Rapport de ZHPDiag v2013.5.3.25 par Nicolas Coolman, Update du 03/05/2013 Run by damien lasseney dore at 08/05/2013 21:26:09 State : Nouvelle version disponible WhiteList : Enable High Elevated Privileges : OK UAC : Activate by user ---\\ Web Browser MSIE: Internet Explorer v10.0.9200.16540 MFIE: Mozilla Firefox 20.0.1 (Defaut) GCIE: Google Chrome v26.0.1410.64 ---\\ Windows Product Information ~ Langage: Français Windows 8 Business Edition, 64-bit (Build 9200) Windows Server License Manager Script : OK ~ ion : Windows(R) Operating System, VOLUME_MAK channel Windows ID Activation : OK ~ Windows Partial Key : WW8X2 ~ Windows Remaining Initializations Number : 1000 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Protection AVG 2013 v13.0.2904 Malwarebytes Anti-Malware version 1.75.0.1300 Windows Defender W8 ---\\ System Optimizer ---\\ Peer To Peer (P2P) ---\\ Software Update Adobe Flash Player 11 Plugin ---\\ System Information ~ Processor: AMD64 Family 17 Model 3 Stepping 1, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4095 MB (60% free) System Restore: Activé (Enable) System drive C: has 351 GB (77%) free of 453 GB ---\\ Logged in mode ~ Computer Name: DAMIEN ~ User Name: damien lasseney dore ~ All Users Names: damien lasseney dore, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\damien lasseney dore\AppData\Roaming\ ~ %Desktop% : C:\Users\damien lasseney dore\Desktop\ ~ %Favorites% : C:\Users\damien lasseney dore\Favorites\ ~ %LocalAppData% : C:\Users\damien lasseney dore\AppData\Local\ ~ %StartMenu% : C:\Users\damien lasseney dore\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 351 Go of 453 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 13 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) F:\ CD-ROM drive (Not Inserted) G:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 27 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.E13A31D5254C25406A7946BDD9B06364] - (.Microsoft Corporation - Explorateur Windows.) (.11/10/2012 - 08:35:16.) -- C:\Windows\Explorer.exe [2380944] [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608] [MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512] [MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120] [MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408] [MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640] [MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840] [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544] [MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080] [MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784] [MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168] [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640] [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920] [MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688] [MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776] [MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544] [MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984] [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712] [MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248] [MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.26/07/2012 - 05:57:09.) -- C:\Windows\system32\Drivers\volsnap.sys [332016] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/163 ~ Mes musiques (My Musics) : 5/184 ~ Mes Videos (My Videos) : 1/55 ~ Mes Favoris (My Favorites) : 1/3 ~ Mes Documents (My Documents) : 1/3423 ~ Mon Bureau (My Desktop) : 1/21 ~ Menu demarrer (Programs) : 1/42 ~ Hidden Files: Scanned in 00mn 05s ---\\ Processus lancés [MD5.6FDE63991B9154968C89FAEAC72C56FB] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [149560] [PID.3188] [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3640] [MD5.557E7074F895938EA6A125B4F92F3DE8] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\ST2.exe [13207096] [PID.3076] [MD5.D436D7669553B86F0F6ABFEDD6492320] - (.BitTorrent Inc. - BitTorrent.) -- C:\Users\damien lasseney dore\AppData\Roaming\BitTorrent\BitTorrent.exe [1124944] [PID.3980] =>P2P.BitTorrent [MD5.AAB979089E192ACC0FE1E3C018F8B591] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\damien lasseney dore\AppData\Local\Akamai\netsession_win.exe [4480768] [PID.3936] [MD5.659474582C6E060DBD8FFFF97DC892C5] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968] [PID.3872] [MD5.760ACD103FFB86AD65DC41CDEB08ABCF] - (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560] [PID.3228] [MD5.9DADF1A809ECEC86F04BDE35190D59FE] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe [3147384] [PID.4344] [MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4620] [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4920] [MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4120] [MD5.AA16204FD1F75637E8EAEB593A8FA597] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [180224] [PID.220] [MD5.FDB2FB392B20797AF3F4ED9D7699938E] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.4996] [MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.4288] [MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.3128] [MD5.D719477489E4EF1B987E5525D608F2A5] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe [1855880] [PID.1504] [MD5.50538CF8EF45C08F45DE947B21D2BA2E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7188480] [PID.2212] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\damien lasseney dore\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [User Data\Default] [incfcgceegpikennjoplhfghaaikdgei] StartNow v.2.5.0 (Désactivé) ~ Google Browser: 7 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\damien lasseney dore\AppData\Roaming\Mozilla\Firefox\Profiles\k6z81f2h.default\prefs.js M2 - MFEP: prefs.js [damien lasseney dore - k6z81f2h.default\foxyproxy@eric.h.jung] [] FoxyProxy Basic v3.1.4 (..) M2 - MFEP: prefs.js [damien lasseney dore - k6z81f2h.default\{DDC359D1-844A-42a7-9AA1-88A850A938A8}] [] v (..) ~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe O4 - HKCU\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\damien lasseney dore\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\damien lasseney dore\AppData\Local\Akamai\netsession_win.exe O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe O4 - HKLM\..\Wow6432Node\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe O4 - HKLM\..\Wow6432Node\Run: [AMD AVT] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\Cmd.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Wow6432Node\Run: [HDInspector.exe] . (.Altrixsoft - Hard Drive Inspector Professional.) -- C:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKUS\S-1-5-21-3903733478-2837351539-457087366-1001\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe O4 - HKUS\S-1-5-21-3903733478-2837351539-457087366-1001\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\damien lasseney dore\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent O4 - HKUS\S-1-5-21-3903733478-2837351539-457087366-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\damien lasseney dore\AppData\Local\Akamai\netsession_win.exe O4 - HKUS\S-1-5-21-3903733478-2837351539-457087366-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKUS\S-1-5-21-3903733478-2837351539-457087366-1001\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop: adsl TV.lnk . (.adsl TV / FM - adsl TV.) -- C:\Program Files (x86)\adslTV\adsltv.exe O4 - GS\Desktop: Assistance Livebox.lnk . (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe O4 - GS\Desktop: Driver Genius.lnk . (.Driver-Soft Inc. - Driver Genius.) -- C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe O4 - GS\Desktop: Farming Simulator 2013 .lnk . (.GIANTS Software GmbH - GIANTS Launcher.) -- C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe O4 - GS\Desktop: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe O4 - Global Startup: C:\Documents And Settings\damien lasseney dore\Desktop\Google.url . (.Free Time - FormatFactory.) -- C:\Documents And Settings\damien lasseney dore\Desktop\Google.url O4 - GS\Desktop: Ordinateur.lnk - Clé orpheline O4 - Global Startup: C:\Documents And Settings\damien lasseney dore\Desktop\Outils de diagnostic d'imprimante HP.url . (...) -- C:\Documents And Settings\damien lasseney dore\Desktop\Outils de diagnostic d'imprimante HP.url ~ Global Startup: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{5981D2F3-F11E-4D59-ABB2-44D7A2D18605}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{5981D2F3-F11E-4D59-ABB2-44D7A2D18605}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Hercules DJ Control MP3 (HerculesDJControlMP3) . (...) - C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.exe O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe ~ Services: 11 Legitimates Filtered in 00mn 09s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [{E390CBFF-7CEA-4BD4-A4AB-87EF2DDF0352}] (...) -- C:\Users\damien lasseney dore\AppData\Local\Temp\Temp1_ATK_Hotkey_Win7_32_64_100053.zip\Setup.exe (.not file.) [0] ~ Scheduled Task: 11 Legitimates Filtered in 00mn 06s ---\\ Logiciels installés (O42) O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai O42 - Logiciel: Construction-Simulator 2012 version 1.0 - (.weltenbauer. Software Entwicklung GmbH.) [HKLM][64Bits] -- {AEF59382-3FF1-4EBF-A93E-CCC474DCEA3F}_is1 O42 - Logiciel: Hard Drive Inspector Professional 4.0 build # 137 - (.AltrixSoft.) [HKLM][64Bits] -- Hard Drive Inspector O42 - Logiciel: Tow Truck Simulator 2010 Version 1.32 - (.astragon Software GmbH.) [HKLM][64Bits] -- Tow Truck Simulator 2010_is1 ~ Logic: 88 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\HDDStateInspector.INI] [HKCU\Software\Lightrock Entertainment] [HKLM\Software\Guillemot] [HKLM\Software\Wow6432Node\AltrixSoft] ~ Key Software: 174 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 03/05/2013 - 02:36:33 - [672,147] ----D C:\Program Files (x86)\Construction-Simulator 2012 O43 - CFD: 03/05/2013 - 23:14:17 - [9,614] ----D C:\Program Files (x86)\Hard Drive Inspector O43 - CFD: 01/05/2013 - 15:01:37 - [1,875] ----D C:\Program Files (x86)\StartNow Toolbar =>Adware.Zugo O43 - CFD: 03/05/2013 - 23:14:14 - [0,994] ----D C:\Program Files (x86)\Common Files\AltrixSoft O43 - CFD: 03/05/2013 - 23:14:59 - [0,012] ----D C:\ProgramData\AltrixSoft O43 - CFD: 01/05/2013 - 15:01:34 - [0,027] ----D C:\Users\damien lasseney dore\AppData\Roaming\StartNow Toolbar =>Adware.Zugo O43 - CFD: 03/05/2013 - 01:01:02 - [22,738] ----D C:\Users\damien lasseney dore\AppData\Local\Akamai O43 - CFD: 03/05/2013 - 08:58:45 - [0,004] ----D C:\Users\damien lasseney dore\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tow Truck Simulator 2010 ~ Program Folder: 140 Legitimates Filtered in 00mn 11s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A0C59A2EE2FC87DBC3A6030ED04DEBA6] - 03/05/2013 - 18:36:56 ---A- . (...) -- C:\Windows\Uninstsxga.bat [2008] O44 - LFC:[MD5.A8B1083D7799DDF4841B199F28E87A3D] - 03/05/2013 - 18:36:56 ---A- . (...) -- C:\Windows\Uninstsxga.reg [386] O44 - LFC:[MD5.1B2C33F73BCFEDCEC90913F42B9C280A] - 03/05/2013 - 18:36:56 ---A- . (...) -- C:\Windows\Uninstuxga.bat [1682] O44 - LFC:[MD5.85E5C3B932CA39A5E0426F9F78C47231] - 03/05/2013 - 18:36:56 ---A- . (...) -- C:\Windows\Uninstuxga.reg [386] O44 - LFC:[MD5.32BD10BE7DF3E2183DE73B9C84D9D300] - 03/05/2013 - 18:36:56 ---A- . (...) -- C:\Windows\Uninstvga.bat [2266] O44 - LFC:[MD5.6730AD4A89735ECB8C07D12CA4556B12] - 03/05/2013 - 18:36:56 ---A- . (...) -- C:\Windows\Uninstvga.reg [384] O44 - LFC:[MD5.8C302F7B9606CE04521A2BEEFCB31FFB] - 03/05/2013 - 18:36:56 ---A- . (.Chicony (C) 2006 ATC - Driver Installation Utility.) -- C:\Windows\DrvInst.exe [19008] O44 - LFC:[MD5.1D8474722CDFFBB8FCA5FA12C50A05A2] - 03/05/2013 - 18:36:56 RSHAD . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400] O44 - LFC:[MD5.B7BCEBD71F9A0ABCB648065F7DFFCD3B] - 03/05/2013 - 07:59:43 ---A- . (...) -- C:\Windows\DirectX.log [45377] O44 - LFC:[MD5.DAA6AAD525D12F8985695B882301336F] - 02/05/2013 - 23:49:15 ---A- . (...) -- C:\Windows\win.ini [167] O44 - LFC:[MD5.3092C1903D2EA9B16A26721E521C49B0] - 01/05/2013 - 12:20:04 ---A- . (.Hercules(R) - HRFDongle Dynamic Link Library.) -- C:\Windows\SysNative\hrfdongle.dll [121344] O44 - LFC:[MD5.3092C1903D2EA9B16A26721E521C49B0] - 01/05/2013 - 12:20:04 ---A- . (.Hercules(R) - HRFDongle Dynamic Link Library.) -- C:\Windows\System32\hrfdongle.dll [121344] O44 - LFC:[MD5.2DC6F6CC2EF3D8763019C893B949FAE3] - 01/05/2013 - 12:20:04 ---A- . (.Hercules(R) - Hercules DJ Console Series Library (v2).) -- C:\Windows\SysNative\hdjapi.dll [292864] O44 - LFC:[MD5.2DC6F6CC2EF3D8763019C893B949FAE3] - 01/05/2013 - 12:20:04 ---A- . (.Hercules(R) - Hercules DJ Console Series Library (v2).) -- C:\Windows\System32\hdjapi.dll [292864] O44 - LFC:[MD5.EA4B0E33519F97F4D11A3704C77C783C] - 01/05/2013 - 12:20:04 ---A- . (.Hercules® - DJ Series Control Panel (.cpl).) -- C:\Windows\SysNative\HDJSeries.cpl [91136] O44 - LFC:[MD5.EA4B0E33519F97F4D11A3704C77C783C] - 01/05/2013 - 12:20:04 RSHAD . (.Hercules® - DJ Series Control Panel (.cpl).) -- C:\Windows\System32\HDJSeries.cpl [91136] O44 - LFC:[MD5.E94B642ACB24D81EA6B970222C0664B3] - 01/05/2013 - 12:20:01 ---A- . (.Hercules® - Hercules® DJ Console ASIO Driver Control Pa.) -- C:\Windows\SysNative\HDJAsioCpl.dll [92160] O44 - LFC:[MD5.E94B642ACB24D81EA6B970222C0664B3] - 01/05/2013 - 12:20:01 ---A- . (.Hercules® - Hercules® DJ Console ASIO Driver Control Pa.) -- C:\Windows\System32\HDJAsioCpl.dll [92160] O44 - LFC:[MD5.959C72BCAD7FA371A8842A5A78FC07A5] - 01/05/2013 - 12:20:01 ---A- . (.Hercules® - Hercules® DJ Console ASIO User Driver.) -- C:\Windows\SysNative\HDJAsiou.dll [72704] O44 - LFC:[MD5.959C72BCAD7FA371A8842A5A78FC07A5] - 01/05/2013 - 12:20:01 ---A- . (.Hercules® - Hercules® DJ Console ASIO User Driver.) -- C:\Windows\System32\HDJAsiou.dll [72704] O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 30/04/2013 - 13:48:53 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml [387867] O44 - LFC:[MD5.4FD2E5BDBBBAB094B65E76908F9FADB3] - 30/04/2013 - 13:48:53 RSHAD . (...) -- C:\Windows\System32\ApnDatabase.xml [387867] O44 - LFC:[MD5.E3A77814C8C878BC5BF712999EE85BBF] - 28/04/2013 - 01:16:08 ---A- . (.SuperSoul - kjvvv.) -- C:\Windows\SysNative\SLCHook.dll [107008] O44 - LFC:[MD5.E3A77814C8C878BC5BF712999EE85BBF] - 28/04/2013 - 01:16:08 RSHAD . (.SuperSoul - kjvvv.) -- C:\Windows\System32\SLCHook.dll [107008] O44 - LFC:[MD5.FAA8FA41FEA4D80AFDD34EEC8F15F9EC] - 28/04/2013 - 01:05:54 ---A- . (...) -- C:\Windows\DtcInstall.log [1720] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/04/2013 - 01:05:11 ---A- . (...) -- C:\Windows\ativpsrm.bin [0] ~ Files: 1150 Legitimates Filtered in 00mn 23s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.4EB4D08693255F2E14C2366ADEF4C6B2] - 01/05/2013 - 13:24:45 ---A- - C:\Windows\Prefetch\NE PAS EFFACER - PILOTE HDJS.-9F01CD6B.pf O45 - LFCP:[MD5.268E0E4D296871E230C9DCF2E1E9A00F] - 01/05/2013 - 13:25:41 ---A- - C:\Windows\Prefetch\GCORPDINST.EXE-8C673EDB.pf O45 - LFCP:[MD5.74A88A80CE5C3584FD3FC1FD796F0421] - 01/05/2013 - 14:02:02 ---A- - C:\Windows\Prefetch\CODECTWEAKTOOL.EXE-35F4C979.pf O45 - LFCP:[MD5.0635414873B9DA27A61F0F44D9D96FE5] - 01/05/2013 - 14:02:02 ---A- - C:\Windows\Prefetch\WIN7DSFILTERTWEAKER.EXE-F475A8C2.pf O45 - LFCP:[MD5.B73FF45CCAB023470F41E9CF16F4C0E8] - 02/05/2013 - 22:53:26 ---A- - C:\Windows\Prefetch\BITTORRENT.EXE-C9DE55B9.pf =>P2P.BitTorrent O45 - LFCP:[MD5.F0607986E4F60BA4B7C9A57808800BF1] - 02/05/2013 - 23:45:26 ---A- - C:\Windows\Prefetch\DIRECTX_DIRECTX_11_JUIN_2010_-49B6773A.pf O45 - LFCP:[MD5.EF75B0848A05433B606295C984487ADF] - 03/05/2013 - 00:40:31 ---A- - C:\Windows\Prefetch\INSTALLMANAGERAPP.EXE-50BC12F7.pf O45 - LFCP:[MD5.FD31B427B5F2B0FA449AD81168268183] - 03/05/2013 - 00:57:35 ---A- - C:\Windows\Prefetch\CDSTART.EXE-5975419D.pf O45 - LFCP:[MD5.F711CA56845BBCFA0CF83D07251BBB8A] - 03/05/2013 - 01:35:47 ---A- - C:\Windows\Prefetch\SETUPCONSTRUCTION SIMULATOR20-233A79D0.pf O45 - LFCP:[MD5.111CC67BE01B4F74448D5C14A14BB690] - 03/05/2013 - 01:35:48 ---A- - C:\Windows\Prefetch\SETUPCONSTRUCTION SIMULATOR20-8EDD6DC2.pf O45 - LFCP:[MD5.FF95F7B803FB6D69E78029BAB20B371F] - 03/05/2013 - 08:01:11 ---A- - C:\Windows\Prefetch\PHYSX_9.09.0428_SYSTEMSOFTWAR-49E8AF49.pf O45 - LFCP:[MD5.CCB77BACAF4A1622C31B5E5561C304A9] - 03/05/2013 - 08:02:33 ---A- - C:\Windows\Prefetch\TOW TRUCK SIMULATOR 2010.EXE-B0BCC769.pf O45 - LFCP:[MD5.8EF81089347AC8B8B551999BFFBB86A1] - 03/05/2013 - 08:19:20 ---A- - C:\Windows\Prefetch\AIMP3.EXE-A8FD6C4D.pf O45 - LFCP:[MD5.BED07CEC5DF0766D86273DB4DAB91C28] - 03/05/2013 - 08:55:53 ---A- - C:\Windows\Prefetch\MPC-HC.EXE-69B90F3F.pf O45 - LFCP:[MD5.CF6B8E3B371E481CCF157F2392E461F3] - 03/05/2013 - 18:36:16 ---A- - C:\Windows\Prefetch\PNPINST64.EXE-D8B0017F.pf O45 - LFCP:[MD5.A30C8BE8D0449AA36AA2CB5FCB31F9DA] - 03/05/2013 - 18:36:31 ---A- - C:\Windows\Prefetch\PNPINST64.EXE-B68449C2.pf O45 - LFCP:[MD5.9547172729FB89D1BB03812B0F789FAB] - 03/05/2013 - 18:37:07 ---A- - C:\Windows\Prefetch\PNPINST64.EXE-651073ED.pf O45 - LFCP:[MD5.2B0B983CA52CDDB6471A84B6F4755AAF] - 03/05/2013 - 18:41:11 ---A- - C:\Windows\Prefetch\PNPINST64.EXE-D22DF279.pf O45 - LFCP:[MD5.895349ECF490469ABB94053C11557D5D] - 03/05/2013 - 18:41:37 ---A- - C:\Windows\Prefetch\PNPINST64.EXE-EFBBB23E.pf O45 - LFCP:[MD5.B95D1DD30044A24B9384A9FBF3CC5188] - 03/05/2013 - 21:37:07 ---A- - C:\Windows\Prefetch\GLCND.EXE-1CA1746E.pf O45 - LFCP:[MD5.8BFCA308EA9F1DC3B04D3AC30BCFBE38] - 03/05/2013 - 21:38:45 ---A- - C:\Windows\Prefetch\PNPINST64.EXE-B21534BB.pf O45 - LFCP:[MD5.8ED66185077D3E9CD1707B283477216B] - 03/05/2013 - 21:41:14 ---A- - C:\Windows\Prefetch\PNPINST64.EXE-166311D7.pf O45 - LFCP:[MD5.00AEB5B40018C8F01329CB4635771D08] - 03/05/2013 - 22:14:05 ---A- - C:\Windows\Prefetch\HDDINSP.EXE-7BBE02E1.pf O45 - LFCP:[MD5.051C6340A4424E4C2C50FF14B3F771F4] - 04/05/2013 - 10:31:00 ---A- - C:\Windows\Prefetch\DRIVERGENIUS.EXE-C3434454.pf O45 - LFCP:[MD5.DD0DA019E2D80B8F030414F762A6EAE5] - 04/05/2013 - 11:05:06 ---A- - C:\Windows\Prefetch\MEMTEST.EXE-7E895D4C.pf O45 - LFCP:[MD5.77C58C0AB018F3973FDBE111E864BC51] - 04/05/2013 - 11:07:46 ---A- - C:\Windows\Prefetch\OFFDIAG.EXE-53CD4459.pf O45 - LFCP:[MD5.3E75C363750112FE812BB7A5BA1A1398] - 04/05/2013 - 11:12:33 ---A- - C:\Windows\Prefetch\POWERISO47.EXE-0078F4F2.pf O45 - LFCP:[MD5.B8E60094C931672EF042CF6BA50F28E9] - 04/05/2013 - 11:36:55 ---A- - C:\Windows\Prefetch\POWERISO.EXE-381595D9.pf O45 - LFCP:[MD5.5BE377FDA33AD2E52563936C64A268F7] - 05/05/2013 - 14:38:27 ---A- - C:\Windows\Prefetch\MONOPOLYWIN.EXE-B7A2AE78.pf O45 - LFCP:[MD5.7A600A407A6B5ADEA63F7AB7DB224032] - 05/05/2013 - 21:27:07 ---A- - C:\Windows\Prefetch\MYFREECODECPACK.EXE-48242664.pf O45 - LFCP:[MD5.F84D41235439BF27C085C3F8967246F9] - 05/05/2013 - 21:58:10 ---A- - C:\Windows\Prefetch\KDBSYNC.EXE-0302F981.pf O45 - LFCP:[MD5.2D0A648EDE6BF882FD3BC6BD3ED08DE1] - 06/05/2013 - 00:26:56 ---A- - C:\Windows\Prefetch\SANDRA.EXE-5900A045.pf O45 - LFCP:[MD5.6365ABF4F81331AFD13D6080B85AC975] - 06/05/2013 - 12:19:13 ---A- - C:\Windows\Prefetch\CONSTRUCTION-SIMULATOR 2012.E-5170768B.pf O45 - LFCP:[MD5.057524CB89AA646B606A5F139806A28E] - 07/05/2013 - 16:28:52 ---A- - C:\Windows\Prefetch\HDINSPECTOR.EXE-DAFFBBE0.pf O45 - LFCP:[MD5.7FBE69CC7E8DBACF54A6C8F1AE09ED31] - 07/05/2013 - 16:43:34 ---A- - C:\Windows\Prefetch\dynreservedpri.db O45 - LFCP:[MD5.5D0FFB9DDF58B4FE44ABDBB6C752A886] - 07/05/2013 - 20:27:28 ---A- - C:\Windows\Prefetch\4250_DIAGNOSTICALERT_000_000_-945A8031.pf O45 - LFCP:[MD5.65CBE5D06A6D3F01E4401434FFA887AF] - 07/05/2013 - 20:27:28 ---A- - C:\Windows\Prefetch\INSTALLDIAGNOSTICALERT.EXE-78C154BD.pf O45 - LFCP:[MD5.8212D71955CEBC62B332323BCD63D06E] - 07/05/2013 - 20:27:38 ---A- - C:\Windows\Prefetch\DIAGNOSTICALERT.EXE-93084C48.pf O45 - LFCP:[MD5.87051DD6DE31EF9CB1D2F0D4544A4C4F] - 08/05/2013 - 15:30:25 ---A- - C:\Windows\Prefetch\BITTORRENT.EXE-EAC6FF43.pf =>P2P.BitTorrent O45 - LFCP:[MD5.80C637B29331AD9B925CBCB550AB3D42] - 08/05/2013 - 15:50:41 ---A- - C:\Windows\Prefetch\ASSISTANCE-LIVEBOX_1.3.1.0_AS-5E5AE2C4.pf O45 - LFCP:[MD5.B3ECB3A3EF2F0CA9498B3FB2A184A379] - 08/05/2013 - 15:50:47 ---A- - C:\Windows\Prefetch\OULAUNCHAPP.EXE-255C3C55.pf O45 - LFCP:[MD5.29B8EC3CABCFA5E12C9B7A4D03ED3ACA] - 08/05/2013 - 15:50:56 ---A- - C:\Windows\Prefetch\WINPCAP-4.12.EXE-AA965D5E.pf O45 - LFCP:[MD5.3F5D284E8D6AB03BC3FF4B04510C6181] - 08/05/2013 - 17:58:03 ---A- - C:\Windows\Prefetch\PWRISOVM.EXE-F5736F5C.pf O45 - LFCP:[MD5.369460336D9A2F195B0524DF3133029F] - 08/05/2013 - 19:03:19 ---A- - C:\Windows\Prefetch\LIVECOMM.EXE-024E77D2.pf O45 - LFCP:[MD5.C645AB43F344CA86F729A4DC615B8C07] - 30/04/2013 - 19:22:06 ---A- - C:\Windows\Prefetch\SETUP-ADSLTV-VLC2(1).EXE-1EE2FEE2.pf ~ Prefetcher: 242 Legitimates Filtered in 00mn 01s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{20eebb7b-af97-11e2-be66-806e6f6e6963}\AutoRun\command. (...) -- F:\cdstart.exe (.not file.) O51 - MPSK:{35da15a7-b5c6-11e2-be79-fab9058cd8c1}\AutoRun\command. (...) -- H:\HPLauncher.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.4F18D4C7EA14F11A7211F60D553C03DB] - 26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736] ~ Drivers: Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 05/05/2013 - 13:39:54 ---A- C:\Users\damien lasseney dore\Videos\Ma2x Ft. Yossi Zik - Prends soin de nous (Clip Officiel).mp4 [29321113] O61 - LFC: 05/05/2013 - 13:41:44 ---A- C:\Users\damien lasseney dore\Videos\Ma2x - Un Amour de jeunesse (Clip HD Officiel).mp4 [16147564] O61 - LFC: 05/05/2013 - 13:43:09 ---A- C:\Users\damien lasseney dore\Videos\DJANY - je t_emmène [Clip Officiel].mp4 [12956063] O61 - LFC: 05/05/2013 - 13:46:24 ---A- C:\Users\damien lasseney dore\Downloads\formatfactory_formatfactory_3.0_francais_223920.zip [53409040] O61 - LFC: 05/05/2013 - 15:11:15 ---A- C:\Users\damien lasseney dore\Saved Games\Monopoly\savegame.autodata [2776] O61 - LFC: 05/05/2013 - 15:11:15 ---A- C:\Users\damien lasseney dore\Saved Games\Monopoly\savegame.autolog [2542] O61 - LFC: 05/05/2013 - 15:11:15 ---A- C:\Users\damien lasseney dore\Saved Games\Monopoly\savegame.autometa [47] O61 - LFC: 05/05/2013 - 15:11:15 ---A- C:\Users\damien lasseney dore\Saved Games\Monopoly\savegame.data1 [2776] O61 - LFC: 05/05/2013 - 15:11:15 ---A- C:\Users\damien lasseney dore\Saved Games\Monopoly\savegame.log1 [2542] O61 - LFC: 05/05/2013 - 15:11:15 ---A- C:\Users\damien lasseney dore\Saved Games\Monopoly\savegame.meta1 [43] O61 - LFC: 05/05/2013 - 15:11:19 ---A- C:\Users\damien lasseney dore\Saved Games\Monopoly\savegame.index [3134] O61 - LFC: 05/05/2013 - 15:15:17 ---A- C:\Users\damien lasseney dore\Videos\Ma2x - Rappelle-toi.mp4 [16844974] O61 - LFC: 05/05/2013 - 15:22:05 ---A- C:\Users\damien lasseney dore\AppData\Roaming\Microsoft\Templates\Normal.dotm [15601] O61 - LFC: 05/05/2013 - 21:19:07 ---A- C:\Users\damien lasseney dore\Downloads\KiesSetup.exe [69552992] O61 - LFC: 05/05/2013 - 22:44:00 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\JoKxxg-yjHX.css [44396] O61 - LFC: 05/05/2013 - 22:44:00 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\oeyMmgGXkU1.js [65053] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\-PAXP-deijE.gif [43] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\2071nTzlzOM.js [68044] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\2TpOcYlyqvt.css [8791] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\3JPjcNnM776.js [4377] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\3SNai8FTT0k.js [8082] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\4zqsmw-v8VJ.js [726] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\7NckTJJ_l8J.js [5219] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\7wKiyLocmNQ.js [4555] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\BAz78HXe9i2.js [2411] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\Bc-173yVwZT.js [782] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\G81PADVnKGt.js [10976] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\GsNJNwuI-UM.gif [522] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\HSV-DhDnno7.js [64348] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\HeW-i0f-D5U.css [13780] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\HgKCd5pA6Lq.js [21515] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\K2JR2-q1ADh.js [17016] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\Ng7-NxIeArw.js [17056] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\O5SwjCY602q.js [25324] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\O9xAtC02AI5.js [109369] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\OHXcRaOC4Pp.js [27579] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\OqgXf7h-NVu.js [32925] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\QPrF__-Hu1d.js [206198] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\RJugo60ZD-X.js [44042] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\S3gTvUtX63Q.css [90681] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\UTc1ZStHNfN.js [61322] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\Wn01wXEIXDk.js [192876] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\XZ2-FjjwKeI.js [286] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\YT3KHj2muA-.js [205] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\YjzhjZ2rAVr.js [142522] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\aWTyhN0Yyyo.js [52893] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\app_2_127995567256931_3140.gif [607] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\aw5Qj_1w1Ah.css [20587] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\bMRWEIyZIRT.js [37170] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\bulSnSezQOL.js [140969] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\daVRD6ob-lS.js [822] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\iMha2Fd5CVQ.js [20466] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\iR_HDc39aG0.js [23747] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\jKEcVPZFk-2.gif [1900] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\jzhQ9u9tVTW.js [2890] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\kc_t0_4qxBj.css [2490] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\mvmvxDKTeL4.js [825] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\nJ7o560N8GJ.js [233725] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\nPAOWuJZa5V.js [28682] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\nqxd4RzLgAI.css [2920] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\oJl6832s5zI.js [123129] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\safe_image.php [43130] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\u2XuCX9luUK.js [34018] O61 - LFC: 05/05/2013 - 22:44:01 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\y6k3xFyPTWn.js [957] O61 - LFC: 05/05/2013 - 22:44:02 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles.htm [673677] O61 - LFC: 05/05/2013 - 22:44:02 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\ai.htm [2466] O61 - LFC: 05/05/2013 - 22:44:02 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\ei(1).htm [591] O61 - LFC: 05/05/2013 - 22:44:02 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\ei(2).htm [591] O61 - LFC: 05/05/2013 - 22:44:02 ---A- C:\Users\damien lasseney dore\Downloads\(3) Téléchargements mobiles_files\ei.htm [591] O61 - LFC: 06/05/2013 - 00:27:11 ---A- C:\Users\damien lasseney dore\AppData\Roaming\Sandra.mdb [13217792] O61 - LFC: 06/05/2013 - 02:39:49 R--A- C:\Users\damien lasseney dore\Downloads\Woodcutter.Simulator.2012.EN.t411.Crack.zip [570228041] O61 - LFC: 06/05/2013 - 02:51:05 R--A- C:\Users\damien lasseney dore\Downloads\AS2013.zip [1314198414] O61 - LFC: 06/05/2013 - 17:49:29 ---A- C:\Users\damien lasseney dore\Saved Games\ConstructionSim2012\034ffecd-349f-4d66-9348-8a670f71adf7.pro [5384] O61 - LFC: 06/05/2013 - 22:12:04 R--A- C:\Users\damien lasseney dore\Downloads\Comme.Des.Freres.2012.FRENCH.DVDRip.XviD.UTT\Thumbs.db [5120] O61 - LFC: 06/05/2013 - 22:12:04 R--A- C:\Users\damien lasseney dore\Downloads\Comme.Des.Freres.2012.FRENCH.DVDRip.XviD.UTT\UTT.nfo [16565] O61 - LFC: 06/05/2013 - 23:52:24 R--A- C:\Users\damien lasseney dore\Downloads\Mais.qui.a.re-tue.Pamela.Rose.2012.FRENCH.BDRip.XviD-AYMO\Mais.qui.a.re-tue.Pamela.Rose.2012.FRENCH.BDRip.XviD-AYMO.avi [733968384] O61 - LFC: 06/05/2013 - 23:59:42 R--A- C:\Users\damien lasseney dore\Downloads\Comme.Des.Freres.2012.FRENCH.DVDRip.XviD.UTT\Comme.Des.Freres.2012.FRENCH.DVDRip.XviD.UTT.avi [737258546] O61 - LFC: 07/05/2013 - 00:15:48 R--A- C:\Users\damien lasseney dore\Downloads\Mobile Home 2012 FRENCH DVDRIP XVID-VH\Mobile Home 2012 FRENCH DVDRIP XVID-VH.nfo [447] O61 - LFC: 07/05/2013 - 00:37:02 R--A- C:\Users\damien lasseney dore\Downloads\Mobile Home 2012 FRENCH DVDRIP XVID-VH\Mobile Home 2012 FRENCH DVDRIP XVID-VH.avi [733765632] O61 - LFC: 07/05/2013 - 20:27:27 R--A- C:\Users\damien lasseney dore\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe [10134] O61 - LFC: 07/05/2013 - 20:59:18 ---A- C:\Users\damien lasseney dore\Downloads\Deux Frères 720p\NFO.nfo [3920] O61 - LFC: 07/05/2013 - 22:30:19 ---A- C:\Users\damien lasseney dore\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [269345] O61 - LFC: 07/05/2013 - 23:08:56 ---A- C:\Users\damien lasseney dore\Downloads\Deux Frères 720p\Deux Frères 720p.mkv [3417568032] O61 - LFC: 08/05/2013 - 15:21:16 ---A- C:\Users\damien lasseney dore\Downloads\adwcleaner.exe [628743] O61 - LFC: 08/05/2013 - 15:26:12 ---A- C:\Users\damien lasseney dore\Documents\AdwCleaner[R2].txt [6273] O61 - LFC: 08/05/2013 - 15:30:46 R--A- C:\Users\damien lasseney dore\Downloads\MailWasher Pro 2013 Multilangue\Install Notes.txt [378] O61 - LFC: 08/05/2013 - 15:31:41 R--A- C:\Users\damien lasseney dore\Downloads\MailWasher Pro 2013 Multilangue\Crack\key.file [24] O61 - LFC: 08/05/2013 - 15:32:12 R--A- C:\Users\damien lasseney dore\Downloads\MailWasher Pro 2013 Multilangue\Crack\MailWasherPro.exe [5753680] O61 - LFC: 08/05/2013 - 15:32:13 R--A- C:\Users\damien lasseney dore\Downloads\MailWasher Pro 2013 Multilangue\mailwasher_pro_setup_7_1_0_20032013.exe [15218520] O61 - LFC: 08/05/2013 - 16:07:14 ---A- C:\Users\damien lasseney dore\Downloads\mbam-setup-1.75.0.1300.exe [10285040] O61 - LFC: 08/05/2013 - 16:52:47 ---A- C:\Users\damien lasseney dore\AppData\Local\Google\Chrome\User Data\Local State [31431] O61 - LFC: 08/05/2013 - 16:52:48 ---A- C:\Users\damien lasseney dore\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [4] ~ 27 Fichiers temporaires (Temporary files) ~ Files: 1744 Legitimates Filtered in 00mn 14s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {B224AA02-F7C8-3A2B-859F-560B80767E4A} - (Yahoo!) - http://kl.startnow.com ~ Keys: Scanned in 00mn 00s ---\\ Crack & Keygen Files (O82) C:\Users\damien lasseney dore\Downloads\Atomix.Virtual.DJ.Pro.v7.0.5.Cracked-EAT.rar C:\Users\damien lasseney dore\Downloads\EA.Monipoly.v1.1.1.0.MULTI9-ALiAS [Multilangue][CRACKED]\setup.exe C:\Users\damien lasseney dore\Downloads\NETGATE Spy Emergency v11.0.605.0 Multilingual Incl. Keygen and Patch-BRD\Keygen\Keygen.exe C:\Users\damien lasseney dore\Downloads\NETGATE Spy Emergency v11.0.605.0 Multilingual Incl. Keygen and Patch-BRD\Setup\Setup-ngt.exe C:\Users\damien lasseney dore\Downloads\Atomix.Virtual.DJ.Pro.v7.0.5.Cracked-EAT.rar C:\Users\damien lasseney dore\Downloads\EA.Monipoly.v1.1.1.0.MULTI9-ALiAS [Multilangue][CRACKED]\setup.exe C:\Users\damien lasseney dore\Downloads\NETGATE Spy Emergency v11.0.605.0 Multilingual Incl. Keygen and Patch-BRD\Keygen\Keygen.exe C:\Users\damien lasseney dore\Downloads\NETGATE Spy Emergency v11.0.605.0 Multilingual Incl. Keygen and Patch-BRD\Setup\Setup-ngt.exe ~ Files: Scanned in 01mn 15s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.B3A840E05F27DC6AE773A5D622BFA994] [SPRF][11/09/2012] (.Ask.com - Offercast - APN Install Manager.) -- C:\Users\damien lasseney dore\AppData\Local\Temp\AskPIP_FF_.exe [783560] [MD5.A324366A167539312458EF0553EEFEA3] [SPRF][26/02/2010] (.Microsoft Corporation - Windows Setup API.) -- C:\Users\damien lasseney dore\AppData\Local\Temp\devcon.exe [77312] [MD5.3EBE920A8F1E8E4D49D3BE02DAD5DA04] [SPRF][19/09/2009] (.Macrovision Corporation - Setup.exe.) -- C:\Users\damien lasseney dore\Desktop\NE PAS EFFACER - Pilote HDJS.3 (Pilote platine DJ).exe [20406968] ~ Files: Scanned in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : v2.11871 - (03/05/2013) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 0 C:\Program Files (x86)\StartNow Toolbar =>Adware.Zugo C:\Users\damien lasseney dore\AppData\Roaming\StartNow Toolbar =>Adware.Zugo ~ Additionnel Scan: 175844 Items scanned in 00mn 22s ---\\ Product Upgrade Codes (O90) O90 - PUC: "C6AC1163ACF500943A92A6111832CCCF" . (.Bing Bar.) -- C:\Windows\Installer\{3611CA6C-5FCA-4900-A329-6A118123CCFC}\icon_installer_ico ~ Update Products: 92 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 29/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 16/11/2012 238080 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 19/12/2012 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SR - | Auto 15/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe SR - | Auto 10/12/2012 1342024 | (avgfws) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe SR - | Auto 15/11/2012 5814904 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe SR - | Auto 22/10/2012 196664 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe SS - | Auto 25/01/2012 192792 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe SR - | Demand 25/01/2012 240408 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe SS - | Auto 29/04/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 29/04/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 24/10/2012 484304 | (HDDSvc) . (.AltrixSoft (http://www.altrixsoft.com/).) - C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe SR - | Auto 20480 | (HerculesDJControlMP3) . (...) - C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 10/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 18/09/2012 1082016 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe SS - | Demand 01/03/2009 71832 | (SandraAgentSrv) . (.SiSoftware.) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\RpcAgentSrv.exe SS - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 01s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by damien lasseney dore at 08/05/2013 21:29:27 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ~ MBR: 9 Legitimates Filtered in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by damien lasseney dore at 08/05/2013 21:29:29 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ~ 4033 Legitimates filtered by white list End of the scan (593 lines in 03mn 19s)(8)