/2011 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe SR - | Auto 21/08/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 21/08/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 01/06/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 05/03/2011 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe SR - | Auto 05/03/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe SR - | Auto 18/04/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 26/07/2011 387944 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe SS - | Auto 05/03/2011 246256 | (CLKMSVC10_38F51D56) . (.CyberLink.) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe SS - | Demand 05/03/2011 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 19/08/2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Demand 23/08/2011 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 05/03/2011 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SS - | Demand 19/08/2011 311928 | (maconfservice) . (.CybelSoft.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe SR - | Auto 05/03/2011 980072 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 05/03/2011 2255464 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SR - | Demand 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe SS - | Demand 20/05/2011 411432 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SR - | Auto 05/03/2011 134928 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe SR - | Auto 05/03/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 77312 | (VideAceWindowsService) . (...) - C:\ExpressGateUtil\VAWinService.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, [url=http://www.gmer.net]GMER - Rootkit Detector and Remover[/url] Run by Simon at 16/09/2011 18:56:09 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ~ Scan MBR in 00mn 05s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, [url=http://ad13.geekstog]http://ad13.geekstog[/url] Run by Simon at 16/09/2011 18:56:11 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 07s End of the scan (1429 lines in 02mn 37s)(0)
- le 16 septembre 2011
- 4 réponses
Analyse de rapport Ad-Remover

Kamalh a répondu à un(e) sujet de Kamalh dans Analyses et éradication malwares

Merci pour la rapidité de ta réponse. Voici les 2 rapports: Ad-Report-CLEAN.txt: ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: [url=http://www.teamxscript.org]TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF[/url] C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:11:54 le 15/09/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) Simon@PORTABLE_SIMON (ASUSTeK Computer Inc. N53SV) ============== ACTION(S) ============== Dossier supprimé: C:\Users\Simon\AppData\Roaming\EoRezo Dossier supprimé: C:\Users\Simon\AppData\Local\EoRezo Dossier supprimé: C:\Program Files (x86)\EoRezo (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default\Prefs.js -- Ligne supprimée: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprintin... -- Fichier Fermé -- Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F} Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF} Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1 Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400} Clé supprimée: HKLM\Software\EoRezo Clé supprimée: HKCU\Software\EoRezo Clé supprimée: HKU\.DEFAULT\Software\EoRezo Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1 Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|AgenceChromeBHO@eorezo.com Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [6.0.2 (fr)] **** HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x) HKLM_MozillaPlugins\ZEON/PDF,version=2.0 (x) HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 -- C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default -- Prefs.js - browser.startup.homepage_override.buildID, 20110902133214 Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2 ======================================== **** Internet Explorer Version [8.0.7601.17514] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll) BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 14 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 18 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 15/09/2011 18:12:00 (4925 Octet(s)) C:\Ad-Report-SCAN[1].txt - 08/09/2011 20:10:00 (5013 Octet(s)) C:\Ad-Report-SCAN[2].txt - 15/09/2011 12:35:49 (5078 Octet(s)) Fin à: 18:12:44, 15/09/2011 ============== E.O.F ============== AdwCleaner[R1].txt: # AdwCleaner v1.306 - Rapport créé le 15/09/2011 à 18:18:48 # Mis à jour le 14/09/11 à 13h par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Simon - PORTABLE_SIMON (Administrateur) # Exécuté depuis : C:\Users\Simon\Desktop\adwcleaner.exe # Option [Recherche] ***** [Processus] ***** ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** Clé Présente : HKCU\Software\EoRezo ***** [Registre (64 bits)] ***** [x64] Clé Présente : HKCU64\Software\EoRezo [x64] Clé Présente : HKLM64\SOFTWARE\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F} ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v6.0.2 (fr) Profil : 80rxxshe.default Fichier : C:\Users\Simon\AppData\Roaming\Mozilla\Firefox\Profiles\80rxxshe.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [1037 octets] - [15/09/2011 18:18:48] ########## EOF - C:\AdwCleaner[R1].txt - [1165 octets] ##########
- le 15 septembre 2011
- 4 réponses
Analyse de rapport Ad-Remover

Kamalh a posté un sujet dans Analyses et éradication malwares

Bonjour, Depuis quelques temps j'ai des fenetres publicitaires qui s'ouvrent régulièrement (publicités eorezo). J'ai suivi un tutoriel qui conseillais d'effectuer une analyse avec le programme AD-R. Voici le rapport que j'ai obtenu, merci de ma dire si je peux utiliser l'option nettoyer: ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: [url=http://www.teamxscript.org]TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF[/url] C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [2]) -> Lancé à 12:35:45 le 15/09/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) Simon@PORTABLE_SIMON (ASUSTeK Computer Inc. N53SV) ============== RECHERCHE ============== Dossier trouvé: C:\Users\Simon\AppData\Roaming\EoRezo Dossier trouvé: C:\Users\Simon\AppData\Local\EoRezo Dossier trouvé: C:\Program Files (x86)\EoRezo -- Fichier ouvert: C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default\Prefs.js -- Ligne trouvée: user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprintin... -- Fichier Fermé -- Clé trouvée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F} Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF} Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1 Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400} Clé trouvée: HKLM\Software\EoRezo Clé trouvée: HKCU\Software\EoRezo Clé trouvée: HKU\.DEFAULT\Software\EoRezo Clé trouvée: HKU\S-1-5-18\Software\EoRezo Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1 Valeur trouvée: HKLM\Software\Mozilla\Firefox\Extensions|AgenceChromeBHO@eorezo.com Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [6.0.2 (fr)] **** HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x) HKLM_MozillaPlugins\ZEON/PDF,version=2.0 (x) HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 HKLM_Extensions|AgenceChromeBHO@eorezo.com - C:\Program Files (x86)\EoRezo HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 -- C:\Users\Simon\AppData\Roaming\Mozilla\FireFox\Profiles\80rxxshe.default -- Prefs.js - browser.startup.homepage_override.buildID, 20110902133214 Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2 ======================================== **** Internet Explorer Version [8.0.7601.17514] **** HKCU_Main|Default_Page_URL - hxxp://asus.msn.com HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxp://www.google.fr/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://asus.msn.com AboutUrls|Tabs - hxxp://y.lo.st HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?) BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll) BHO\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - "EOBHO Class" (C:\Program Files (x86)\EoRezo\EoRezoBHO.dll) BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" (C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 2 Fichier(s) C:\Ad-Report-SCAN[1].txt - 08/09/2011 20:10:00 (5013 Octet(s)) C:\Ad-Report-SCAN[2].txt - 15/09/2011 12:35:49 (4940 Octet(s)) Fin à: 12:36:25, 15/09/2011 ============== E.O.F ==============
- le 15 septembre 2011
- 4 réponses

Connexion

Kamalh

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par Kamalh

Analyse de rapport Ad-Remover

Analyse de rapport Ad-Remover

Analyse de rapport Ad-Remover

Zebulon

Outils en ligne

Naviguer