Satanée Babylon Toolbar...Résolu/Fermé

Question

Bonjour, 
je suis confrontée à un petit souci depuis hier soir. Mon copain a voulu télécharger une application pour son Iphone sauf que c'était un fake et je me suis après retrouvée avec une page d'accueil Mozilla intitulée : "Easylife Search". J'ai réussi à supprimer cette barre de recherches, seulement quand je lance une vérification Spybot, il me met que j'ai une Babylon Toolbar... Les deux seraient donc alors liés ? 
Bref, tout serait très simple si en cliquant sur corriger les problèmes, cela se faisait... Seulement voilà, lorsque je clique dessus, j'ai un message me disant que celle-ci ne peut pas être supprimé étant donné que l'application n'est pas ouverte en tant qu'administrateur.. Seulement je n'ai qu'une seule session sur mon PC et je suis donc le seul et l'unique administrateur..
Je ne comprends rien et ça commence vraiment à m'énerver !!!
Aidez moi s'il vous plaît ! 

Configuration: Windows Vista / Firefox 18.0 
 

 Merci d'avance !!!
                                                                 Malvina

jlpjlp · Answer

slt

colle un rapport de suppression avec adwcleaner

x-hate-to-love-x · Answer

voilà:
# AdwCleaner v2.112 - Rapport créé le 15/02/2013 à 11:08:57
# Mis à jour le 10/02/2013 par Xplode
# Système d'exploitation : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nom d'utilisateur : Mavina - PC-DE-MAVINA
# Mode de démarrage : Normal
# Exécuté depuis : C:\Users\Mavina\Downloads\adwcleaner0.exe
# Option [Suppression]


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****


***** [Navigateurs] *****

-\ Internet Explorer v9.0.8112.16464

[OK] Le registre ne contient aucune entrée illégitime.

-\ Mozilla Firefox v18.0.2 (fr)

Fichier : C:\Users\Mavina\AppData\Roaming\Mozilla\Firefox\Profiles\q59n2ou0.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.

-\ Google Chrome v24.0.1312.57

Fichier : C:\Users\Mavina\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Le fichier ne contient aucune entrée illégitime.

*************************

AdwCleaner[R1].txt - [13851 octets] - [19/12/2012 17:24:43]
AdwCleaner[R2].txt - [2840 octets] - [15/02/2013 10:49:54]
AdwCleaner[R3].txt - [1339 octets] - [15/02/2013 11:08:19]
AdwCleaner[S1].txt - [12967 octets] - [19/12/2012 17:25:34]
AdwCleaner[S2].txt - [2925 octets] - [15/02/2013 10:50:20]
AdwCleaner[S3].txt - [1272 octets] - [15/02/2013 11:08:57]

########## EOF - C:\AdwCleaner[S3].txt - [1332 octets] ##########

x-hate-to-love-x · Answer

Voilà le rapport de suppression mais de toute façon même dans le rapport de recherche c'était écrit : "aucune entrée illégitime".
Mais jlpjlp, tu ne saurais pas comment faire pour mon problème avec Spybot, parce que lui il la trouve la Babylon Toolbar ????!!!

Ambucias · Answer

Bonjour,

Si vous permettez, voici une astuce de notre expert Malekal_Morte expliquant tout sur Babylon, comment la supprimer et aussi comment filtrer les logiciels que Babylon accompagne.

https://www.commentcamarche.net/faq/32580-desinstaller-babylon-toolbar

Bonne chance

jlpjlp · Answer

le souci c'est que tu as passé plusieurs fois ce logiciel et donc rien de spécial dans le rapport


pour approfondir

Télécharge ZHPDiag ( de Nicolas coolman ).
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html


(outil de diagnostic)

Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau (Clique droit -> Executer en tant qu'admin ( vista )

Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

Rend toi sur Cjoint : http://www.cijoint.com/

Clique sur "Parcourir " dans la partie " Joindre un fichier[...] "

Sélectionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

Clique ensuite sur "Cliquez ici pour déposer le fichier " et copie/colle le lien dans ton prochain message

ou sinon pour transmettre ton rapport:
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer les rapports.
Donnes le liens pjjoint ici ensuite pour pouvoir être consultés.

x-hate-to-love-x · Answer

Tout d'abord, j'ai fait comme expliqué sur le forum de "Malwarebytes Anti-Malware" donc ça m'a mis que j'avais environ 30 fichiers suspects donc j'ai supprimé et éteint mon ordi mais lorsque je refais un Spybot, toujours la Babylon Toolbar !!!! 
Je désespère...
Aidez moi!

jlpjlp · Answer

fais ce qui est noté pour avancer...

et colle le rapport de malwarebyte

x-hate-to-love-x · Answer

C'est fait. Voilà le lien :  https://pjjoint.malekal.com/files.php?id=ZHPDiag_20130215_l9f14e6m10i10

jlpjlp · Answer

ok il en reste


l'adware lop!
1/ télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 2 (Suppression)
* Ne ferme pas la fenêtre lors de la suppression !
* Poste le rapport généré (C:\lopR.txt)

2/ensuite:
tu as une infection transitant par tes supports externes (clé usb , disque dur externe...) qui date .. branche tes supports externes puis

colle un rapport de suppression (nettoyage) avec usbfix

3/ remets un rapport zhpdiag et explique tes soucis actuels

x-hate-to-love-x · Answer

Attendez attendez, je suis en train de faire une vérification Spybot et la Babylon Toolbar ainsi que Win32 ont l'air d'avoir disparu....! Miracle.
Cependant je vais vous demander deux trois derniers conseils... 
Premièrement, maintenant que je n'ai plus toutes ces choses je m'aperçois que dans ma barre de recherche en haut à droite, "Easylife" apparaît, génial !
Comment le virer, A JAMAIS ???
Et enfin quels logiciels télécharger afin de protéger mon PC de tous ces nuisibles ???
Merci beaucoup pour l'aide que vous m'avez déjà apportée !

x-hate-to-love-x · Answer

En fait, jlpjlp, tu es en train de me dire qu'il y à un risque que ce soit un truc externe qui m'apporte l'infection ??

jlpjlp · Answer

slt oui tu as une infection qui vient des clés usb... et tout support branché sur ton pc se trouve infecté...  et cette infection date de 2009 en gros... comme l'adware lop ...

pour easylife on s'en occupera ensuite fais déjà ce qui est demandé

jlpjlp · Answer

le rapport d'usbfix est à la racine du disque :  ordinateur (poste de travail) puis C

x-hate-to-love-x · Answer

rapport ZHPDiag : Rapport de ZHPDiag v1.3.5.60 par Nicolas Coolman, Update du 12/02/2013 Run by Mavina at 16/02/2013 11:14:29 State : Nouvelle version disponible UAC : Deactivate by program ---\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 18.0.2 v18.0.2 (Defaut) GCIE: Google Chrome v24.0.1312.57 OBIE: Safari v5.33.18.5 ---\ Windows Product Information ~ Langage: Français Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 6CJ97 Windows License : OK Windows Automatic Updates : OK ---\ System Information ~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2813 MB (29% free) System Restore: Activé (Enable) System drive C: has 14 GB (9%) free of 143 GB ---\ Logged in mode ~ Computer Name: PC-DE-MAVINA ~ User Name: Mavina ~ All Users Names: UpdatusUser, Mavina, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Mavina\AppData\Roaming\ ~ %Desktop% : C:\Users\Mavina\Desktop\ ~ %Favorites% : C:\Users\Mavina\Favorites\ ~ %LocalAppData% : C:\Users\Mavina\AppData\Local\ ~ %StartMenu% : C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 143 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 145 Go of 145 Go) E:\ Floppy drive, Flash card reader, USB Key (Free 0 Go of 4 Go) F:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Free 0 Go of 4 Go) H:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 2 Go) I:\ Floppy drive, Flash card reader, USB Key (Free 4 Go of 4 Go) ---\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.B49B56B64F57699A1A663D2CF7D0A56F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/01/2013 - 23:03:20.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers etBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers tfs.sys [1083880] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers dpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers dx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Scan Generic Processes in 00mn 05s ---\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/7151 ~ Mes musiques (My Musics) : 1/2453 ~ Mes Videos (My Videos) : 1/33 ~ Mes Favoris (My Favorites) : 1/47 ~ Mes Documents (My Documents) : 4/2753 ~ Mon Bureau (My Desktop) : 9/2604 ~ Menu demarrer (Programs) : 1/31 ~ Scan Hidden Files in 00mn 32s ---\ Processus lancés [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2248] [MD5.151B2D097C7182898387994CEA34890B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [5369856] [PID.2256] [MD5.5673EC459FA2F335A05594249609BB2B] - (...) -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488] [PID.2268] [MD5.2DFA4AD2E8693A6ECA601CA827F7EA12] - (.Pas de propriétaire - Acer Empowering Technology Framework Launch.) -- C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [319488] [PID.2280] [MD5.4BC8167722B6C79B1B13F1F2076B9EEC] - (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe [526896] [PID.2288] [MD5.D7EE83A9257D508656172A2B9DD3C317] - (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672] [PID.2304] [MD5.030281783A6239493C1C802019F73970] - (.Roxio - Drag To Disc Application.) -- C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [1691648] [PID.2320] [MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [209153] [PID.2328] [MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.2336] [MD5.1568FF282E268082C67CF0C3EBCC9179] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320] [PID.2368] [MD5.34086F1DBB4065047EA3671CB70505CC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421776] [PID.2384] [MD5.B63E5C7807334A3A8F731062F15462CC] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008] [PID.2392] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2528] [MD5.A0E98C4C12FA1902C0575B248D159F25] - (.PC Tools - Registry Mechanic Vista Startup Tray.) -- C:\Program Files\Registry Mechanic\RMTray.exe [812952] [PID.2536] [MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.2560] [MD5.D610CDEDF1F702EB0A86B0FBD9BB49E5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display vtray.exe [1820520] [PID.2628] [MD5.A090F19F57DEBA7F82498C634EA855B7] - (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Mavina\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [255992] [PID.2636] [MD5.896A1DB9A972AD2339C2E8569EC926D1] - (.Safer Networking Limited - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088] [PID.2656] [MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.2664] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2924] [MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.2092] [MD5.58ED0528F2B1BFB3301BC10E0E707C35] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.5740] [MD5.2D821AFA5A1A9CA7F9F997A1AAD09E72] - (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe [168960] [PID.5216] [MD5.8906FFADDF99ACCB5C751E75E879481F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5676032] [PID.3488] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4848] [MD5.EB5A13F9139F20AD71ADF4BF79C3AA29] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\system32 vvsvc.exe [645992] [PID.1032] [MD5.F0359F7CE712D69ACEF0886BDB4792ED] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision vSCPAPISvr.exe [382824] [PID.1044] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1468] [MD5.C71F2B4D0151CFEDE5D405C5D60B6FCE] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display vxdsync.exe [864616] [PID.1596] [MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [108289] [PID.520] [MD5.517D30057C726C797764BFD70A55D82A] - (.CyberLink - CLMSServer.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448] [PID.3520] [MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.3544] [MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [185089] [PID.3560] [MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.3592] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.3636] [MD5.09E6AFFAE6C0E9158BF05C7D08D0107A] - (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384] [PID.3672] [MD5.B7DC2580425225C320CEDA78DE55A3D0] - (.Egis Incorporated - Acer eDataSecurity Management Service.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784] [PID.3692] [MD5.20D3741680AB88269BADCDB161B36705] - (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576] [PID.3708] [MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.3768] [MD5.37B19585E146D283ADFFCBEDDA01DE70] - (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\lxeacoms.exe [598696] [PID.3812] [MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.3896] [MD5.916B8954AC3E06DC9E898AFFB41F3FB6] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [682344] [PID.4024] [MD5.A2B6583A5652A385DFF5E4F49AD48761] - (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056] [PID.4064] [MD5.40B87FE8A1A9A5AC9E5A91D96F212BCD] - (...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072] [PID.4088] [MD5.C1C132455200AD4704142442C89D0FA4] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247] [PID.2148] [MD5.ED78DFAD8EFCDFBC89500492C4D14645] - (...) -- C:\Windows\System32\PAStiSvc.exe [53248] [PID.1912] [MD5.283195C5301EADBCF56DEE637573ED12] - (.Pas de propriétaire - app_filter Module.) -- C:\Program Files\bin32 SvcAppFlt.exe [598016] [PID.2620] [MD5.3C7BD1EC817D300A8826D49C406D5894] - (.Pas de propriétaire - NVIDIA Corporation.) -- C:\Program Files\bin32 SvcIp.exe [163840] [PID.2604] [MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.836] [MD5.E6BE7A41A28D8F2DB174957454D32448] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [821648] [PID.2376] [MD5.0629259E3AF6BB0534FCECA208973404] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856] [PID.6076] [MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d'installation de modules Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] [PID.2808] ~ Scan Processes Running in 00mn 01s ---\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Mavina\AppData\Local\Google\Chrome\User Data\Default\Preferences ~ Scan Google Browser in 00mn 00s ---\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Mavina\AppData\Roaming\Mozilla\Firefox\Profiles\q59n2ou0.default\prefs.js M3 - MFPP: Plugins - [Mavina] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Mavina] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Mavina] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Mavina] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Mavina] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Mavina] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Mavina] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins p-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Mozilla Firefox\Plugins ppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins pqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins pqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins pqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins pqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins pqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins pqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins pqtplugin7.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins pitunes.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32 pDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.13.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.13.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2 pjp2.dll P2 - FPN: [HKLM] [@mcafee.com/McAfeeMssPlugin] - (.McAfee, Inc. - McAfee MSS+ NPAPI Plugin.) -- C:\Program Files\McAfee Security Scan\3.0.318 pMcAfeeMss.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10329.0 pctrl.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live pOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision pnv3dv.dll P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision pnv3dvstreaming.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135 pGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135 pGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.4.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR ppdf32.dll P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe O40 - ASIC: (no name) - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin egutils.dll O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32 hemeui.dll O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\Windows\system32\Macromed\Flash\Flash32_11_5_502_149.ocx ~ Scan Active Setup in 00mn 00s ---\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS etbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS etbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers siproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS asacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS dbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers dpencdd.sys O41 - Driver: C:\Windows\System32 cpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\System32 cpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS dx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS ermdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys ~ Scan Drivers in 00mn 00s ---\ Logiciels installés (O42) O42 - Logiciel: Acer Arcade Live Main Page - (.Acer Inc..) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37} O42 - Logiciel: Acer DV Magician - (.Acer Inc..) [HKLM] -- {F6EFFB76-4A07-11DA-9D78-000129760D75} O42 - Logiciel: Acer DVDivine - (.Acer Inc..) [HKLM] -- {B145EC69-66F5-11D8-9D75-000129760D75} O42 - Logiciel: Acer Empowering Technology - (.Acer Incorporated.) [HKLM] -- {8F1B6239-FEA0-450A-A950-B05276CE177C} O42 - Logiciel: Acer GameZone Console DTV 2.0.1.1 - (.Oberon Media, Inc..) [HKLM] -- Acer GameZone Console_is1 O42 - Logiciel: Acer HomeMedia - (.Acer Inc..) [HKLM] -- {AA4BF92B-2AAF-11DA-9D78-000129760D75} O42 - Logiciel: Acer HomeMedia Connect - (.Acer Inc..) [HKLM] -- {132888AE-EF67-41C5-BCA2-7D5D2488AB63} O42 - Logiciel: Acer HomeMedia Trial Creator - (.Acer Inc..) [HKLM] -- {B580C409-E16F-44FF-904D-3AE94E113BE0} O42 - Logiciel: Acer SlideShow DVD - (.Acer Inc..) [HKLM] -- {41581EF5-45A7-11DA-9D78-000129760D75} O42 - Logiciel: Acer VideoMagician - (.Acer Inc..) [HKLM] -- {F79A208D-D929-11D9-9D77-000129760D75} O42 - Logiciel: Acer eDataSecurity Management - (.Egis Inc..) [HKLM] -- {A5633652-3795-4829-BB0B-644F0279E279} O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Agatha Christie Death on the Nile - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {122ADF8C-DDA1-480C-9936-C88F2825B265} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: Audacity 1.3.13 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1 O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Backspin Billiards - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617} O42 - Logiciel: Big Kahuna Reef - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783} O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} O42 - Logiciel: Bricks of Egypt - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123} O42 - Logiciel: Cake Mania - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750} O42 - Logiciel: Chicken Invaders 3 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: Delta Force - (.Pas de propriétaire.) [HKLM] -- Delta Force O42 - Logiciel: Desperate Housewives - (.Buena Vista Games.) [HKLM] -- {D41922D2-8272-48EE-B863-BE7EFF34A362} O42 - Logiciel: Diner Dash Flo on the Go - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660} O42 - Logiciel: EPSON SX420W Series Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON SX420W Series Manual O42 - Logiciel: EPSON SX420W Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX420W Series O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {39F58DDB-B2B8-4B86-AF20-4706A80EB30D} O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178} O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {03B8AA32-F23C-4178-B8E6-09ECD07EAA47} O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3E31400D-274E-4647-916C-2CACC3741799} O42 - Logiciel: EpsonNet Setup 3.2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {C9D8A041-2963-4B31-8FFC-1500F3DB9293} O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU] -- Facebook Plug-In O42 - Logiciel: Free YouTube to MP3 Converter version 3.11.37.1212 - (.DVDVideoSoft Ltd..) [HKLM] -- Free YouTube to MP3 Converter_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Guide réseau pour EPSON SX420W Series - (.Pas de propriétaire.) [HKLM] -- EPSON SX420W Series Network Guide O42 - Logiciel: Java 7 Update 13 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217013FF} O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF} O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: Jewel Quest Solitaire - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: KRISTAL Audio Engine - (.Pas de propriétaire.) [HKLM] -- KRISTAL Audio Engine O42 - Logiciel: Kick N Rush - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990} O42 - Logiciel: Les Sims 2 - (.Pas de propriétaire.) [HKLM] -- {6E7DD182-9FC6-4651-0095-2E666CC6AF35} O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Mahjong Escape Ancient China - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743} O42 - Logiciel: Mahjongg Artifacts - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950} O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM] -- Messenger Plus! Live O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU] -- SkyDriveSetup.exe O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} O42 - Logiciel: Mises à jour NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Mozilla Firefox 18.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.2 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: Mystery Case Files - Huntsville - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433} O42 - Logiciel: Mystery Case Files: Retour à Ravenhearst (TM) - (.Pas de propriétaire.) [HKLM] -- BFG-Mystery Case Files - Retour a Ravenhearst O42 - Logiciel: Mystery Solitaire - Secret Island - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363} O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403} O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD} O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD} O42 - Logiciel: NVIDIA Pilote 3D Vision 306.97 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote graphique 306.97 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {E7004147-2CCA-431C-AA05-2AB166B9785D} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Registry Mechanic 8.0 - (.PC Tools.) [HKLM] -- Registry Mechanic_is1 O42 - Logiciel: Roxio Easy Media Creator 7 Basic DVD Edition - (.Roxio, Inc..) [HKLM] -- {747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5} O42 - Logiciel: Roxio Roxio Central - (.Roxio.) [HKLM] -- {22C080E3-A33A-45F5-8B60-F101B8981336} O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43} O42 - Logiciel: Sandlot Games Client Services 1.2.2 - (.Sandlot Games.) [HKLM] -- Sandlot Games Client Services 1.2.2_is1 O42 - Log

x-hate-to-love-x · Answer

Ca y est, je l'ai ce rapport de suppression UsbFix : le voilà 
############################## | UsbFix V6.012 |

User : Mavina (Administrateurs) # PC-DE-MAVINA
Update on 29/07/09 by Chiquitine29 & C_XX
Start at: 13:57:16 | 16/02/2013
Website : http://pagesperso-orange.fr/NosTools/index.html

Athlon(tm) Dual Core Processor 4450e
Microsoft® Windows Vista(TM) Édition Familiale Premium  (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 9.0.8112.16421
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 143,2 Go (13,53 Go free) [ACER] # NTFS
D:\ -> Disque fixe local # 144,89 Go (144,8 Go free) [DATA] # NTFS
E:\ -> Disque amovible # 3,76 Go (359,64 Mo free) [Transcend] # FAT32
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 3,81 Go (160,83 Mo free) [UDISK] # FAT32
H:\ -> Disque amovible # 1,84 Go (798,88 Mo free) # FAT
I:\ -> Disque amovible # 3,72 Go (3,72 Go free) [STORE N GO] # FAT32

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32
vvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision
vSCPAPISvr.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\Display
vxdsync.exe
C:\Windows\system32
vvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxeacoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\System32\PAStiSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\bin32
SvcAppFlt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\bin32
SvcIp.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32unonce.exe
C:\Windows\system32\conime.exe
C:\Program Files\NVIDIA Corporation\Display
vtray.exe

################## | Fichiers # Dossiers infectieux |

Supprimé ! D:\install.exe  
Supprimé ! G:\autorun.inf  

################## | Registre # Clés Run infectieuses |


################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{644f7c50-e946-11dd-bbe6-001d72a7da8f}\Shell\AutoRun\Command  
Supprimé ! HKCU\...\Explorer\MountPoints2\{644f7c56-e946-11dd-bbe6-001d72a7da8f}\Shell\AutoRun\Command  
Supprimé ! HKCU\...\Explorer\MountPoints2\{9a0700ba-2cf1-11de-a4fc-001d72a7da8f}\Shell\Auto\Command  

################## | Listing des fichiers présent |

[19/12/2012 17:24|--a------|13851] -> C:\AdwCleaner[R1].txt 
[15/02/2013 10:50|--a------|2840] -> C:\AdwCleaner[R2].txt 
[15/02/2013 11:08|--a------|1339] -> C:\AdwCleaner[R3].txt 
[19/12/2012 17:25|--a------|12967] -> C:\AdwCleaner[S1].txt 
[15/02/2013 10:50|--a------|2925] -> C:\AdwCleaner[S2].txt 
[15/02/2013 11:09|--a------|1401] -> C:\AdwCleaner[S3].txt 
[18/09/2006 22:43|--a------|24] -> C:\autoexec.bat 
[11/04/2009 07:36|-rahs----|333257] -> C:\bootmgr 
[08/05/2008 20:20|-ra-s----|8192] -> C:\BOOTSECT.BAK 
[29/07/2009 20:29|--a------|10103] -> C:\cleannavi.txt 
[18/09/2006 22:43|--a------|10] -> C:\config.sys 
[26/12/2008 16:07|--a------|0] -> C:\Debug.QC6 
[?|?|?] -> C:\hiberfil.sys 
[26/12/2008 16:07|--a------|142107] -> C:\Installer.log 
[30/05/2010 12:37|-rahs----|0] -> C:\IO.SYS 
[16/02/2013 11:08|--a------|35013] -> C:\lopR 2.txt 
[16/02/2013 11:05|--a------|35013] -> C:\lopR.txt 
[28/06/2007 09:44|--a------|512] -> C:\MDR.iss 
[30/05/2010 12:37|-rahs----|0] -> C:\MSDOS.SYS 
[26/12/2008 16:08|--a------|456230] -> C:\MSIInstall.log 
[?|?|?] -> C:\pagefile.sys 
[09/05/2008 02:44|--a------|426] -> C:\RHDSetup.log 
[16/02/2013 13:59|--a------|5331] -> C:\UsbFix.txt 
[07/11/2007 07:00|--a------|17734] -> D:\eula.1028.txt 
[07/11/2007 07:00|--a------|17734] -> D:\eula.1031.txt 
[07/11/2007 07:00|--a------|10134] -> D:\eula.1033.txt 
[07/11/2007 07:00|--a------|17734] -> D:\eula.1036.txt 
[07/11/2007 07:00|--a------|17734] -> D:\eula.1040.txt 
[07/11/2007 07:00|--a------|118] -> D:\eula.1041.txt 
[07/11/2007 07:00|--a------|17734] -> D:\eula.1042.txt 
[07/11/2007 07:00|--a------|17734] -> D:\eula.2052.txt 
[07/11/2007 07:00|--a------|17734] -> D:\eula.3082.txt 
[07/11/2007 07:00|--a------|1110] -> D:\globdata.ini 
[07/11/2007 07:00|--a------|843] -> D:\install.ini 
[07/11/2007 07:03|--a------|76304] -> D:\install.res.1028.dll 
[07/11/2007 07:03|--a------|96272] -> D:\install.res.1031.dll 
[07/11/2007 07:03|--a------|91152] -> D:\install.res.1033.dll 
[07/11/2007 07:03|--a------|97296] -> D:\install.res.1036.dll 
[07/11/2007 07:03|--a------|95248] -> D:\install.res.1040.dll 
[07/11/2007 07:03|--a------|81424] -> D:\install.res.1041.dll 
[07/11/2007 07:03|--a------|79888] -> D:\install.res.1042.dll 
[07/11/2007 07:03|--a------|75792] -> D:\install.res.2052.dll 
[07/11/2007 07:03|--a------|96272] -> D:\install.res.3082.dll 
[07/11/2007 07:00|--a------|5686] -> D:\vcredist.bmp 
[07/11/2007 07:09|--a------|1442522] -> D:\VC_RED.cab 
[07/11/2007 07:12|--a------|232960] -> D:\VC_RED.MSI 
[16/02/2013 11:10|--a------|1626] -> E:\BOOTEX.LOG 
[04/03/2011 23:12|--ah-----|71369062] -> E:\La Poutre de Bamako.flv 
[11/11/2010 02:30|--ah-----|729371244] -> E:\L'art niqueur.avi 
[16/04/2010 18:57|--ah-----|739368960] -> E:\www.media-libre-echange.blogspot.com   Les Ambitieuses.avi 
[24/04/2011 23:22|--ah-----|145197056] -> E:\YouPorn - Horny MILF sucks and fucks a huge cock.mpg 
[07/06/2010 02:46|--ah-----|728784896] -> E:\Le PHENIX - Section Disciplinaire.avi 
[24/04/2011 23:14|--ah-----|45297664] -> E:\YouPorn - Massive Titty Cougar Getting Pussy Slammed.mpg 
[24/04/2011 23:18|--ah-----|46700544] -> E:\YouPorn - Asa s Anal Warmup.mpg 
[24/04/2011 23:25|--ah-----|33257472] -> E:\YouPorn - MILF with huge tits tittyfucks and gets fucked.mpg 
[01/01/1601 01:00|--ah-----|0] -> G:\DEFAULT.SPL 
[09/09/2010 16:32|--ahs----|1527] -> G:\ActionSportDrives.html 
[09/09/2010 16:32|--ahs----|12862] -> G:\ACTIONSPORTS.ICO 
[09/09/2010 11:36|--ah-----|127] -> G:\AUTORUNLAUNCH.INF 
[09/09/2010 11:36|--ah-----|56] -> G:\AUTORUNNOLAUNCH.INF 
[09/09/2010 11:36|--ahs----|132415] -> G:\RoxySplashPage_1.jpg 
[09/04/2012 01:29|--a------|296] -> G:\WMPInfo.xml 
[24/05/2012 15:57|--a------|24] -> H:\AllInfo.txt 
[01/01/1601 01:00|---h-----|0] -> H:\B2100.samsung 
[17/01/2013 20:40|--a------|0] -> I:\liveusb 
[22/06/2010 13:39|--a------|237] -> I:\syslinux.cfg 
[17/01/2013 20:41|-rahs----|15218] -> I:\ldlinux.sys 

################## | Vaccination |

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# E:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# H:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  
# I:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.  

################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # UsbFix V6.012 ! |

x-hate-to-love-x · Answer

Je viens de m'apercevoir qu'il manque une partie au rapport ZHPDiag : O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 8 - (.Adobe Systems.) [HKLM] -- {AC76BA86-7AD7-5464-3428-800000000003} O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Turbo Pizza - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953} O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: VSO CopyToDVD 4 - (.VSO Software.) [HKLM] -- {870F1750-BA89-11DA-A94D-0800200C9A66}_is1 O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700} O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {6AD9F5F3-5BD0-4000-BD9C-B536CF86D988} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ---\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\ALWIL Software] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\ArcSoft] [HKCU\Software\Astonsoft] [HKCU\Software\Audacity] [HKCU\Software\Avira] [HKCU\Software\Big Fish Games] [HKCU\Software\CDDB] [HKCU\Software\COOPP] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CyberLink] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DVD BIKE SURFItch] [HKCU\Software\DVDVideoSoft] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\EPSON] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Gamehouse] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\IncrediMail] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Kreatives.org] [HKCU\Software\Lexmark] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Logitech] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\Oberon Media] [HKCU\Software\OpenOffice.org] [HKCU\Software\PCTools] [HKCU\Software\Patchou] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Printers] [HKCU\Software\RECISIO] [HKCU\Software\Realtek] [HKCU\Software\Roxio] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Screen Babe Design] [HKCU\Software\SecuROM] [HKCU\Software\SoftVTU] [HKCU\Software\Speed-Downloading] [HKCU\Software\Toolbar4Free] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSO] [HKCU\Software\VirtualDJ] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Yahoo] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\eSobi] [HKCU\Software\vanBasco] [HKLM\Software\] [HKLM\Software\ABBYY] [HKLM\Software\ALWIL Software] [HKLM\Software\Acer Incorporated] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Audible] [HKLM\Software\Avira] [HKLM\Software\Big Fish Games] [HKLM\Software\Buena Vista Games] [HKLM\Software\CCleaner] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DIOC] [HKLM\Software\DVDVideoSoft] [HKLM\Software\Debug] [HKLM\Software\DivX] [HKLM\Software\EA GAMES] [HKLM\Software\EPSON] [HKLM\Software\Electronic Arts] [HKLM\Software\EpsonNet] [HKLM\Software\FreeDownloadManager.ORG] [HKLM\Software\FrostWire] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\Hauppauge] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IncrediMail] [HKLM\Software\Info-Concept] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Kreatives.org] [HKLM\Software\LexmarkInkjet] [HKLM\Software\Lexmark] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\McAfee.com] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\NewTech Infosystems] [HKLM\Software\NovaLogic] [HKLM\Software\ODBC] [HKLM\Software\Oberon Media] [HKLM\Software\OpenOffice.org] [HKLM\Software\PCTools] [HKLM\Software\Patchou] [HKLM\Software\PixArt] [HKLM\Software\Policies] [HKLM\Software\RECISIO] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\ReflexiveArcade] [HKLM\Software\RegisteredApplications] [HKLM\Software\Roxio] [HKLM\Software\SEIKO EPSON CORPORATION] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SimDebug] [HKLM\Software\SiteAdvisor] [HKLM\Software\Sonic] [HKLM\Software\Sony Corporation] [HKLM\Software\Speed-Downloading] [HKLM\Software\Speedchecker Limited] [HKLM\Software\Sun Microsystems] [HKLM\Software\VSO] [HKLM\Software\VideoLAN] [HKLM\Software\WOW6432Node] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\X-AVCSD] [HKLM\Software\Yahoo] [HKLM\Software\ZSMC] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] ~ Scan Softwares in 00mn 00s ---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 27/01/2013 - 20:50:21 - [0,886] ----D C:\Program Files\Accelerer PC O43 - CFD: 25/12/2008 - 11:56:02 - [98,630] ----D C:\Program Files\Acer O43 - CFD: 09/05/2008 - 03:04:17 - [603,605] ----D C:\Program Files\Acer Arcade Live O43 - CFD: 27/05/2009 - 18:27:23 - [630,748] ----D C:\Program Files\Acer GameZone O43 - CFD: 09/05/2008 - 03:20:22 - [12,096] ----D C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites O43 - CFD: 26/01/2013 - 13:52:48 - [159,134] ----D C:\Program Files\Adobe O43 - CFD: 21/01/2012 - 15:44:40 - [0] ----D C:\Program Files\Algobox O43 - CFD: 23/01/2009 - 18:32:00 - [0,001] ----D C:\Program Files\Alwil Software O43 - CFD: 18/08/2012 - 09:17:47 - [2,316] ----D C:\Program Files\Apple Software Update O43 - CFD: 08/07/2009 - 15:37:53 - [0] ----D C:\Program Files\Astonsoft O43 - CFD: 07/05/2011 - 19:11:54 - [40,482] ----D C:\Program Files\Audacity 1.3 Beta (Unicode) O43 - CFD: 30/09/2009 - 13:37:57 - [228,489] ----D C:\Program Files\Avira O43 - CFD: 09/05/2008 - 02:33:45 - [31,007] ----D C:\Program Files\bin32 O43 - CFD: 18/08/2012 - 09:15:33 - [0,586] ----D C:\Program Files\Bonjour O43 - CFD: 15/02/2013 - 18:14:39 - [1,001] ----D C:\Program Files\BrowseToSave O43 - CFD: 25/12/2008 - 12:01:27 - [2011,550] ----D C:\Program Files\Buena Vista Games O43 - CFD: 15/02/2013 - 18:14:39 - [2,115] ----D C:\Program Files\CCleaner O43 - CFD: 27/01/2013 - 19:18:30 - [927,122] ----D C:\Program Files\Common Files O43 - CFD: 09/05/2008 - 02:59:45 - [4,553] ----D C:\Program Files\CyberLink O43 - CFD: 13/04/2010 - 12:15:12 - [0] ----D C:\Program Files\DivX O43 - CFD: 27/01/2013 - 19:18:30 - [6,146] ----D C:\Program Files\DVDVideoSoft O43 - CFD: 27/05/2009 - 15:40:11 - [-1291,172] ----D C:\Program Files\EA GAMES O43 - CFD: 08/02/2009 - 16:00:31 - [0] ----D C:\Program Files\eMule O43 - CFD: 21/02/2011 - 19:40:37 - [16,388] ----D C:\Program Files\epson O43 - CFD: 21/02/2011 - 19:42:35 - [160,622] ----D C:\Program Files\Epson Software O43 - CFD: 21/02/2011 - 19:36:57 - [31,640] ----D C:\Program Files\EpsonNet O43 - CFD: 09/05/2008 - 03:33:20 - [16,845] ----D C:\Program Files\eSobi O43 - CFD: 25/12/2008 - 11:51:54 - [0] R---D C:\Program Files\Fichiers communs O43 - CFD: 03/10/2010 - 17:44:30 - [38,061] ----D C:\Program Files\FrostWire O43 - CFD: 19/12/2012 - 19:08:00 - [343,814] ----D C:\Program Files\Google O43 - CFD: 22/01/2012 - 18:51:20 - [119,548] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 14/02/2013 - 12:28:50 - [6,591] ----D C:\Program Files\Internet Explorer O43 - CFD: 18/08/2012 - 09:20:41 - [2,259] ----D C:\Program Files\iPod O43 - CFD: 18/08/2012 - 09:21:37 - [149,103] ----D C:\Program Files\iTunes O43 - CFD: 15/02/2013 - 10:46:29 - [279,795] ----D C:\Program Files\Java O43 - CFD: 24/05/2009 - 12:29:35 - [15,529] ----D C:\Program Files\JRE O43 - CFD: 27/05/2009 - 18:29:05 - [6,532] ----D C:\Program Files\KaraFun O43 - CFD: 07/05/2011 - 19:21:26 - [8,153] ----D C:\Program Files\Kreatives.org O43 - CFD: 03/10/2010 - 13:56:33 - [1,944] ----D C:\Program Files\Lexmark O43 - CFD: 03/10/2010 - 14:03:37 - [2,685] ----D C:\Program Files\Lexmark S300-S400 Series O43 - CFD: 21/01/2012 - 15:47:03 - [56,765] ----D C:\Program Files\LG PC Suite O43 - CFD: 16/04/2009 - 18:45:56 - [8,128] ----D C:\Program Files\LimeWire O43 - CFD: 09/05/2008 - 02:33:37 - [0] ----D C:\Program Files\log O43 - CFD: 26/12/2008 - 15:54:17 - [0,539] ----D C:\Program Files\Logitech O43 - CFD: 27/05/2009 - 18:29:41 - [0,166] ----D C:\Program Files\MadCaps O43 - CFD: 15/02/2013 - 11:22:55 - [12,650] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 15/02/2013 - 18:14:39 - [11,075] ----D C:\Program Files\McAfee Security Scan O43 - CFD: 17/07/2010 - 13:59:53 - [12,999] ----D C:\Program Files\Messenger Plus! Live O43 - CFD: 17/07/2012 - 16:18:45 - [0,502] ----D C:\Program Files\Microsoft O43 - CFD: 02/11/2006 - 13:37:34 - [89,117] ----D C:\Program Files\Microsoft Games O43 - CFD: 26/06/2012 - 12:14:22 - [614,755] ----D C:\Program Files\Microsoft Office O43 - CFD: 13/05/2012 - 14:27:39 - [36,641] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 08/07/2009 - 15:53:57 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 30/09/2009 - 18:40:34 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 30/09/2009 - 18:38:03 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 23/10/2009 - 16:53:36 - [144,853] ----D C:\Program Files\Microsoft Works O43 - CFD: 09/05/2008 - 03:17:43 - [7,774] ----D C:\Program Files\Microsoft.NET O43 - CFD: 14/08/2010 - 17:03:57 - [94,740] ----D C:\Program Files\Movie Maker O43 - CFD: 06/02/2013 - 21:30:19 - [46,249] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 11/02/2013 - 16:47:17 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service O43 - CFD: 30/09/2009 - 18:40:46 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 26/11/2009 - 17:13:21 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 08/05/2009 - 16:02:41 - [114,934] ----D C:\Program Files\Mystery Case Files - Retour a Ravenhearst O43 - CFD: 29/07/2009 - 20:29:01 - [0,836] ----D C:\Program Files\Navilog1 O43 - CFD: 21/01/2012 - 15:56:19 - [2,544] ----D C:\Program Files\Nero O43 - CFD: 09/05/2008 - 03:32:28 - [219,333] ----D C:\Program Files\NewTech Infosystems O43 - CFD: 30/05/2010 - 12:38:29 - [287,340] ----D C:\Program Files\NovaLogic O43 - CFD: 22/11/2012 - 08:38:14 - [552,441] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 08/05/2009 - 15:39:15 - [0,009] ----D C:\Program Files\Oberon Media O43 - CFD: 24/05/2009 - 12:30:41 - [357,472] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 08/05/2009 - 15:37:26 - [10,506] ----D C:\Program Files\orange O43 - CFD: 27/12/2008 - 15:05:14 - [3,389] ----D C:\Program Files\PhotoFiltre O43 - CFD: 09/05/2008 - 02:33:44 - [0,061] ----D C:\Program Files\profile O43 - CFD: 03/10/2010 - 14:31:17 - [72,801] ----D C:\Program Files\QuickTime O43 - CFD: 09/05/2008 - 02:43:39 - [16,482] ----D C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 13:37:34 - [36,069] ----D C:\Program Files\Reference Assemblies O43 - CFD: 08/05/2009 - 15:20:33 - [0,019] ----D C:\Program Files\ReflexiveArcade O43 - CFD: 21/02/2009 - 14:12:47 - [9,510] ----D C:\Program Files\Registry Mechanic O43 - CFD: 15/12/2012 - 15:01:10 - [0,000] ----D C:\Program Files\Remote Mouse O43 - CFD: 22/06/2009 - 17:47:22 - [258,094] ----D C:\Program Files\Roxio O43 - CFD: 03/10/2010 - 14:22:09 - [40,340] ----D C:\Program Files\Safari O43 - CFD: 19/12/2012 - 16:30:42 - [52,847] ----D C:\Program Files\Spybot - Search & Destroy O43 - CFD: 10/02/2009 - 10:19:23 - [0] ----D C:\Program Files\Star Downloader O43 - CFD: 29/07/2009 - 16:15:00 - [0,775] ----D C:\Program Files rend micro O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 31/12/2008 - 12:25:35 - [59,123] ----D C:\Program Files\VideoLAN O43 - CFD: 15/02/2009 - 13:49:43 - [94,102] ----D C:\Program Files\VSO O43 - CFD: 01/06/2010 - 19:16:12 - [0,970] ----D C:\Program Files\Windows Calendar O43 - CFD: 01/06/2010 - 19:16:11 - [2,610] ----D C:\Program Files\Windows Collaboration O43 - CFD: 01/06/2010 - 19:16:07 - [4,283] ----D C:\Program Files\Windows Defender O43 - CFD: 13/05/2012 - 14:26:21 - [6,757] ----D C:\Program Files\Windows Journal O43 - CFD: 17/07/2012 - 16:16:24 - [141,128] ----D C:\Program Files\Windows Live O43 - CFD: 17/12/2010 - 20:23:43 - [8,694] ----D C:\Program Files\Windows Mail O43 - CFD: 16/10/2010 - 13:29:41 - [4,286] ----D C:\Program Files\Windows Media Player O43 - CFD: 25/12/2008 - 11:51:54 - [7,589] ----D C:\Program Files\Windows NT O43 - CFD: 01/06/2010 - 19:16:10 - [12,902] ----D C:\Program Files\Windows Photo Gallery O43 - CFD: 17/07/2012 - 15:56:48 - [0,128] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 01/06/2010 - 19:16:12 - [6,225] ----D C:\Program Files\Windows Sidebar O43 - CFD: 21/11/2009 - 22:00:02 - [3,740] ----D C:\Program Files\WinRAR O43 - CFD: 08/07/2009 - 15:40:13 - [0] ----D C:\Program Files\Yahoo! O43 - CFD: 16/02/2013 - 11:15:33 - [11,465] ----D C:\Program Files\ZHPDiag O43 - CFD: 26/01/2013 - 13:52:56 - [3,722] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 18/08/2012 - 09:20:39 - [110,050] ----D C:\Program Files\Common Files\Apple O43 - CFD: 09/05/2008 - 03:17:52 - [0,089] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 27/01/2013 - 19:18:40 - [65,816] ----D C:\Program Files\Common Files\DVDVideoSoft O43 - CFD: 21/02/2011 - 19:36:38 - [1,872] ----D C:\Program Files\Common Files\EPSON O43 - CFD: 22/06/2009 - 17:45:35 - [7,264] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 15/02/2013 - 10:47:55 - [30,837] ----D C:\Program Files\Common Files\Java O43 - CFD: 09/05/2008 - 03:32:03 - [6,846] ----D C:\Program Files\Common Files\LightScribe O43 - CFD: 17/07/2012 - 16:12:25 - [441,120] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 21/01/2012 - 16:16:07 - [0] ----D C:\Program Files\Common Files\Nero O43 - CFD: 08/05/2009 - 15:37:26 - [0,453] ----D C:\Program Files\Common Files\Oberon Media O43 - CFD: 14/06/2009 - 15:49:59 - [0,913] ----D C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 22/06/2009 - 17:48:19 - [158,578] ----D C:\Program Files\Common Files\Roxio Shared O43 - CFD: 26/12/2008 - 20:23:29 - [1,291] ----D C:\Program Files\Common Files\Sandlot Shared O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 18/07/2012 - 20:47:16 - [40,820] ----D C:\Program Files\Common Files\System O43 - CFD: 25/12/2008 - 12:56:49 - [0] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 27/12/2008 - 12:19:22 - [18,252] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD: 21/01/2012 - 15:43:58 - [0,050] ----D C:\ProgramData\ABBYY O43 - CFD: 09/05/2008 - 03:04:50 - [0,015] ----D C:\ProgramData\Acer GameZone Console O43 - CFD: 30/01/2013 - 07:44:21 - [194,944] ----D C:\ProgramData\Adobe O43 - CFD: 18/02/2010 - 10:59:19 - [118,294] ----D C:\ProgramData\Apple O43 - CFD: 18/02/2010 - 10:56:12 - [109,481] ----D C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Application Data O43 - CFD: 04/03/2009 - 14:10:09 - [0,971] ----D C:\ProgramData\Arcade Lab O43 - CFD: 30/09/2009 - 13:37:57 - [173,749] ----D C:\ProgramData\Avira O43 - CFD: 25/12/2008 - 11:51:54 - [0] --H-D C:\ProgramData\Bureau O43 - CFD: 07/01/2009 - 14:47:58 - [0,040] ----D C:\ProgramData\CyberLink O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Desktop O43 - CFD: 13/04/2010 - 12:15:01 - [0,250] ----D C:\ProgramData\DivX O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Documents O43 - CFD: 21/02/2011 - 19:34:30 - [8,129] ----D C:\ProgramData\EPSON O43 - CFD: 26/12/2008 - 20:21:27 - [0,000] ----D C:\ProgramData\eSobi O43 - CFD: 25/12/2008 - 11:51:54 - [0] --H-D C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Favorites O43 - CFD: 09/05/2008 - 03:05:30 - [0] ----D C:\ProgramData\FloodLightGames O43 - CFD: 27/02/2010 - 14:14:39 - [0,511] ----D C:\ProgramData\Google O43 - CFD: 30/09/2009 - 13:16:49 - [57,748] ----D C:\ProgramData\Kaspersky Lab Setup Files O43 - CFD: 14/04/2009 - 00:02:51 - [0,001] ----D C:\ProgramData\LightScribe O43 - CFD: 22/07/2010 - 11:52:28 - [0] ----D C:\ProgramData\loadrefbias O43 - CFD: 03/10/2010 - 14:03:55 - [0,001] ----D C:\ProgramData\lx_Cats O43 - CFD: 29/07/2009 - 17:05:22 - [6,741] ----D C:\ProgramData\Malwarebytes O43 - CFD: 09/11/2012 - 10:00:44 - [0,208] ----D C:\ProgramData\McAfee O43 - CFD: 09/11/2012 - 10:00:52 - [0,001] ----D C:\ProgramData\McAfee Security Scan O43 - CFD: 25/12/2008 - 11:51:54 - [0] --H-D C:\ProgramData\Menu Démarrer O43 - CFD: 24/01/2010 - 10:59:20 - [0,136] ----D C:\ProgramData\Messenger Plus! O43 - CFD: 17/07/2012 - 16:13:00 - [347,093] -S--D C:\ProgramData\Microsoft O43 - CFD: 14/02/2013 - 10:53:37 - [0,062] ----D C:\ProgramData\Microsoft Help O43 - CFD: 01/07/2012 - 21:32:20 - [0] ----D C:\ProgramData\Microsoft SkyDrive O43 - CFD: 25/12/2008 - 11:51:54 - [0] --H-D C:\ProgramData\Modèles O43 - CFD: 26/04/2012 - 13:00:12 - [0,034] ----D C:\ProgramData\Mozilla O43 - CFD: 21/01/2012 - 16:05:49 - [0,474] ----D C:\ProgramData\Nero O43 - CFD: 15/02/2009 - 14:01:29 - [0] ----D C:\ProgramData\NtiDvdCopy O43 - CFD: 16/02/2013 - 11:10:04 - [2,423] ----D C:\ProgramData\NVIDIA O43 - CFD: 22/11/2012 - 08:34:44 - [1,042] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 22/06/2009 - 17:47:22 - [4,050] ----D C:\ProgramData\Roxio O43 - CFD: 26/12/2008 - 20:22:32 - [0,000] ----D C:\ProgramData\Sandlot Games O43 - CFD: 25/12/2008 - 17:43:13 - [0,000] ----D C:\ProgramData\SiteAdvisor O43 - CFD: 14/02/2013 - 22:52:09 - [117,970] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 02/11/2006 - 14:02:03 - [0] --H-D C:\ProgramData\Start Menu O43 - CFD: 15/02/2013 - 10:47:56 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 16/02/2013 - 11:10:14 - [0] ---AD C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 14:02:04 - [0] --H-D C:\ProgramData\Templates O43 - CFD: 21/02/2011 - 19:43:46 - [0,003] ----D C:\ProgramData\UDL O43 - CFD: 14/06/2009 - 15:39:52 - [0,040] ----D C:\ProgramData\Vso O43 - CFD: 27/12/2008 - 12:16:59 - [1,421] ----D C:\ProgramData\WLInstaller O43 - CFD: 09/05/2008 - 03:20:22 - [6,585] ----D C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} O43 - CFD: 20/08/2010 - 18:35:57 - [0,516] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 18/02/2010 - 10:56:54 - [0,002] ----D C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} O43 - CFD: 07/03/2009 - 19:45:20 - [0] -SH-D C:\Users\Mavina\AppData\Roaming\.# O43 - CFD: 09/05/2008 - 03:04:50 - [0,032] ----D C:\Users\Mavina\AppData\Roaming\Acer GameZone Console O43 - CFD: 30/01/2013 - 07:42:52 - [3,820] ----D C:\Users\Mavina\AppData\Roaming\Adobe O43 - CFD: 18/09/2012 - 13:06:18 - [-1616,717] ----D C:\Users\Mavina\AppData\Roaming\Apple Computer O43 - CFD: 08/07/2009 - 11:04:15 - [0,000] ----D C:\Users\Mavina\AppData\Roaming\ArcSoft O43 - CFD: 11/05/2011 - 15:29:45 - [0,001] ----D C:\Users\Mavina\AppData\Roaming\Audacity O43 - CFD: 04/03/2009 - 13:30:07 - [1,905] ----D C:\Users\Mavina\AppData\Roaming\Big Fish Games O43 - CFD: 21/01/2012 - 15:46:22 - [0] ----D C:\Users\Mavina\AppData\Roaming\COWON O43 - CFD: 15/02/2009 - 13:58:37 - [0] ----D C:\Users\Mavina\AppData\Roaming\CyberLink O43 - CFD: 03/05/2009 - 15:35:54 - [0,006] ----D C:\Users\Mavina\AppData\Roaming\DeepBurner O43 - CFD: 25/12/2008 - 12:19:34 - [9,406] ----D C:\Users\Mavina\AppData\Roaming\Desperate Housewives O43 - CFD: 12/06/2011 - 14:57:03 - [0,000] ----D C:\Users\Mavina\AppData\Roaming\dvdcss O43 - CFD: 27/01/2013 - 19:22:03 - [0,718] ----D C:\Users\Mavina\AppData\Roaming\DVDVideoSoft O43 - CFD: 27/01/2013 - 19:18:54 - [0,000] ----D C:\Users\Mavina\AppData\Roaming\DVDVideoSoftIEHelpers O43 - CFD: 21/02/2011 - 19:49:08 - [0,007] ----D C:\Users\Mavina\AppData\Roaming\Epson O43 - CFD: 26/12/2008 - 20:21:24 - [0,296] ----D C:\Users\Mavina\AppData\Roaming\eSobi O43 - CFD: 16/06/2010 - 15:21:44 - [5,455] ----D C:\Users\Mavina\AppData\Roaming\Facebook O43 - CFD: 15/02/2013 - 09:42:22 - [3,287] ----D C:\Users\Mavina\AppData\Roaming\FrostWire O43 - CFD: 07/05/2011 - 19:22:51 - [0,002] ----D C:\Users\Mavina\AppData\Roaming\GetRightToGo O43 - CFD: 12/03/2009 - 18:27:55 - [0] ----D C:\Users\Mavina\AppData\Roaming\Google O43 - CFD: 26/05/2010 - 14:34:26 - [0,000] ----D C:\Users\Mavina\AppData\Roaming\gtk-2.0 O43 - CFD: 25/12/2008 - 11:56:51 - [0] ----D C:\Users\Mavina\AppData\Roaming\Identities O43 - CFD: 15/02/2009 - 14:04:53 - [0,261] ----D C:\Users\Mavina\AppData\Roaming\InfraRecorder O43 - CFD: 25/12/2008 - 12:00:49 - [0] ----D C:\Users\Mavina\AppData\Roaming\InstallShield O43 - CFD: 31/01/2009 - 16:27:37 - [0,031] ----D C:\Users\Mavina\AppData\Roaming\LG Electronics O43 - CFD: 16/04/2009 - 18:45:22 - [94,944] ----D C:\Users\Mavina\AppData\Roaming\LimeWire O43 - CFD: 25/12/2008 - 11:57:51 - [0,006] ----D C:\Users\Mavina\AppData\Roaming\Macromedia O43 - CFD: 29/07/2009 - 17:05:28 - [50,963] ----D C:\Users\Mavina\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Mavina\AppData\Roaming\Media Center Programs O43 - CFD: 25/11/2012 - 18:53:08 - [6,273] -S--D C:\Users\Mavina\AppData\Roaming\Microsoft O43 - CFD: 20/07/2010 - 09:53:54 - [37,145] ----D C:\Users\Mavina\AppData\Roaming\Mozilla O43 - CFD: 14/04/2009 - 00:02:58 - [1,482] ----D C:\Users\Mavina\AppData\Roaming\Nero O43 - CFD: 07/03/2009 - 15:49:13 - [2,638] ----D C:\Users\Mavina\AppData\Roaming\OpenOffice.org O43 - CFD: 08/08/2009 - 20:40:19 - [194,100] ----D C:\Users\Mavina\AppData\Roaming\Roxio O43 - CFD: 12/04/2009 - 19:22:46 - [0,008] ----D C:\Users\Mavina\AppData\Roaming\Template O43 - CFD: 31/12/2008 - 12:26:03 - [0,426] ----D C:\Users\Mavina\AppData\Roaming\vlc O43 - CFD: 15/02/2009 - 13:50:14 - [0] ----D C:\Users\Mavina\AppData\Roaming\Vso O43 - CFD: 30/09/2009 - 18:34:01 - [0,000] ----D C:\Users\Mavina\AppData\Roaming\WinRAR O43 - CFD: 02/03/2011 - 13:30:45 - [0,001] ----D C:\Users\Mavina\AppData\Roaming\xm1 O43 - CFD: 25/12/2008 - 12:38:14 - [0] ----D C:\Users\Mavina\AppData\Roaming\Yahoo! O43 - CFD: 21/02/2011 - 19:39:18 - [0] ----D C:\Users\Mavina\AppData\Local\ABBYY O43 - CFD: 07/01/2009 - 14:47:48 - [0,007] ----D C:\Users\Mavina\AppData\Local\Acer Arcade Live O43 - CFD: 14/03/2009 - 14:55:22 - [0,038] ----D C:\Users\Mavina\AppData\Local\Acer DVDivine O43 - CFD: 15/02/2009 - 13:57:17 - [0,006] ----D C:\Users\Mavina\AppData\Local\Acer SlideShow DVD O43 - CFD: 26/01/2013 - 13:52:24 - [15,008] ----D C:\Users\Mavina\AppData\Local\Adobe O43 - CFD: 22/02/2010 - 12:45:33 - [0] ----D C:\Users\Mavina\AppData\Local\Apple O43 - CFD: 03/10/2010 - 17:41:05 - [114,148] ----D C:\Users\Mavina\AppData\Local\Apple Computer O43 - CFD: 25/12/2008 - 11:55:24 - [0] ----D C:\Users\Mavina\AppData\Local\Application Data O43 - CFD: 24/09/2011 - 16:44:01 - [0,023] ----D C:\Users\Mavina\AppData\Local\Ares O43 - CFD: 15/12/2012 - 15:02:22 - [118,483] ----D C:\Users\Mavina\AppData\Local\Google O43 - CFD: 25/12/2008 - 11:55:24 - [0] ----D C:\Users\Mavina\AppData\Local\Historique O43 - CFD: 17/10/2012 - 14:55:36 - [0] ----D C:\Users\Mavina\AppData\Local\Macromedia O43 - CFD: 15/02/2009 - 13:58:37 - [0] ----D C:\Users\Mavina\AppData\Local\MakeDisc O43 - CFD: 27/01/2013 - 20:50:20 - [1078,308] ----D C:\Users\Mavina\AppData\Local\Microsoft O43 - CFD: 05/08/2012 - 11:12:19 - [0,996] ----D C:\Users\Mavina\AppData\Local\Microsoft Games O43 - CFD: 30/09/2009 - 18:37:27 - [0] ----D C:\Users\Mavina\AppData\Local\Microsoft Help O43 - CFD: 25/12/2008 - 12:22:10 - [68,329] ----D C:\Users\Mavina\AppData\Local\Mozilla O43 - CFD: 25/12/2008 - 11:57:12 - [0] ----D C:\Users\Mavina\AppData\Local\PowerCinema O43 - CFD: 13/12/2012 - 14:49:59 - [0,006] ----D C:\Users\Mavina\AppData\Local\Roxio O43 - CFD: 02/01/2009 - 15:32:04 - [0,000] ----D C:\Users\Mavina\AppData\Local\Sonic_Solutions O43 - CFD: 16/02/2013 - 11:15:45 - [2,396] ----D C:\Users\Mavina\AppData\Local\Temp O43 - CFD: 25/12/2008 - 11:55:24 - [0] ----D C:\Users\Mavina\AppData\Local\Temporary Internet Files O43 - CFD: 25/12/2008 - 13:14:58 - [17,438] ----D C:\Users\Mavina\AppData\Local\VirtualStore O43 - CFD: 18/08/2012 - 20:43:55 - [0,027] ----D C:\Users\Mavina\AppData\Local\Windows Live O43 - CFD: 20/07/2010 - 09:41:33 - [0] ----D C:\Users\Mavina\AppData\Local\Yahoo! O43 - CFD: 26/10/2012 - 16:31:54 - [0] ----D C:\Users\Mavina\AppData\Local\{0277F6EA-28B9-4B57-8266-426031E687BF} O43 - CFD: 30/12/2012 - 11:35:34 - [0] ----D C:\Users\Mavina\AppData\Local\{0384B39B-1B1C-4D34-8D36-011D7C98901D} O43 - CFD: 18/07/2012 - 20:30:15 - [0] ----D C:\Users\Mavina\AppData\Local\{0529FAD2-6714-46C7-A244-957594000726} O43 - CFD: 21/09/2012 - 19:01:22 - [0] ----D C:\Users\Mavina\AppData\Local\{05BCC61F-67E6-44ED-8B95-B0A6A2789A63} O43 - CFD: 13/01/2013 - 10:23:35 - [0] ----D C:\Users\Mavina\AppData\Local\{076D6727-9A5D-45A1-A2C4-D8C98E8361F6} O43 - CFD: 18/07/2012 - 20:30:00 - [0] ----D C:\Users\Mavina\AppData\Local\{08C1D635-235C-43D7-8918-A14FD4D3E1B0} O43 - CFD: 08/11/2012 - 18:53:24 - [0] ----D C:\Users\Mavina\AppData\Local\{09C07537-5F90-40FA-9D36-253C8708B46B} O43 - CFD: 24/09/2012 - 17:26:15 - [0] ----D C:\Users\Mavina\AppData\Local\{0B40EFF7-D45E-4BE7-AD7F-89FB92863F56} O43 - CFD: 17/09/2012 - 14:31:59 - [0] ----D C:\Users\Mavina\AppData\Local\{0FE973A1-527B-4CD8-9E8F-9FC4BB64552C} O43 - CFD: 05/08/2012 - 10:14:25 - [0] ----D C:\Users\Mavina\AppData\Local\{137A3EC8-DC3B-4A41-917E-6F3A63D122C0} O43 - CFD: 15/12/2012 - 11:34:47 - [0] ----D C:\Users\Mavina\AppData\Local\{147521C4-F225-4DAF-BF52-05F2E8F7BBA6} O43 - CFD: 29/11/2012 - 08:18:30 - [0] ----D C:\Users\Mavina\AppData\Local\{16A82E71-3348-42B6-9F1D-A44F2D73168F} O43 - CFD: 19/09/2012 - 16:03:50 - [0] ----D C:\Users\Mavina\AppData\Local\{179C441A-4922-413B-8E2A-EEB1D224F661} O43 - CFD: 29/01/2013 - 18:28:11 - [0] ----D C:\Users\Mavina\AppData\Local\{1880C653-CA57-4564-8821-4A3393B82ED5} O43 - CFD: 12/12/2012 - 16:18:04 - [0] ----D C:\Users\Mavina\AppData\Local\{190BD1EA-3CCD-420C-92D0-916CAC8C8B25} O43 - CFD: 07/01/2013 - 21:16:21 - [0] ----D C:\Users\Mavina\AppData\Local\{1A4C5936-F31E-453F-A427-ACA3FC7D01CB} O43 - CFD: 20/10/2012 - 11:43:19 - [0] ----D C:\Users\Mavina\AppData\Local\{1B129B94-F3F0-4E49-BE30-7E0954B6CE11} O43 - CFD: 09/01/2013 - 16:48:48 - [0] ----D C:\Users\Mavina\AppData\Local\{1C7C9926-C693-40F4-894D-B769A530071D} O43 - CFD: 23/11/2012 - 08:42:20 - [0] ----D C:\Users\Mavina\AppData\Local\{1DAF2B0C-539B-4B02-8FC3-7FA8047B107D} O43 - CFD: 23/07/2012 - 13:35:28 - [0] ----D C:\Users\Mavina\AppData\Local\{1F953042-3545-4158-A79C-0C190E752768} O43 - CFD: 08/02/2013 - 18:28:54 - [0] ----D C:\Users\Mavina\AppData\Local\{21F58AEC-25BB-4268-BA1E-E8CB3676AC8F} O43 - CFD: 18/08/2012 - 08:42:55 - [0] ----D C:\Users\Mavina\AppData\Local\{24197DCB-0FF3-435B-B0B4-B141CB77B72A} O43 - CFD: 07/10/2012 - 09:56:49 - [0] ----D C:\Users\Mavina\AppData\Local\{24946FB0-E1EA-49FE-9947-0E33030E401A} O43 - CFD: 15/09/2012 - 09:23:23 - [0] ----D C:\Users\Mavina\AppData\Local\{256CEDF9-721C-4BA1-87B8-9265239A5209} O43 - CFD: 28/09/2012 - 17:43:35 - [0] ----D C:\Users\Mavina\AppData\Local\{2596030D-8CE3-49DE-A6FC-FD96ADBA08FA} O43 - CFD: 12/02/2013 - 19:56:07 - [0] ----D C:\Users\Mavina\AppData\Local\{2974F3DB-510B-4B1E-B154-7730E0F70632} O43 - CFD: 30/01/2013 - 18:46:05 - [0] ----D C:\Users\Mavina\AppData\Local\{298655D4-8448-4070-981B-C72D6A4FBCF4} O43 - CFD: 09/11/2012 - 21:58:17 - [0] ----D C:\Users\Mavina\AppData\Local\{29EB9BD7-D61D-4DAD-8633-7BB3A81B7B23} O43 - CFD: 31/08/2012 - 10:17:28 - [0] ----D C:\Users\Mavina\AppData\Local\{333C4913-861F-4BD3-98CA-D7C8FA4669C8} O43 - CFD: 24/11/2012 - 10:17:35 - [0] ----D C:\Users\Mavina\AppData\Local\{33463B6F-89A9-4901-9531-26F219D7F4CC} O43 - CFD: 22/11/2012 - 08:28:11 - [0] ----D C:\Users\Mavina\AppData\Local\{37BC90F3-DE50-455B-8C7C-6BD0521C6139} O43 - CFD: 03/01/2013 - 15:53:36 - [0] ----D C:\Users\Mavina\AppData\Local\{37CB6515-42BC-4EE8-B982-A41C1CB78FB5} O43 - CFD: 20/11/2012 - 19:00:44 - [0] ----D C:\Users\Mavina\AppData\Local\{3824FA46-E526-49C1-9ED8-33EA3CF5F191} O43 - CFD: 07/11/2012 - 12:14:00 - [0] ----D C:\Users\Mavina\AppData\Local\{3968758A-9A79-46F6-81DD-724055A9FDD0} O43 - CFD: 16/02/2013 - 10:30:18 - [0] ----D C:\Users\Mavina\AppData\Local\{39AA407E-9B54-42DC-A283-7AC71D156F33} O43 - CFD: 05/12/2012 - 19:12:15 - [0] ----D C:\Users\Mavina\AppData\Local\{39B8797B-93F0-4E36-9A29-8C5C7E4E62D9} O43 - CFD: 03/09/2012 - 18:34:34 - [0] ----D C:\Users\Mavina\AppData\Local\{39CD3743-8052-4959-B37D-414F18F998CD} O43 - CFD: 15/11/2012 - 20:23:14 - [0] ----D C:\Users\Mavina\AppData\Local\{3B3CF708-3E33-45DA-968F-AED592628208} O43 - CFD: 18/08/2012 - 08:42:35 - [0] ----D C:\Users\Mavina\AppData\Local\{3C80A447-A845-4AF1-84CB-AF44621494A5} O43 - CFD: 17/01/2013 - 19:44:09 - [0] ----D C:\Users\Mavina\AppData\Local\{3DDCC9F9-C7FC-4BD3-B9C4-E4CC54FA75A6} O43 - CFD: 19/07/2012 - 14:20:36 - [0] ----D C:\Users\Mavina\AppData\Local\{3DE5FA2C-DB2A-4177-8657-E70F13AEC5E8} O43 - CFD: 02/02/2013 - 19:08:34 - [0] ----D C:\Users\Mavina\AppData\Local\{3F1C2E08-695D-4613-AF5C-7132E0EAF9F1} O43 - CFD: 16/11/2012 - 18:45:40 - [0] ----D C:\Users\Mavina\AppData\Local\{41B7B185-91F1-41B1-8C6A-D737CAC8804C} O43 - CFD: 27/10/2012 - 09:51:52 - [0] ----D C:\Users\Mavina\AppData\Local\{428FEC39-E041-4462-B1FB-0A2E5611EFB6} O43 - CFD: 24/07/2012 - 21:37:16 - [0] ----D C:\Users\Mavina\AppData\Local\{463B9AE2-784E-4B2F-834D-F928378D515F} O43 - CFD: 06/08/2012 - 10:39:48 - [0] ----D C:\Users\Mavina\AppData\Local\{4AB87ECC-20D6-4228-9C95-3A4EF40B9A7C} O43 - CFD: 14/02/2013 - 17:27:44 - [0] ----D C:\Users\Mavina\AppData\Local\{4C3A5DE5-20BB-4A80-9343-19FFE118BD4A} O43 - CFD: 29/07/2012 - 15:51:37 - [0] ----D C:\Users\Mavina\AppData\Local\{4DA01A02-784A-41FA-A4B6-D38443DD6095} O43 - CFD: 11/10/2012 - 13:01:42 - [0] ----D C:\Users\Mavina\AppData\Local\{4E01A1B3-7519-468E-9C7A-64A17A6328E6} O43 - CFD: 16/12/2012 - 13:26:16 - [0] ----D C:\Users\Mavina\AppData\Local\{516CBDE8-6806-45E0-BF4B-712468DFA059} O43 - CFD: 23/01/2013 - 14:10:58 - [0] ----D C:\Users\Mavina\AppData\Local\{51AD5E36-2231-442E-B67F-95293F3F0C3D} O43 - CFD: 04/12/2012 - 15:27:33 - [0] ----D C:\Users\Mavina\AppData\Local\{51C03336-4210-4DD4-A5F0-2180C859086F} O43 - CFD: 25/07/2012 - 20:22:36 - [0] ----D C:\Users\Mavina\AppData\Local\{51ED4BEC-A415-4D16-8EA4-7E9A5D163B70} O43 - CFD: 02/10/2012 - 14:14:28 - [0] ----D C:\Users\Mavina\AppData\Local\{533DB584-562B-42E6-9B76-FCC3B78A6280} O43 - CFD: 12/11/2012 - 13:56:06 - [0] ----D C:\Users\Mavina\AppData\Local\{544A6B03-A1CC-4597-9D6C-04F2E2DA1454} O43 - CFD: 28/08/2012 - 21:27:52 - [0] ----D C:\Users\Mavina\AppData\Local\{546D8BAE-32E2-4AC7-AF52-E35447E7C721} O43 - CFD: 23/07/2012 - 13:35:38 - [0] ----D C:\Users\Mavina\AppData\Local\{54A73B0D-180C-4329-A0FD-A7FF0CEA4779} O43 - CFD: 20/09/2012 - 18:00:27 - [0] ----D C:\Users\Mavina\AppData\Local\{55CBC311-C8E7-42E3-8E12-C6D943515EC5} O43 - CFD: 24/07/2012 - 21:37:26 - [0] ----D C:\Users\Mavina\AppData\Local\{55E2E213-ACF9-4612-B1A5-5A73FF5BFF9E} O43 - CFD: 26/11/2012 - 07:08:24 - [0] ----D C:\Users\Mavina\AppData\Local\{5748598D-A900-4B18-9142-A8C2C55A4B17} O43 - CFD: 30/10/2012 - 18:50:18 - [0] ----D C:\Users\Mavina\AppData\Local\{59DFC2BB-228E-4702-8C62-27A3391463B3} O43 - CFD: 05/11/2012 - 10:58:45 - [0] ----D C:\Users\Mavina\AppData\Local\{5B1D5811-3E30-4A28-A34F-8B6F9A577108} O43 - CFD: 25/09/2012 - 09:21:33 - [0] ----D C:\Users\Mavina\AppData\Local\{5BFD4972-BA65-4387-818F-36571AD5D714} O43 - CFD: 26/01/2013 - 13:34:34 - [0] ----D C:\Users\Mavina\AppData\Local\{5F87A6B3-D579-4A7C-83DF-C33EEFA1E3B2} O43 - CFD: 09/09/2012 - 20:18:00 - [0] ----D C:\Users\Mavina\AppData\Local\{60EC6460-0C81-4277-9EF7-19EBC58B1F48} O43 - CFD: 01/12/2012 - 09:13:53 - [0] ----D C:\Users\Mavina\AppData\Local\{6459915E-B0FC-45DC-A12C-A807A54ACE29} O43 - CFD: 21/08/2012 - 08:57:00 - [0] ----D C:\Users\Mavina\AppData\Local\{65BBFC78-12CA-4990-B8FF-ECF5EB38EB5B} O43 - CFD: 06/08/2012 - 07:40:40 - [0] ----D C:\Users\Mavina\AppData\Local\{6B8E7F1D-67A7-4618-974C-286B1ABFD47F} O43 - CFD: 29/01/2013 - 18:18:44 - [0] ----D C:\Users\Mavina\AppData\Local\{6C164C4C-27CD-45CA-8647-47AF9F4EABC2} O43 - CFD: 16/08/2012 - 16:10:28 - [0] ----D C:\Users\Mavina\AppData\Local\{6EC7CC06-D27E-4D49-8514-5BE7C5B10973} O43 - CFD: 04/11/2012 - 11:50:56 - [0] ----D C:\Users\Mavina\AppData\Local\{70CC5924-1FB9-4948-B10F-1A7882647842} O43 - CFD: 29/09/2012 - 10:37:55 - [0] ----D C:\Users\Mavina\AppData\Local\{73BD57F8-DFA2-47B5-A586-6252E72D0828} O43 - CFD: 16/01/2013 - 15:29:00 - [0] ----D C:\Users\Mavina\AppData\Local\{74678D3F-888F-452C-B096-7CF80544E8A8} O43 - CFD: 06/08/2012 - 22:50:49 - [0] ----D C:\Users\Mavina\AppData\Local\{75B6F35B-8900-4E1C-BC5A-4FFDD4FEDCE1} O43 - CFD: 17/07/2012 - 16:22:12 - [0] ----D C:\Users\Mavina\AppData\Local\{78ADC10A-6FF7-493D-93ED-09455D83BC1F} O43 - CFD: 30/01/2013 - 06:45:41 - [0] ----D C:\Users\Mavina\AppData\Local\{78E6A708-8FBF-44CF-AEB4-BF7102B16B61} O43 - CFD: 05/08/2012 - 15:30:56 - [0] ----D C:\Users\Mavina\AppData\Local\{7A87C581-C515-440D-8DE5-AC238DBA31E5} O43 - CFD: 01/10/2012 - 17:59:35 - [0] ----D C:\Users\Mavina\AppData\Local\{7AD21567-ED7C-4B79-9A51-6D1336091728} O43 - CFD: 31/08/2012 - 22:17:54 - [0] ----D C:\Users\Mavina\AppData\Local\{7FD9D32B-1EBE-4069-B33A-002408059E8F} O43 - CFD: 18/09/2012 - 08:22:40 - [0] ----D C:\Users\Mavina\AppData\Local\{800BBC88-648C-49E2-AB0E-2BB8D4B19B19} O43 - CFD: 17/07/2012 - 16:21:42 - [0] ----D C:\Users\Mavina\AppData\Local\{809FC56D-6E38-48BA-B091-7F450B076297} O43 - CFD: 08/09/2012 - 10:01:04 - [0] ----D C:\Users\Mavina\AppData\Local\{83A1DC3D-F0DC-495F-97AF-CC5EFD258731} O43 - CFD: 24/10/2012 - 10:38:02 - [0] ----D C:\Users\Mavina\AppData\Local\{84EC366C-E343-4456-B21A-0A892598A116} O43 - CFD: 02/12/2012 - 12:35:28 - [0] ----D C:\Users\Mavina\AppData\Local\{85449EC0-57B7-4748-BCB0-56767936F9FE} O43 - CFD: 07/08/2012 - 06:53:42 - [0] ----D C:\Users\Mavina\AppData\Local\{866C119D-DE47-46A4-B1C3-2C28A9C5D359} O43 - CFD: 30/07/2012 - 15:29:10 - [0] ----D C:\Users\Mavina\AppData\Local\{87236C6C-D00A-47A5-AB7F-6EC4E6017530} O43 - CFD: 24/08/2012 - 10:39:37 - [0] ----D C:\Users\Mavina\AppData\Local\{8C33F2B9-64CF-4311-8362-36F00F5D46B7} O43 - CFD: 18/08/2012 - 20:43:53 - [0] ----D C:\Users\Mavina\AppData\Local\{922F65F5-98E0-4F46-B17C-3A6F3F53C1DF} O43 - CFD: 20/08/2012 - 15:08:24 - [0] ----D C:\Users\Mavina\AppData\Local\{95E13187-E7EA-4C9F-922C-F67F5035C788} O43 - CFD: 02/10/2012 - 18:09:58 - [0] ----D C:\Users\Mavina\AppData\Local\{9B372B82-BD83-44B1-BFDE-C2F93A7E7D9B} O43 - CFD: 20/07/2012 - 21:14:31 - [0] ----D C:\Users\Mavina\AppData\Local\{9C087A0D-366A-4C3E-AE04-A89734E43910} O43 - CFD: 25/11/2012 - 15:10:43 - [0] ----D C:\Users\Mavina\AppData\Local\{9C3C19F7-452C-440E-AE07-D881BD1FFA03} O43 - CFD: 11/11/2012 - 10:51:20 - [0] ----D C:\Users\Mavina\AppData\Local\{9C81CF7F-4387-46E8-BA3A-D6B168E03B2F} O43 - CFD: 15/02/2013 - 08:17:24 - [0] ----D C:\Users\Mavina\AppData\Local\{9EB64B5C-88AD-42FB-A48D-72EC9DF76B68} O43 - CFD: 26/09/2012 - 14:48:58 - [0] ----D C:\Users\Mavina\AppData\Local\{A00868E0-6673-460F-A4FC-7056A8E4BC99} O43 - CFD: 21/01/2013 - 18:41:49 - [0] ----D C:\Users\Mavina\AppData\Local\{A08A1A45-2071-4E4D-BDA0-0FCA984BC243} O43 - CFD: 10/10/2012 - 16:43:53 - [0] ----D C:\Users\Mavina\AppData\Local\{A18E1EE3-3D72-4EDA-8443-5F85FC947932} O43 - CFD: 01/09/2012 - 11:23:29 - [0] ----D C:\Users\Mavina\AppData\Local\{A2E8BB02-DB58-4A2B-A308-C152B3F0B2C7} O43 - CFD: 17/12/2012 - 20:54:55 - [0] ----D C:\Users\Mavina\AppData\Local\{A4BEFF75-3562-490D-92E6-00D33A439C8F} O43 - CFD: 27/11/2012 - 08:23:58 - [0] ----D C:\Users\Mavina\AppData\Local\{A7F5A04E-C662-4EDB-A61A-C0B80519140C} O43 - CFD: 07/08/2012 - 12:25:38 - [0] ----D C:\Users\Mavina\AppData\Local\{A8130339-720B-403D-BC59-74C128644159} O43 - CFD: 17/10/2012 - 10:40:21 - [0] ----D C:\Users\Mavina\AppData\Local\{A8C72C36-4A3E-4326-B76D-56A7F30410CE} O43 - CFD: 26/11/2012 - 19:11:02 - [0] ----D C:\Users\Mavina\AppData\Local\{ABC100C7-6503-4658-883E-A869A94EE0DC} O43 - CFD: 22/09/2012 - 13:25:44 - [0] ----D C:\Users\Mavina\AppData\Local\{ABEDF396-4D85-4101-87FE-6E77E0BA6EFA} O43 - CFD: 21/11/2012 - 13:18:44 - [0] ----D C:\Users\Mavina\AppData\Local\{AC933EE6-6E50-4D33-A97D-D7D2C01C157B} O43 - CFD: 07/10/2012 - 10:53:54 - [0] ----D C:\Users\Mavina\AppData\Local\{AC9A4FED-E251-4949-AA40-4C72B83D28F7} O43 - CFD: 16/09/2012 - 19:12:52 - [0] ----D C:\Users\Mavina\AppData\Local\{ACB57809-C16A-4973-8201-E369464FD9FE} O43 - CFD: 26/06/2012 - 12:15:49 - [0] ----D C:\Users\Mavina\AppData\Local\{AF5DE3AA-B8E4-40B6-BB70-2FA789F5BFB3} O43 - CFD: 30/11/2012 - 14:03:18 - [0] ----D C:\Users\Mavina\AppData\Local\{AFEFA07E-F865-4EA1-AED1-BC00995AF149} O43 - CFD: 06/11/2012 - 11:29:14 - [0] ----D C:\Users\Mavina\AppData\Local\{B43B6BB2-2740-4160-AC68-D1F59EA06897} O43 - CFD: 31/01/2013 - 17:28:17 - [0] ----D C:\Users\Mavina\AppData\Local\{B7788E7A-CC8E-490B-B243-CC3FC3BEE967} O43 - CFD: 22/01/2013 - 19:23:51 - [0] ----D C:\Users\Mavina\AppData\Local\{B7962CC3-BAC5-47F5-B945-224556838359} O43 - CFD: 07/08/2012 - 07:22:33 - [0] ----D C:\Users\Mavina\AppData\Local\{B887E7E3-0C28-4F99-A9F3-9FBE45E37842} O43 - CFD: 14/09/2012 - 17:52:15 - [0] ----D C:\Users\Mavina\AppData\Local\{B89765CB-8A85-4958-8758-B15FF236AF5D} O43 - CFD: 18/12/2012 - 21:08:44 - [0] ----D C:\Users\Mavina\AppData\Local\{BF0A9E16-F500-4FFB-81E8-DD5EA13421EA} O43 - CFD: 18/10/2012 - 18:07:51 - [0] ----D C:\Users\Mavina\AppData\Local\{BF4871A3-B60C-440A-97DB-8AE3669CF857} O43 - CFD: 12/09/2012 - 12:16:53 - [0] ----D C:\Users\Mavina\AppData\Local\{BFBC78CD-9D3C-44D4-BF6B-270834D424A1} O43 - CFD: 19/12/2012 - 12:40:26 - [0] ----D C:\Users\Mavina\AppData\Local\{C03FC4CA-B8F9-4F48-9FF0-D9B3B64C7F58} O43 - CFD: 18/12/2012 - 09:08:07 - [0] ----D C:\Users\Mavina\AppData\Local\{C3F94327-947A-4998-8B3C-BE031EC34317} O43 - CFD: 01/09/2012 - 23:49:15 - [0] ----D C:\Users\Mavina\AppData\Local\{C52F4348-9174-418C-8705-658B303F6256} O43 - CFD: 03/10/2012 - 16:17:35 - [0] ----D C:\Users\Mavina\AppData\Local\{C569BC6E-08F9-4946-A7FB-28222F7DE526} O43 - CFD: 19/01/2013 - 10:32:36 - [0] ----D C:\Users\Mavina\AppData\Local\{C664A664-A65F-4D4D-B856-2B1BEFB65CAA} O43 - CFD: 05/08/2012 - 15:30:46 - [0] ----D C:\Users\Mavina\AppData\Local\{C83EE944-3B87-45F2-9302-06B69B4BB387} O43 - CFD: 11/09/2012 - 17:22:09 - [0] ----D C:\Users\Mavina\AppData\Local\{C9FD2417-A529-4F19-9D7E-9FDB3FB8CC4D} O43 - CFD: 13/12/2012 - 14:33:14 - [0] ----D C:\Users\Mavina\AppData\Local\{CD9C4D89-078C-4C18-8FB3-F1DC1E742323} O43 - CFD: 10/01/2013 - 17:16:11 - [0] ----D C:\Users\Mavina\AppData\Local\{CEB8F4BE-1DE9-4B47-A7C2-E20300D929D8} O43 - CFD: 22/08/2012 - 10:38:39 - [0] ----D C:\Users\Mavina\AppData\Local\{CF46A06C-3AB3-4CD3-9033-D561E73B640D} O43 - CFD: 04/09/2012 - 11:59:25 - [0] ----D C:\Users\Mavina\AppData\Local\{D032D5C5-791B-4FBA-8FE6-2936966CB270} O43 - CFD: 01/11/2012 - 09:23:28 - [0] ----D C:\Users\Mavina\AppData\Local\{D0E2F2B7-E8DC-4859-9561-7F692A22FFF5} O43 - CFD: 09/12/2012 - 18:42:49 - [0] ----D C:\Users\Mavina\AppData\Local\{D2C86D8B-49F2-40EE-8A36-940F68DACADA} O43 - CFD: 02/01/2013 - 17:21:12 - [0] ----D C:\Users\Mavina\AppData\Local\{D3109BF8-0D75-488A-A720-EE44D4C9CE1A} O43 - CFD: 17/07/2012 - 13:17:32 - [0] ----D C:\Users\Mavina\AppData\Local\{D50A202C-21AA-4234-A4AF-C4AC284669E8} O43 - CFD: 04/01/2013 - 11:27:51 - [0] ----D C:\Users\Mavina\AppData\Local\{D5CFF0DF-53C3-4FD1-A441-F37DA210B101} O43 - CFD: 19/07/2012 - 14:20:26 - [0] ----D C:\Users\Mavina\AppData\Local\{D68AF2B1-4C37-4167-874E-10E0597E7F88} O43 - CFD: 06/02/2013 - 21:16:49 - [0] ----D C:\Users\Mavina\AppData\Local\{D8096F94-1B0F-4778-8C18-C6B2FE53096B} O43 - CFD: 27/01/2013 - 18:39:20 - [0] ----D C:\Users\Mavina\AppData\Local\{D9F7E975-C3B9-4A34-A6EF-EA82E474846B} O43 - CFD: 13/02/2013 - 14:37:38 - [0] ----D C:\Users\Mavina\AppData\Local\{DA6BD36B-CAA6-4967-817C-43D5F8B23FEC} O43 - CFD: 07/08/2012 - 06:45:21 - [0] ----D C:\Users\Mavina\AppData\Local\{DB9AE354-3090-4DD9-B7F6-79FAE1314344} O43 - CFD: 07/12/2012 - 08:34:52 - [0] ----D C:\Users\Mavina\AppData\Local\{DC1AEA68-A24C-45D6-BBE7-E599F4DEC2BF} O43 - CFD: 01/10/2012 - 18:09:03 - [0] ----D C:\Users\Mavina\AppData\Local\{DD35D9C7-C345-4ABD-968A-61ADEEBFE796} O43 - CFD: 21/10/2012 - 08:28:46 - [0] ----D C:\Users\Mavina\AppData\Local\{DDBAA36A-E217-430D-8E54-5096BA72389F} O43 - CFD: 19/08/2012 - 11:45:44 - [0] ----D C:\Users\Mavina\AppData\Local\{DDD68217-7036-4B30-A4DB-1C251C5BAD11} O43 - CFD: 09/10/2012 - 17:39:58 - [0] ----D C:\Users\Mavina\AppData\Local\{DEB48E09-426D-4771-B49A-5C18CE390DBB} O43 - CFD: 25/07/2012 - 20:22:46 - [0] ----D C:\Users\Mavina\AppData\Local\{E0F6AA16-A72A-4073-A6E0-6C51AB1DAB97} O43 - CFD: 23/10/2012 - 18:05:28 - [0] ----D C:\Users\Mavina\AppData\Local\{E11AF9BF-E4DC-4463-890D-E2AE04DD9653} O43 - CFD: 14/11/2012 - 16:42:38 - [0] ----D C:\Users\Mavina\AppData\Local\{E2381A62-483F-4C07-A657-451A9711EA2C} O43 - CFD: 29/09/2012 - 22:55:40 - [0] ----D C:\Users\Mavina\AppData\Local\{E38489A0-C2AE-4B0C-8AAC-40EDA610AB9B} O43 - CFD: 25/10/2012 - 16:56:13 - [0] ----D C:\Users\Mavina\AppData\Local\{E71F83C6-46B5-4948-9549-EE572F70BEF1} O43 - CFD: 11/02/2013 - 16:48:49 - [0] ----D C:\Users\Mavina\AppData\Local\{E85FCBB0-A63B-4B8E-A0DB-0D16887349A2} O43 - CFD: 04/10/2012 - 20:12:50 - [0] ----D C:\Users\Mavina\AppData\Local\{E8E1B93A-4278-4665-A7D6-E720587F6CC5} O43 - CFD: 05/09/2012 - 09:48:50 - [0] ----D C:\Users\Mavina\AppData\Local\{EA153B5F-79CD-4D41-AF3B-B5CAC421ECF9} O43 - CFD: 21/12/2012 - 14:01:58 - [0] ----D C:\Users\Mavina\AppData\Local\{EA6CC745-3852-4D77-996A-22BB638FD2D4} O43 - CFD: 18/08/2012 - 20:43:43 - [0] ----D C:\Users\Mavina\AppData\Local\{EC132570-A621-49B6-A331-94E9DC1BFE9D} O43 - CFD: 18/10/2012 - 13:58:43 - [0] ----D C:\Users\Mavina\AppData\Local\{EE4A7F1C-27ED-4C56-BB24-D6DE8148AAB5} O43 - CFD: 30/07/2012 - 15:29:21 - [0] ----D C:\Users\Mavina\AppData\Local\{EEF45318-93D6-4402-AB65-12068C2B2C26} O43 - CFD: 15/10/2012 - 18:57:08 - [0] ----D C:\Users\Mavina\AppData\Local\{EF1B3027-17FE-4F89-9159-1D0BB25271B7} O43 - CFD: 20/07/2012 - 21:14:47 - [0] ----D C:\Users\Mavina\AppData\Local\{F02252AD-EEBC-4A15-8059-66238C788191} O43 - CFD: 18/11/2012 - 21:24:34 - [0] ----D C:\Users\Mavina\AppData\Local\{F20D25E2-FABF-4123-A51A-5EBEDEC7B1D6} O43 - CFD: 16/08/2012 - 16:10:17 - [0] ----D C:\Users\Mavina\AppData\Local\{F4CC4DE8-E972-48E1-B981-C5CCEB025850} O43 - CFD: 26/06/2012 - 12:10:06 - [0] ----D C:\Users\Mavina\AppData\Local\{FFB9EE17-30CE-431E-8060-C881AB1B64C1} O43 - CFD: 21/01/2008 - 03:42:46 - [0,015] R---D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 25/12/2008 - 11:56:59 - [0,000] R---D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 15/02/2009 - 14:05:57 - [0,003] ----D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 27/05/2009 - 18:27:54 - [0] ----D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeux sur Orange.fr O43 - CFD: 21/01/2008 - 03:42:46 - [0,001] R---D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 08/05/2009 - 16:02:22 - [0,003] ----D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - Retour a Ravenhearst O43 - CFD: 14/06/2009 - 18:48:41 - [0,001] R---D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 29/07/2009 - 17:07:02 - [0] ----D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UsbFix O43 - CFD: 30/09/2009 - 18:33:10 - [0,002] ----D C:\Users\Mavina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Scan Program Folder in 00mn 56s ---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.000573CF13675E86E6FEBC6045591229] - 16/02/2013 - 11:14:58 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1457161] O44 - LFC:[MD5.CEAF98D916D2B75B8704BEE7680EE0B5] - 16/02/2013 - 11:10:22 ---A- . (...) -- C:\Windows\System32\agent.log [0] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 16/02/2013 - 11:10:19 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0] O44 - LFC:[MD5.5B94B461AEF3D4012AD3675CE78EFB4B] - 16/02/2013 - 11:10:04 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.81F04D7E5B46E472AC58D7A9F3BA9AC5] - 16/02/2013 - 11:09:59 ---A- . (...) -- C:\Windows\PFRO.log [214414] O44 - LFC:[MD5.32D040ECA747C76CB39FBBA1E043F98D] - 16/02/2013 - 11:08:06 ---A- . (...) -- C:\lopR 2.txt [35013] O44 - LFC:[MD5.32D040ECA747C76CB39FBBA1E043F98D] - 16/02/2013 - 11:05:43 ---A- . (...) -- C:\lopR.txt [35013] O44 - LFC:[MD5.0DE630E1A9C610488023DD9944361B99] - 15/02/2013 - 18:14:36 ---A- . (...) -- C:\Windows tbtlog.txt [136954] O44 - LFC:[MD5.CD9356AE6C61E9AEBADDF49843424AD9] - 15/02/2013 - 11:09:07 ---A- . (...) -- C:\AdwCleaner[S3].txt [1401] O44 - LFC:[MD5.A3A2A96592F357266EBD603672057A2C] - 15/02/2013 - 11:08:26 ---A- . (...) -- C:\AdwCleaner[R3].txt [1339] O44 - LFC:[MD5.C6C18E5CF8B935E4351929440C822E0B] - 15/02/2013 - 10:50:31 ---A- . (...) -- C:\AdwCleaner[S2].txt [2925] O44 - LFC:[MD5.639C726FF901F36892F522D0875FDD5F] - 15/02/2013 - 10:50:10 ---A- . (...) -- C:\AdwCleaner[R2].txt [2840] O44 - LFC:[MD5.E828134279A6BB5EF3032F9B88D335F9] - 15/02/2013 - 10:46:48 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge.dll [94112] O44 - LFC:[MD5.FBE59F564DFEEBBFCDBBDFAB54C64501] - 15/02/2013 - 10:46:44 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [262560] O44 - LFC:[MD5.BB8996FE972847B5879FDE24F24F034E] - 15/02/2013 - 10:46:43 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [782240] O44 - LFC:[MD5.4951D2D49B400A1A722BC48FADEBD6F4] - 15/02/2013 - 10:46:43 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [174496] O44 - LFC:[MD5.ABC4230E67C8E68E070A22C1E4A8F673] - 15/02/2013 - 10:46:43 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [174496] O44 - LFC:[MD5.2616B4D6D04F18C579B7861F02B0B592] - 15/02/2013 - 10:46:43 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32 pDeployJava1.dll [861088] O44 - LFC:[MD5.A428ECBFD3D707142F31085B99DF93BA] - 14/02/2013 - 12:31:35 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [420176] O44 - LFC:[MD5.6280A479148CAEAD59E17A0CC3789161] - 13/02/2013 - 15:02:22 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [697712] O44 - LFC:[MD5.3E5633C0E3B4FE04E6EBFFA597227617] - 13/02/2013 - 15:02:22 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [74096] ~ Scan Files in 01mn 37s ---\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32 spkg.dll ~ Scan Keys in 00mn 00s ---\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network siproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers siproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network dpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers dpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\ MountPoints2 Shell Key (O51) O51 - MPSK:{644f7c50-e946-11dd-bbe6-001d72a7da8f}\AutoRun\command. (...) -- E:\VFPcAssistant.exe (.not file.) O51 - MPSK:{644f7c56-e946-11dd-bbe6-001d72a7da8f}\AutoRun\command. (...) -- H:\VFPcAssistant.exe (.not file.) O51 - MPSK:{9a0700ba-2cf1-11de-a4fc-001d72a7da8f}\AutoRun\command. (...) -- C:\Windows\system32\AdobeR.exe (.not file.) ~ Scan Keys in 00mn 00s ---\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Labtec Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel(R) Corporation - Pas de description.) -- C:\Windows\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.VP60"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll O52 - TDSD: \Drivers32\"vidc.VP61"="C:\Windows\system32\vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\system32\vp6vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® Video 5,10" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (...) -- C:\Windows\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\Windows\system32\Iac25_32.ax O52 - TDSD: \drivers.desc\"vp6vfw.dll"="EA VP6 Codec" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll ~ Scan Keys in 00mn 00s ---\ ShareTools MSconfig StartupReg (O53) (None) ---\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ Scan Keys in 00mn 00s ---\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Scan Drivers in 00mn 00s ---\ Liste des outils de nettoyage (O63) O63 - Logiciel: UsbFix - (.Pas de propriétaire.) [HKLM] -- UsbFix O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: Lop SD - (.AngelDark & Eric71.) O63 - Logiciel: RSIT - (.random/random.) ~ Scan ADS in 00mn 00s ---\ Liste des services Legacy (O64) O64 - Services: CurCS - 13/02/2009 - C:\Program Files\Avira\AntiVir Desktop\avgio.sys (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 10/12/2009 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 30/03/2009 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - 25/04/2008 - C:\Windows\system32\drivers\int15.sys (int15) .(.Acer, Inc. - int15.) - LEGACY_INT15 O64 - Services: CurCS - 14/12/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 04/03/2008 - C:\Windows\System32\DRIVERS\psdfilter.sys (PSDFilter) .(.Egis Incorporated - Acer eDataSecurity Management PSD Filter Dr.) - LEGACY_PSDFILTER O64 - Services: CurCS - 04/03/2008 - C:\Windows\System32\DRIVERS\PSDNServ.sys (PSDNServ) .(.Egis Incorporated - Acer eDataSecurity Management PSD Named Pip.) - LEGACY_PSDNSERV O64 - Services: CurCS - 04/03/2008 - C:\Windows\System32\DRIVERS\PSDVdisk.sys (psdvdisk) .(.Egis Incorporated - Acer eDataSecurity Management PSD Virtual D.) - LEGACY_PSDVDISK O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 08/10/2009 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV ~ Scan Services in 00mn 00s ---\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows egedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mo

x-hate-to-love-x · Answer

O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows egedit.exe ~ Scan Keys in 00mn 00s ---\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe ~ Scan Keys in 00mn 00s ---\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {01bd49d7-c76b-4310-8beb-14d7e5f322c6} - (EasyLife) - http://ww7.easylifeapp.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8 O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl O69 - SBI: SearchScopes [HKCU] {9DE622D7-3190-4BA0-8E4B-8282A6646E8F} - (Rercherche d'articles 01net.com) - https://www.01net.com/ O69 - SBI: SearchScopes [HKCU] {B59E9A47-C5ED-4155-B4E6-411AA8C046B5} - (Recherche produits informatique 01net.com) - https://www.01net.com/ O69 - SBI: SearchScopes [HKCU] {D1CAE3F4-2783-4ECB-B113-4B0ECA6B41C2} - (Recherche de téléchargements 01net.com) - https://www.01net.com/ O69 - SBI: SearchScopes [HKCU] {D5FA496E-5E34-458B-9971-44AAD2A981FD} - (Recherche 01net.com) - https://www.01net.com/ O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo!) - https://fr.search.yahoo.com/ ~ Scan Keys in 00mn 00s ---\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d'application.) -- C:\Windows\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438784] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d'accès distant.) -- C:\Windows\System32 asauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32 asmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d'interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d'événements système (SENS).) -- C:\Windows\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32 apisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32 ermsrv.dll [449024] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d'application.) -- C:\Windows\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d'ordinateurs.) -- C:\Windows\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096] ~ Scan Services in 00mn 00s ---\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.D2842D7E739229662E70FCB5DA2A9611] [SPRF][24/04/2012] (...) -- C:\Users\Mavina\AppData\Local\d3d9caps.dat [680] [MD5.A4A86A6DF1478D197AE8EBD3A30F3FE8] [SPRF][18/11/2011] (...) -- C:\Users\Mavina\AppData\Local\fvnecmdb.bat [90] [MD5.BDF0591037BFA4C2202EA3506E00EA82] [SPRF][18/02/2009] (...) -- C:\Users\Mavina\AppData\Local\vcqfnccq.bat [92] [MD5.F655170EB3DC3CBB3F564077C670A7E1] [SPRF][31/01/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Mavina\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe [897448] [MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][15/02/2009] (...) -- C:\Users\Mavina\AppData\Roaming\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [SPRF][15/02/2009] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\Mavina\AppData\Roaming\pcouffin.sys [47360] [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][12/04/2009] (...) -- C:\Users\Mavina\AppData\Roaming\wklnhst.dat [0] [MD5.DE2EB468A14E00F9A99326C6C9C07075] [SPRF][02/02/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440] [MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960] [MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544] [MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472] ~ Scan Files in 00mn 00s ---\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{D0C4BE1C-C5B4-4EDF-8FAE-55F438D2DD45}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Live.) -- C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe O87 - FAEL: "{D90364C1-473F-4313-B223-9241901080C1}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer DV Magician.) -- C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe O87 - FAEL: "{AA766C76-F16E-4FE2-A422-7D2BC7C139D9}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer SlideShow DVD.) -- C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe O87 - FAEL: "{42C706D2-3910-46FE-98CE-7F03D2047D4F}" | In - None - P6 - TRUE | .(.Acer Incorporated - VideoMagician.) -- C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe O87 - FAEL: "{8D76F545-C6D9-4C81-8BCF-489606A0424A}" | In - None - P6 - TRUE | .(.Acer Incorporated - DVDivine.) -- C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe O87 - FAEL: "{5649A2D4-F7CA-4F7C-97E2-374C5D2FDF1C}" | In - None - P6 - TRUE | .(.Acer Incorporated - HomeMedia.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe O87 - FAEL: "{DEDBB5C9-7C94-4700-B32A-CE4BFF5B1973}" | In - None - P6 - TRUE | .(.Acer Incorporated - HomeMedia Connect.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe O87 - FAEL: "{FB16079E-B65F-45E2-8AEC-A6FAD42159A2}" | In - None - P6 - TRUE | .(.CyberLink - CLMSServer.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O87 - FAEL: "{88149B78-7766-4162-8F83-D8B6FC8BC0C6}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Live.) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe O87 - FAEL: "{DD76C2F8-89EE-4986-880C-2661D4ACB58C}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{6A18787C-34F5-43E8-BD37-A88FF14BAB64}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{140386EE-96E0-4FEF-A02F-6FAC37BDD3A7}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O87 - FAEL: "{EF4F573B-DB47-4635-B3BF-FEB2070B6865}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{38BFF5AF-2C45-4A78-A138-33101997BA94}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O87 - FAEL: "{6AEEC8E4-82E8-4C7B-A265-0761020E8073}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "TCP Query User{DF89AA1B-2AF2-4E0E-AE5D-A95650642D3C}C:\program files\limewire\limewire.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.) O87 - FAEL: "UDP Query User{C07E858C-DF1B-4F57-8A9B-EDF54AE7A932}C:\program files\limewire\limewire.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\limewire\limewire.exe (.not file.) O87 - FAEL: "TCP Query User{A3C6844C-814C-42C6-B432-07B65A9ACF3C}C:\program files\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "UDP Query User{AE390729-64BD-495D-BDD4-ABA47B00C62A}C:\program files\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\emule\emule.exe (.not file.) O87 - FAEL: "TCP Query User{E2958E5A-D131-4392-ADC4-BD53A7D21953}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "UDP Query User{8F3B7066-92B9-43CB-9E8E-1E1043A16282}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\program files\mozilla firefox\firefox.exe O87 - FAEL: "{327ABF8C-0D50-4C99-B2E7-1918848CED36}" | In - Private - P6 - TRUE | .(.FrostWire Group - FrostWire.) -- C:\Program Files\FrostWire\FrostWire.exe O87 - FAEL: "{AEE63687-C88E-4132-8228-23B31CC3EA3B}" | In - Private - P17 - TRUE | .(.FrostWire Group - FrostWire.) -- C:\Program Files\FrostWire\FrostWire.exe O87 - FAEL: "TCP Query User{C42C4547-EC26-40E9-AAA0-61ADE6821807}C:\program files\shareaza\shareaza.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\shareaza\shareaza.exe (.not file.) O87 - FAEL: "UDP Query User{D5C51F6C-85E4-4F2D-BBE3-28F6A4458381}C:\program files\shareaza\shareaza.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\shareaza\shareaza.exe (.not file.) O87 - FAEL: "TCP Query User{8B4097E6-EA57-46D1-AA00-29DE711D06FE}C:\program files\frostwire\frostwire.exe" | In - Public - P6 - TRUE | .(.FrostWire Group - FrostWire.) -- C:\program files\frostwire\frostwire.exe O87 - FAEL: "UDP Query User{60AC5E19-4145-4822-BB6A-C58C1748DFDE}C:\program files\frostwire\frostwire.exe" | In - Public - P17 - TRUE | .(.FrostWire Group - FrostWire.) -- C:\program files\frostwire\frostwire.exe O87 - FAEL: "TCP Query User{27DADB73-5701-4E90-B348-7B0F87E02CF0}C:\program files\java\jre6\bin\java.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\java.exe O87 - FAEL: "UDP Query User{275A744D-CF09-412F-A378-A4DF8705B818}C:\program files\java\jre6\bin\java.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\java.exe O87 - FAEL: "{7775747D-2ABA-4A69-8D86-B63351530C73}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\lxeacoms.exe O87 - FAEL: "TCP Query User{A2B1E212-ACCE-4270-83E0-731D2DD6D713}C:\program files\epson software\event manager\eeventmanager.exe" | In - Private - P6 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\program files\epson software\event manager\eeventmanager.exe O87 - FAEL: "UDP Query User{CB44E1FB-F9FC-43B8-8A45-112408E012AA}C:\program files\epson software\event manager\eeventmanager.exe" | In - Private - P17 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\program files\epson software\event manager\eeventmanager.ex O87 - FAEL: "TCP Query User{D5572403-0568-49A9-8798-909014AFEA06}C:\program files\epson software\event manager\eeventmanager.exe" | In - Public - P6 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\program files\epson software\event manager\eeventmanager.exe O87 - FAEL: "UDP Query User{CF480E58-C16B-4553-BD36-CBD6D5C7B212}C:\program files\epson software\event manager\eeventmanager.exe" | In - Public - P17 - TRUE | .(.SEIKO EPSON CORPORATION.) -- C:\program files\epson software\event manager\eeventmanager.exe O87 - FAEL: "TCP Query User{EAE6BC5C-AE04-4185-815A-EA0DF7924F39}C:\program files\ares\ares.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\ares\ares.exe (.not file.) O87 - FAEL: "UDP Query User{9062B987-1562-4383-905C-46A7B2E9E970}C:\program files\ares\ares.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\ares\ares.exe (.not file.) O87 - FAEL: "TCP Query User{60EE1339-F7E7-4E2C-8679-4F2226100B1E}C:\program files ovalogic\delta force\df.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files ovalogic\delta force\df.exe O87 - FAEL: "UDP Query User{1B115BC7-9FA0-40F9-8A99-F644C1EAE949}C:\program files ovalogic\delta force\df.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files ovalogic\delta force\df.exe O87 - FAEL: "{8DB88956-44F6-492D-8F85-1D86D9B11EC1}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{52CC5952-D0C0-4D3B-A194-C7851719D452}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{247F09B7-1381-440C-A432-3ECD6CBD7BD3}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{12536F85-5418-4233-9C1F-F5DB1A35240A}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O87 - FAEL: "{57B2ACD0-F27C-444B-875D-AE060887BF80}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) O87 - FAEL: "{09A671CC-DEF2-4566-9D84-F730D0257B2C}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) O87 - FAEL: "{76CC163D-8638-49DF-9F9E-6A0F67FC5754}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{E7F8A292-DFE3-4E70-8819-84FAAA5E390C}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{A07F6C7E-EBF3-4F85-B6C8-F01042E25D5F}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) O87 - FAEL: "{E4A803CF-B723-49A3-9239-A75FEE023F98}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) O87 - FAEL: "{C0D5B0A7-BE9F-461B-9BB4-26FB4532F667}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.) O87 - FAEL: "{D07722D3-1D94-4415-A640-41E685CA6E2D}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.) O87 - FAEL: "{5BF3411D-C8D2-4962-A257-95121F1E34DF}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Remote Mouse\server\server.exe (.not file.) O87 - FAEL: "{E9847363-D27A-47B8-B2FA-E254E0167D0B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Remote Mouse\server\server.exe (.not file.) O87 - FAEL: "{0F473701-1BF7-48FF-9401-A63ABB8F233C}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) O87 - FAEL: "{9DDCE83F-585F-474A-AAEC-70C67B0F3C7C}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) O87 - FAEL: "{785B6A2F-749B-4B5C-AD1D-A03502987FFB}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.) O87 - FAEL: "{551A2E1F-B89B-4303-80AC-F825A730E6FB}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe (.not file.) O87 - FAEL: "TCP Query User{0A3D4BC4-54A1-4FC9-8C38-F0F1CAFE83C3}C:\program files emote mouse\server\server.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files emote mouse\server\server.exe (.not file.) O87 - FAEL: "UDP Query User{857AE2E4-7235-4663-934D-2ADC214F7721}C:\program files emote mouse\server\server.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files emote mouse\server\server.exe (.not file.) ~ Scan Firewall in 00mn 02s ---\ Scan Additionnel (O88) Database Version : v2.10682 - (12/02/2013) Clés trouvées (Keys found) : 4 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] =>Adware.Bandoo [HKLM\Software\Classes\.b4f] =>Adware.Burn4Free [HKLM\Software\Classes\burn4free project] =>Adware.Burn4Free [HKCU\Software\Toolbar4Free] =>Toolbar.Agent C:\Program Files\BrowseToSave =>Adware.BrowseToSave C:\Users\Mavina\AppData\LocalLow\Burn4Free Toolbar =>Adware.Burn4Free ~ Scan Additionnel in 00mn 15s ---\ Product Upgrade Codes (O90) O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "23AA8B30C32F87148B6E90CE0DE7AA74" . (.Epson Event Manager.) -- C:\Windows\Installer\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}\icon.exe O90 - PUC: "2563365A59739284BBB046F420972E97" . (.Acer eDataSecurity Management.) -- C:\Windows\Installer\{A5633652-3795-4829-BB0B-644F0279E279}\ARPPRODUCTICON.exe O90 - PUC: "3E64AFC7F2CC553428EA0621CD6333DF" . (.NVIDIA ForceWare Network Access Manager.) -- C:\Windows\Installer\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\ARPPRODUCTICON.exe O90 - PUC: "3F5F9DA60DB50004DBC95B63FC689D88" . (.iTunes.) -- C:\Windows\Installer\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}\Installer.ico O90 - PUC: "43B1D747CF1A3FE46AEA8EF693ECDF5E" . (.Roxio Easy Media Creator 7 Basic DVD Edition.) -- C:\Windows\Installer\{747D1B34-A1FC-4EF3-A6AE-E86F39CEFDE5}\ARPPRODUCTICON.exe O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico O90 - PUC: "4A1AFE21B3CAC344183432E7ED674030" . (.NTI Backup Now Standard.) -- C:\Windows\Installer\{12EFA1A4-AC3B-443C-8143-237EDE760403}\ARPPRODUCTICON.exe O90 - PUC: "5B769D51EB4AEA24E94846DC60B252AA" . (.eSobi v2.) -- C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA746454382080000000030" . (.Spelling Dictionaries Support For Adobe Reader 8.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-800000000003}\ARPPRODUCTICON.exe O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.4) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O90 - PUC: "7414007EACC2C134AA50A21B669B87D5" . (.QuickTime.) -- C:\Windows\Installer\{E7004147-2CCA-431C-AA05-2AB166B9785D}\Installer.ico O90 - PUC: "7CEBB04F4A2C00A4B942A750A5C22526" . (.Microsoft Office Live Add-in 1.5.) -- C:\Windows\Installer\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}\ProductIcon O90 - PUC: "8F2BCA02ACB38A54082AD9C35B2CF534" . (.Safari.) -- C:\Windows\Installer\{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}\Installer.ico O90 - PUC: "907018673D7AD86419761A87C0E167C6" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{76810709-A7D3-468D-9167-A1780C1E766C}\FolderShare48x48.ico O90 - PUC: "97E44AF0D7DCD8E42AEE62EF505F906B" . (.OpenOffice.org 3.1.) -- C:\Windows\Installer\{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}\soffice.exe O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\Windows\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico O90 - PUC: "C039314290386A74CB16E52FA72422CB" . (.NTI Media Maker 8.) -- C:\Windows\Installer\{2413930C-8309-47A6-BC61-5EF27A4222BC}\ARPPRODUCTICON.exe O90 - PUC: "C8FDA2211ADDC08499638CF882522B56" . (.Apple Application Support.) -- C:\Windows\Installer\{122ADF8C-DDA1-480C-9936-C88F2825B265}\WinInstall.ico O90 - PUC: "D4EDA1F8CAFEA5F43B64322C86F7FA05" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}\Installer.ico O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- c:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe ~ Scan Files in 00mn 00s ---\ MyComputer Name Space (O92) O92 - MNS: My Logitech Pictures - {400CFEE2-39D0-46DC-96DF-E0BB5A4324B3} ~ Scan MNS in 00mn 00s ---\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 25/01/2008 269448 | (Acer HomeMedia Connect Service) . (.CyberLink.) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe SR - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 13/02/2013 251248 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 08/10/2009 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 08/10/2009 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 03/03/2008 16384 | (BUNAgentSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe SR - | Auto 04/03/2008 500784 | (eDataSecurity Service) . (.Egis Incorporated.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe SR - | Auto 24576 | (ETService) . (...) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe SR - | Auto 598016 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\bin32 SvcAppFlt.exe SS - | Auto 27/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 27/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 21/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Demand 07/06/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 17/01/2007 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SR - | Auto 598696 | (lxea_device) . (...) - C:\Windows\system32\lxeacoms.exe SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe SS - | Demand 06/02/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 0 | (Nero BackItUp Scheduler 4.0) . (...) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe SR - | Auto 163840 | (nSvcIp) . (...) - C:\Program Files\bin32 SvcIp.exe SR - | Auto 25/04/2008 45056 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe SR - | Auto 131072 | (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe SR - | Auto 02/10/2012 645992 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32 vvsvc.exe SR - | Auto 10/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 262247 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe SR - | Auto 02/10/2012 382824 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision vSCPAPISvr.exe SR - | Auto 53248 | (STI Simulator) . (...) - C:\Windows\System32\PAStiSvc.exe SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Scan Services in 00mn 01s End of the scan (1600 lines in 04mn 28s)(0)

jlpjlp · Answer

pour usbfix j'avais demandé l'option de suppression (nettoyage et non de recherche)


puis fais passer un rapport zhpdiag mais en l'hébergeant sinon il en manque la moitié

a demain

Satanée Babylon Toolbar...

18 réponses

Discussions similaires

Newsletters