~ Rapport de ZHPDiag v2013.10.24.63 - Nicolas Coolman (24/10/2013) ~ Lancé par moi (25/10/2013 15:48:00) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16686 MFIE: Mozilla Firefox 24.0 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_COA_NSLP channel Windows ID Activation : OK ~ Windows Partial Key : H6X4M Windows License : OK ~ Windows Remaining Initializations Number : 5 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v8.0.1497.0 Trusteer Sécurité des points d'accès v3.5.1302.61 Malwarebytes Anti-Malware version 1.75.0.1300 Windows Defender W7 ---\\ Logiciels d'optimisation du système CCleaner v3.18 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer eMule ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader X Java 7 Update 25 ---\\ Informations sur le système ~ Processor: x86 Family 16 Model 2 Stepping 3, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2815 MB (71% free) System Restore: Activé (Enable) System drive C: has 70 GB (23%) free of 304 GB ---\\ Mode de connexion au système ~ Computer Name: XIB ~ User Name: moi ~ All Users Names: moi, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\moi\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\moi\AppData\Roaming\ ~ %Desktop% : C:\Users\moi\Desktop\ ~ %Favorites% : C:\Users\moi\Favorites\ ~ %LocalAppData% : C:\Users\moi\AppData\Local\ ~ %StartMenu% : C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 70 Go of 304 Go) D: Hard drive, Flash drive, Thumb drive (Free 59 Go of 153 Go) E: CD-ROM drive (Not Inserted) F: CD-ROM drive (Not Inserted) J: Hard drive, Flash drive, Thumb drive (Free 87 Go of 149 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 49 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 13:17:09.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.535F6263035F2530A62D5D64EF6E73D3] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/08/2013 - 04:59:10.) -- C:\Windows\System32\wininet.dll [1767936] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/915 ~ Mes musiques (My Musics) : 1/35 ~ Mes Videos (My Videos) : 1/3 ~ Mes Favoris (My Favorites) : 1/39 ~ Mes Documents (My Documents) : 1/734 ~ Mon Bureau (My Desktop) : 0/499 ~ Menu demarrer (Programs) : 1/77 ~ Hidden Files: Scanned in 00mn 01s ---\\ Processus lancés [MD5.D565CAB5D617B563CF0DD4C19AA172CA] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe [2476312] [PID.3124] [MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.3536] [MD5.2F0EAAF91FC7A5C70D1F4BE9B18A1CF5] - (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe [354304] [PID.3568] [MD5.44A9229022A519ED45294A1934C05EEC] - (.Flux Software LLC - f.lux.) -- C:\Users\moi\AppData\Local\FluxSoftware\Flux\flux.exe [1017224] [PID.3928] [MD5.E98EA7471918E1987075815DC4C61001] - (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [4742184] [PID.2840] [MD5.7D685AE28E6876EE5057DA51958F3CA7] - (.Microsoft Corporation - Serveur de personnalisation d’entrée.) -- C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [294400] [PID.3780] [MD5.C155A13687144076286989EF078112C2] - (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe [1917440] [PID.2096] [MD5.B93FFCF1D42AE4613CDFF7450F7D4199] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8128512] [PID.5204] ~ Processes Running: Scanned in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\moi\AppData\Roaming\Mozilla\Firefox\Profiles\zfjzzvu9.default\prefs.js M0 - MFSP: prefs.js [moi - zfjzzvu9.default] http://www.google.fr P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.8.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Mozilla Firefox\Plugins\npyaxmpb.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.3.633.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa3.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.25.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.25.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.25.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@protectdisc.com/NPMPDRM] - (.Pas de propriétaire - fluxDVD Browser Plugin.) -- C:\Program Files\Common Files\mpDRM\NPMPDRM.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.6] - (.VideoLAN - VLC media player Web Plugin 2.0.6.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.8] - (.VideoLAN - VLC media player Web Plugin 2.0.6.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.8.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 4.5.3.14917.) -- C:\Users\moi\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 4.5.3.14917.) -- C:\Users\moi\AppData\Roaming\Mozilla\plugins\npo1d.dll P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.29.) -- C:\Users\moi\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ~ Firefox Browser: 35 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pas de propriétaire - Google Talk Plugin Video Accelerator version:0.1.44.29.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ IE Browser: 18 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 1 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} . (.Logitech, Inc. - Logitech SetPoint.) -- C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ BHO: 14 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc O4 - GS\Program [Public]: Audacity.lnk . (...) -- C:\Program Files\Audacity\audacity.exe O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Création de DVD Windows.) -- C:\Program Files\DVD Maker\DVDMaker.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Public]: Windows Mobile Device Center.lnk . (.Microsoft Corporation - Windows Mobile Device Center.) -- C:\Windows\Installer\{904CCF62-818D-4675-BC76-D37EB399F917}\wmdc.exe O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) -- C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation O4 - GS\QuickLaunch [moi]: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files\Astonsoft\DeepBurner\DeepBurner.exe O4 - GS\QuickLaunch [moi]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files\Free Video Converter\FreeVideoConverter.exe O4 - GS\QuickLaunch [moi]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [moi]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\QuickLaunch [moi]: Mozilla Sunbird.lnk . (.Mozilla - Sunbird.) -- C:\Program Files\Mozilla Sunbird\sunbird.exe O4 - GS\QuickLaunch [moi]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation O4 - GS\QuickLaunch [moi]: PrivaZer.lnk . (.Goversoft LLC - PrivaZer.) -- C:\Program Files\PrivaZer\PrivaZer.exe O4 - GS\QuickLaunch [moi]: Upgrade to Paltalk Extreme.lnk - Clé orpheline O4 - GS\TaskBar [moi]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\TaskBar [moi]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation O4 - GS\TaskBar [moi]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\TaskBar [moi]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [moi]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Program [moi]: Microsoft SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\moi\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation O4 - GS\Program [moi]: PrivaZer.lnk . (.Goversoft LLC - PrivaZer.) -- C:\Program Files\PrivaZer\PrivaZer.exe O4 - GS\Accessories [moi]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O4 - GS\Accessories [moi]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation O4 - GS\Accessories [moi]: Run.lnk - Clé orpheline O4 - GS\Accessories [moi]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation O4 - GS\SystemTools [moi]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SystemTools [moi]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation O4 - GS\SendTo [moi]: Skype.lnk . (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.) O4 - GS\Desktop [moi]: Advanced Uninstaller PRO 11.lnk . (.Innovative Solutions - Advanced Uninstaller.) -- C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe O4 - GS\Desktop [moi]: Wise Registry Cleaner.lnk . (.WiseCleaner.com - Wise Registry Cleaner.) -- C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe O4 - GS\Desktop [moi]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman O4 - GS\Desktop [moi]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman ~ Global Startup: 61 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [moi]: Pense-bête.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - GS\Startup [moi]: Yahoo! Widgets.lnk . (.Yahoo! Inc. - Yahoo! Widgets.) -- C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Run: [AMD AVT] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\Cmd.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\moi\AppData\Local\FluxSoftware\Flux\flux.exe O4 - HKUS\S-1-5-21-1078184168-2510578676-2456167704-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1078184168-2510578676-2456167704-1000\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\moi\AppData\Local\FluxSoftware\Flux\flux.exe ~ Application: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (.not file.) O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 8 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - ((no name)) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{A36D7D81-0BB1-4540-9F34-39DA7DB39024}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\..\{B33E1019-B696-4B9B-B6DD-1FABF4B1EF76}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{A36D7D81-0BB1-4540-9F34-39DA7DB39024}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CS1\Services\Tcpip\..\{B33E1019-B696-4B9B-B6DD-1FABF4B1EF76}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{A36D7D81-0BB1-4540-9F34-39DA7DB39024}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CS2\Services\Tcpip\..\{B33E1019-B696-4B9B-B6DD-1FABF4B1EF76}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Sentinel HASP License Manager (hasplms) . (.SafeNet Inc. - Sentinel HASP License Manager Service.) - C:\Windows\system32\hasplms.exe O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: lxbc_device (lxbc_device) . (.Pas de propriétaire - Printer Communication System.) - C:\Windows\system32\lxbccoms.exe O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe O23 - Service: Rapport Management Service (RapportMgmtService) . (.Trusteer Ltd. - RapportMgmtService.) - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: Fujitsu Siemens Computers Diagnostic Tes (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe ~ Services: 11 Scanned in 00mn 12s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1046] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1050] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078184168-2510578676-2456167704-1000Core.job [1018] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078184168-2510578676-2456167704-1000UA.job [1070] [MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257416] [MD5.82C362A81EE4E441CD85260C8E9E708A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [251784] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [116648] [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1078184168-2510578676-2456167704-1000Core] (...) -- C:\Users\moi\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-1078184168-2510578676-2456167704-1000UA] (...) -- C:\Users\moi\AppData\Local\Google\Update\GoogleUpdate.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{2A02EB7A-29F0-47B1-90F6-54DFAC741684}] (...) -- C:\Users\moi\Downloads\MPW95.exe (.not file.) [0] [MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] [APT] [{31012B1D-D1F8-471A-AF94-35C014518DBA}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [274840] [MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] [APT] [{87D54E25-8F6F-4D11-806B-4D1685A42170}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [274840] [MD5.00000000000000000000000000000000] [APT] [{8EA1CD1C-78D2-44D6-915F-12E4BAA5E881}] (...) -- C:\Program Files\IncrediMail\Bin\IncMail.exe (.not file.) [0] [MD5.61F63D6DCCA3C3CE9AE8CCA024C8139E] [APT] [{B06BBDD1-62CC-417A-A5B2-12FEB45DB1A4}] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\aswRundll.exe [160608] [MD5.00000000000000000000000000000000] [APT] [{B3E6B67E-6741-4C69-9DE5-AA6835E686C2}] (...) -- C:\Program Files\Skype\Phone\Skype.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984] ~ Scheduled Task: 21 Scanned in 00mn 04s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Installation Support - {0291E591-EA41-4c82-8106-3DC6CE7F7664} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O40 - ASIC: Installation Support - {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll O40 - ASIC: Installation Support - {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} . (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: PixiePack Codec Pack 1.1.1200.0 - {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} . (...) -- C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe ~ Active Setup: 15 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aiptektp) . (.AIPTEK International Inc. - AIPTEK Tablet Driver.) - C:\Windows\System32\DRIVERS\aiptektp.sys O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RapportCerberus_56758) . (...) - C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys O41 - Driver: (RapportEI) . (.Trusteer Ltd. - RapportEI.) - C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys O41 - Driver: (RapportPG) . (.Trusteer Ltd. - RapportPG.) - C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 78 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D} O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408} O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {C6A538C7-4DE7-CA79-7B25-FB671CD29DE2} O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {9442E5DF-A258-CCA0-B1CA-F141B07966C2} O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM] -- {33DEE20D-3ADB-2089-A2BF-7729BFDE1C9E} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.8) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Advanced Uninstaller PRO - Version 11 - (.Innovative Solutions.) [HKLM] -- AU11_is1 O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {F5266D28-E0B2-4130-BFC5-EE155AD514DC} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: ArtRage Studio Pro - (.Ambient Design.) [HKLM] -- {06812276-D6B1-4BDC-A52A-24D7D34884DC} O42 - Logiciel: Astroburn Lite - (.DT Soft Ltd.) [HKLM] -- Astroburn Lite O42 - Logiciel: Audacity 1.2.6 - (...) [HKLM] -- Audacity_is1 O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] -- BitTorrent =>P2P.BitTorrent O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd O42 - Logiciel: CDisplay 1.8 - (.dvd8n.) [HKLM] -- CDisplay_is1 O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1} O42 - Logiciel: Conexant Audio Driver For AMD HDMI Codec - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA_HDMI O42 - Logiciel: ConvertXtoDVD 4.1.19.365 - (...) [HKLM] -- {DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1 O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite =>.DT Soft Ltd O42 - Logiciel: DVD Decrypter 3.5.4.0 Fr - (...) [HKLM] -- DVD Decrypter 3.5.4.0 Fr O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1 O42 - Logiciel: DeepBurner v1.8.0.224 - (...) [HKLM] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943} O42 - Logiciel: Endurance Series by EnduRacers - rF1 FULL - (...) [HKCU] -- Endurance Series by EnduRacers - rF1 FULL O42 - Logiciel: Energy Settings - (.Fujitsu Siemens Computers.) [HKLM] -- {7613592F-B20C-4E1B-B2DD-67F0784D4373} O42 - Logiciel: Far Cry - (.Nom de votre société.) [HKLM] -- InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC} O42 - Logiciel: Free Video Converter Packages - (...) [HKCU] -- Free Video Converter Packages O42 - Logiciel: Free Video Converter V 3.1 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1 O42 - Logiciel: Fujitsu Siemens Computers Recovery - (.Fujitsu Siemens Computers.) [HKLM] -- {AFC454ED-A26F-4816-826B-C35129D82E1F} O42 - Logiciel: GEM+/iGOR & Lee's GPL Setup Manager 2.5.0.32 - (.GPLSecrets Group.) [HKLM] -- GEM+/iGOR & Lee's GPL Setup Manager_is1 O42 - Logiciel: GT Legends - (.SimBin.) [HKLM] -- GT Legends_is1 O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM] -- {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3} O42 - Logiciel: Gestionnaire pour appareils Windows Mobile - (.Microsoft Corporation.) [HKLM] -- {904CCF62-818D-4675-BC76-D37EB399F917} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart C5300 All-In-One Driver Software 13.0 Rel. 4 - (.HP.) [HKLM] -- {6FA29B87-FED3-45A1-8A95-2FDEE0F6DD18} =>.Hewlett-Packard Co O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential =>.Hewlett-Packard Co O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {7059BDA7-E1DB-442C-B7A1-6144596720A4} O42 - Logiciel: Hercules Webcam Station Evolution SE - (.Hercules.) [HKLM] -- {C3C44248-B8F7-4B20-A5C7-994870B60F55} O42 - Logiciel: Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 - (.Intel Corporation.) [HKLM] -- {754854DC-2E0A-49D8-A1A1-426C1F9B1459} O42 - Logiciel: Internet TV pour Windows Media Center - (.Microsoft Corporation.) [HKLM] -- {9D318C86-AF4C-409F-A6AC-7183FF4CF424} =>.Microsoft Corporation O42 - Logiciel: JMicron 1394 Filter Driver - (.JMicron Technology Corp..) [HKLM] -- {13C96625-28E4-4c58-ADE0-CDAFC64752EB} O42 - Logiciel: Japanese Fonts Support For Adobe Reader X - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5760-0000-A00000000003} O42 - Logiciel: Java 7 Update 25 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217025FF} O42 - Logiciel: Java(TM) 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {F6F30C28-38AA-4DBA-AE0B-7E30238E61BB} O42 - Logiciel: LG On-Screen Phone - (.LG Electronics.) [HKLM] -- LG On-Screen Phone O42 - Logiciel: LG PC Suite - (.LG Electronics.) [HKLM] -- LG PC Suite O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA} O42 - Logiciel: LT41217 Driver - (...) [HKLM] -- Rmtablet O42 - Logiciel: Logitech SetPoint 6.50 - (.Logitech.) [HKLM] -- sp6 O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {51F9CD22-14E7-455F-9734-462050444930} O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Media Player Utilities 4.29 - (. .) [HKLM] -- {8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9} O42 - Logiciel: Microsoft Flight Simulator X - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC} O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {F2508213-9989-4E85-A078-72BE483917EF} O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU] -- SkyDriveSetup.exe =>.Microsoft Corporation O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 24.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: Mozilla Thunderbird 17.0.8 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird 17.0.8 (x86 fr) =>.Mozilla Corporation O42 - Logiciel: NETGEAR WG311v3 PCI Adapter - (.NETGEAR.) [HKLM] -- InstallShield_{70014586-7BBA-4A92-A610-CDC896C48F8F} O42 - Logiciel: OLYMPUS Digital Camera Updater - (.OLYMPUS IMAGING CORP..) [HKLM] -- {2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355} O42 - Logiciel: OLYMPUS Master 2 - (.OLYMPUS IMAGING CORP..) [HKLM] -- {3A1AB8E6-748E-4B95-AA2D-FE9952EB3106} O42 - Logiciel: OLYMPUS Studio 2 - (.OLYMPUS IMAGING CORP..) [HKLM] -- {18AEB406-A211-415B-8A71-BDE6CBDD734C} O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D} O42 - Logiciel: Orb Runtime libraries - (.Orb Networks, Inc..) [HKLM] -- {2133CB3F-F891-4081-8681-FEE2B2419FF4} O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930} O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam ( - (.OLYMPUS IMAGING CORP..) [HKLM] -- 2CFDDBA03CBE225A1FA2032FE06674F0AF0549D0 O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam ( - (.OLYMPUS IMAGING CORP..) [HKLM] -- 1A6754C019F3AE544C346226BB63AC9BC7DACCDE O42 - Logiciel: Package de pilotes Windows - OLYMPUS IMAGING CORP. Camera Communication Dri - (.OLYMPUS IMAGING CORP..) [HKLM] -- E77704EF5E71F4F18CADFBFA68595AFE036D5D97 O42 - Logiciel: Patin-Couffin 36 - (.VSO-software.) [HKLM] -- Patin-Couffin Drivers_is1 O42 - Logiciel: Pensoft - (...) [HKLM] -- Pensoft O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: PixiePack Codec Pack - (.None.) [HKLM] -- {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} O42 - Logiciel: Power&Glory v3.0 (remove only) - (.GTL Workshop.) [HKCU] -- Power&Glory v3.0 O42 - Logiciel: PrivaZer - (.Goversoft LLC.) [HKCU] -- PrivaZer O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} O42 - Logiciel: Rapport - (.Trusteer.) [HKLM] -- {1DD81E7D-0D28-4CEB-87B2-C041A4FCB215} O42 - Logiciel: RealSpeak Solo pour la voix francaise Virginie - (.ScanSoft.) [HKLM] -- {58B0F3ED-6FAE-486C-9AB9-1C06514097B4} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Screen Recording Suite V2.4.8 - (.Apowersoft.) [HKLM] -- {EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1 O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: SystemDiagnostics - (.Fujitsu Siemens Computers .) [HKLM] -- {2F926AE7-9FB7-4B34-906F-9C29A6D146A7} O42 - Logiciel: Team Players Corvette C6R - (.Team Players.) [HKLM] -- {90B73122-6D92-44D2-BBD4-811F98DA88B1} O42 - Logiciel: Thrustmaster Hotas Cougar Drivers - (.Thrustmaster.) [HKLM] -- {B0F2127F-BCF3-42F1-808A-1DFB41D6C400} O42 - Logiciel: Trusteer Sécurité des points d'accès - (.Trusteer.) [HKLM] -- Rapport_msi O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027} O42 - Logiciel: VLC media player 2.0.8 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: Visual C++ 9.0 Runtime for Dragon NaturallySpeaking - (.Nuance Communications Inc..) [HKLM] -- {4A5A427F-BA39-4BF0-9999-9A47FBE60C9F} O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Media Center Add-in for Silverlight - (.Microsoft Corporation.) [HKLM] -- {0EDBEB2B-7C8D-42E6-8312-0F84394A3223} =>.Microsoft Corporation O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748} O42 - Logiciel: Wise Disk Cleaner 7.77 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Disk Cleaner_is1 O42 - Logiciel: Wise Registry Cleaner 7.88 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Registry Cleaner_is1 O42 - Logiciel: Yahoo! Widgets - (.Yahoo! Inc..) [HKLM] -- Yahoo! Widget Engine O42 - Logiciel: Yahoo! Widgets SDK - (...) [HKLM] -- Yahoo! Widgets SDK O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3} O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32} O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E} O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM] -- {3589A659-F732-4E65-A89A-5438C332E59D} O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10} O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A} O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4} O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646} O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA} O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB} O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741} O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136} O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM] -- {5DEFD397-4012-46C3-B6DA-E8013E660772} O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43} O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM] -- {07EEE598-5F21-4B57-B40B-46592625B3D9} O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4} O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4} O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F} O42 - Logiciel: avast! Free Antivirus v8.0.1497.0 - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: eMule - (...) [HKLM] -- eMule O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} O42 - Logiciel: f.lux - (...) [HKCU] -- Flux O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: rFactor (remove only) - (...) [HKLM] -- rFactor O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ~ Logic: 197 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\1C-SoftClub] [HKCU\Software\1C] [HKCU\Software\4shared] [HKCU\Software\ACE Compression Software] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATI] [HKCU\Software\AVAST Software] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Ambient Design] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow\Software\PROject MT] [HKCU\Software\AppDataLow\Software\ThinPrint] [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Astonsoft] [HKCU\Software\Audacity] [HKCU\Software\Bitberry] [HKCU\Software\BlueRippleSound] [HKCU\Software\CDisplay] [HKCU\Software\Camfrog] [HKCU\Software\ChessBase] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CodeGear] [HKCU\Software\Cookie Crumble] [HKCU\Software\CounterPath Corporation] [HKCU\Software\CounterPath] [HKCU\Software\Crytek] [HKCU\Software\DDD] [HKCU\Software\DSS] [HKCU\Software\DT Soft] [HKCU\Software\DVD Decrypter] [HKCU\Software\DVD Shrink] [HKCU\Software\Dancing Dots] [HKCU\Software\Digital River] [HKCU\Software\Disc Soft] [HKCU\Software\Druide informatique inc.] [HKCU\Software\FLEXnet] [HKCU\Software\Fridgesoft] [HKCU\Software\GNU] [HKCU\Software\GPL Replay Analyser] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\Gadwin Systems] [HKCU\Software\GameSpy] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\GrandOrgue] [HKCU\Software\HP] [HKCU\Software\HeartWare] [HKCU\Software\Hercules] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IGA] [HKCU\Software\IM Providers] [HKCU\Software\IPCameraDSFilterRTSP] [HKCU\Software\Image Space Incorporated] [HKCU\Software\Innovative Solutions] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\Iris] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\LG Electronics] [HKCU\Software\La Limace Folle] [HKCU\Software\Lavalys] [HKCU\Software\Leadertech] [HKCU\Software\Licenses] [HKCU\Software\LinuxLive] [HKCU\Software\LogMeIn] [HKCU\Software\Logitech] [HKCU\Software\LowRegistry] [HKCU\Software\MONOGRAM] [HKCU\Software\MOVAVI] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Michael Herf] [HKCU\Software\MimarSinan] [HKCU\Software\Mirage] [HKCU\Software\Modern UI Test] [HKCU\Software\Monolith Productions] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OLYMPUS] [HKCU\Software\OpenCV] [HKCU\Software\OpenOffice.org] [HKCU\Software\Orb Networks] [HKCU\Software\Our Organ] [HKCU\Software\PIP] [HKCU\Software\PROject MT] [HKCU\Software\PerformerSoft LLC] [HKCU\Software\Piriform] [HKCU\Software\PnG3Launcher] [HKCU\Software\Pointsoft] [HKCU\Software\Policies] [HKCU\Software\Protect Software GmbH] [HKCU\Software\RadLight] [HKCU\Software\RapidSolution] [HKCU\Software\Realtek] [HKCU\Software\Samsung] [HKCU\Software\ScanSoft] [HKCU\Software\Screen Recording Suite] [HKCU\Software\SecuROM] [HKCU\Software\SimBin] [HKCU\Software\Skype] [HKCU\Software\SoftVTU] [HKCU\Software\SpeedCircuit] [HKCU\Software\Stardock] [HKCU\Software\SteamMover] [HKCU\Software\Sysinternals] [HKCU\Software\TAdvCheckList] [HKCU\Software\TCP Optimizer] [HKCU\Software\TeleCharger] [HKCU\Software\TeleCharger_v2] [HKCU\Software\Toogame] [HKCU\Software\Torrent2Exe.com] [HKCU\Software\Trolltech] [HKCU\Software\Trusteer] [HKCU\Software\Ubisoft] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VMware, Inc.] [HKCU\Software\VSO] [HKCU\Software\VSRevoGroup] [HKCU\Software\Valve] [HKCU\Software\VirtualDub.org] [HKCU\Software\WinRAR] [HKCU\Software\Yahoo] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\Zylom] [HKCU\Software\eMule] [HKCU\Software\ej-technologies] [HKCU\Software\i-O Display Systems] [HKCU\Software\mioreader] [HKCU\Software\rFactor] [HKLM\Software\10tacle Studios] [HKLM\Software\1C-Softclub] [HKLM\Software\AMD] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\AVAST Software] [HKLM\Software\AVS4YOU] [HKLM\Software\Actions] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\Aladdin Knowledge Systems] [HKLM\Software\Alienware] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Auran] [HKLM\Software\BackWeb] [HKLM\Software\Caphyon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conexant] [HKLM\Software\Crytek] [HKLM\Software\DDD] [HKLM\Software\DIOC] [HKLM\Software\DT Soft] [HKLM\Software\Disc Soft] [HKLM\Software\DiskSoftware] [HKLM\Software\DivXNetworks] [HKLM\Software\Electronic Arts] [HKLM\Software\Exotypos] [HKLM\Software\Fujitsu Siemens Computers] [HKLM\Software\GEM+] [HKLM\Software\GNU] [HKLM\Software\GPLMods] [HKLM\Software\GPLPS] [HKLM\Software\GTLWorkshop] [HKLM\Software\GlarySoft] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hercules Technologies] [HKLM\Software\Hercules] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IPCameraDSFilterRTSP] [HKLM\Software\Innovative Solutions] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\L&H] [HKLM\Software\LG Electronics] [HKLM\Software\LexmarkInkjet] [HKLM\Software\Lexmark] [HKLM\Software\Licenses] [HKLM\Software\LogMeIn Rescue] [HKLM\Software\LogMeIn, Inc.] [HKLM\Software\Logitech] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NETGEAR] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\Network Stumbler] [HKLM\Software\ODBC] [HKLM\Software\OLYMPUS] [HKLM\Software\OpenAL] [HKLM\Software\OpenAutomate] [HKLM\Software\OpenOffice.org] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\QA International] [HKLM\Software\RTLSetup] [HKLM\Software\RailSimulator.com] [HKLM\Software\RapidSolution] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SBDT AB] [HKLM\Software\Samsung] [HKLM\Software\ScanSoft] [HKLM\Software\SimracewayGame] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\TWD] [HKLM\Software\Thrustmaster] [HKLM\Software\Trad-FR] [HKLM\Software\Trusteer] [HKLM\Software\Ubisoft] [HKLM\Software\VMware, Inc.] [HKLM\Software\VSO] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\Voice] [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\WinRAR] [HKLM\Software\WiseCleaner] [HKLM\Software\Yahoo] [HKLM\Software\cybelsoft] [HKLM\Software\dll-files.com] [HKLM\Software\magnet] [HKLM\Software\mozilla.org] [HKLM\Software\mpDRM] ~ Key Software: 317 Scanned in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 27/11/2012 - 11:24:02 - [196,409] ----D C:\Program Files\Adobe O43 - CFD: 17/10/2012 - 09:43:45 - [1,711] ----D C:\Program Files\AMD APP O43 - CFD: 12/02/2013 - 14:32:14 - [0,389] ----D C:\Program Files\AMD AVT O43 - CFD: 23/06/2012 - 19:09:34 - [72,383] ----D C:\Program Files\Apowersoft O43 - CFD: 01/09/2011 - 20:08:05 - [2,316] ----D C:\Program Files\Apple Software Update =>.Apple Inc O43 - CFD: 16/12/2011 - 16:01:55 - [7,487] ----D C:\Program Files\Astonsoft O43 - CFD: 15/09/2011 - 18:11:44 - [10,890] ----D C:\Program Files\Astroburn Lite O43 - CFD: 17/10/2012 - 09:39:25 - [20,308] ----D C:\Program Files\ATI O43 - CFD: 12/02/2013 - 14:31:46 - [68,149] ----D C:\Program Files\ATI Technologies O43 - CFD: 24/08/2011 - 19:55:00 - [8,288] ----D C:\Program Files\Audacity O43 - CFD: 12/07/2011 - 16:00:32 - [397,703] ----D C:\Program Files\AVAST Software O43 - CFD: 14/09/2013 - 15:31:35 - [1,060] ----D C:\Program Files\BitTorrent =>P2P.BitTorrent O43 - CFD: 05/07/2012 - 17:56:43 - [0,414] ----D C:\Program Files\BlueStacks O43 - CFD: 17/05/2012 - 13:34:57 - [4,386] ----D C:\Program Files\CCleaner =>Piriform Ltd O43 - CFD: 20/09/2012 - 08:16:33 - [1,953] ----D C:\Program Files\CDisplay O43 - CFD: 23/10/2013 - 14:28:49 - [322,930] ----D C:\Program Files\Common Files O43 - CFD: 16/04/2013 - 14:23:00 - [1,391] ----D C:\Program Files\CONEXANT O43 - CFD: 31/08/2011 - 10:41:11 - [1358,118] ----D C:\Program Files\Crytek O43 - CFD: 30/08/2013 - 07:54:00 - [26,751] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 01/12/2011 - 17:53:50 - [1,638] ----D C:\Program Files\DIFX O43 - CFD: 25/12/2012 - 20:20:27 - [3,309] ----D C:\Program Files\DVD Decrypter O43 - CFD: 15/07/2011 - 11:34:00 - [79,371] ----D C:\Program Files\DVD Maker O43 - CFD: 21/11/2011 - 08:23:28 - [0,847] ----D C:\Program Files\DVD Shrink O43 - CFD: 14/12/2012 - 00:14:18 - [668,101] ----D C:\Program Files\eMule O43 - CFD: 10/12/2012 - 14:29:18 - [10,900] ----D C:\Program Files\Free Video Converter O43 - CFD: 09/10/2013 - 17:41:48 - [22,004] ----D C:\Program Files\Fujitsu Siemens Computers O43 - CFD: 31/07/2013 - 09:53:17 - [316,699] ----D C:\Program Files\Google O43 - CFD: 18/10/2013 - 15:50:12 - [48,475] ----D C:\Program Files\GUM9DD8.tmp O43 - CFD: 19/10/2013 - 14:50:27 - [48,475] ----D C:\Program Files\GUMD04E.tmp O43 - CFD: 16/04/2013 - 14:34:48 - [30,802] ----D C:\Program Files\Hercules O43 - CFD: 12/12/2011 - 21:03:31 - [7,973] ----D C:\Program Files\HOTAS O43 - CFD: 17/10/2012 - 15:33:47 - [190,830] ----D C:\Program Files\HP O43 - CFD: 23/10/2013 - 14:28:41 - [22,854] ----D C:\Program Files\Innovative Solutions O43 - CFD: 14/09/2013 - 18:00:22 - [64,706] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 11/09/2013 - 22:22:02 - [6,192] ----D C:\Program Files\Internet Explorer O43 - CFD: 03/09/2012 - 19:52:07 - [209,805] ----D C:\Program Files\Java O43 - CFD: 06/11/2011 - 22:58:34 - [1,553] ----D C:\Program Files\JMicron O43 - CFD: 31/08/2011 - 10:48:18 - [15,332] ----D C:\Program Files\Lavalys O43 - CFD: 13/06/2013 - 00:15:13 - [280,459] ----D C:\Program Files\LG Electronics O43 - CFD: 17/10/2012 - 10:00:37 - [47,369] ----D C:\Program Files\Logitech O43 - CFD: 24/10/2013 - 21:05:50 - [6,979] ----D C:\Program Files\ma-config.com O43 - CFD: 19/04/2013 - 10:46:38 - [13,461] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 19/05/2013 - 11:01:52 - [2,414] ----D C:\Program Files\MarkAny O43 - CFD: 21/04/2012 - 11:31:35 - [49,978] ----D C:\Program Files\Media Player Utilities 4.29 O43 - CFD: 06/08/2012 - 09:24:19 - [0,008] ----D C:\Program Files\MediaInfo O43 - CFD: 14/09/2013 - 18:01:52 - [1386,735] ----D C:\Program Files\Microsoft Games O43 - CFD: 13/09/2011 - 00:37:09 - [6,540] ----D C:\Program Files\Microsoft Games for Windows - LIVE O43 - CFD: 28/07/2013 - 17:00:59 - [40,851] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 07/06/2013 - 11:21:28 - [5,397] ----D C:\Program Files\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 07/06/2013 - 11:26:51 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 24/11/2011 - 22:53:18 - [0,146] ----D C:\Program Files\Microsoft Works O43 - CFD: 24/11/2011 - 22:53:21 - [0,015] ----D C:\Program Files\Microsoft.NET O43 - CFD: 09/10/2013 - 17:16:06 - [120,870] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 02/10/2013 - 08:36:47 - [0,216] ----D C:\Program Files\Mozilla Maintenance Service O43 - CFD: 06/10/2012 - 13:56:23 - [22,189] ----D C:\Program Files\Mozilla Sunbird O43 - CFD: 25/10/2013 - 15:02:29 - [45,897] ----D C:\Program Files\Mozilla Thunderbird =>.Mozilla Corporation O43 - CFD: 14/07/2009 - 06:52:30 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 20/01/2012 - 16:24:31 - [11,423] ----D C:\Program Files\N3V Games O43 - CFD: 12/07/2011 - 16:07:20 - [2,435] ----D C:\Program Files\NETGEAR O43 - CFD: 01/12/2011 - 17:53:56 - [182,080] ----D C:\Program Files\OLYMPUS O43 - CFD: 14/03/2013 - 18:53:23 - [1,544] ----D C:\Program Files\OpenAL O43 - CFD: 30/08/2012 - 10:17:16 - [288,773] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 22/10/2012 - 17:39:01 - [8,957] ----D C:\Program Files\PC Connectivity Solution O43 - CFD: 12/04/2013 - 18:42:36 - [99,444] ----D C:\Program Files\Picasa2 O43 - CFD: 17/08/2011 - 16:13:11 - [16,546] ----D C:\Program Files\PixiePack Codec Pack O43 - CFD: 25/01/2012 - 23:22:54 - [1,669] ----D C:\Program Files\PlayReady O43 - CFD: 13/03/2013 - 22:05:46 - [228,367] ----D C:\Program Files\PnG3 O43 - CFD: 19/05/2013 - 09:29:45 - [5,918] ----D C:\Program Files\PrivaZer O43 - CFD: 28/05/2013 - 22:01:23 - [73,545] ----D C:\Program Files\QuickTime O43 - CFD: 07/05/2013 - 12:20:00 - [0,062] ----D C:\Program Files\RailWorks O43 - CFD: 12/02/2013 - 14:03:05 - [16,504] ----D C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 06:52:30 - [37,450] ----D C:\Program Files\Reference Assemblies O43 - CFD: 18/03/2013 - 17:48:20 - [-202,512] ----D C:\Program Files\rFactor O43 - CFD: 16/05/2013 - 13:03:37 - [17,220] ----D C:\Program Files\ScanSoft O43 - CFD: 18/06/2012 - 20:16:25 - [2024,284] ----D C:\Program Files\SimBin O43 - CFD: 21/05/2013 - 08:59:57 - [339,255] ----D C:\Program Files\Steam O43 - CFD: 29/03/2013 - 10:00:43 - [40,858] ----D C:\Program Files\Trusteer O43 - CFD: 07/05/2013 - 19:12:44 - [-1777,988] ----D C:\Program Files\Ubisoft O43 - CFD: 24/05/2013 - 13:38:32 - [154,046] ----D C:\Program Files\VideoLAN O43 - CFD: 07/09/2013 - 18:12:42 - [6,523] ----D C:\Program Files\VS Revo Group O43 - CFD: 19/10/2012 - 18:43:52 - [84,916] ----D C:\Program Files\VSO O43 - CFD: 12/07/2011 - 16:08:02 - [0] ----D C:\Program Files\Windows Collaboration O43 - CFD: 28/07/2013 - 16:33:56 - [2,909] ----D C:\Program Files\Windows Defender O43 - CFD: 28/07/2013 - 16:33:57 - [6,688] ----D C:\Program Files\Windows Journal O43 - CFD: 16/07/2011 - 20:13:42 - [5,895] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 16/07/2011 - 20:10:17 - [6,298] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 12/07/2011 - 16:51:44 - [11,632] ----D C:\Program Files\Windows NT O43 - CFD: 16/07/2011 - 20:10:17 - [4,213] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 15/07/2011 - 11:34:00 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 16/07/2011 - 20:13:42 - [6,824] ----D C:\Program Files\Windows Sidebar O43 - CFD: 12/07/2011 - 16:08:04 - [3,868] ----D C:\Program Files\WinRAR O43 - CFD: 20/07/2012 - 16:34:59 - [12,382] ----D C:\Program Files\Wise O43 - CFD: 25/01/2013 - 14:16:26 - [30,857] ----D C:\Program Files\Yahoo! O43 - CFD: 25/10/2013 - 15:47:50 - [17,026] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman O43 - CFD: 23/11/2012 - 16:48:14 - [7,316] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 24/04/2012 - 13:53:47 - [0] ----D C:\Program Files\Common Files\Aladdin Shared O43 - CFD: 01/09/2011 - 20:08:18 - [64,209] ----D C:\Program Files\Common Files\Apple O43 - CFD: 27/11/2011 - 14:51:24 - [2,693] ----D C:\Program Files\Common Files\ATI Technologies O43 - CFD: 23/09/2012 - 08:47:56 - [73,689] ----D C:\Program Files\Common Files\AVSMedia O43 - CFD: 12/07/2011 - 16:00:37 - [3,921] ----D C:\Program Files\Common Files\Fujitsu Siemens Computers O43 - CFD: 12/07/2011 - 16:00:38 - [0,507] ----D C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 29/09/2012 - 15:45:23 - [5,403] ----D C:\Program Files\Common Files\HP O43 - CFD: 23/10/2013 - 14:28:49 - [1,013] ----D C:\Program Files\Common Files\Innovative Solutions O43 - CFD: 12/07/2011 - 16:00:39 - [13,714] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 10/06/2013 - 17:42:46 - [1,189] ----D C:\Program Files\Common Files\Java O43 - CFD: 19/01/2012 - 15:16:19 - [4,642] ----D C:\Program Files\Common Files\KnifeEdge O43 - CFD: 16/05/2013 - 12:33:09 - [0,090] ----D C:\Program Files\Common Files\L&H O43 - CFD: 17/10/2012 - 10:00:27 - [26,415] ----D C:\Program Files\Common Files\LogiShrd O43 - CFD: 11/09/2013 - 17:13:50 - [0,154] ----D C:\Program Files\Common Files\Microsoft Games O43 - CFD: 07/06/2013 - 11:23:38 - [54,723] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 15/09/2013 - 19:39:24 - [1,152] ----D C:\Program Files\Common Files\mpDRM O43 - CFD: 17/10/2012 - 15:24:41 - [0,169] ----D C:\Program Files\Common Files\Nero O43 - CFD: 08/09/2011 - 14:46:45 - [4,518] ----D C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 14/07/2009 - 04:37:05 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 09/10/2013 - 17:18:07 - [1,904] ----D C:\Program Files\Common Files\Skype O43 - CFD: 14/07/2009 - 04:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 29/08/2013 - 18:40:12 - [0,505] ----D C:\Program Files\Common Files\Steam O43 - CFD: 09/11/2011 - 22:50:51 - [15,803] ----D C:\Program Files\Common Files\System O43 - CFD: 07/09/2013 - 17:51:53 - [0] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 08/11/2012 - 09:55:13 - [221,370] ----D C:\ProgramData\Adobe O43 - CFD: 12/02/2013 - 14:32:15 - [0,187] ----D C:\ProgramData\AMD O43 - CFD: 01/09/2011 - 20:08:05 - [80,474] ----D C:\ProgramData\Apple O43 - CFD: 28/05/2013 - 22:00:49 - [26,332] ----D C:\ProgramData\Apple Computer O43 - CFD: 15/09/2011 - 18:11:48 - [0,001] ----D C:\ProgramData\Astroburn Lite O43 - CFD: 12/02/2013 - 14:32:17 - [0] ----D C:\ProgramData\ATI O43 - CFD: 12/07/2011 - 16:08:07 - [136,293] ----D C:\ProgramData\AVAST Software O43 - CFD: 24/10/2013 - 21:05:50 - [0,006] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 06/12/2012 - 15:37:50 - [0] ----D C:\ProgramData\DVD Shrink O43 - CFD: 24/11/2012 - 10:57:02 - [0] ----D C:\ProgramData\EA Core O43 - CFD: 24/11/2012 - 13:20:43 - [0,080] ----D C:\ProgramData\Electronic Arts O43 - CFD: 21/07/2012 - 22:36:53 - [0] ----D C:\ProgramData\eMule O43 - CFD: 29/09/2012 - 15:56:09 - [16,375] ----D C:\ProgramData\HP O43 - CFD: 29/09/2012 - 15:47:49 - [0,009] ----D C:\ProgramData\HP Product Assistant O43 - CFD: 23/10/2013 - 14:28:54 - [10,030] ----D C:\ProgramData\Innovative Solutions O43 - CFD: 12/06/2013 - 23:52:31 - [7,918] ----D C:\ProgramData\LGMOBILEAX O43 - CFD: 17/10/2012 - 09:59:22 - [1,585] ----D C:\ProgramData\Logishrd O43 - CFD: 17/10/2012 - 09:59:27 - [0,011] ----D C:\ProgramData\Logitech O43 - CFD: 17/10/2012 - 10:44:09 - [0] ----D C:\ProgramData\LogMeIn O43 - CFD: 25/04/2013 - 10:07:05 - [1,379] ----D C:\ProgramData\ma-config.com O43 - CFD: 19/11/2011 - 10:49:58 - [17,264] ----D C:\ProgramData\Malwarebytes O43 - CFD: 09/10/2013 - 19:09:57 - [481,886] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/09/2013 - 18:00:17 - [0] ----D C:\ProgramData\Microsoft Games O43 - CFD: 24/11/2011 - 22:53:37 - [0,054] ----D C:\ProgramData\Microsoft Help O43 - CFD: 07/06/2013 - 11:21:13 - [0] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 04/05/2012 - 10:32:46 - [0,035] ----D C:\ProgramData\Mozilla O43 - CFD: 15/09/2013 - 19:39:23 - [0,601] ----D C:\ProgramData\mpDRM O43 - CFD: 16/12/2011 - 00:29:49 - [0,954] ----D C:\ProgramData\NVIDIA O43 - CFD: 17/10/2013 - 13:07:18 - [0] ----D C:\ProgramData\Oracle O43 - CFD: 23/09/2012 - 17:46:21 - [0] ----D C:\ProgramData\PC Suite O43 - CFD: 26/03/2013 - 11:50:04 - [0] ----D C:\ProgramData\PnG_Launcher O43 - CFD: 01/10/2012 - 12:04:24 - [0,001] ----D C:\ProgramData\PRMT O43 - CFD: 23/10/2013 - 13:37:07 - [18,105] ----D C:\ProgramData\Skype O43 - CFD: 02/08/2011 - 20:33:23 - [0] ----D C:\ProgramData\Sun O43 - CFD: 02/07/2012 - 08:18:04 - [0] ---AD C:\ProgramData\TEMP O43 - CFD: 16/03/2012 - 23:08:32 - [0] ----D C:\ProgramData\The Web Atom O43 - CFD: 28/05/2012 - 19:30:46 - [169,645] ----D C:\ProgramData\Trusteer O43 - CFD: 12/12/2011 - 19:13:06 - [0,198] ----D C:\ProgramData\VMware O43 - CFD: 25/08/2011 - 19:08:19 - [0,002] ----D C:\ProgramData\Windows Genuine Advantage O43 - CFD: 11/10/2011 - 15:38:32 - [0,001] ----D C:\Users\moi\AppData\Roaming\.Ignition O43 - CFD: 01/09/2011 - 15:53:04 - [3,948] ----D C:\Users\moi\AppData\Roaming\Adobe O43 - CFD: 20/07/2012 - 17:01:34 - [9,677] ----D C:\Users\moi\AppData\Roaming\Ambient Design O43 - CFD: 22/06/2012 - 08:40:53 - [0,321] ----D C:\Users\moi\AppData\Roaming\Apowersoft O43 - CFD: 14/11/2012 - 10:35:39 - [0] ----D C:\Users\moi\AppData\Roaming\Apple Computer O43 - CFD: 12/07/2011 - 16:18:23 - [0] ----D C:\Users\moi\AppData\Roaming\ATI O43 - CFD: 14/09/2013 - 18:13:49 - [0,204] ----D C:\Users\moi\AppData\Roaming\BitTorrent =>P2P.BitTorrent O43 - CFD: 11/01/2012 - 14:25:07 - [0] ----D C:\Users\moi\AppData\Roaming\Broad Intelligence O43 - CFD: 25/10/2013 - 14:43:23 - [2,137] ----D C:\Users\moi\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 16/12/2011 - 16:25:38 - [0,005] ----D C:\Users\moi\AppData\Roaming\DeepBurner O43 - CFD: 25/08/2011 - 19:59:35 - [0] ----D C:\Users\moi\AppData\Roaming\DeskSoft O43 - CFD: 24/10/2012 - 21:11:05 - [0] ----D C:\Users\moi\AppData\Roaming\Desktop Apps O43 - CFD: 24/10/2013 - 11:36:20 - [0] ----D C:\Users\moi\AppData\Roaming\Eusing O43 - CFD: 19/10/2013 - 15:00:17 - [0,003] ----D C:\Users\moi\AppData\Roaming\FreeVideoConverter O43 - CFD: 10/12/2012 - 14:28:04 - [0,540] ----D C:\Users\moi\AppData\Roaming\FreeVideoConverterPackages O43 - CFD: 12/07/2011 - 16:18:23 - [0] ----D C:\Users\moi\AppData\Roaming\GetRightToGo O43 - CFD: 18/11/2012 - 15:09:49 - [0] ----D C:\Users\moi\AppData\Roaming\gtk-2.0 O43 - CFD: 12/07/2011 - 16:18:23 - [0,205] ----D C:\Users\moi\AppData\Roaming\HP O43 - CFD: 29/09/2012 - 14:28:55 - [0,117] ----D C:\Users\moi\AppData\Roaming\HpUpdate O43 - CFD: 18/03/2012 - 15:25:11 - [0,002] ----D C:\Users\moi\AppData\Roaming\Identities O43 - CFD: 07/10/2013 - 10:19:26 - [0] ----D C:\Users\moi\AppData\Roaming\InstallShield O43 - CFD: 13/07/2011 - 15:37:14 - [0] ----D C:\Users\moi\AppData\Roaming\Leadertech O43 - CFD: 13/06/2013 - 00:16:44 - [0,003] ----D C:\Users\moi\AppData\Roaming\LG Electronics O43 - CFD: 13/07/2011 - 10:02:38 - [0,348] ----D C:\Users\moi\AppData\Roaming\Logishrd O43 - CFD: 13/07/2011 - 10:02:28 - [0,027] ----D C:\Users\moi\AppData\Roaming\Logitech O43 - CFD: 23/01/2012 - 15:34:23 - [0] ----D C:\Users\moi\AppData\Roaming\LogMate O43 - CFD: 12/07/2011 - 16:18:23 - [0] ----D C:\Users\moi\AppData\Roaming\Macromedia O43 - CFD: 19/11/2011 - 10:50:08 - [90,468] ----D C:\Users\moi\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 09:48:18 - [0] ----D C:\Users\moi\AppData\Roaming\Media Center Programs O43 - CFD: 10/10/2013 - 14:16:07 - [10,343] -S--D C:\Users\moi\AppData\Roaming\Microsoft O43 - CFD: 14/09/2013 - 18:00:17 - [0] ----D C:\Users\moi\AppData\Roaming\Microsoft Games O43 - CFD: 23/06/2013 - 18:25:53 - [0] ----D C:\Users\moi\AppData\Roaming\ML O43 - CFD: 12/07/2011 - 16:18:28 - [0,444] ----D C:\Users\moi\AppData\Roaming\Mostick O43 - CFD: 21/04/2012 - 12:45:04 - [0,008] ----D C:\Users\moi\AppData\Roaming\Movavi O43 - CFD: 29/08/2013 - 19:01:58 - [47,448] ----D C:\Users\moi\AppData\Roaming\Mozilla O43 - CFD: 12/07/2011 - 16:18:45 - [27,127] ----D C:\Users\moi\AppData\Roaming\OpenOffice.org O43 - CFD: 24/11/2012 - 13:13:32 - [0,017] ----D C:\Users\moi\AppData\Roaming\Origin O43 - CFD: 07/08/2011 - 20:15:26 - [0] ----D C:\Users\moi\AppData\Roaming\PC Suite O43 - CFD: 01/10/2012 - 12:09:57 - [0,001] ----D C:\Users\moi\AppData\Roaming\PROject MT O43 - CFD: 15/09/2013 - 21:20:36 - [7,700] ----D C:\Users\moi\AppData\Roaming\ProtectDISC O43 - CFD: 04/10/2011 - 22:26:30 - [0] ----D C:\Users\moi\AppData\Roaming\QA International O43 - CFD: 28/05/2013 - 08:50:30 - [0] ----D C:\Users\moi\AppData\Roaming\Samsung O43 - CFD: 01/11/2012 - 12:56:15 - [0,004] R-H-D C:\Users\moi\AppData\Roaming\SecuROM O43 - CFD: 16/12/2012 - 14:46:38 - [0] ----D C:\Users\moi\AppData\Roaming\Seeing Machines O43 - CFD: 15/11/2012 - 17:49:19 - [0,339] ----D C:\Users\moi\AppData\Roaming\SystemRequirementsLab O43 - CFD: 12/07/2011 - 16:18:48 - [0,013] ----D C:\Users\moi\AppData\Roaming\Template O43 - CFD: 12/07/2011 - 16:18:48 - [55,160] ----D C:\Users\moi\AppData\Roaming\Thunderbird =>.Mozilla Corporation O43 - CFD: 01/12/2012 - 11:52:57 - [0] ----D C:\Users\moi\AppData\Roaming\VideoConverterPackages O43 - CFD: 24/10/2013 - 18:32:19 - [0,077] ----D C:\Users\moi\AppData\Roaming\vlc O43 - CFD: 24/09/2012 - 15:14:53 - [0] ----D C:\Users\moi\AppData\Roaming\VoipStunt O43 - CFD: 07/01/2013 - 12:33:54 - [0] ----D C:\Users\moi\AppData\Roaming\Vso O43 - CFD: 12/07/2011 - 16:18:49 - [0] ----D C:\Users\moi\AppData\Roaming\WinRAR O43 - CFD: 20/10/2013 - 22:02:55 - [0,233] ----D C:\Users\moi\AppData\Roaming\Wise Disk Cleaner O43 - CFD: 24/10/2013 - 11:31:39 - [0,304] ----D C:\Users\moi\AppData\Roaming\Wise Registry Cleaner O43 - CFD: 16/12/2011 - 18:13:22 - [0] ----D C:\Users\moi\AppData\Roaming\Xilisoft O43 - CFD: 16/12/2011 - 17:44:46 - [0] ----D C:\Users\moi\AppData\Roaming\Xilisoft Corporation O43 - CFD: 25/10/2013 - 14:32:28 - [47,690] ----D C:\Users\moi\AppData\Roaming\XnView O43 - CFD: 25/10/2013 - 15:48:33 - [31,702] ----D C:\Users\moi\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 09/01/2013 - 22:51:02 - [0] ----D C:\Users\moi\AppData\Roaming\Zylom O43 - CFD: 17/01/2012 - 17:23:49 - [15,846] ----D C:\Users\moi\AppData\Local\Adobe O43 - CFD: 12/07/2011 - 16:18:01 - [0] ----D C:\Users\moi\AppData\Local\AMD O43 - CFD: 01/09/2011 - 20:08:08 - [0] ----D C:\Users\moi\AppData\Local\Apple O43 - CFD: 29/11/2011 - 23:06:51 - [0] ----D C:\Users\moi\AppData\Local\Apple Computer O43 - CFD: 20/03/2013 - 21:14:00 - [0,003] ----D C:\Users\moi\AppData\Local\ApplicationHistory O43 - CFD: 12/07/2011 - 16:18:02 - [0,084] ----D C:\Users\moi\AppData\Local\ATI O43 - CFD: 10/10/2011 - 18:35:43 - [0] ----D C:\Users\moi\AppData\Local\ChessBase O43 - CFD: 06/12/2011 - 10:12:51 - [0,001] ----D C:\Users\moi\AppData\Local\CounterPath O43 - CFD: 14/02/2013 - 10:47:34 - [0] ----D C:\Users\moi\AppData\Local\CrashRpt O43 - CFD: 07/09/2013 - 14:35:55 - [2,789] ----D C:\Users\moi\AppData\Local\CRE O43 - CFD: 15/10/2013 - 11:47:02 - [2,145] ----D C:\Users\moi\AppData\Local\Diagnostics O43 - CFD: 10/10/2013 - 11:25:13 - [65,322] ----D C:\Users\moi\AppData\Local\Downloaded Installations O43 - CFD: 23/10/2013 - 22:59:19 - [0,277] ----D C:\Users\moi\AppData\Local\ElevatedDiagnostics O43 - CFD: 12/07/2011 - 16:18:02 - [6,669] ----D C:\Users\moi\AppData\Local\eMule O43 - CFD: 23/05/2013 - 13:07:50 - [0] ----D C:\Users\moi\AppData\Local\Eraser O43 - CFD: 23/05/2013 - 06:38:57 - [0,004] ----D C:\Users\moi\AppData\Local\Eraser 6 O43 - CFD: 22/02/2012 - 11:46:59 - [0] ----D C:\Users\moi\AppData\Local\Flock O43 - CFD: 24/10/2013 - 20:36:56 - [1,941] ----D C:\Users\moi\AppData\Local\FluxSoftware O43 - CFD: 20/09/2013 - 14:43:27 - [96,277] ----D C:\Users\moi\AppData\Local\Google O43 - CFD: 12/12/2012 - 16:01:53 - [0] ----D C:\Users\moi\AppData\Local\Greentube O43 - CFD: 12/07/2011 - 16:18:03 - [3,136] ----D C:\Users\moi\AppData\Local\HP O43 - CFD: 17/10/2012 - 16:38:07 - [24,242] ----D C:\Users\moi\AppData\Local\IM O43 - CFD: 23/10/2013 - 14:28:51 - [0,001] ----D C:\Users\moi\AppData\Local\Innovative Solutions O43 - CFD: 13/06/2013 - 00:15:56 - [11,557] ----D C:\Users\moi\AppData\Local\LG Electronics O43 - CFD: 21/03/2013 - 12:04:24 - [0,005] ----D C:\Users\moi\AppData\Local\Licenses O43 - CFD: 13/07/2011 - 15:37:00 - [0] ----D C:\Users\moi\AppData\Local\Logishrd O43 - CFD: 12/10/2012 - 06:52:28 - [0] ----D C:\Users\moi\AppData\Local\LogMeIn Rescue Applet O43 - CFD: 15/06/2012 - 07:53:42 - [0] ----D C:\Users\moi\AppData\Local\Macromedia O43 - CFD: 10/10/2013 - 14:16:07 - [815,743] ----D C:\Users\moi\AppData\Local\Microsoft O43 - CFD: 12/07/2011 - 16:18:12 - [0,013] ----D C:\Users\moi\AppData\Local\Microsoft Corporation O43 - CFD: 10/03/2012 - 11:20:20 - [0,005] ----D C:\Users\moi\AppData\Local\Microsoft Games O43 - CFD: 12/07/2011 - 16:18:12 - [1,080] ----D C:\Users\moi\AppData\Local\Mostick O43 - CFD: 01/10/2013 - 09:14:17 - [21,954] ----D C:\Users\moi\AppData\Local\Mozilla O43 - CFD: 01/12/2011 - 17:45:06 - [2,059] ----D C:\Users\moi\AppData\Local\OLYMPUS O43 - CFD: 18/10/2013 - 15:23:18 - [4,688] ----D C:\Users\moi\AppData\Local\privazer O43 - CFD: 08/10/2013 - 16:03:31 - [0] ----D C:\Users\moi\AppData\Local\Programs O43 - CFD: 25/10/2011 - 23:48:27 - [0,003] ----D C:\Users\moi\AppData\Local\SKIDROW O43 - CFD: 25/10/2013 - 15:35:31 - [0,095] R---D C:\Users\moi\AppData\Local\temp O43 - CFD: 12/07/2011 - 16:18:17 - [22,665] ----D C:\Users\moi\AppData\Local\Thunderbird =>.Mozilla Corporation O43 - CFD: 29/03/2013 - 10:00:49 - [35,455] ----D C:\Users\moi\AppData\Local\Trusteer O43 - CFD: 24/06/2013 - 09:36:20 - [776,502] ----D C:\Users\moi\AppData\Local\VirtualStore O43 - CFD: 25/01/2013 - 14:16:37 - [0,112] ----D C:\Users\moi\AppData\Local\Yahoo O43 - CFD: 14/12/2011 - 14:26:58 - [0,012] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 12/09/2013 - 07:54:17 - [0] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 24/04/2012 - 18:07:56 - [0,001] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Endurance Series by EnduRacers - rF1 FULL O43 - CFD: 24/10/2013 - 20:37:00 - [0,004] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux O43 - CFD: 23/10/2013 - 14:39:05 - [0,003] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 21/12/2011 - 15:54:48 - [0,013] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Historic GT and Touring cars O43 - CFD: 14/12/2011 - 14:26:58 - [0] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 25/09/2011 - 18:01:10 - [0,005] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pensoft O43 - CFD: 09/11/2012 - 19:43:30 - [0,002] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power&Glory v3.0 O43 - CFD: 06/12/2012 - 15:10:31 - [0,004] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer O43 - CFD: 15/08/2013 - 10:37:36 - [0,004] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 17/03/2013 - 12:43:11 - [0] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\rFactor O43 - CFD: 15/02/2013 - 15:38:47 - [0,005] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons O43 - CFD: 18/10/2013 - 17:14:43 - [0,002] R---D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 12/07/2011 - 16:18:28 - [0,002] ----D C:\Users\moi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Program Folder: 274 Scanned in 00mn 08s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3F3DBC483092F72EAD2A799E035C8728] - 17/10/2013 - 11:10:32 ---A- . (...) -- C:\Windows\System32\mfc45.dat [74703] O44 - LFC:[MD5.0AE061C6A6BF2488317F406401452E88] - 18/10/2013 - 11:05:57 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [379040] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/10/2013 - 15:38:00 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf [0] O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 20/10/2013 - 18:32:51 ---A- . (...) -- C:\Windows\diagerr.xml [1890] O44 - LFC:[MD5.67FC5B9D0957C4FBB37376DE49A2B170] - 20/10/2013 - 18:32:51 ---A- . (...) -- C:\Windows\diagwrn.xml [1890] O44 - LFC:[MD5.7D8CB763D1DA8CA5C17D84FDC83723A9] - 23/10/2013 - 12:31:07 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1578416] O44 - LFC:[MD5.DDE713930BA27982B039E5AF6AB40337] - 23/10/2013 - 12:31:07 ---A- . (...) -- C:\Windows\System32\perfc009.dat [110438] O44 - LFC:[MD5.6D330A9C619E10A4FAE2FA1AA05BCD88] - 23/10/2013 - 12:31:07 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [135632] O44 - LFC:[MD5.C9DDDBA0CE9F46D34C27125B668613C9] - 23/10/2013 - 12:31:07 ---A- . (...) -- C:\Windows\System32\perfh009.dat [624800] O44 - LFC:[MD5.ED96C3E085AF88E1B144075100BE407F] - 23/10/2013 - 12:31:07 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [714316] O44 - LFC:[MD5.7037D9B8F6BAEE976C24D98D288249E9] - 23/10/2013 - 13:28:46 ---A- . (...) -- C:\Windows\System32\AdvUninstCPL.cpl [42496] O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 24/10/2013 - 10:11:20 ---A- . (...) -- C:\Windows\System32\config.nt [2577] O44 - LFC:[MD5.8F0EFF1A3607C8A0505B3D022A166FA0] - 25/10/2013 - 13:17:03 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/10/2013 - 14:00:26 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.406EA4C4CBD803A926A65B02CA5C8DB7] - 25/10/2013 - 14:01:24 ---A- . (...) -- C:\Windows\ntbtlog.txt [108662] O44 - LFC:[MD5.DD6107A8E2F74D314AA935A31099DBC1] - 25/10/2013 - 14:34:34 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.7DC9431A001B1C11C698CC321EBBE72E] - 25/10/2013 - 14:35:39 ---A- . (...) -- C:\Windows\setupact.log [229260] O44 - LFC:[MD5.8BC92D74794DDAE7239485D1F6CA21AB] - 25/10/2013 - 14:39:31 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1421066] ~ Files: 18 Scanned in 00mn 15s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.18867D0E2FD313778128A59A914A0FCE] - 20/10/2013 - 20:35:18 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-824949B9.pf O45 - LFCP:[MD5.09017501FD4990E06B1199717502D694] - 20/10/2013 - 20:43:38 ---A- - C:\Windows\Prefetch\VLC.EXE-A11F73EE.pf O45 - LFCP:[MD5.668EDC1EF562FD10AFEB93BF06F75527] - 20/10/2013 - 20:47:15 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf O45 - LFCP:[MD5.1B3663DEE6DD8FA3FD67874842E6DC8B] - 20/10/2013 - 21:00:04 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf O45 - LFCP:[MD5.9BD7AB29401C89CAC16094A52C42442B] - 20/10/2013 - 21:00:33 ---A- - C:\Windows\Prefetch\AgAppLaunch.db O45 - LFCP:[MD5.007248F394E8CEF906DDDF4532338E23] - 21/10/2013 - 10:11:13 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf O45 - LFCP:[MD5.5F21C63C8733136A62CBC95457AEBDFD] - 21/10/2013 - 10:11:13 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf O45 - LFCP:[MD5.8191E9FDC17F658CD8BFA1AC607FB229] - 21/10/2013 - 10:20:59 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B49E1152.pf O45 - LFCP:[MD5.54C2DA5190268E91E51C236AA8C9093C] - 21/10/2013 - 10:21:11 ---A- - C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf O45 - LFCP:[MD5.520BA02F5136FAC8ACA96F2BBEF55377] - 21/10/2013 - 10:21:11 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf O45 - LFCP:[MD5.CEFA052F31019F8C03A9179ACB7730D0] - 21/10/2013 - 10:21:12 ---A- - C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf O45 - LFCP:[MD5.497C549BA5B62A8B82BC170D097386D3] - 21/10/2013 - 10:21:17 ---A- - C:\Windows\Prefetch\W32TM.EXE-1101AF41.pf O45 - LFCP:[MD5.65F885729318048B67C176A840603FCC] - 21/10/2013 - 14:34:11 ---A- - C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf O45 - LFCP:[MD5.4C412C42E04FF902D524E82B936C32D7] - 21/10/2013 - 15:42:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C905C0C7.pf O45 - LFCP:[MD5.03C6453B00B93AB35654468994EA35E8] - 21/10/2013 - 15:42:20 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf O45 - LFCP:[MD5.11814FE763BF3AA449A606228D52DB29] - 21/10/2013 - 15:42:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-5FB129C7.pf O45 - LFCP:[MD5.857D43045CF8A5712D9AA1FAE7E96151] - 21/10/2013 - 17:19:02 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-79E9E64A.pf O45 - LFCP:[MD5.579557EF14CCD9D3E864250050EDFFD4] - 21/10/2013 - 17:37:33 ---A- - C:\Windows\Prefetch\EVEREST.EXE-E6C444DF.pf O45 - LFCP:[MD5.E74A2608C32ACDF567F8510BC6F45E2F] - 21/10/2013 - 18:12:56 ---A- - C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf O45 - LFCP:[MD5.C22BC6078FA899A7E5ACD5A2FBFCE98D] - 22/10/2013 - 13:07:07 ---A- - C:\Windows\Prefetch\SFC.EXE-8103D384.pf O45 - LFCP:[MD5.6D3FE31DD0453F9825544066D78AF374] - 22/10/2013 - 13:26:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7FD813B1.pf O45 - LFCP:[MD5.7C423B0D6732EF066F651BE95AA6529E] - 22/10/2013 - 14:15:51 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf O45 - LFCP:[MD5.9E3870ADD62AAEA679EAD8D6F4C594F1] - 22/10/2013 - 14:29:24 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6BCB9FAA.pf O45 - LFCP:[MD5.F3976D4D4CAA7620E910D223924AC125] - 22/10/2013 - 14:38:30 ---A- - C:\Windows\Prefetch\WUAPP.EXE-C6167071.pf O45 - LFCP:[MD5.E09A02FCE21980E270B3660FD866872D] - 22/10/2013 - 14:39:06 ---A- - C:\Windows\Prefetch\WINDOWSANYTIMEUPGRADEUI.EXE-E8E6C1B8.pf O45 - LFCP:[MD5.C76B2F89F981E6070BEB2579B29B4D31] - 22/10/2013 - 14:47:05 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-74857ABA.pf O45 - LFCP:[MD5.802D004918B01258A973A9DB8FB6DAB3] - 22/10/2013 - 15:13:20 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-0F1704A4.pf O45 - LFCP:[MD5.0D1127201C6636964435DFBFBA13AFA7] - 22/10/2013 - 20:04:07 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7ED62AA2.pf O45 - LFCP:[MD5.6DD94FEE568E70BD15DC16170C8FC932] - 23/10/2013 - 08:17:25 ---A- - C:\Windows\Prefetch\WLIDSVCM.EXE-A6EF5B2F.pf O45 - LFCP:[MD5.A8FAEE78500EFFBEC2AB60FEA087FBCE] - 23/10/2013 - 08:55:33 ---A- - C:\Windows\Prefetch\PICASAUPDATER.EXE-D9A0F3E3.pf O45 - LFCP:[MD5.1DD1AEC58E854105268E7960333E774B] - 23/10/2013 - 09:33:33 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf O45 - LFCP:[MD5.C21C8E7121E5AE2371A11EEAC3B63735] - 23/10/2013 - 09:40:29 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf O45 - LFCP:[MD5.78CA00B65C6680B8D43ABB12CCB3BED7] - 23/10/2013 - 10:35:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8CC888B2.pf O45 - LFCP:[MD5.F851A059B8F0D77DE43657EB3B5D021A] - 23/10/2013 - 10:35:23 ---A- - C:\Windows\Prefetch\HPQUSGL.EXE-BF611759.pf O45 - LFCP:[MD5.990E1E7E6C6AAFF8A567D12B4891E72E] - 23/10/2013 - 10:49:59 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-719325FF.pf O45 - LFCP:[MD5.E917584BE5866861CB77B28A07CDD7D8] - 23/10/2013 - 12:57:31 ---A- - C:\Windows\Prefetch\PICASAPHOTOVIEWER.EXE-02CD39E6.pf O45 - LFCP:[MD5.702C00DA62A22F784A66B14FAB5D4240] - 23/10/2013 - 13:01:57 ---A- - C:\Windows\Prefetch\SKYPESETUP.EXE-0DD86186.pf O45 - LFCP:[MD5.F3E6C7F534B18714A740E600998A3BDA] - 23/10/2013 - 13:23:32 ---A- - C:\Windows\Prefetch\RAPPORTSERVICE.EXE-BA4B60D6.pf O45 - LFCP:[MD5.B3F36ED553A8424E062568B0C17B3A0E] - 23/10/2013 - 19:41:22 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.4C26CEEFC0AF3701EA48076701C7EEB5] - 24/10/2013 - 10:11:21 ---A- - C:\Windows\Prefetch\ASWREGSVR.EXE-AD27A91B.pf O45 - LFCP:[MD5.F43300FB87E7571EBE35358DF96C815F] - 24/10/2013 - 10:28:46 ---A- - C:\Windows\Prefetch\WRCFREE.EXE-9F05D8D3.pf O45 - LFCP:[MD5.353BCF50C1602A3DBCBE140D38EABD49] - 24/10/2013 - 10:29:15 ---A- - C:\Windows\Prefetch\WISEREGCLEANER.EXE-B2DF8F21.pf O45 - LFCP:[MD5.4D40E163E878D0B58E2B7A11E63E80F3] - 24/10/2013 - 10:31:57 ---A- - C:\Windows\Prefetch\UNINSTALLER.EXE-FCC794B6.pf O45 - LFCP:[MD5.4D333CBDD93AF9B1104405C5BD1CCD2A] - 24/10/2013 - 10:37:15 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf O45 - LFCP:[MD5.E18C0C541B5405E1B4F5F8C66DD555FF] - 24/10/2013 - 13:03:01 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf O45 - LFCP:[MD5.E2EF46C61C43DD7C39D82985BD4D76C1] - 25/10/2013 - 08:09:01 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf O45 - LFCP:[MD5.92F6A858681D2AE9BA39ABAD57757450] - 25/10/2013 - 08:48:39 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-9CBB797E.pf O45 - LFCP:[MD5.B4574F72C117C97CEBCF5DF9DF63E501] - 25/10/2013 - 08:48:42 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-3CEC176A.pf O45 - LFCP:[MD5.69452570A03745EB1A9419BCC4D57B2D] - 25/10/2013 - 08:48:43 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-A5A1145D.pf O45 - LFCP:[MD5.2C7347639CA9C3DAC9916E8E5C160570] - 25/10/2013 - 09:00:10 ---A- - C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf O45 - LFCP:[MD5.BF02EE44FA904346BCC017E567AE274B] - 25/10/2013 - 09:38:42 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf O45 - LFCP:[MD5.DD86312E22E381DE22777AE63696B17D] - 25/10/2013 - 09:41:51 ---A- - C:\Windows\Prefetch\KEYTOOL.EXE-D9CF9AF0.pf O45 - LFCP:[MD5.687BC2D91D7C19755A57222D87090F46] - 25/10/2013 - 10:25:38 ---A- - C:\Windows\Prefetch\EMULE.EXE-7607EBE0.pf O45 - LFCP:[MD5.27280F23DF790272C18079F1671E1F6A] - 25/10/2013 - 11:56:05 ---A- - C:\Windows\Prefetch\DTLITE.EXE-1B4D861B.pf O45 - LFCP:[MD5.E00936249565FB4BC7B5675AE2F4516C] - 25/10/2013 - 12:46:29 ---A- - C:\Windows\Prefetch\PING.EXE-7E94E73E.pf O45 - LFCP:[MD5.F2F93BEAF9C85DEF6CECF821E394B5DA] - 25/10/2013 - 12:49:43 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf O45 - LFCP:[MD5.5076A907D8F0DA4D49B13D7AD74D8155] - 25/10/2013 - 12:54:44 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf O45 - LFCP:[MD5.86BE43D52CC4E7DCE699AD17AAAF4DCE] - 25/10/2013 - 12:59:10 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf O45 - LFCP:[MD5.20B81D95A639DDDC168F31908BF91CED] - 25/10/2013 - 13:11:01 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-ECAD9571.pf O45 - LFCP:[MD5.D372B9AF0EC812CD128B42860111CD89] - 25/10/2013 - 13:30:25 ---A- - C:\Windows\Prefetch\MSPAINT.EXE-76E10B24.pf O45 - LFCP:[MD5.41FFA7E6FFBAA6FAAF099BB99814FC0C] - 25/10/2013 - 13:31:57 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-91E1AAD6.pf O45 - LFCP:[MD5.5041297F2786A61B3CB8E190F3A10011] - 25/10/2013 - 13:32:09 ---A- - C:\Windows\Prefetch\XNVIEW.EXE-E35282E2.pf O45 - LFCP:[MD5.9722AB014372E77EBFA6172A9AD76037] - 25/10/2013 - 13:43:18 ---A- - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf =>Piriform Ltd O45 - LFCP:[MD5.38681C0F3571B35A97D68CDF6B34E91F] - 25/10/2013 - 13:44:13 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.063113287BEE9B3360D469DD01F34D36] - 25/10/2013 - 13:44:13 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.A3CD2F38CBF518E1CD187877BFD6ECE0] - 25/10/2013 - 13:44:14 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.409567A4C32247B672FD4DF67EF2DBAC] - 25/10/2013 - 13:44:14 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.9113BFB288220E2D1EEDBADBED91B8F5] - 25/10/2013 - 13:53:48 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf O45 - LFCP:[MD5.A323B9FCF3D02384821C7705A486FC1B] - 25/10/2013 - 13:59:23 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.EDCC34461C576FF7DB9F409B5A3CD6BF] - 25/10/2013 - 14:13:07 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-56B29A08.pf O45 - LFCP:[MD5.EDE6B3EAA9672E964ACC7B644CBB7F15] - 25/10/2013 - 14:13:07 ---A- - C:\Windows\Prefetch\STIKYNOT.EXE-AD181651.pf O45 - LFCP:[MD5.7F832E851888122E2945F55246CCE3EF] - 25/10/2013 - 14:14:33 ---A- - C:\Windows\Prefetch\INPUTPERSONALIZATION.EXE-47D98ED7.pf O45 - LFCP:[MD5.9123022D56FE8C90CEB0592749333ACA] - 25/10/2013 - 14:19:02 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf O45 - LFCP:[MD5.4C9CF4DF3A0B3D8BF1C168DF0B159B5A] - 25/10/2013 - 14:21:33 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf O45 - LFCP:[MD5.FC0759B96B2B593F1606748F2E97C3C2] - 25/10/2013 - 14:32:57 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf O45 - LFCP:[MD5.E14BAB3C75567F5ADEBC20F12216FF1C] - 25/10/2013 - 14:33:38 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf O45 - LFCP:[MD5.4012CBA1429AAE1DE139DAF2864D09DC] - 25/10/2013 - 14:35:46 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-6EF4B603.pf O45 - LFCP:[MD5.C14737E60952F483F88B92FEF32C164A] - 25/10/2013 - 14:35:46 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.DA5ED88389252A7F8543A5E9B20756C0] - 25/10/2013 - 14:35:46 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf O45 - LFCP:[MD5.328AA2D2A57D0F535E61FABBCE88D3B7] - 25/10/2013 - 14:35:46 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf O45 - LFCP:[MD5.4D37D83E752E6251F29376121D5A9FD1] - 25/10/2013 - 14:35:48 ---A- - C:\Windows\Prefetch\LPKSETUP.EXE-90F505D8.pf O45 - LFCP:[MD5.33995728FCB0E6A366106FE2FD28EA05] - 25/10/2013 - 14:35:48 ---A- - C:\Windows\Prefetch\YAHOOWIDGETS.EXE-3F1EBF0D.pf O45 - LFCP:[MD5.D433861036BDE738ACC431C32D1E693A] - 25/10/2013 - 14:36:04 ---A- - C:\Windows\Prefetch\AVBUGREPORT.EXE-3B5B9E84.pf O45 - LFCP:[MD5.9D5C8705A7ECDE66860E1F439A836300] - 25/10/2013 - 14:37:17 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf O45 - LFCP:[MD5.8E6E03F07E0C0C54C47F01BAE45CCBF0] - 25/10/2013 - 14:37:27 ---A- - C:\Windows\Prefetch\RICONMAN.EXE-167A2720.pf O45 - LFCP:[MD5.9FABF21B965EAAA22D5CB1DDB51B112B] - 25/10/2013 - 14:37:27 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-DD6406E8.pf O45 - LFCP:[MD5.F0D04E5DD19E0139D442A0451A29B41A] - 25/10/2013 - 14:37:53 ---A- - C:\Windows\Prefetch\THUNDERBIRD.EXE-5119524C.pf O45 - LFCP:[MD5.BD963A5603A46D227BEA119342B18A74] - 25/10/2013 - 14:38:01 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf O45 - LFCP:[MD5.7FD5BA6CC636A8A905E22B4F2DF18A41] - 25/10/2013 - 14:39:12 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.400795BDCD48A663DAEB052442F147D0] - 25/10/2013 - 14:43:42 ---A- - C:\Windows\Prefetch\MACONFIGAGENT.EXE-388336DB.pf O45 - LFCP:[MD5.4CB65139D1143B85862E1A0A20B02EFB] - 25/10/2013 - 14:43:42 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf O45 - LFCP:[MD5.9F970BCF3D83D64EC70A048703FBEC30] - 25/10/2013 - 14:43:57 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf O45 - LFCP:[MD5.E9E3ABFD67E05EEE65E8892A9090A442] - 25/10/2013 - 14:44:06 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-C625291D.pf O45 - LFCP:[MD5.D5BBE042069A3CA9B9E78487F29B992C] - 25/10/2013 - 14:44:26 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf O45 - LFCP:[MD5.9559F6CFDEC7F2609D0A3785DBD73934] - 25/10/2013 - 14:44:47 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf O45 - LFCP:[MD5.0106AC2112E1BA44C69E77356AE55350] - 25/10/2013 - 14:44:51 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf O45 - LFCP:[MD5.F8B85CA49166C6C86D3F2B4DB144358F] - 25/10/2013 - 14:44:51 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf O45 - LFCP:[MD5.11EFFF3A7A7765E38ED768B734B5E2C3] - 25/10/2013 - 14:47:42 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf O45 - LFCP:[MD5.98DF7C21844D337E25ED4A3E3C374F8F] - 25/10/2013 - 14:47:44 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.E66CD16C8832EF7E0F16E3DA811750DE] - 25/10/2013 - 14:47:48 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf O45 - LFCP:[MD5.7E95C48A3151E99FB8C09AE9AB359DA4] - 25/10/2013 - 14:47:49 ---A- - C:\Windows\Prefetch\ZHPHEP.EXE-56A9B19C.pf O45 - LFCP:[MD5.E622F1B54595A077673987489533EC91] - 25/10/2013 - 14:47:53 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.E11C18EC0C0E948D6E039EA631CCF723] - 25/10/2013 - 14:47:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf O45 - LFCP:[MD5.00C3AB2AD3E5A09D7BE64AD400F50854] - 25/10/2013 - 14:47:55 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.6CF3A9C505D72BD3F82190E8F48A8D56] - 25/10/2013 - 14:47:59 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-5F50D22C.pf O45 - LFCP:[MD5.E8E0FB6E6063E37B8E3288D70E0E8A92] - 25/10/2013 - 14:48:07 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf O45 - LFCP:[MD5.DBAAA7F5786281981FA93F3631E3ABFD] - 25/10/2013 - 14:48:07 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf O45 - LFCP:[MD5.9E8A8C06FE3647558C91E4FD0619E913] - 25/10/2013 - 14:48:07 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-D1EF4768.pf O45 - LFCP:[MD5.26E9A5BE34C501EE911DEB1C60A4DB48] - 25/10/2013 - 14:48:10 ---A- - C:\Windows\Prefetch\PV.EXE-7B89A1E7.pf O45 - LFCP:[MD5.72A7F4A7FB9DE2DAD270E6E4321DF094] - 25/10/2013 - 14:48:11 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf O45 - LFCP:[MD5.AF5D0CE5F7CEC7F91E33AA76828178D1] - 25/10/2013 - 14:48:15 ---A- - C:\Windows\Prefetch\SUBINACL.EXE-7FBD134E.pf O45 - LFCP:[MD5.63018BF4E73514FC9AC70AB5E3632852] - 25/10/2013 - 14:48:32 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf ~ Prefetcher: 112 Scanned in 00mn 01s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsvid.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsvid.dll O52 - TDSD: \Drivers32\"vidc.dvsd"="pdvcodec.dll" . (.Matsushita Electric Industrial Co., Ltd. - DV Video for Windows Driver.) -- C:\Windows\System32\pdvcodec.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"frapsvid.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsvid.dll O52 - TDSD: \drivers.desc\"pdvcodec.dll"="DV Video Codec" . (.Matsushita Electric Industrial Co., Ltd. - DV Video for Windows Driver.) -- C:\Windows\System32\pdvcodec.dll ~ TDSD: 10 Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation ~ SMSR Keys: 4 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 ~ MWPS: 16 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ MWPE Keys: 3 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: 16 Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\DeviceCenterDiagnostic.0.debugreport.xml [3566] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\DeviceCenterDiagnostic.1.debugreport.xml [3243] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\DeviceDiagnostic.0.debugreport.xml [10231] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\DeviceDiagnostic.1.debugreport.xml [9110] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\NetworkDiagnostics.0.debugreport.xml [1316] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\NetworkDiagnostics.1.debugreport.xml [1315] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\PrinterDiagnostic.0.debugreport.xml [1310] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\PrinterDiagnostic.1.debugreport.xml [1309] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\ResultReport.xml [56323] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\results.xml [220] O61 - LFC: 23/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102320.000\results.xsl [49097] O61 - LFC: 23/10/2013 - 15:49:08 ---A- . (.Flux Software LLC.) -- C:\Users\moi\AppData\Local\FluxSoftware\Flux\flux.exe [1017224] O61 - LFC: 23/10/2013 - 15:49:24 ---A- . (...) -- C:\Users\moi\AppData\Local\Innovative Solutions\Advanced Uninstaller PRO\AU PRO.lnk [1295] O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\ajax_d46d221843c08ba04006e2cfefcd1388.dat [954] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\notice_bfe527ebf3b60be613090d206bcc686c.dat [8] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_14e9cd4237dc5ca3165ef53375ca23be.dat [2668] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_18a22d15696d564503026cdd8e63d2f4.dat [2904] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_2acbebe7132d1317ef09f762d2ccb4cc.dat [1968] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_2cd65d81fe2261d0ac3cffcbef178523.dat [1662] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_2d74646e875e9bda100d640ed0b12159.dat [2130] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_32dafa6ea4e57fca5fc8165ed2fd4518.dat [2528] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_43ba22f1ee6b3066bf292b8723e712a2.dat [938] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_64b31a8d9801c32ec3ae6856420afea1.dat [1902] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_706cddabd137a539d9f3179a1e298695.dat [2154] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_7202f4cb566b132c6f4c7b74d01fe72d.dat [3020] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_87a09a4dfde9dba662c539143ebb35f0.dat [1910] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_8934214e15c6219b4cda19507559430d.dat [1770] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_8c5c0b653842333c2e2bc3e36ba14a59.dat [1414] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_a68612dee9f1334c03551da3ad902616.dat [1966] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_d24e54a7dc9b14a930bf4b80f86f120e.dat [2150] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_d2b0ab598eec9d30dd9639f79224681e.dat [1970] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_d32c922f31b19b84f56bd6417d21abdd.dat [2272] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_e1e51b3cf68f8c53bad88eb1438aa7ba.dat [3316] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_e30137b3ec486c27d01f12a93714dc29.dat [2742] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_e9b3abd80854126b05867bab5d0a9df7.dat [1178] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_f2b5d7a72080b85ffcf41954d473a51d.dat [2120] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_f59d8c21b4c71e7105c0cb3adb52fa36.dat [2658] =>.DT Soft Ltd O61 - LFC: 23/10/2013 - 15:49:33 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2013-10-23 (15-10-57).txt [2098] O61 - LFC: 23/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\extensions.sqlite [458752] =>.Mozilla Corporation O61 - LFC: 23/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\history.mab [30589] =>.Mozilla Corporation O61 - LFC: 23/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\localstore-safe.rdf [169] =>.Mozilla Corporation O61 - LFC: 23/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Drafts [32263] =>.Mozilla Corporation O61 - LFC: 23/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\places.sqlite [10485760] =>.Mozilla Corporation O61 - LFC: 23/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Wise Registry Cleaner\Ad\120958320.png [19695] O61 - LFC: 23/10/2013 - 15:49:53 ---A- . (...) -- C:\Users\moi\Documents\TCT3400_UM_FR-1.pdf [1371259] O61 - LFC: 23/10/2013 - 15:49:53 ---A- . (.Innovative Solutions.) -- C:\Users\moi\Downloads\Advanced_Uninstaller11.exe [21549696] O61 - LFC: 23/10/2013 - 15:49:57 ---A- . (.WiseCleaner.com.) -- C:\Users\moi\Downloads\WRCFree.exe [2177000] O61 - LFC: 24/10/2013 - 15:49:06 ---A- . (...) -- C:\Users\moi\AppData\Local\AMD\Fuel\ClientProxyLog.txt [2] O61 - LFC: 24/10/2013 - 15:49:06 ---A- . (...) -- C:\Users\moi\AppData\Local\AMD\Fuel\ClientProxyLog_1.txt [2] O61 - LFC: 24/10/2013 - 15:49:06 ---A- . (...) -- C:\Users\moi\AppData\Local\ATI\ACE\Manifest.Bin [30466] O61 - LFC: 24/10/2013 - 15:49:06 ---A- . (...) -- C:\Users\moi\AppData\Local\ATI\ACE\Manifest.xml [22245] O61 - LFC: 24/10/2013 - 15:49:06 ---A- . (...) -- C:\Users\moi\AppData\Local\ATI\ACE\Profiles.xml [34973] O61 - LFC: 24/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\DeviceCenterDiagnostic.0.debugreport.xml [3563] O61 - LFC: 24/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\DeviceCenterDiagnostic.1.debugreport.xml [3239] O61 - LFC: 24/10/2013 - 15:49:07 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\DeviceDiagnostic.0.debugreport.xml [10220] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\DeviceDiagnostic.1.debugreport.xml [9101] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\NetworkDiagnostics.0.debugreport.xml [1313] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\NetworkDiagnostics.1.debugreport.xml [1312] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\PrinterDiagnostic.0.debugreport.xml [1306] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\PrinterDiagnostic.1.debugreport.xml [1306] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\ResultReport.xml [56312] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\results.xml [220] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\2013102407.000\results.xsl [49097] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\ElevatedDiagnostics\3493975886\latest.cab [15927] O61 - LFC: 24/10/2013 - 15:49:08 ---A- . (...) -- C:\Users\moi\AppData\Local\FluxSoftware\Flux\uninstall.exe [53995] O61 - LFC: 24/10/2013 - 15:49:27 ---A- . (...) -- C:\Users\moi\AppData\Local\Trusteer\Rapport\user\store\user\rapport_data_var_0.js.data [13908] O61 - LFC: 24/10/2013 - 15:49:41 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\cert8.db.bak [98304] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\Local Folders\Unsent Messages.msf [2226] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Sent [114550] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\pop.sfr.fr\Drafts.msf [2237] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\pop.sfr.fr\Inbox [158109] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\pop.sfr.fr\Inbox.msf [13175] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\pop.sfr.fr\Trash [95266] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\pop.sfr.fr\Trash.msf [4883] =>.Mozilla Corporation O61 - LFC: 24/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Wise Registry Cleaner\Ad\Ad.txt [731] O61 - LFC: 24/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Wise Registry Cleaner\Backup\2013-24-10 113032.reg [184073] O61 - LFC: 24/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Wise Registry Cleaner\Backup\2013-24-10 113126.reg [107576] O61 - LFC: 24/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Wise Registry Cleaner\Backup\2013-24-10 113135.reg [6018] O61 - LFC: 24/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\XnView\category.bak [10240] O61 - LFC: 24/10/2013 - 15:49:57 ---A- . (...) -- C:\Users\moi\Downloads\flux-setup.exe [597304] O61 - LFC: 25/10/2013 - 15:49:10 --HA- . (...) -- C:\Users\moi\AppData\Local\IconCache.db [783854] O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Mozilla Thunderbird\active-update.xml [1174] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Mozilla Thunderbird\updates.xml [15345] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Mozilla Thunderbird\updates\0\update.mar [20700000] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Mozilla Thunderbird\updates\0\update.status [12] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Profiles\noa2dqex.default\Cache\B\09\AF61Ad01 [63519] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Profiles\noa2dqex.default\Cache\_CACHE_001_ [31664] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Profiles\noa2dqex.default\Cache\_CACHE_002_ [64931] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Profiles\noa2dqex.default\Cache\_CACHE_003_ [30313] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Profiles\noa2dqex.default\Cache\_CACHE_MAP_ [8468] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Profiles\noa2dqex.default\startupCache\startupCache.4.little [2264129] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:26 ---A- . (...) -- C:\Users\moi\AppData\Local\temp\WMZuneComm.etl.002 [4096] O61 - LFC: 25/10/2013 - 15:49:27 ---A- . (...) -- C:\Users\moi\AppData\Local\Thunderbird\Profiles\noa2dqex.default\_CACHE_CLEAN_ [1] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:27 ---A- . (...) -- C:\Users\moi\AppData\Local\Trusteer\Rapport\user\store\safe_stores\local_store\store_var_1.metadata.data [116] O61 - LFC: 25/10/2013 - 15:49:27 ---A- . (...) -- C:\Users\moi\AppData\Local\Trusteer\Rapport\user\store\user\fsm_service_var_1.js.data [2532] O61 - LFC: 25/10/2013 - 15:49:27 ---A- . (...) -- C:\Users\moi\AppData\Local\Trusteer\Rapport\user\store\user\rapport_var_1.cfg.data [2180] O61 - LFC: 25/10/2013 - 15:49:27 ---A- . (...) -- C:\Users\moi\AppData\Local\Yahoo\Widget Engine\Widget Data\Yahoo! Weather\location data.db [27648] O61 - LFC: 25/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\ajax_4cf150d985044135b85b62470c1ddda9.dat [15058] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\ajax_5063e1c60d46548e8497a8b35503fef8.dat [944] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\ajax_c61c8ffd337417c24b607429419ab11c.dat [954] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\ajax_dad4330400daad9422c3d0b39088668d.dat [101360] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\notice_eacf8677397a24933aaa767de7243915.dat [8] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:29 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_21d780bb3b1ad854a9be34e897c6dbd2.dat [2624] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_5ce35c2701d01f226c03c2391c0f2f9c.dat [5336] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_5e02f666a2f490ea13c17e9e0d20915a.dat [3366] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_6e21da98a0c64a53884d0d084b4a97c2.dat [2344] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_89736accb4967e0c298e6e0767979b41.dat [2040] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:30 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_9a60eb4c01801a77752d21355c807e32.dat [2376] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_eb749cde95e0bb776447056acc00a44b.dat [1582] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImageInfoCache\pic_f5fbca741656b4129579f54d2e98173e.dat [2788] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:31 ---A- . (...) -- C:\Users\moi\AppData\Roaming\DAEMON Tools Lite\ImgList.dat [90] =>.DT Soft Ltd O61 - LFC: 25/10/2013 - 15:49:35 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Microsoft\Sticky Notes\StickyNotes.snt [9728] O61 - LFC: 25/10/2013 - 15:49:41 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\addons.sqlite [524288] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:41 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\blocklist.xml [47775] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:41 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\cert8.db [98304] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:41 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\cookies.sqlite [524288] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Archives [2679826] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\folderTree.json [304] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\global-messages-db.sqlite [4653056] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\key3.db [16384] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:45 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\localstore.rdf [6026] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Archives.msf [4901] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Drafts.msf [3702] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Inbox [3077799] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Inbox.msf [20289] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Sent.msf [21759] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Trash [13213257] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Trash.msf [41565] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\Trash.sbd\2012.msf [2160] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\imap.sfr.fr\popstate.dat [740] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\Mail\pop.sfr.fr\popstate.dat [64] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\panacea.dat [4759] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\parent.lock [0] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\permissions.sqlite [2048] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\pluginreg.dat [19512] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\prefs.js [18412] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\session.json [478] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:46 ---A- . (...) -- C:\Users\moi\AppData\Roaming\Thunderbird\Profiles\noa2dqex.default\virtualFolders.dat [10] =>.Mozilla Corporation O61 - LFC: 25/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\XnView\XnView.db [42932224] O61 - LFC: 25/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\XnView\category.db [10240] O61 - LFC: 25/10/2013 - 15:49:47 ---A- . (...) -- C:\Users\moi\AppData\Roaming\ZHP\Log.txt [128217] =>.Nicolas Coolman O61 - LFC: 25/10/2013 - 15:49:48 ---A- . (...) -- C:\Users\moi\AppData\Roaming\ZHP\TestsZHPDiag.txt [2764] =>.Nicolas Coolman O61 - LFC: 25/10/2013 - 15:49:48 ---A- . (...) -- C:\Users\moi\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman O61 - LFC: 25/10/2013 - 15:49:48 ---A- . (...) -- C:\Users\moi\AppData\Roaming\ZHP\ZHPDiag.txt [28672] =>.Nicolas Coolman O61 - LFC: 25/10/2013 - 15:49:48 ---A- . (...) -- C:\Users\moi\AppData\Roaming\ZHP\ZHPExportRegistry-25-10-2013-15-24-14.txt [11770] =>.Nicolas Coolman O61 - LFC: 25/10/2013 - 15:49:48 ---A- . (...) -- C:\Users\moi\AppData\Roaming\ZHP\ZHPFixQuarantine.txt [93061] =>.Nicolas Coolman O61 - LFC: 25/10/2013 - 15:49:48 ---A- . (...) -- C:\Users\moi\AppData\Roaming\ZHP\ZHPFix[R1].txt [48756] =>.Nicolas Coolman O61 - LFC: 25/10/2013 - 15:49:53 ---A- . (...) -- C:\Users\moi\Downloads\adwcleaner.exe [1060070] O61 - LFC: 25/10/2013 - 15:49:56 ---A- . (...) -- C:\Users\moi\Downloads\eMule\Temp\003.part [7275625804] O61 - LFC: 25/10/2013 - 15:49:56 ---A- . (...) -- C:\Users\moi\Downloads\eMule\Temp\003.part.met [13472] O61 - LFC: 25/10/2013 - 15:49:56 ---A- . (...) -- C:\Users\moi\Downloads\eMule\Temp\003.part.met.bak [13472] O61 - LFC: 25/10/2013 - 15:49:56 ---A- . (...) -- C:\Users\moi\Downloads\eMule\Temp\004.part [1467224896] O61 - LFC: 25/10/2013 - 15:49:56 ---A- . (...) -- C:\Users\moi\Downloads\eMule\Temp\004.part.met [3130] O61 - LFC: 25/10/2013 - 15:49:56 ---A- . (...) -- C:\Users\moi\Downloads\eMule\Temp\004.part.met.bak [3130] O61 - LFC: 25/10/2013 - 15:49:57 ---A- . (...) -- C:\Users\moi\Downloads\opengeu-8.10-desktop-i386.iso [720312320] O61 - LFC: 25/10/2013 - 15:49:57 ---A- . (.Nicolas Coolman.) -- C:\Users\moi\Downloads\ZHPDiag2.exe [6839014] =>.Nicolas Coolman ~ 1 Fichiers temporaires (Temporary files) ~ Files: 156 Scanned in 01mn 01s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 25/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 27/09/2010 - C:\Windows\system32\drivers\aksfridge.sys (aksfridge) .(.SafeNet Inc. - Ancillary Function Driver.) - LEGACY_AKSFRIDGE O64 - Services: CurCS - 12/10/2007 - C:\Windows\System32\DRIVERS\amdide.sys (amdide) .(.Advanced Micro Devices - AMD PCI SATA/IDE Bus Driver.) - LEGACY_AMDIDE O64 - Services: CurCS - 15/02/2013 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 05/03/2012 - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys (AODDriver4.01) .(.Advanced Micro Devices - AMD OverDrive Service Driver.) - LEGACY_AODDRIVER4.01 O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK O64 - Services: CurCS - 30/08/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 30/08/2013 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI O64 - Services: CurCS - 30/08/2013 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\atapi.sys (atapi) .(.Microsoft Corporation - ATAPI IDE Miniport Driver.) - LEGACY_ATAPI O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\Beep.sys (Beep) .(.Microsoft Corporation - BEEP Driver.) - LEGACY_BEEP O64 - Services: CurCS - 04/07/2012 - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE O64 - Services: CurCS - 10/04/2013 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\fastfat.sys (fastfat) .(.Microsoft Corporation - Fast FAT File System Driver.) - LEGACY_FASTFAT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 09/12/2009 - C:\Windows\system32\drivers\hardlock.sys (hardlock) .(.SafeNet Inc. - Hardlock Device Driver for Windows NT.) - LEGACY_HARDLOCK O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecdd.sys (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\ksecpkg.sys (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 08/06/2012 - C:\Windows\system32\drivers\LMIRfsDriver.sys (LMIRfsDriver) .(.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) - LEGACY_LMIRFSDRIVER O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\msisadrv.sys (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nwifi.sys (NativeWifiP) .(.Microsoft Corporation - Pilote de miniport WiFi natif.) - LEGACY_NATIVEWIFIP O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - Pilote d’E/S du mode utilisateur NDIS.) - LEGACY_NDISUIO O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pcw.sys (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\peauth.sys (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 18/09/2013 - C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys (RapportCerberus_56758) .(...) - LEGACY_RAPPORTCERBERUS_56758 =>.Cerberus O64 - Services: CurCS - 10/09/2013 - C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (RapportEI) .(.Trusteer Ltd. - RapportEI.) - LEGACY_RAPPORTEI O64 - Services: CurCS - 10/09/2013 - C:\Windows\System32\Drivers\RapportKELL.sys (RapportKELL) .(.Trusteer Ltd. - RapportKE.) - LEGACY_RAPPORTKELL O64 - Services: CurCS - 10/09/2013 - C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG) .(.Trusteer Ltd. - RapportPG.) - LEGACY_RAPPORTPG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 03/02/2009 - C:\Windows\System32\drivers\sfdrv01.sys (sfdrv01) .(.Protection Technology (StarForce) - FrontLine Environment Driver.) - LEGACY_SFDRV01 O64 - Services: CurCS - 14/06/2006 - C:\Windows\System32\drivers\sfhlp02.sys (sfhlp02) .(.Protection Technology (StarForce) - FrontLine Helper Driver.) - LEGACY_SFHLP02 O64 - Services: CurCS - 08/02/2007 - C:\Windows\System32\drivers\sfvfs02.sys (sfvfs02) .(.Protection Technology (StarForce) - FrontLine File System Driver.) - LEGACY_SFVFS02 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\Drivers\spldr.sys (spldr) .(.Microsoft Corporation - loader for security processor.) - LEGACY_SPLDR O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2 O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\tcpipreg.sys (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vwififlt.sys (vwififlt) .(.Microsoft Corporation - Virtual WiFi Filter Driver.) - LEGACY_VWIFIFLT O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000 O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\wfplwf.sys (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF ~ Legacy: 98 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ FASS Keys: 18 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) C:\Users\moi\Downloads\eMule\Incoming\Movavi Video Converter 11.2 Setup + KeyGen.rar C:\Users\moi\Downloads\eMule\Incoming\Movavi Video Converter 11.2 Setup + KeyGen.rar ~ Files: Scanned in 02mn 32s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] ~ Services: 32 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.3CE9DE3340D567E49E2A73963AF7A333] [SPRF][02/11/2012] (...) -- C:\Users\moi\AppData\Local\fusioncache.dat [91] ~ Files: 1 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "SNMPTRAP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Interruption SNMP.) -- C:\Windows\system32\snmptrap.exe O87 - FAEL: "WMP-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP-NoScope" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP-NoScope" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-QWave-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-QWave-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMPNSS-WMP-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-WMP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-UDP" | In - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-UDP" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation O87 - FAEL: "WMPNSS-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-P2PHost-In-TCP" | In - None - P6 - TRUE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-P2PHost-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O87 - FAEL: "Collab-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" | Out - Public - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Serveur COM d’assistance à distance Windows.) -- C:\Windows\system32\raserver.exe O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Private - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "FPS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCP-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DHCPV6-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-In" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-Teredo-Out" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-IPHTTPS-Out" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-DNS-Out-UDP" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" | Out - Private - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" | Out - Private - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-UPnP-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-LLMNR-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MsiScsi-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Service Microsoft Distributed Transaction Coordinator.) -- C:\Windows\system32\msdtc.exe O87 - FAEL: "MSDTC-KTMRM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MSDTC-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\Windows\system32\plasrv.exe O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "WMI-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-WINMGMT-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WMI-ASYNC-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) -- C:\Windows\system32\wbem\unsecapp.exe O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" | In - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteTask-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RVM-VDS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Service de disque virtuel.) -- C:\Windows\system32\vds.exe O87 - FAEL: "RVM-VDSLDR-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\Windows\system32\vdsldr.exe O87 - FAEL: "RVM-RPCSS-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes.) -- C:\Windows\system32\wudfhost.exe O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "WPDMTP-UPnP-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-SSDPSrv-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-QWave-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-In-TCP" | In - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-QWave-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation O87 - FAEL: "MCX-MCX2SVC-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-Prov-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - MCX2 Provisioning library.) -- C:\Windows\ehome\mcx2prov.exe O87 - FAEL: "MCX-PlayTo-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-McrMgr-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Media Center Extender Manager.) -- C:\Windows\ehome\mcrmgr.exe O87 - FAEL: "MCX-PlayTo-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "MCX-FDPHost-Out-TCP" | Out - None - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active_1" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active_1" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-TCP-Active_1" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-TCP-Active_1" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active_1" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active_1" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "RemoteAssistance-Out-TCP-Active_1" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active_1" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Assistance à distance Windows.) -- C:\Windows\system32\msra.exe O87 - FAEL: "UDP Query User{370EACED-699A-4FC7-B45A-F420CA207D90}C:\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "TCP Query User{A9486872-8096-433E-B301-8D0AE819B0C4}C:\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe O87 - FAEL: "UDP Query User{60471636-B222-49A0-A804-2EE8C5100581}J:\program files\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- J:\program files\emule\emule.exe O87 - FAEL: "TCP Query User{9D5DB923-6969-4477-AF37-B71C14D6C5CB}J:\program files\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- J:\program files\emule\emule.exe O87 - FAEL: "{17225350-EC56-471E-83EB-193BAF406D29}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{36BCAADD-C88E-4208-9183-F384C418F521}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{F6B0FDD7-C4F4-4A5B-BCDB-1BEAB0075FAF}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{A099944B-75AC-458B-8FE5-8990E5F2B634}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{F87A4C03-92F8-42CA-8D00-BE61AFD1F923}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{3967EFF3-2589-4321-A207-3449C1A663B7}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E066E05F-55F0-4B59-903B-15943481E722}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{A88CD939-75E8-44EA-87B3-8C6F89AF2159}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{CD69C652-86B6-4B20-ABD5-D14FF77B409E}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E3567529-CFA6-4F16-A455-092BFF01E6E9}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{EEC2A18F-F7D9-451B-9F1D-F2AF0DDA2658}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Mobile Device Center Sync Host.) -- C:\Windows\WindowsMobile\wmdHost.exe O87 - FAEL: "{5DBD5E44-1940-479A-B1B2-AA11A0D44709}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Windows Mobile Device Center Sync Host.) -- C:\Windows\WindowsMobile\wmdHost.exe O87 - FAEL: "{D7D8440A-2F13-4054-A32B-038DC613A25E}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{858CF345-26BC-4703-95E3-F70C5BD600C1}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{CA163806-26D2-45A2-8D0F-49BC1ED05977}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{42F5E7D5-18B4-4334-B4CA-E516F43F8FD4}" | In - None - P6 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "TCP Query User{8690C268-68C1-4A8F-9219-94837180B998}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" | In - Public - P6 - TRUE | .(.Crytek - Far Cry.) -- C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe O87 - FAEL: "UDP Query User{4776B409-F613-4D03-83F7-5911F632C284}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe" | In - Public - P17 - TRUE | .(.Crytek - Far Cry.) -- C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe O87 - FAEL: "TCP Query User{06BC327E-4273-439C-842C-AE8925F46007}C:\program files\rfactor\rfactor.exe" | In - Public - P6 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files\rfactor\rfactor.exe O87 - FAEL: "UDP Query User{548EA619-CF0A-4625-9777-E34D4DC06661}C:\program files\rfactor\rfactor.exe" | In - Public - P17 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\program files\rfactor\rfactor.exe O87 - FAEL: "TCP Query User{A1B79F4D-4B2D-491C-A5C9-CDEC4870AF17}C:\historic gt\rfactor\rfactor.exe" | In - Public - P6 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\historic gt\rfactor\rfactor.exe O87 - FAEL: "UDP Query User{09441BCF-7AF3-4A3A-A7C4-9B612BBC1DD1}C:\historic gt\rfactor\rfactor.exe" | In - Public - P17 - TRUE | .(.Image Space Incorporated - rFactor.) -- C:\historic gt\rfactor\rfactor.exe O87 - FAEL: "{53BD2287-2E50-42A0-BF23-CA6182A9A5B0}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{4BB637A6-1E88-4B5D-83E7-985B5DFF7A18}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{EF860EDA-1847-4757-95F0-39B1CF4D08EB}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{078CD581-48F1-410C-9B98-B2ACB607287F}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{5C4F40A8-B0F6-4DEA-8E5E-CF9043E9AE0D}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "TCP Query User{CC87B903-C27E-41E4-A512-68FD77AF041C}C:\windows\system32\dpnsvr.exe" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Serveur Microsoft DirectPlay 8.) -- C:\windows\system32\dpnsvr.exe O87 - FAEL: "UDP Query User{3A62C796-C13A-42B3-8E8C-7C71CBB8A054}C:\windows\system32\dpnsvr.exe" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Serveur Microsoft DirectPlay 8.) -- C:\windows\system32\dpnsvr.exe O87 - FAEL: "TCP Query User{EE1D515D-EB67-4624-8936-B4602FC70FAD}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "UDP Query User{999D79F9-CBAF-478A-AA97-F3289AB63A68}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "{7D973880-FC74-49CB-BE79-D16974B02EB5}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{BFD0B78A-9B7B-4B62-B213-6D287D6E4933}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{131DF2DD-D335-4EC1-A15F-D5A028491F4B}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E11F6925-BE06-491B-8C7F-FFD8BC8786A0}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{D42297F4-B438-4E23-A308-D60E20D2853E}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{319B85DB-E44B-4A83-9D8D-5398007A3245}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{04937D9A-9034-4C34-BE74-CBBF4735BA07}" | Out - Public - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{E8C0021C-B167-4B48-9053-771E91CD4770}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{54CF9DC7-D570-49A1-A6BD-5F6F98C8C736}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{B0047212-1005-4133-972B-62FAE187C786}" | Out - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{3E68808E-81F7-4A38-B934-A1BBADA3E13B}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{35E99943-25FE-4592-AB76-6578624EEB0E}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "{451F5B11-1427-4C8E-BEDA-EF2246F15CDD}" | In - Public - P6 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxbccoms.exe O87 - FAEL: "{43553B7D-BCDC-4B83-B2C2-457287CE3623}" | In - Public - P17 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\System32\lxbccoms.exe O87 - FAEL: "{F3EF1A5B-22CA-4FF8-AC4C-F80AA46BF403}" | In - Public - P6 - TRUE | .(.Lexmark International Inc. - Print Status Window Interface.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxbcpswx.exe O87 - FAEL: "{BBA67E60-CEAD-4739-8ADA-8B8FACAC1133}" | In - Public - P17 - TRUE | .(.Lexmark International Inc. - Print Status Window Interface.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxbcpswx.exe O87 - FAEL: "{FF02A566-E96C-4E14-A107-45587C3B32B6}" | In - None - P17 - TRUE | .(.SafeNet Inc. - Sentinel HASP License Manager Service.) -- C:\Windows\system32\hasplms.exe O87 - FAEL: "TCP Query User{A47A2388-44C6-4971-B5D5-39C2BA3BB746}C:\program files\mozilla firefox\plugin-container.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe O87 - FAEL: "UDP Query User{5AEE2357-4808-45A4-9853-A5B6E1C83405}C:\program files\mozilla firefox\plugin-container.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation.) -- C:\program files\mozilla firefox\plugin-container.exe O87 - FAEL: "{CE9B75A3-A0E2-4059-8191-81DF019F513E}" | In - Public - P6 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe O87 - FAEL: "{4C93275A-533D-4095-A3A4-2BA20AE61CD6}" | In - Public - P17 - TRUE | .(.Microsoft Corporation - Installateur Windows®.) -- C:\Windows\System32\msiexec.exe O87 - FAEL: "TCP Query User{660B687D-A645-4E60-86F2-E8EB15D4B9B5}J:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- J:\program files\emule\emule.exe O87 - FAEL: "UDP Query User{C69DF1F6-00B2-4BB9-84E6-FA091C774FB2}J:\program files\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- J:\program files\emule\emule.exe O87 - FAEL: "{DAC50A53-CDE7-4B92-B123-D57DB945A7FA}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{6C044865-FAD3-4042-B34C-8F8D943EBAF2}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{F597743A-4AE8-43A7-BEC7-8199CE5861A1}" | In - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{8604DE82-4CB9-45C2-84AF-0BE2EE2DD1AC}" | Out - None - P6 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{5EA6B017-36B4-458B-963D-16BB6CC8163B}" | Out - None - P17 - TRUE | .(.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe O87 - FAEL: "{8BCD344F-8AED-4793-84D9-8A7CB0CF740D}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe =>.Hewlett-Packard Co O87 - FAEL: "TCP Query User{462B168E-684B-4498-97F8-63D7D2BD2401}C:\Program Files\eMule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O87 - FAEL: "UDP Query User{D4567FBD-2B2E-49EB-AC22-5CCACC8F82A4}C:\Program Files\eMule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe O87 - FAEL: "TCP Query User{7D705BB6-8C33-4699-BFB2-7511E82F53CC}C:\program files\hercules\webcam station evolution se\stationevse.exe" | In - Private - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files\hercules\webcam station evolution se\stationevse.exe O87 - FAEL: "UDP Query User{1721F9A0-0F12-4D38-ABE5-F97F4A0F0E3B}C:\program files\hercules\webcam station evolution se\stationevse.exe" | In - Private - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\program files\hercules\webcam station evolution se\stationevse.exe O87 - FAEL: "{46271FC3-5C48-420E-A71F-6A386A878AFE}" | In - Public - P17 - TRUE | .(.Guillemot Corporation S.A. - Hercules Webcam Station Evolution SE.) -- C:\program files\hercules\webcam station evolution se\stationevse.exe O87 - FAEL: "{06A60AEC-655D-497C-9FB0-A430B6AC0D81}" | In - Public - P6 - TRUE | .(.Guillemot Corporation S.A. - Hercules Webcam Station Evolution SE.) -- C:\program files\hercules\webcam station evolution se\stationevse.exe O87 - FAEL: "TCP Query User{3D842AE3-944C-415B-8AF2-E3F922D08744}C:\gplsecrets\igor\igor.exe" | In - Public - P6 - TRUE | .(...) -- C:\gplsecrets\igor\igor.exe O87 - FAEL: "UDP Query User{C9FA519A-E030-4A56-A45F-80CD144A669F}C:\gplsecrets\igor\igor.exe" | In - Public - P17 - TRUE | .(...) -- C:\gplsecrets\igor\igor.exe O87 - FAEL: "TCP Query User{F4C60CD9-C19C-4E46-B53F-E99DC0B36F24}C:\gplsecrets\vroc\winvroc\winvroc.exe" | In - Private - P6 - TRUE | .(.Lawrence L. Holbert - Main WinVROC Module.) -- C:\gplsecrets\vroc\winvroc\winvroc.exe O87 - FAEL: "UDP Query User{75563589-E0F3-4DF8-B0FC-E1E61E4938FA}C:\gplsecrets\vroc\winvroc\winvroc.exe" | In - Private - P17 - TRUE | .(.Lawrence L. Holbert - Main WinVROC Module.) -- C:\gplsecrets\vroc\winvroc\winvroc.exe O87 - FAEL: "{D9B2BEEE-4EF2-4596-A56C-53088A25AC70}" | In - Public - P17 - TRUE | .(.Lawrence L. Holbert - Main WinVROC Module.) -- C:\gplsecrets\vroc\winvroc\winvroc.exe O87 - FAEL: "{9935F961-BD46-4009-AD5E-9D74255D3ADE}" | In - Public - P6 - TRUE | .(.Lawrence L. Holbert - Main WinVROC Module.) -- C:\gplsecrets\vroc\winvroc\winvroc.exe O87 - FAEL: "TCP Query User{E4D9D506-5544-48D4-A85F-CE688288AB17}C:\sierra\gpl\gpl.exe" | In - Private - P6 - TRUE | .(.Sierra On-Line Inc. Bellevue, WA 98007 - Grand Prix Legends.) -- C:\sierra\gpl\gpl.exe O87 - FAEL: "UDP Query User{E3FAE1EA-A208-45B0-9B93-BDC8879AFC31}C:\sierra\gpl\gpl.exe" | In - Private - P17 - TRUE | .(.Sierra On-Line Inc. Bellevue, WA 98007 - Grand Prix Legends.) -- C:\sierra\gpl\gpl.exe O87 - FAEL: "{0C0E249D-A5B1-4977-A827-4E06B0CD506A}" | In - Public - P17 - TRUE | .(.Sierra On-Line Inc. Bellevue, WA 98007 - Grand Prix Legends.) -- C:\sierra\gpl\gpl.exe O87 - FAEL: "{1235DA03-1A6B-4F77-8E8C-5BB65066A22F}" | In - Public - P6 - TRUE | .(.Sierra On-Line Inc. Bellevue, WA 98007 - Grand Prix Legends.) -- C:\sierra\gpl\gpl.exe O87 - FAEL: "{CA9BC82E-C4CB-46A2-B062-BD1B72379D8F}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe O87 - FAEL: "{8A4A195F-F0F2-47F0-955D-8A5868E32395}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe O87 - FAEL: "{2879C0A6-5693-4FB8-826F-47170AC9E00C}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files\Steam\Steam.exe O87 - FAEL: "{D7F0F30E-E3A2-430B-AFF6-2AA7EFDFF15B}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win.) -- C:\Program Files\Steam\Steam.exe O87 - FAEL: "{6154268D-9916-4BD8-B80E-62115EA950F1}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "{C5EE75DA-C817-46D6-B664-8670C8C0F399}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe O87 - FAEL: "{EE24C0FA-D677-4356-AE5C-796762F0F9E2}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\moi\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation O87 - FAEL: "TCP Query User{3EDDEFA0-D76B-43A5-8468-ABCA42F71C1F}C:\Program Files\lg electronics\lg pc suite\smartsharera.exe" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\lg electronics\lg pc suite\smartsharera.exe O87 - FAEL: "UDP Query User{498716CB-7A9C-4E77-921F-FF05BD08EDE0}C:\Program Files\lg electronics\lg pc suite\smartsharera.exe" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\lg electronics\lg pc suite\smartsharera.exe O87 - FAEL: "TCP Query User{9E9092C4-F0B3-4852-8E95-32CCCA5437E8}C:\program files\java\jre7\launch4j-tmp\android-notifier-desktop.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation.) -- C:\program files\java\jre7\launch4j-tmp\android-notifier-desktop.exe O87 - FAEL: "UDP Query User{8D8C0BB5-7A10-4945-A8D3-8EB599BE6900}C:\program files\java\jre7\launch4j-tmp\android-notifier-desktop.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation.) -- C:\program files\java\jre7\launch4j-tmp\android-notifier-desktop.exe O87 - FAEL: "TCP Query User{565874EF-B12C-445F-B1A9-CC2000B1652C}C:\program files\bittorrent\bittorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe =>P2P.BitTorrent O87 - FAEL: "UDP Query User{C05F5718-632A-4633-B3A8-1AD9CB5E1537}C:\program files\bittorrent\bittorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe =>P2P.BitTorrent ~ Firewall: 262 Scanned in 00mn 03s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "02FE2A82684BD5866624281908DE6738" . (.ccc-utility.) -- C:\Windows\Installer\{28A2EF20-B486-685D-6642-829180ED7683}\ARPPRODUCTICON.exe O90 - PUC: "03888AF5D3B5B794885BD88DB27BCB47" . (.Far Cry (Patch 2).) -- C:\Windows\Installer\{5FA88830-5B3D-497B-88B5-8DD82BB7BC74}\ARPPRODUCTICON.exe O90 - PUC: "0C1FF52A6B08B8B45A15CD2565794A80" . (.AMD APP SDK Runtime.) -- C:\Windows\Installer\{A25FF1C0-80B6-4B8B-A551-DC525697A408}\ARPPRODUCTICON.exe O90 - PUC: "16B3DA692EAE2E11E9278BCAF689CC3E" . (.Google Earth.) -- C:\Windows\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ARPPRODUCTICON.exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "22DC9F157E41F5547943640205449403" . (.Ma-Config.com.) -- C:\Windows\Installer\{51F9CD22-14E7-455F-9734-462050444930}\maconfico O90 - PUC: "26FCC409D8185764CB673DE73B999F71" . (.Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\Installer\{904CCF62-818D-4675-BC76-D37EB399F917}\wmdc.exe O90 - PUC: "302266C3F292D9E4EA208201170C9630" . (.Far Cry (Patch 1.33).) -- C:\Windows\Installer\{3C662203-292F-4E9D-AE02-281071C06903}\ARPPRODUCTICON.exe O90 - PUC: "3128052F989958E40A8727EB849371FE" . (.Microsoft Games for Windows - LIVE Redistributable.) -- C:\Windows\Installer\{F2508213-9989-4E85-A078-72BE483917EF}\GameForWindowsLiveRedist.exe O90 - PUC: "32FA0F2EF2EF2224A934556EC34CE11F" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}\ARPPRODUCTICON.exe O90 - PUC: "375AB74E4CBB1C04A8D72BF5F2B2D0EA" . (.Far Cry (Patch 1.32).) -- C:\Windows\Installer\{E47BA573-BBC4-40C1-8A7D-B25F2F2B0DAE}\ARPPRODUCTICON.exe O90 - PUC: "3A2988A5BB63E11458AAA6AE45D420B8" . (.Far Cry (Patch 1.4).) -- C:\Windows\Installer\{5A8892A3-36BB-411E-85AA-6AEA544D028B}\ARPPRODUCTICON.exe O90 - PUC: "3CE9F1F741A21B11191125F6637E37B9" . (.AMD Fuel.) -- C:\Windows\Installer\{7F1F9EC3-2A14-11B1-9111-526F36E7739B}\ARPPRODUCTICON.exe O90 - PUC: "427995CA55751C84BA7EBA8B75569203" . (.PC Connectivity Solution.) -- C:\Windows\Installer\{AC599724-5755-48C1-ABE7-ABB857652930}\ARPPRODUCTICON.exe O90 - PUC: "462EDF6AD84CEC63FC7ABAEB8B16CA01" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}\ARPPRODUCTICON.exe O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico =>.Apple Inc O90 - PUC: "52E4407E830367A4094643A40C8340E3" . (.Mise à jour du pilote du Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\Installer\{E7044E25-3038-4A76-9064-344AC038043E}\WindowsMobileDeviceCenter.ico O90 - PUC: "606682FB86E9C274ABAE1461F2B24F1D" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{BF286606-9E68-472C-BAEA-41162F2BF4D1}\fssicon.ico O90 - PUC: "672218601B6DCDB45AA2427D3D8448CD" . (.ArtRage Studio Pro.) -- C:\Windows\Installer\{06812276-D6B1-4BDC-A52A-24D7D34884DC}\ArtRage_Studio_Pro.exe O90 - PUC: "68541007ABB729A46A01DC8C694CF8F8" . (.NETGEAR WG311v3 PCI Adapter.) -- C:\Windows\Installer\{70014586-7BBA-4A92-A610-CDC896C48F8F}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA7067500000A0000000030" . (.Japanese Fonts Support For Adobe Reader X.) -- C:\Windows\Installer\{AC76BA86-7AD7-5760-0000-A00000000003}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.8) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O90 - PUC: "6F2958EEB2CFDFA45B7201D921C730F9" . (.Far Cry (Patch 1.31).) -- C:\Windows\Installer\{EE8592F6-FC2B-4AFD-B527-109D127C039F}\ARPPRODUCTICON.exe O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe O90 - PUC: "7C835A6C7ED497ACB752BF76C12DD92E" . (.AMD Accelerated Video Transcoding.) -- C:\Windows\Installer\{C6A538C7-4DE7-CA79-7B25-FB671CD29DE2}\ARPPRODUCTICON.exe O90 - PUC: "7E31197DC472B074DB64101B2091FDA6" . (.HPPhotosmartEssential.) -- C:\Windows\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\ARPPRODUCTICON.exe O90 - PUC: "7EA629F27BF943B409F6C9926A1D647A" . (.SystemDiagnostics.) -- C:\Windows\Installer\{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}\ARPPRODUCTICON.exe O90 - PUC: "82D6625F2B0E0314FB5CEE51A55D41CD" . (.Apple Application Support.) -- C:\Windows\Installer\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}\WinInstall.ico O90 - PUC: "8AAA2B50A03FD361674EE916D8DBFA1B" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{05B2AAA8-F30A-163D-76E4-9E618DBDAFB1}\ARPPRODUCTICON.exe O90 - PUC: "960A297DB69BAB04CB4B5E56A1E69562" . (.Far Cry (Patch 1).) -- C:\Windows\Installer\{D792A069-B96B-40BA-BCB4-E5651A6E5926}\ARPPRODUCTICON.exe O90 - PUC: "986D128CEB5906D052E59D8BC93B10F9" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{C821D689-95BE-0D60-255E-D9B89CB3019F}\ARPPRODUCTICON.exe O90 - PUC: "A2CDBD6DC27E48246BDAB6B3164BADCB" . (.Far Cry.) -- C:\Windows\Installer\{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}\ARPPRODUCTICON.exe O90 - PUC: "ABFAB76BF9C4AF84496939E3B3520544" . (.QuickTime.) -- C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\Installer.ico O90 - PUC: "B613C2A1248F3BF6C378F60E82163F69" . (.AMD VISION Engine Control Center.) -- C:\Windows\Installer\{1A2C316B-F842-6FB3-3C87-6FE02861F396}\ARPPRODUCTICON.exe O90 - PUC: "B8F4259B729BCFD6A61E7AB02700456E" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{B9524F8B-B927-6DFC-6AE1-A70B720054E6}\ARPPRODUCTICON.exe O90 - PUC: "C7030BC4E565144468EBD02F4EBF28C8" . (.Microsoft Games for Windows Marketplace.) -- C:\Windows\Installer\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}\GameForWindowsLiveDash.exe O90 - PUC: "D02EED33BDA398022AFB7792FBEDC1E9" . (.AMD Media Foundation Decoders.) -- C:\Windows\Installer\{33DEE20D-3ADB-2089-A2BF-7729BFDE1C9E}\ARPPRODUCTICON.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "D7E18DD182D0BEC4782B0C144ACF2B51" . (.Rapport.) -- C:\Windows\Installer\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}\icon.ico O90 - PUC: "DE454CFAF62A618428B63C15928DE2F1" . (.Fujitsu Siemens Computers Recovery.) -- c:\Windows\Installer\{AFC454ED-A26F-4816-826B-C35129D82E1F}\_6FEFF9B68218417F98F549.exe O90 - PUC: "EA721A12FAD27B043847433C6E9225C1" . (.Far Cry (Patch 1.3).) -- C:\Windows\Installer\{21A127AE-2DAF-40B7-8374-34C3E629521C}\ARPPRODUCTICON.exe O90 - PUC: "F2953167C02BB1E42BDD760F87D43437" . (.Energy Settings.) -- C:\Windows\Installer\{7613592F-B20C-4E1B-B2DD-67F0784D4373}\_6FEFF9B68218417F98F549.exe O90 - PUC: "F60C1AD7319C7C64A8F0ADC2AB71AED1" . (.OpenOffice.org 3.4.1.) -- C:\Windows\Installer\{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}\soffice.ico O90 - PUC: "F724A5A493AB0FB49999A974BF6EC0F9" . (.Visual C++ 9.0 Runtime for Dragon NaturallySpeaking.) -- C:\Windows\Installer\{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}\ARPPRODUCTICON.exe O90 - PUC: "FC2B535FBB9C26140BA3206D79F123CC" . (.Microsoft Flight Simulator X.) -- C:\Windows\Installer\{F535B2CF-C9BB-4162-B03A-02D6971F32CC}\ARPPRODUCTICON.exe O90 - PUC: "FD5E2449852A0ACC1BAC1F140B97662C" . (.AMD Drag and Drop Transcoding.) -- C:\Windows\Installer\{9442E5DF-A258-CCA0-B1CA-F141B07966C2}\ARPPRODUCTICON.exe ~ Update Products: 174 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.8F3862F231BD2B7D766A8272CA2FE5C1] [WIS][01/07/2011] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\174e99.msi [121344] [MD5.92B873BCA64B297A656417BD767D1A3D] [WIS][04/09/2011] (.Carsten Wenzel - Far Cry (Patch 2).) -- C:\Windows\Installer\175e3da.msi [63524352] [MD5.147D1988AD45E82906385C5C8FFD0264] [WIS][04/09/2011] (.Carsten Wenzel - Far Cry (Patch 1.3).) -- C:\Windows\Installer\18ad000.msi [72567808] [MD5.A5CCE305668674B827C1003F4241104B] [WIS][11/10/2011] (.Team Players - Team Players Corvette C6R.) -- C:\Windows\Installer\1b3e0a9.msi [86168100] [MD5.D2DEB536BFDD0F334A7D573ED56518C4] [WIS][17/08/2011] (.None - PixiePack Codec Pack.) -- C:\Windows\Installer\1d382ea.msi [325120] [MD5.E66436B98BE6B45545AA1BFA1D579189] [WIS][17/10/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\1faec5.msi [22413312] [MD5.88C07DBA19B120B0A49DD63985D42131] [WIS][05/09/2011] (.Carsten Wenzel - Far Cry (Patch 1.31).) -- C:\Windows\Installer\2be874.msi [8463360] [MD5.4387BCB6D9F7AACFFB52D06CB608D1DC] [WIS][05/09/2011] (.Carsten Wenzel - Far Cry (Patch 1.32).) -- C:\Windows\Installer\2be88e.msi [20801536] [MD5.B30998DA769EC03AEEB59CE034A4A260] [WIS][05/09/2011] (.Denis Barth - Far Cry (Patch 1.33).) -- C:\Windows\Installer\2be8a9.msi [21384704] [MD5.1E0B5F2ACFE86FDF7CFFC0CF5B3C2D8C] [WIS][13/09/2009] (.ChessBase - Blank Project Template.) -- C:\Windows\Installer\340f3e6.msi [17118720] [MD5.B670A591B510AEF7C334B7C727E30B7A] [WIS][05/09/2011] (.Denis Barth - Far Cry (Patch 1.4).) -- C:\Windows\Installer\58168e.msi [128876544] [MD5.80FDE84F1454AA3720C35D38D7D76CA7] [WIS][25/06/2011] (.NETGEAR - WG311v3.) -- C:\Windows\Installer\599d1.msi [4003840] [MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\5d7e5.msi [459264] [MD5.76A80F4FE7222D1F8BC3B4282B3A3265] [WIS][17/10/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\63986.msi [22413312] [MD5.D2F34AF196CCAF29A124324392FC3DFF] [WIS][11/05/2013] (.Valve Corporation - Steam.) -- C:\Windows\Installer\71d391.msi [8532992] [MD5.645CAB03BF748CE91A5FF7C692E26A97] [WIS][07/08/2011] (.Nokia - PC Connectivity Solution.) -- C:\Windows\Installer\937d9b.msi [6785024] [MD5.76A80F4FE7222D1F8BC3B4282B3A3265] [WIS][15/10/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\b64701.msi [22413312] [MD5.C62C837D9D04BD02CF706AEE1D360E60] [WIS][18/09/2013] (.Trusteer - Rapport.) -- C:\Windows\Installer\d54b.msi [27635200] ~ WIS: 186 Scanned in 00mn 20s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 09/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 15/02/2013 219136 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 16/11/2012 291840 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SR - | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SS - | Auto 20/02/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 20/02/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 28/05/2013 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Auto 27/09/2010 4180576 | (hasplms) . (.SafeNet Inc..) - C:\Windows\system32\hasplms.exe SR - | Demand 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe SR - | Auto 07/09/2012 1828496 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Demand 01/10/2012 295224 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe SR - | Auto 16/03/2007 537520 | (lxbc_device) . (...) - C:\Windows\system32\lxbccoms.exe SR - | Auto 22/04/2013 754000 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe SS - | Demand 01/10/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 10/09/2013 1435928 | (RapportMgmtService) . (.Trusteer Ltd..) - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe SS - | Demand 07/04/2008 430592 | (ServiceLayer) . (.Nokia..) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SS - | Demand 04/10/2012 529744 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 21s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by moi at 25/10/2013 15:53:14 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS amdide.sys C:\Windows\system32\DRIVERS\amdide.sys Advanced Micro Devices AMD PCI SATA/IDE Bus Driver 1 nt!IofCallDriver[0x83C40FC6] >> \Device\Harddisk0\DR0[0x87379030] 3 CLASSPNP[0x8C6D159E] >> nt!IofCallDriver[0x83C40FC6] >> [0x86E3D918] 5 ACPI[0x849D63D4] >> nt!IofCallDriver[0x83C40FC6] >> \Device\Ide\IdeDeviceP0T0L0-0[0x8733C030] kernel: MBR read successfully user & kernel MBR OK ~ MBR: 14 Scanned in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by moi at 25/10/2013 15:53:17 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite =>.DT Soft Ltd ~ Emulateurs: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 12960 - (24/10/2013) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\PIP] =>Toolbar.Ask ~ Additionnel Scan: 411086 Items scanned in 00mn 50s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask ~ MSI: 1 link(s) detected in 00mn 50s End of the scan (2172 lines in 06mn 11s)(2)