~ Rapport de ZHPDiag v2013.10.28.74 - Nicolas Coolman (28/10/2013) ~ Lancé par Patrick (29/10/2013 17:05:52) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v6.0.2900.5512 MFIE: Mozilla Firefox 24.0 GCIE: Google Chrome v30.0.1599.101 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ Logiciels de protection du système Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Security Client FR-FR Language Pack v2.1.1116.0 ---\\ Logiciels d'optimisation du système CCleaner v4.06 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader XI Java 7 Update 45 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 15 Stepping 2, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3327 MB (82% free) System Restore: Activé (Enable) System drive C: has 62 GB (63%) free of 98 GB ---\\ Mode de connexion au système ~ Computer Name: PCFIXE ~ User Name: Patrick ~ All Users Names: UpdatusUser, SUPPORT_388945a0, Patrick, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\Patrick\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\Patrick\Application Data\ ~ %Desktop% : C:\Documents and Settings\Patrick\Bureau\ ~ %Favorites% : C:\Documents and Settings\Patrick\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\Patrick\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\Patrick\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Not Inserted) C: Hard drive, Flash drive, Thumb drive (Free 62 Go of 98 Go) D: Hard drive, Flash drive, Thumb drive (Free 82 Go of 135 Go) E: CD-ROM drive (Not Inserted) F: Hard drive, Flash drive, Thumb drive (Free 73 Go of 233 Go) G: Hard drive, Flash drive, Thumb drive (Free 18 Go of 76 Go) H: CD-ROM drive (Free 0 Go of 5 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 42 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.13/04/2008 - 19:34:04.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.4A6E04EA20F48D750D9BFED8600D516B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2008 - 19:33:50.) -- C:\WINDOWS\system32\wininet.dll [670208] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.13/04/2008 - 19:34:30.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.322D0E36693D6E24A2398BEE62A268CD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/04/2008 - 12:19:24.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138112] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 12:14:22.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 11:40:48.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.13/04/2008 - 18:57:40.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 11:41:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 11:57:16.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/04/2008 - 12:17:02.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456576] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 12:21:02.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 12:15:54.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/04/2008 - 19:09:42.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 12:19:44.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.13/04/2008 - 18:56:06.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/2 ~ Mes musiques (My Musics) : 1/91 ~ Mes Favoris (My Favorites) : 1/8 ~ Mes Documents (My Documents) : 1/1534 ~ Mon Bureau (My Desktop) : 0/218 ~ Menu demarrer (Programs) : 1/83 ~ Hidden Files: Scanned in 00mn 03s ---\\ Processus lancés [MD5.0A7F86657755ADA92C57E597BF5151F7] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1216] [MD5.58BF7714A312698108A96D0DE2BB6825] - (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584] [PID.196] [MD5.3C8B6609712F4FF78E521F6DCFC4032B] - (.Creative Technology Ltd - Creative Service for CDROM Access.) -- C:\WINDOWS\system32\CTsvcCDA.exe [44032] [PID.284] [MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.328] [MD5.F6590528F487FA8BDC6F53D8DFA1F7D3] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 331.5.) -- C:\WINDOWS\system32\nvsvc32.exe [156960] [PID.436] [MD5.0765EE4A7A0D6609BF91CA2E4700E885] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.924] [MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.1192] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254336] [PID.1380] [MD5.F7A01E608EDEB9BA5AEA26D1040DA7B7] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [20143688] [PID.1424] [MD5.4C8F546983E100D760E7480F936C11FB] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896] [PID.1436] [MD5.FF473648E7B1B37C7F3249A6549FAC72] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150016] [PID.1572] [MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208] [PID.1732] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\RunDLL32.exe [0] [PID.1596] [MD5.3E399A1328181C2A352472369DE2A93A] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [844752] [PID.2696] [MD5.3B605772669BDFD6DC266B9320E87B45] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8143872] [PID.3836] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] http://feed.snapdo.com =>Hijacker.SmartBar G0 - GCSP: Preference [User Data\Default][HomePage] http://feed.snapdo.com =>Hijacker.SmartBar G0 - GCSP: Preference [User Data\Default] http://feed.snapdo.com =>Hijacker.SmartBar G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] GoogleDrive v.6.3 (Désactivé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service v.0.0.4.11 (Activé) ~ Google Browser: 10 Scanned in 00mn 07s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\prefs.js M0 - MFSP: prefs.js [Patrick - x7d2xg82.default] about:home M2 - MFEP: prefs.js [Patrick - x7d2xg82.default\{18d58922-b052-65fa-0e41-9af98f749f17}] [] Snap.Do v (..) =>Hijacker.SmartBar M2 - MFEP: prefs.js [Patrick - x7d2xg82.default\{4ca8c1be-c30f-49bf-9ac8-f3e63f49665d}] [] HomeTab v4.8 (..) =>PUP.CertifiedToolbar P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.45.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.45.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.45.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.05.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll ~ Firefox Browser: 12 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com =>Hijacker.SmartBar R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) ~ IE Browser: 15 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) - {1c98a3ee-3194-4309-8715-ad4c57183160} Clé orpheline O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} . (.Pas de propriétaire - Easy-WebPrint EWPBrowseLoader Module.) -- C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ~ BHO: 8 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{1c98a3ee-3194-4309-8715-ad4c57183160} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Program [AllUsers]: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O4 - GS\Program [AllUsers]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) -- C:\Program Files\Audacity\audacity.exe =>.The Audacity Team O4 - GS\Program [AllUsers]: Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. Image Recognition Integarted Syste - Registration Wizard.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe O4 - GS\Program [AllUsers]: KeePass 2.lnk . (.Dominik Reichl - KeePass.) -- C:\Program Files\KeePass Password Safe 2\KeePass.exe O4 - GS\Program [AllUsers]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - GS\Program [AllUsers]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe =>.Microsoft Corporation O4 - GS\Program [UpdatusUser]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation O4 - GS\Program [UpdatusUser]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Patrick]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation O4 - GS\Program [Patrick]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Program [Patrick]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation O4 - GS\Program [Patrick]: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe =>.Microsoft Corporation O4 - GS\Program [Administrateur]: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe =>.Microsoft Corporation O4 - GS\Program [Administrateur]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation ~ Global Startup: 16 Scanned in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKLM\..\Run: [Synchronization Manager] . (.Microsoft Corporation - Gestionnaire de synchronisation Microsoft.) -- C:\WINDOWS\system32\mobsync.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [KeePass 2 PreLoad] . (.Dominik Reichl - KeePass.) -- C:\Program Files\KeePass Password Safe 2\KeePass.exe O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKLM\..\Run: [DVDUpgrade] . (.Microsoft Corporation - DVDUpgrd.) -- C:\WINDOWS\system32\DVDUpgrd.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll =>.NVIDIA Corporation O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMCTray.dll O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\Program Files\Fichiers communs\Microsoft Shared\DW\DWTRIG20.exe O4 - HKUS\S-1-5-21-1454471165-725345543-682003330-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-1454471165-725345543-682003330-1003\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-1454471165-725345543-682003330-1003\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll ~ Winsock: 3 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1367661695312 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1355212130125 O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} ((no name)) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} ((no name)) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} ((no name)) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{071ECDFD-7563-42CA-9625-37A386F39984}: DhcpNameServer = 109.0.66.20 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{071ECDFD-7563-42CA-9625-37A386F39984}: DhcpNameServer = 109.0.66.10 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{071ECDFD-7563-42CA-9625-37A386F39984}: DhcpNameServer = 109.0.66.20 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.20 192.168.0.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ SSODL: 5 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Cobian Backup 11 Service « Volume Shadow (cbVSCService11) . (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) - C:\Program Files\Cobian Backup 11\cbVSCService11.exe O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) . (.Luis Cobian, CobianSoft - Cobian Backup 11 Gravity - Service.) - C:\Program Files\Cobian Backup 11\cbService.exe O23 - Service: Creative Service for CDROM Access (Creative Service for CDROM Access) . (.Creative Technology Ltd - Creative Service for CDROM Access.) - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 331.5.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ~ Services: 7 Scanned in 00mn 03s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-725345543-682003330-1003Core.job [934] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-725345543-682003330-1003UA.job [986] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job [400] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MyDefrag v4.3.1 Daily.job [360] [MD5.A283108E14F3970432C21AF4C0CB1BCE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257416] [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskUserS-1-5-21-1454471165-725345543-682003330-1003Core] (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [133104] [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskUserS-1-5-21-1454471165-725345543-682003330-1003UA] (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [133104] [MD5.54A591A772B9A2F298790C231B29AF63] [APT] [MyDefrag v4.3.1 Daily] (...) -- C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [5663] ~ Scheduled Task: 9 Scanned in 00mn 00s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Lecteur Windows Media - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitaire d'installation du Lecteur Windows Media Microsoft.) -- C:\WINDOWS\inf\unregmp2.exe =>.Microsoft Corporation O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Lecteur Windows Media Microsoft 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media 6.4 Player Shim.) -- C:\WINDOWS\system32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} . (.Microsoft Corporation - DirectX Media -- DirectAnimation.) -- C:\WINDOWS\system32\danim.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\system32\themeui.dll O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Améliorations pour la navigation - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\system32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp.inf =>.Microsoft Corporation O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Bibliothèque d'installation Outlook Express.) -- C:\Program Files\Outlook Express\setup50.exe =>.Microsoft Corporation O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O40 - ASIC: Internet Explorer 6 - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- c:\WINDOWS\system32\mscories.dll ~ Active Setup: 17 Scanned in 00mn 01s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\WINDOWS\system32\DRIVERS\serial.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys ~ Drivers: 63 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} O42 - Logiciel: Attansic Ethernet Utility - (.Attansic.) [HKLM] -- {1F698102-5739-441E-96F0-74F4EA540F06} O42 - Logiciel: Audacity 2.0.3 - (.Audacity Team.) [HKLM] -- Audacity_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>Piriform Ltd O42 - Logiciel: CD-LabelPrint - (...) [HKLM] -- MediaNavigation.CDLabelPrint O42 - Logiciel: Calculateurs pour Flight Simulator - (...) [HKLM] -- ST6UNST #1 O42 - Logiciel: Canon Setup Utility 2.3 - (...) [HKLM] -- Canon Setup Utility 2.3 O42 - Logiciel: Canon Utilities Easy-PhotoPrint - (...) [HKLM] -- Easy-PhotoPrint O42 - Logiciel: Canon Utilities Easy-PrintToolBox - (...) [HKLM] -- Easy-PrintToolBox O42 - Logiciel: Canon iP4300 - (...) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300 O42 - Logiciel: Cobian Backup 11 Gravity - (...) [HKLM] -- CobBackup11 O42 - Logiciel: CrystalDiskInfo 5.0.0 - (.Crystal Dew World.) [HKLM] -- CrystalDiskInfo_is1 O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite =>.DT Soft Ltd O42 - Logiciel: DVD Decoder Pak for Windows XP - (.roddy2000@hotbox.ru.) [HKLM] -- {92C5DB3D-9D6F-4324-BB11-57825F4C2635} O42 - Logiciel: Dolomynum (remove only) - (...) [HKLM] -- Dolomynum O42 - Logiciel: Easy-WebPrint - (...) [HKLM] -- Easy-WebPrint O42 - Logiciel: Enregistrement utilisateur de Canon iP4300 - (...) [HKLM] -- Enregistrement utilisateur de Canon iP4300 =>.Canon Inc O42 - Logiciel: FSC - (.FlightSim Commander Team.) [HKLM] -- {2A9A269C-1C36-493C-96D8-60B23FAB2E10} O42 - Logiciel: FSFDT FSCopilot - (...) [HKLM] -- FSFDT FSCopilot O42 - Logiciel: FSFDT FSInn - (...) [HKLM] -- FSFDT FSInn O42 - Logiciel: FileHippo.com Update Checker - (...) [HKLM] -- FileHippo.com O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} =>.Google Inc O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM] -- HP Photosmart Essential =>.Hewlett-Packard Co O42 - Logiciel: HP Scanjet G2410 and 2400 - (.HP.) [HKLM] -- {E5B04674-1885-4B08-BAE7-ECDEC1F84677} O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: HP USB Disk Storage Format Tool - (...) [HKLM] -- {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {97486FBE-A3FC-4783-8D55-EA37E9D171CC} O42 - Logiciel: IvAp v2.0.2 (build 2773) - (.IVAO.) [HKLM] -- IvAp-v2_is1 O42 - Logiciel: JMB36X Raid Configurer - (.JMICRON Technology Corp..) [HKLM] -- {3A1B5D40-41E9-43FA-8C7B-A8667F5586EF} O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217040FF} O42 - Logiciel: KeePass Password Safe 2.21 - (.Dominik Reichl.) [HKLM] -- KeePassPasswordSafe2_is1 O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM] -- LAME_is1 O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2721691) - (.Microsoft Corporation.) [HKLM] -- {355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94} O42 - Logiciel: MSXML 6 Service Pack 2 (KB973686) - (.Microsoft Corporation.) [HKLM] -- {56EA8BC0-3751-4B93-BC9D-6651CC36E5AA} O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft Flight Simulator X - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC} O42 - Logiciel: Microsoft Flight Simulator X - (.Microsoft Game Studios.) [HKLM] -- {F535B2CF-C9BB-4162-B03A-02D6971F32CC} O42 - Logiciel: Microsoft Flight Simulator X Service Pack 1 - (.Microsoft Game Studios.) [HKLM] -- SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {4D24F198-A2CB-46B5-BB16-41B69C644B6C} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Mises à jour NVIDIA 8.3.23 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Mozilla Firefox 24.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 24.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: MyDefrag v4.3.1 - (.J.C. Kessels.) [HKLM] -- MyDefrag v4.3.1_is1 O42 - Logiciel: NVIDIA GeForce Experience 1.6.1.2 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience O42 - Logiciel: NVIDIA Logiciel système PhysX 9.13.0725 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {7B5AA67E-FEA0-40BB-BAB5-CA56645A589C} O42 - Logiciel: NVIDIA Pilote graphique 331.58 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA nView 140.75 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView O42 - Logiciel: OCR Software by I.R.I.S. 13.0 - (.HP.) [HKLM] -- HPOCR O42 - Logiciel: OpenAL - (...) [HKLM] -- OpenAL O42 - Logiciel: OpusFSX for FSX and Prepar3D Flight Simulators - (.Opus Software Limited.) [HKLM] -- {380C3F91-70DC-4135-8697-31134FE0DBAE} O42 - Logiciel: Plan-G v3 - (.TA Software.) [HKLM] -- {BD8C2617-3619-4563-B3F0-0576E7C0F0C3} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Service Pack 2 de Flight Simulator X de Microsoft - (.Microsoft Game Studios.) [HKLM] -- {CBB2A905-9FF1-4215-BDA2-0DF694F1D023} O42 - Logiciel: Snap.Do - (.ReSoft Ltd..) [HKLM] -- {7E09412E-7A0E-4C61-B304-888C760F61D4} =>Hijacker.SmartBar O42 - Logiciel: TELL ME MORE - (...) [HKLM] -- TMM90 O42 - Logiciel: TeamSpeak 2 RC2 - (.Dominating Bytes Design.) [HKLM] -- Teamspeak 2 RC2_is1 O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM] -- {EC5F4C1B-F838-4CB7-8561-8F809296428B} O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: Tower! 2011 SP2 - (...) [HKCU] -- Tower! 2011 SP2 O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Player 11 - (...) [HKLM] -- Windows Media Player =>.Microsoft Corporation O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 =>.Microsoft Corporation O42 - Logiciel: Windows PowerShell(TM) 1.0 - (.Microsoft Corporation.) [HKLM] -- PowerShell O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP O42 - Logiciel: ZOTAC FireStorm - (...) [HKLM] -- ZOTAC FireStorm O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: vroute.info premium - (.vroute.) [HKCU] -- b4d9024f4f0aca8c ~ Logic: 172 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ASUS] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow] [HKCU\Software\Audacity] [HKCU\Software\BillP Studios] [HKCU\Software\Canneverbe Limited] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Creative Tech] [HKCU\Software\DT Soft] [HKCU\Software\Disc Soft] [HKCU\Software\DriverTuner] [HKCU\Software\DriverTuner_Init] [HKCU\Software\FileHippo.com] [HKCU\Software\Flight1 E-Commerce] [HKCU\Software\GetPrivate] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\Intel] [HKCU\Software\JAB Soft] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\LastPass] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\MWSetup] [HKCU\Software\MW] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes Anti-Rootkit] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaNavigation] [HKCU\Software\Memeo] [HKCU\Software\MozillaPlugins] [HKCU\Software\MyDefrag] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\SIEN SA] [HKCU\Software\Secunia] [HKCU\Software\Software] [HKCU\Software\Sony Corporation] [HKCU\Software\Symantec] [HKCU\Software\Sysinternals] [HKCU\Software\TAS] [HKCU\Software\ToDownload] [HKCU\Software\TomTom] [HKCU\Software\Trolltech] [HKCU\Software\Unwinder] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Wow6432Node] [HKCU\Software\Zotac] [HKCU\Software\mozilla] [HKCU\Software\techPowerUp] [HKCU\Software\vlmc] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ASUS] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\Attansic] [HKLM\Software\Auralog] [HKLM\Software\BillP Studios] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CobianSoft] [HKLM\Software\Creative Tech] [HKLM\Software\DT Soft] [HKLM\Software\Debug] [HKLM\Software\Disc Soft] [HKLM\Software\FSFDT] [HKLM\Software\FeelThere] [HKLM\Software\Florenc] [HKLM\Software\Gemplus] [HKLM\Software\Genesys Logic] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard Company] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JAB Soft] [HKLM\Software\JMICRON Technology Corp.] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\L&H] [HKLM\Software\Lake] [HKLM\Software\Lame For Audacity] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes Anti-Rootkit] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Program Groups] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SIEN SA] [HKLM\Software\Schlumberger] [HKLM\Software\Secunia] [HKLM\Software\Secure] [HKLM\Software\Sony Corporation] [HKLM\Software\Uniblue] [HKLM\Software\Unwinder] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Wow6432Node] [HKLM\Software\mozilla.org] ~ Key Software: 210 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 01/03/2013 - 14:36:37 - [120,716] ----D C:\Program Files\Adobe O43 - CFD: 21/10/2013 - 14:53:38 - [0] ----D C:\Program Files\AGEIA Technologies O43 - CFD: 10/11/2011 - 07:33:18 - [3,746] ----D C:\Program Files\Attansic O43 - CFD: 29/10/2013 - 16:14:20 - [52,324] ----D C:\Program Files\Audacity O43 - CFD: 29/10/2013 - 13:31:29 - [80,785] ----D C:\Program Files\Auralog O43 - CFD: 03/12/2011 - 17:57:19 - [0,138] ----D C:\Program Files\calculateur O43 - CFD: 10/11/2011 - 07:46:46 - [58,605] ----D C:\Program Files\Canon O43 - CFD: 10/11/2011 - 07:39:09 - [7,951] --H-D C:\Program Files\CanonBJ O43 - CFD: 30/09/2013 - 16:25:19 - [5,971] ----D C:\Program Files\CCleaner =>Piriform Ltd O43 - CFD: 18/06/2013 - 18:34:27 - [36,459] ----D C:\Program Files\Cobian Backup 11 O43 - CFD: 27/10/2013 - 08:44:21 - [0] ----D C:\Program Files\ComPlus Applications O43 - CFD: 21/03/2013 - 20:21:00 - [3,284] ----D C:\Program Files\CrystalDiskInfo O43 - CFD: 29/10/2013 - 13:34:47 - [26,561] ----D C:\Program Files\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 29/10/2013 - 16:19:43 - [4,292] ----D C:\Program Files\Dolomynum O43 - CFD: 29/10/2013 - 16:23:33 - [442,504] ----D C:\Program Files\FeelThere O43 - CFD: 26/10/2013 - 16:09:30 - [451,344] ----D C:\Program Files\Fichiers communs O43 - CFD: 01/03/2013 - 14:28:23 - [0,421] ----D C:\Program Files\FileHippo.com O43 - CFD: 20/12/2011 - 10:44:05 - [15,660] ----D C:\Program Files\FSFDT O43 - CFD: 26/10/2013 - 19:08:38 - [179,454] ----D C:\Program Files\Google O43 - CFD: 11/01/2012 - 13:20:28 - [199,558] ----D C:\Program Files\HP O43 - CFD: 20/10/2013 - 18:51:22 - [18,110] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 10/11/2011 - 07:24:20 - [0,062] ----D C:\Program Files\Intel O43 - CFD: 29/10/2013 - 06:49:34 - [4,126] ----D C:\Program Files\Internet Explorer O43 - CFD: 05/04/2013 - 16:39:26 - [38,187] ----D C:\Program Files\IVAO O43 - CFD: 20/10/2013 - 07:43:59 - [122,896] ----D C:\Program Files\Java O43 - CFD: 22/02/2013 - 14:28:05 - [5,411] ----D C:\Program Files\KeePass Password Safe 2 O43 - CFD: 22/02/2013 - 16:51:35 - [1,540] ----D C:\Program Files\Lame For Audacity O43 - CFD: 03/05/2013 - 07:48:00 - [13,314] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 29/10/2013 - 06:49:52 - [2,052] ----D C:\Program Files\Messenger O43 - CFD: 27/11/2011 - 23:08:26 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 09/11/2011 - 15:28:50 - [0] ----D C:\Program Files\microsoft frontpage O43 - CFD: 13/11/2011 - 15:35:36 - [36,519] ----D C:\Program Files\Microsoft Games O43 - CFD: 27/11/2011 - 09:34:00 - [334,323] ----D C:\Program Files\Microsoft Office O43 - CFD: 16/10/2013 - 06:15:11 - [22,375] ----D C:\Program Files\Microsoft Security Client O43 - CFD: 09/10/2013 - 08:41:38 - [40,851] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 30/08/2013 - 11:41:36 - [3,092] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 30/08/2013 - 11:41:36 - [0,327] ----D C:\Program Files\Microsoft Synchronization Services O43 - CFD: 27/11/2011 - 09:42:06 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 10/11/2011 - 13:28:13 - [1,323] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 27/11/2011 - 09:42:33 - [3,554] ----D C:\Program Files\Microsoft Works O43 - CFD: 10/11/2011 - 13:29:58 - [7,797] ----D C:\Program Files\Microsoft.NET O43 - CFD: 29/10/2013 - 06:49:33 - [9,894] ----D C:\Program Files\Movie Maker O43 - CFD: 27/10/2013 - 00:10:36 - [48,683] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 27/10/2013 - 00:08:30 - [0,216] ----D C:\Program Files\Mozilla Maintenance Service O43 - CFD: 27/11/2011 - 09:42:12 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 27/11/2011 - 09:20:39 - [26,600] ----D C:\Program Files\MSECache O43 - CFD: 21/10/2013 - 16:27:54 - [0,004] ----D C:\Program Files\MSI Afterburner O43 - CFD: 27/09/2013 - 17:00:48 - [18,385] ----D C:\Program Files\MSN O43 - CFD: 09/11/2011 - 15:25:04 - [8,341] ----D C:\Program Files\MSN Gaming Zone O43 - CFD: 15/01/2012 - 14:15:54 - [0,147] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 10/11/2011 - 08:26:39 - [0,007] ----D C:\Program Files\MSXML 6.0 O43 - CFD: 12/10/2013 - 08:38:22 - [3,189] ----D C:\Program Files\MyDefrag v4.3.1 O43 - CFD: 29/10/2013 - 06:48:02 - [3,133] ----D C:\Program Files\NetMeeting O43 - CFD: 29/10/2013 - 07:31:22 - [729,912] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 28/11/2011 - 18:39:29 - [0,772] ----D C:\Program Files\OpenAL O43 - CFD: 29/10/2013 - 06:47:59 - [4,176] ----D C:\Program Files\Outlook Express =>.Microsoft Corporation O43 - CFD: 14/10/2013 - 08:36:57 - [116,408] ----D C:\Program Files\Realtek O43 - CFD: 10/11/2011 - 08:28:52 - [36,207] ----D C:\Program Files\Reference Assemblies O43 - CFD: 09/11/2011 - 15:27:29 - [0,001] ----D C:\Program Files\Services en ligne O43 - CFD: 24/10/2013 - 07:46:59 - [2,815] ----D C:\Program Files\Sony O43 - CFD: 17/10/2013 - 06:12:10 - [36,207] ----D C:\Program Files\TA Software O43 - CFD: 01/09/2013 - 15:17:10 - [64,670] ----D C:\Program Files\TeamSpeak 3 Client O43 - CFD: 18/10/2013 - 16:22:45 - [7,447] ----D C:\Program Files\Teamspeak2_RC2 O43 - CFD: 27/12/2012 - 11:18:15 - [1338,406] ----D C:\Program Files\Tell Me More O43 - CFD: 14/07/2013 - 18:00:32 - [48,348] ----D C:\Program Files\TomTom HOME 2 O43 - CFD: 30/11/2011 - 15:54:22 - [0,024] ----D C:\Program Files\TomTom International B.V O43 - CFD: 09/11/2011 - 15:33:17 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 22/10/2013 - 06:51:54 - [0,046] ----D C:\Program Files\Uninstaller O43 - CFD: 17/07/2013 - 14:25:21 - [0,221] ----D C:\Program Files\Unlocker O43 - CFD: 29/01/2013 - 16:14:13 - [3,415] ----D C:\Program Files\Windows Media Connect 2 O43 - CFD: 29/10/2013 - 06:57:33 - [7,404] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 29/10/2013 - 06:47:59 - [3,756] ----D C:\Program Files\Windows NT O43 - CFD: 09/11/2011 - 15:27:32 - [0] --H-D C:\Program Files\WindowsUpdate O43 - CFD: 09/11/2011 - 15:28:50 - [0] ----D C:\Program Files\xerox O43 - CFD: 29/10/2013 - 17:05:35 - [23,568] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman O43 - CFD: 21/10/2013 - 05:37:22 - [0,960] ----D C:\Program Files\ZOTAC FireStorm O43 - CFD: 01/03/2013 - 14:36:56 - [6,227] ----D C:\Program Files\Fichiers communs\Adobe O43 - CFD: 06/01/2012 - 14:55:20 - [3,347] ----D C:\Program Files\Fichiers communs\Creative O43 - CFD: 27/11/2011 - 09:42:34 - [0,082] ----D C:\Program Files\Fichiers communs\DESIGNER O43 - CFD: 10/11/2011 - 16:42:01 - [4,907] ----D C:\Program Files\Fichiers communs\Hewlett-Packard O43 - CFD: 10/11/2011 - 16:42:36 - [4,323] ----D C:\Program Files\Fichiers communs\HP O43 - CFD: 26/02/2013 - 14:44:21 - [12,341] ----D C:\Program Files\Fichiers communs\InstallShield O43 - CFD: 17/09/2013 - 06:55:22 - [1,191] ----D C:\Program Files\Fichiers communs\Java O43 - CFD: 24/03/2012 - 08:00:58 - [222,568] ----D C:\Program Files\Fichiers communs\Microsoft Shared O43 - CFD: 09/11/2011 - 15:26:35 - [0,271] ----D C:\Program Files\Fichiers communs\MSSoap O43 - CFD: 09/11/2011 - 16:09:07 - [0] ----D C:\Program Files\Fichiers communs\ODBC O43 - CFD: 09/11/2011 - 15:26:39 - [0,008] ----D C:\Program Files\Fichiers communs\Services O43 - CFD: 09/11/2011 - 16:09:03 - [3,612] ----D C:\Program Files\Fichiers communs\SpeechEngines O43 - CFD: 29/10/2013 - 06:47:56 - [39,450] ----D C:\Program Files\Fichiers communs\System O43 - CFD: 21/10/2013 - 14:53:37 - [142,562] ----D C:\Program Files\Fichiers communs\Wise Installation Wizard O43 - CFD: 05/03/2013 - 08:18:45 - [149,112] ----D C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 13/11/2011 - 09:04:31 - [0] ----D C:\Documents and Settings\All Users\Application Data\Canneverbe Limited O43 - CFD: 10/11/2011 - 07:39:25 - [16,492] --H-D C:\Documents and Settings\All Users\Application Data\CanonBJ O43 - CFD: 14/12/2011 - 13:51:22 - [48,217] ----D C:\Documents and Settings\All Users\Application Data\Creative O43 - CFD: 27/12/2012 - 10:46:16 - [0,002] ----D C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 14/10/2013 - 08:50:37 - [0,001] ----D C:\Documents and Settings\All Users\Application Data\DriverGenius O43 - CFD: 17/10/2012 - 09:35:42 - [0,459] ----D C:\Documents and Settings\All Users\Application Data\EditVoicepackX O43 - CFD: 10/11/2011 - 16:43:27 - [12,403] ----D C:\Documents and Settings\All Users\Application Data\HP O43 - CFD: 10/11/2011 - 16:43:16 - [0,009] ----D C:\Documents and Settings\All Users\Application Data\HP Product Assistant O43 - CFD: 05/02/2013 - 14:51:14 - [16,944] ----D C:\Documents and Settings\All Users\Application Data\Malwarebytes O43 - CFD: 29/10/2013 - 06:02:20 - [1,565] ----D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) O43 - CFD: 13/08/2013 - 13:44:50 - [0] ----D C:\Documents and Settings\All Users\Application Data\McAfee O43 - CFD: 14/03/2013 - 16:58:22 - [412,188] -S--D C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 09/10/2013 - 08:50:25 - [0,234] ----D C:\Documents and Settings\All Users\Application Data\Microsoft Help O43 - CFD: 18/04/2013 - 07:16:49 - [0] ----D C:\Documents and Settings\All Users\Application Data\Mozilla O43 - CFD: 24/08/2013 - 08:35:53 - [0] ----D C:\Documents and Settings\All Users\Application Data\MyTraffic O43 - CFD: 09/10/2012 - 06:25:00 - [3,460] ----D C:\Documents and Settings\All Users\Application Data\Navigraph O43 - CFD: 21/10/2013 - 14:52:41 - [206,762] ----D C:\Documents and Settings\All Users\Application Data\NVIDIA O43 - CFD: 21/10/2013 - 05:11:05 - [0,175] ----D C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation O43 - CFD: 18/04/2013 - 07:15:09 - [0] ----D C:\Documents and Settings\All Users\Application Data\Sun O43 - CFD: 27/11/2011 - 10:02:20 - [0,002] ----D C:\Documents and Settings\All Users\Application Data\Symantec O43 - CFD: 30/11/2011 - 16:01:56 - [0,389] ----D C:\Documents and Settings\All Users\Application Data\TomTom O43 - CFD: 10/11/2011 - 16:44:53 - [0] ----D C:\Documents and Settings\All Users\Application Data\WEBREG O43 - CFD: 10/11/2011 - 07:58:01 - [0,003] ----D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage O43 - CFD: 02/03/2013 - 16:12:29 - [7,477] ----D C:\Documents and Settings\Patrick\Application Data\Adobe O43 - CFD: 29/10/2013 - 16:14:33 - [0,003] ----D C:\Documents and Settings\Patrick\Application Data\Audacity O43 - CFD: 13/11/2011 - 09:04:31 - [0,001] ----D C:\Documents and Settings\Patrick\Application Data\Canneverbe Limited O43 - CFD: 26/02/2013 - 14:48:53 - [0,524] ----D C:\Documents and Settings\Patrick\Application Data\Creative O43 - CFD: 29/10/2013 - 14:19:33 - [1,456] ----D C:\Documents and Settings\Patrick\Application Data\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 29/01/2013 - 15:29:50 - [0] ----D C:\Documents and Settings\Patrick\Application Data\dvdcss O43 - CFD: 27/10/2013 - 07:21:38 - [0] ----D C:\Documents and Settings\Patrick\Application Data\ElevatedDiagnostics O43 - CFD: 17/10/2012 - 08:43:59 - [28,630] ----D C:\Documents and Settings\Patrick\Application Data\Flight One Software O43 - CFD: 22/02/2013 - 16:53:51 - [0] ----D C:\Documents and Settings\Patrick\Application Data\FreeAudioPack O43 - CFD: 30/11/2012 - 19:34:08 - [0,021] ----D C:\Documents and Settings\Patrick\Application Data\Google O43 - CFD: 26/10/2013 - 16:26:05 - [0] ----D C:\Documents and Settings\Patrick\Application Data\Help O43 - CFD: 30/09/2012 - 16:04:47 - [0,117] ----D C:\Documents and Settings\Patrick\Application Data\HP O43 - CFD: 25/09/2013 - 16:47:57 - [0,034] ----D C:\Documents and Settings\Patrick\Application Data\HpUpdate O43 - CFD: 13/11/2011 - 15:39:49 - [0] ----D C:\Documents and Settings\Patrick\Application Data\Identities O43 - CFD: 05/12/2011 - 13:42:42 - [0,015] ----D C:\Documents and Settings\Patrick\Application Data\IVAO O43 - CFD: 29/10/2013 - 14:33:45 - [0,004] ----D C:\Documents and Settings\Patrick\Application Data\KeePass O43 - CFD: 19/11/2011 - 21:29:59 - [0,130] ----D C:\Documents and Settings\Patrick\Application Data\Macromedia O43 - CFD: 05/02/2013 - 14:51:25 - [46,091] ----D C:\Documents and Settings\Patrick\Application Data\Malwarebytes O43 - CFD: 29/10/2013 - 13:35:37 - [13,572] -S--D C:\Documents and Settings\Patrick\Application Data\Microsoft O43 - CFD: 18/04/2013 - 07:16:58 - [17,532] ----D C:\Documents and Settings\Patrick\Application Data\Mozilla O43 - CFD: 27/09/2013 - 17:00:47 - [0] ----D C:\Documents and Settings\Patrick\Application Data\MSNInstaller O43 - CFD: 19/12/2012 - 08:09:57 - [0] ----D C:\Documents and Settings\Patrick\Application Data\MyTraffic O43 - CFD: 20/10/2013 - 08:00:55 - [0,638] ----D C:\Documents and Settings\Patrick\Application Data\NVIDIA O43 - CFD: 26/10/2013 - 16:05:17 - [0] ----D C:\Documents and Settings\Patrick\Application Data\SIEN SA O43 - CFD: 15/01/2012 - 14:20:36 - [0,976] ----D C:\Documents and Settings\Patrick\Application Data\Sony Corporation O43 - CFD: 18/04/2013 - 07:13:08 - [26,117] ----D C:\Documents and Settings\Patrick\Application Data\Sun O43 - CFD: 12/09/2013 - 15:25:25 - [0,033] ----D C:\Documents and Settings\Patrick\Application Data\teamspeak2 O43 - CFD: 13/11/2011 - 09:09:52 - [43,222] ----D C:\Documents and Settings\Patrick\Application Data\TomTom O43 - CFD: 18/10/2013 - 16:13:08 - [0,082] ----D C:\Documents and Settings\Patrick\Application Data\TS3Client O43 - CFD: 18/03/2013 - 11:24:21 - [0] ----D C:\Documents and Settings\Patrick\Application Data\Western Digital O43 - CFD: 29/10/2013 - 17:06:17 - [0,334] ----D C:\Documents and Settings\Patrick\Application Data\ZHP =>.Nicolas Coolman O43 - CFD: 29/10/2013 - 14:30:11 - [0,370] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Adobe O43 - CFD: 28/11/2011 - 17:12:39 - [0,005] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\ApplicationHistory O43 - CFD: 29/10/2013 - 16:45:38 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Deployment O43 - CFD: 10/01/2013 - 09:44:04 - [52,036] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Downloaded Installations O43 - CFD: 14/10/2013 - 07:53:55 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\DriverTuner O43 - CFD: 13/09/2012 - 10:44:36 - [0,910] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\fontconfig O43 - CFD: 13/09/2012 - 10:44:35 - [0,001] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\gegl-0.2 O43 - CFD: 30/08/2013 - 11:44:07 - [32,156] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\GMap.NET O43 - CFD: 26/10/2013 - 23:36:00 - [720,510] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Google O43 - CFD: 13/11/2011 - 15:55:44 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Help O43 - CFD: 30/09/2012 - 16:04:47 - [0,091] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\HP O43 - CFD: 17/11/2011 - 17:28:52 - [340,442] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities O43 - CFD: 12/01/2012 - 09:46:42 - [0,003] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\IsolatedStorage O43 - CFD: 14/03/2013 - 17:03:41 - [34,926] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft O43 - CFD: 10/11/2011 - 13:27:37 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft Help O43 - CFD: 18/04/2013 - 07:16:58 - [3,747] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla O43 - CFD: 21/10/2013 - 15:29:18 - [0,001] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\NVIDIA O43 - CFD: 23/01/2013 - 13:03:24 - [19,741] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\PCHealth O43 - CFD: 26/02/2013 - 11:51:03 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Secunia PSI O43 - CFD: 26/10/2013 - 16:03:40 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Software =>Adware.Boxore O43 - CFD: 18/04/2013 - 07:15:34 - [1,136] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Sun O43 - CFD: 30/08/2013 - 12:21:31 - [0,047] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\TA_Software O43 - CFD: 26/10/2013 - 16:04:24 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\Temp O43 - CFD: 13/11/2011 - 09:09:52 - [1,879] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\TomTom O43 - CFD: 13/09/2012 - 10:48:21 - [0,022] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\webkit O43 - CFD: 29/01/2013 - 16:13:27 - [0] ----D C:\Documents and Settings\Patrick\Local Settings\Application Data\WMTools Downloaded Files O43 - CFD: 30/11/2011 - 15:32:43 - [0,015] R---D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Accessoires O43 - CFD: 29/10/2013 - 16:18:47 - [0,014] ----D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum O43 - CFD: 22/10/2013 - 06:57:12 - [0] R---D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Démarrage O43 - CFD: 29/10/2013 - 16:24:21 - [0,009] ----D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere O43 - CFD: 11/04/2013 - 16:51:24 - [0,010] ----D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FSFDT O43 - CFD: 26/10/2013 - 23:30:41 - [0,002] ----D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Google Chrome O43 - CFD: 18/01/2013 - 14:36:09 - [0] R---D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Outils d'administration O43 - CFD: 21/10/2013 - 16:59:36 - [0,013] ----D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Rikoooo Add-ons O43 - CFD: 07/07/2013 - 07:05:49 - [0,003] ----D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Unlocker O43 - CFD: 29/10/2013 - 16:47:20 - [0] ----D C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\vroute ~ Program Folder: 181 Scanned in 00mn 18s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3FF3A346B4456230D27FBD3636F8759C] - 15/10/2013 - 23:26:36 ---A- . (.NVIDIA Corporation - NVIDIA Color Optimizer, Version 331.58.) -- C:\WINDOWS\system32\nvcolor.exe [144160] O44 - LFC:[MD5.9936B3B711384AD670A9342B06FFB3B5] - 15/10/2013 - 23:26:36 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\nvmctray.dll [209184] O44 - LFC:[MD5.7E47E6506FD3459EA42B9492F76E7771] - 15/10/2013 - 23:26:37 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\nvcpl.dll [15709984] O44 - LFC:[MD5.F6590528F487FA8BDC6F53D8DFA1F7D3] - 15/10/2013 - 23:26:38 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 331.5.) -- C:\WINDOWS\system32\nvsvc32.exe [156960] O44 - LFC:[MD5.181301D33363D2B7B3FF34A527E74A1F] - 15/10/2013 - 23:26:39 ---A- . (.NVIDIA Corporation - NVIDIA nView Display Driver Interface Lib,.) -- C:\WINDOWS\system32\nvwddi.dll [54272] O44 - LFC:[MD5.E977E863ECCDECFE05DF8AF42C7FA827] - 15/10/2013 - 23:29:04 ---A- . (.NVIDIA Corporation - NVIDIA Arabic language resource library.) -- C:\WINDOWS\system32\nvrsar.dll [335872] O44 - LFC:[MD5.7E5B86B69DE87146C70BC3DBA472E273] - 15/10/2013 - 23:29:04 ---A- . (.NVIDIA Corporation - NVIDIA Czech language resource library.) -- C:\WINDOWS\system32\nvrscs.dll [249856] O44 - LFC:[MD5.3389D24AED5329B46C7F02A4728A5262] - 15/10/2013 - 23:29:04 ---A- . (.NVIDIA Corporation - NVIDIA Danish language resource library.) -- C:\WINDOWS\system32\nvrsda.dll [253952] O44 - LFC:[MD5.F2B243E903B1455F6AD3112FD9CFA8DE] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA Finnish language resource library.) -- C:\WINDOWS\system32\nvrsfi.dll [249856] O44 - LFC:[MD5.16384EC185E34655E8DEA78641593A46] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA French language resource library.) -- C:\WINDOWS\system32\nvrsfr.dll [286720] O44 - LFC:[MD5.A9FCF2AC8D512455FCAD49D65677326A] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA German language resource library.) -- C:\WINDOWS\system32\nvrsde.dll [278528] O44 - LFC:[MD5.380DCAE91ECA60AFAE82E013FCADE2DA] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA Greek language resource library.) -- C:\WINDOWS\system32\nvrsel.dll [282624] O44 - LFC:[MD5.46104DD261BB1E4B447D8554123287E3] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA Hebrew language resource library.) -- C:\WINDOWS\system32\nvrshe.dll [335872] O44 - LFC:[MD5.5B92255728258A2F61CDCDFD1316E39F] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA Latin American Spanish language reso.) -- C:\WINDOWS\system32\nvrsesm.dll [274432] O44 - LFC:[MD5.9AC8ACC343E58209DE478CB35602160F] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA Spanish language resource library.) -- C:\WINDOWS\system32\nvrses.dll [282624] O44 - LFC:[MD5.2695C0099D33ABEC84A3604D03B053A8] - 15/10/2013 - 23:29:05 ---A- . (.NVIDIA Corporation - NVIDIA UK English language resource library.) -- C:\WINDOWS\system32\nvrseng.dll [249856] O44 - LFC:[MD5.C739A258C38856174DDB7605F2BC40C8] - 15/10/2013 - 23:29:06 ---A- . (.NVIDIA Corporation - NVIDIA Dutch language resource library.) -- C:\WINDOWS\system32\nvrsnl.dll [274432] O44 - LFC:[MD5.F7ECEA14E7C0E9BDD2029760DD1C3B1D] - 15/10/2013 - 23:29:06 ---A- . (.NVIDIA Corporation - NVIDIA Hungarian language resource library.) -- C:\WINDOWS\system32\nvrshu.dll [262144] O44 - LFC:[MD5.9224196775760D648BCC7D26F95C1B5F] - 15/10/2013 - 23:29:06 ---A- . (.NVIDIA Corporation - NVIDIA Italian language resource library.) -- C:\WINDOWS\system32\nvrsit.dll [282624] O44 - LFC:[MD5.BB2F8A2ED45E464A4703BD5FE1F1E72E] - 15/10/2013 - 23:29:06 ---A- . (.NVIDIA Corporation - NVIDIA Japanese language resource library.) -- C:\WINDOWS\system32\nvrsja.dll [274432] O44 - LFC:[MD5.257CE1D2159462FAE79DE3EBC6F2D9A4] - 15/10/2013 - 23:29:06 ---A- . (.NVIDIA Corporation - NVIDIA Korean language resource library.) -- C:\WINDOWS\system32\nvrsko.dll [266240] O44 - LFC:[MD5.1AC0CCD674027CE6055638D31EFD876E] - 15/10/2013 - 23:29:06 ---A- . (.NVIDIA Corporation - NVIDIA Norwegian language resource library.) -- C:\WINDOWS\system32\nvrsno.dll [253952] O44 - LFC:[MD5.5D655316B823F9FDC42C63E65C37C720] - 15/10/2013 - 23:29:07 ---A- . (.NVIDIA Corporation - NVIDIA Iberian Portuguese language resource.) -- C:\WINDOWS\system32\nvrspt.dll [274432] O44 - LFC:[MD5.1588AF3654D72353544E6DCD0388C271] - 15/10/2013 - 23:29:07 ---A- . (.NVIDIA Corporation - NVIDIA Polish language resource library.) -- C:\WINDOWS\system32\nvrspl.dll [258048] O44 - LFC:[MD5.D4D8B27FC314D11B758A67EA6A4E1BB4] - 15/10/2013 - 23:29:07 ---A- . (.NVIDIA Corporation - NVIDIA Portuguese (Brazilian) language reso.) -- C:\WINDOWS\system32\nvrsptb.dll [270336] O44 - LFC:[MD5.13DA7D5A20B7302CCE5A2F4F5F41819A] - 15/10/2013 - 23:29:07 ---A- . (.NVIDIA Corporation - NVIDIA Russian language resource library.) -- C:\WINDOWS\system32\nvrsru.dll [270336] O44 - LFC:[MD5.2F07512CDD611116EE01B0EDDDBC5B13] - 15/10/2013 - 23:29:07 ---A- . (.NVIDIA Corporation - NVIDIA Slovak language resource library.) -- C:\WINDOWS\system32\nvrssk.dll [258048] O44 - LFC:[MD5.499E6A645C445D1B76F96B0E36E89CD3] - 15/10/2013 - 23:29:07 ---A- . (.NVIDIA Corporation - NVIDIA Slovenian language resource library.) -- C:\WINDOWS\system32\nvrssl.dll [258048] O44 - LFC:[MD5.ACCB2677755AA922B4AE8F9620414E2B] - 15/10/2013 - 23:29:07 ---A- . (.NVIDIA Corporation - NVIDIA Swedish language resource library.) -- C:\WINDOWS\system32\nvrssv.dll [253952] O44 - LFC:[MD5.D315D5FA018B4364B0BE6B3DA2416837] - 15/10/2013 - 23:29:08 ---A- . (.NVIDIA Corporation - NVIDIA Chinese (Traditional) language resou.) -- C:\WINDOWS\system32\nvrszht.dll [126976] O44 - LFC:[MD5.6FD3B9BB54990DE0A553B0264D3E2D13] - 15/10/2013 - 23:29:08 ---A- . (.NVIDIA Corporation - NVIDIA Simplified Chinese language resource.) -- C:\WINDOWS\system32\nvrszhc.dll [229376] O44 - LFC:[MD5.676E78625D993ABDE11B94D7CB555F44] - 15/10/2013 - 23:29:08 ---A- . (.NVIDIA Corporation - NVIDIA Thai language resource library.) -- C:\WINDOWS\system32\nvrsth.dll [253952] O44 - LFC:[MD5.25CE5B433213AE99816FC5A92C8F22CD] - 15/10/2013 - 23:29:08 ---A- . (.NVIDIA Corporation - NVIDIA Turkish language resource library.) -- C:\WINDOWS\system32\nvrstr.dll [258048] O44 - LFC:[MD5.6C9DB969E28A82153183A0DE7816D759] - 16/10/2013 - 01:32:54 ---A- . (...) -- C:\WINDOWS\system32\nvdata.data [3555144] O44 - LFC:[MD5.1F3293AD99E2AA8E417930A2A193F7B6] - 16/10/2013 - 01:32:54 ---A- . (...) -- C:\WINDOWS\system32\nvinfo.pb [18598] O44 - LFC:[MD5.1D3A9150E9E35FA86359A4F9FEE4B13A] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\WINDOWS\system32\nvdispco3233158.dll [1049888] O44 - LFC:[MD5.5F373E18F12EA90BDC8219327CF80B47] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\WINDOWS\system32\nvdispgenco3233158.dll [893728] O44 - LFC:[MD5.221776EE012088392DDB7A6C9BCE0950] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA CUDA 6.0.1 OpenCL 1.1 Driver, Versio.) -- C:\WINDOWS\system32\nvopencl.dll [9457664] O44 - LFC:[MD5.4E8DE4C7DE61DF07060D3F4ECF0AE722] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 331.58.) -- C:\WINDOWS\system32\nvcuda.dll [9498624] O44 - LFC:[MD5.9D5FFDED5F91836ACE703C4F269A8C22] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 331.5.) -- C:\WINDOWS\system32\nvcuvid.dll [2951968] O44 - LFC:[MD5.1BCC1BC524596D532EC6E61A7A8CB982] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 331.58.) -- C:\WINDOWS\system32\nvcuvenc.dll [2747168] O44 - LFC:[MD5.5AF3F85F19E4966B97DE5022FBA2C6A7] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\WINDOWS\system32\nvoglnt.dll [22171648] O44 - LFC:[MD5.6F33A3CD266C792A1D97577D0AC845B8] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 331.58.) -- C:\WINDOWS\system32\nvcompiler.dll [17551360] O44 - LFC:[MD5.58CD3EECDF5D8AABBFDDB86CD495B74F] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 331.58.) -- C:\WINDOWS\system32\nvapi.dll [2631680] O44 - LFC:[MD5.63C416A4A15FD43884511DEF7F219F1F] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA Windows XP Display driver, Version 3.) -- C:\WINDOWS\system32\nv4_disp.dll [4077440] O44 - LFC:[MD5.D2F256F9879DDCE59EFA361CBDC34F96] - 16/10/2013 - 01:32:54 ---A- . (.NVIDIA Corporation - NVIDIA Windows XP Miniport Driver, Version.) -- C:\WINDOWS\system32\Drivers\nv4_mini.sys [12627104] O44 - LFC:[MD5.BCC474C2646C3DC49F4EB5DBF03E2891] - 20/10/2013 - 07:43:59 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log [4191] O44 - LFC:[MD5.658633D255FEF154EA1CB8705B4468C5] - 20/10/2013 - 07:43:59 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\system32\java.exe [174504] O44 - LFC:[MD5.DC1342498BEE7EF1646E9D63138B69CC] - 20/10/2013 - 07:43:59 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\system32\javaw.exe [175016] O44 - LFC:[MD5.9BF46C7F21E75FA0BB03AA93368CC66C] - 20/10/2013 - 07:43:59 ---A- . (.Oracle Corporation - Pas de description.) -- C:\WINDOWS\system32\WindowsAccessBridge.dll [94632] O44 - LFC:[MD5.B01416804D89B5EC1D206E6DF542DFAB] - 20/10/2013 - 07:44:07 ---A- . (.Oracle Corporation - Java Control Panel.) -- C:\WINDOWS\system32\javacpl.cpl [145408] O44 - LFC:[MD5.9223A2810B73069F4A03A636052EF14A] - 20/10/2013 - 07:44:07 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\WINDOWS\system32\javaws.exe [264616] O44 - LFC:[MD5.5B441670A4F5F8BCCE76741902B8AF56] - 20/10/2013 - 08:26:48 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\D3DCompiler_35.dll [1358192] O44 - LFC:[MD5.F3764552E45880DC49B82F38699AA87C] - 20/10/2013 - 08:26:48 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\d3dx10_35.dll [444776] O44 - LFC:[MD5.44BFEC5C9C82A2EE9871D88FD3B9A0E2] - 20/10/2013 - 08:26:49 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\d3dx9_36.dll [3734536] O44 - LFC:[MD5.46EE68F04A75A1CCF40235EA6F1CBA05] - 20/10/2013 - 08:26:49 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine2_9.dll [267112] O44 - LFC:[MD5.FB4299688A0D3A37687C015AC2B9922D] - 20/10/2013 - 08:26:50 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\D3DCompiler_36.dll [1374232] O44 - LFC:[MD5.D9158E78A368B08D9133043EB3058C12] - 20/10/2013 - 08:26:50 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\d3dx10_36.dll [444776] O44 - LFC:[MD5.EA752DBCE35045D3C830DC16578CC8AB] - 20/10/2013 - 08:26:51 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\D3DCompiler_37.dll [1420824] O44 - LFC:[MD5.4A43E9A2B17E4CAFA9CB5FEC0B5B686B] - 20/10/2013 - 08:26:51 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\d3dx10_37.dll [462864] O44 - LFC:[MD5.AC3C517FB0FBBE45FE44007BCD3625A7] - 20/10/2013 - 08:26:51 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\D3DX9_37.dll [3786760] O44 - LFC:[MD5.73E055AF78A64F9B2779D44407CA2AB6] - 20/10/2013 - 08:26:51 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine2_10.dll [267272] O44 - LFC:[MD5.C593FD0A96EE4B6390B653C4C641313F] - 20/10/2013 - 08:26:52 ---A- . (.Microsoft Corporation - X3DAudio.) -- C:\WINDOWS\system32\X3DAudio1_3.dll [25608] O44 - LFC:[MD5.8A83673F0AB001870583FDE2B004FA59] - 20/10/2013 - 08:26:52 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_0.dll [238088] O44 - LFC:[MD5.8F3EB548AC4ED90252394F60C77E3196] - 20/10/2013 - 08:26:53 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\D3DX9_38.dll [3850760] O44 - LFC:[MD5.418CDC57E55EE79C3F86C13A19B3D5E3] - 20/10/2013 - 08:26:53 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_0.dll [479752] O44 - LFC:[MD5.103CBFC5591008AD33046E20E8E1EEBE] - 20/10/2013 - 08:26:54 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\D3DCompiler_38.dll [1491992] O44 - LFC:[MD5.A2650B27472C21CDD817EEEDE65648E1] - 20/10/2013 - 08:26:54 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\d3dx10_38.dll [467984] O44 - LFC:[MD5.E3832514BD21236067B7227F6165EF95] - 20/10/2013 - 08:26:54 ---A- . (.Microsoft Corporation - X3DAudio.) -- C:\WINDOWS\system32\X3DAudio1_4.dll [25608] O44 - LFC:[MD5.2E0E25252E1D41752876E9FE12ADE175] - 20/10/2013 - 08:26:55 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_1.dll [238088] O44 - LFC:[MD5.DD165760F1B95200A3DA2D9DFDB84234] - 20/10/2013 - 08:26:55 ---A- . (.Microsoft Corporation - XAPOFX.) -- C:\WINDOWS\system32\XAPOFX1_0.dll [65032] O44 - LFC:[MD5.E34FF0115B1EE3B4E03D22AE9840EE03] - 20/10/2013 - 08:26:55 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_1.dll [507400] O44 - LFC:[MD5.C4F1972497FE2CEB7D900938C97FCF91] - 20/10/2013 - 08:26:56 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\D3DCompiler_39.dll [1493528] O44 - LFC:[MD5.E6C2F1D8B667DDC04CB55B9F0159EF97] - 20/10/2013 - 08:26:56 ---A- . (.Microsoft Corporation - Microsoft Direct3D.) -- C:\WINDOWS\system32\d3dx10_39.dll [467984] O44 - LFC:[MD5.8CB3DEFB8887C4F0846DB1FC1304D6D2] - 20/10/2013 - 08:26:56 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\D3DX9_39.dll [3851784] O44 - LFC:[MD5.F3C6BE26949CAADB11DBF0086082FAC9] - 20/10/2013 - 08:26:58 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_2.dll [238088] O44 - LFC:[MD5.D95EAABF5D277EF91D9CA70151209E56] - 20/10/2013 - 08:26:58 ---A- . (.Microsoft Corporation - XAPOFX.) -- C:\WINDOWS\system32\XAPOFX1_1.dll [68616] O44 - LFC:[MD5.50F4A0D5E6A0BAFEFA78F353533B8E06] - 20/10/2013 - 08:26:58 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_2.dll [509448] O44 - LFC:[MD5.350FEFE18B86BD4D9AB2A96D00215A49] - 20/10/2013 - 08:26:59 ---A- . (.Microsoft Corporation - X3DAudio.) -- C:\WINDOWS\system32\X3DAudio1_5.dll [23376] O44 - LFC:[MD5.8BA296419AF3417D1E9806B83166E472] - 20/10/2013 - 08:26:59 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_3.dll [235856] O44 - LFC:[MD5.295E47A75F278580F9441041EAAEA3D2] - 20/10/2013 - 08:26:59 ---A- . (.Microsoft Corporation - XAPOFX.) -- C:\WINDOWS\system32\XAPOFX1_2.dll [70992] O44 - LFC:[MD5.47ED15DC87AE334C13C4DACD1BE2CCED] - 20/10/2013 - 08:26:59 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_3.dll [514384] O44 - LFC:[MD5.91B4AAD4412BB223B466F3DFB43E86DA] - 20/10/2013 - 08:27:00 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dx10_40.dll [452440] O44 - LFC:[MD5.EEA5E428CE63804F9B12D21C97B5968F] - 20/10/2013 - 08:27:00 ---A- . (.Microsoft Corporation - Direct3D 9 Extensions.) -- C:\WINDOWS\system32\D3DX9_40.dll [4379984] O44 - LFC:[MD5.3384134EEB8F223178C2EB8323003EC0] - 20/10/2013 - 08:27:00 ---A- . (.Microsoft Corporation - Direct3D HLSL Compiler.) -- C:\WINDOWS\system32\D3DCompiler_40.dll [2036576] O44 - LFC:[MD5.E763798CAD2A90B6AB61854F50CD47DD] - 20/10/2013 - 08:27:01 ---A- . (.Microsoft Corporation - 3D Audio Library.) -- C:\WINDOWS\system32\X3DAudio1_6.dll [22360] O44 - LFC:[MD5.686F8D1B4926D48227A06ACD4D41CD1E] - 20/10/2013 - 08:27:01 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_4.dll [235352] O44 - LFC:[MD5.30686ECE80545E06D78D156EB9F7D463] - 20/10/2013 - 08:27:02 ---A- . (.Microsoft Corporation - Audio Effect Library.) -- C:\WINDOWS\system32\XAPOFX1_3.dll [69464] O44 - LFC:[MD5.3FA06CF5079B84155D18B05C08F7131B] - 20/10/2013 - 08:27:02 ---A- . (.Microsoft Corporation - Direct3D 9 Extensions.) -- C:\WINDOWS\system32\D3DX9_41.dll [4178264] O44 - LFC:[MD5.E684C5FA18ADF9EA14737757413BF727] - 20/10/2013 - 08:27:02 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_4.dll [517448] O44 - LFC:[MD5.1AA571774936717EE776DBED51E9EDF4] - 20/10/2013 - 08:27:03 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dx10_41.dll [453456] O44 - LFC:[MD5.C6A44FC3CF2F5801561804272217B14D] - 20/10/2013 - 08:27:03 ---A- . (.Microsoft Corporation - Direct3D 9 Extensions.) -- C:\WINDOWS\system32\D3DX9_42.dll [1892184] O44 - LFC:[MD5.781E8B5B6FDB3C9B4E4A4A9FB019960D] - 20/10/2013 - 08:27:03 ---A- . (.Microsoft Corporation - Direct3D HLSL Compiler.) -- C:\WINDOWS\system32\D3DCompiler_41.dll [1846632] O44 - LFC:[MD5.501AC862517C5445742BEE8A2B88414E] - 20/10/2013 - 08:27:04 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dx10_42.dll [453456] O44 - LFC:[MD5.D09AC80A4B5312239852836C84DF3392] - 20/10/2013 - 08:27:04 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dx11_42.dll [235344] O44 - LFC:[MD5.B337306DFB508A1BCEF1974BFBB8D924] - 20/10/2013 - 08:27:05 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dcsx_42.dll [5501792] O44 - LFC:[MD5.B33B21DB610116262D906305CE65C354] - 20/10/2013 - 08:27:05 ---A- . (.Microsoft Corporation - Direct3D HLSL Compiler.) -- C:\WINDOWS\system32\D3DCompiler_42.dll [1974616] O44 - LFC:[MD5.DB3C93E87452B8DAB4F58ED1FD2B1998] - 20/10/2013 - 08:27:06 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_5.dll [238936] O44 - LFC:[MD5.8B01FB723F3B30AB3DEBDDBF97CFE577] - 20/10/2013 - 08:27:06 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_5.dll [515416] O44 - LFC:[MD5.C811E70C8804CFFF719038250A43B464] - 20/10/2013 - 08:27:07 ---A- . (.Microsoft Corporation - 3D Audio Library.) -- C:\WINDOWS\system32\X3DAudio1_7.dll [22360] O44 - LFC:[MD5.E4CE2AF32F501A7F7DDDD908704A0EE6] - 20/10/2013 - 08:27:07 ---A- . (.Microsoft Corporation - Audio Effect Library.) -- C:\WINDOWS\system32\XAPOFX1_4.dll [74072] O44 - LFC:[MD5.F81C4678A55FFEE585AC75825FAF5582] - 20/10/2013 - 08:27:07 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_6.dll [238936] O44 - LFC:[MD5.4976243BD70FAE3D1D24E49739AB2710] - 20/10/2013 - 08:27:07 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_6.dll [528216] O44 - LFC:[MD5.20C835843FCEC4DEDFCD7BFFA3B91641] - 20/10/2013 - 08:27:08 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dx10_43.dll [470880] O44 - LFC:[MD5.86E39E9161C3D930D93822F1563C280D] - 20/10/2013 - 08:27:08 ---A- . (.Microsoft Corporation - Direct3D 9 Extensions.) -- C:\WINDOWS\system32\D3DX9_43.dll [1998168] O44 - LFC:[MD5.83EBA442F07AAB8D6375D2EEC945C46C] - 20/10/2013 - 08:27:09 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dcsx_43.dll [1868128] O44 - LFC:[MD5.8E0BB968FF41D80E5F2C747C04DB79AE] - 20/10/2013 - 08:27:09 ---A- . (.Microsoft Corporation - Direct3D 10.1 Extensions.) -- C:\WINDOWS\system32\d3dx11_43.dll [248672] O44 - LFC:[MD5.1C9B45E87528B8BB8CFA884EA0099A85] - 20/10/2013 - 08:27:10 ---A- . (.Microsoft Corporation - Direct3D HLSL Compiler.) -- C:\WINDOWS\system32\D3DCompiler_43.dll [2106216] O44 - LFC:[MD5.4FD7BCB9D8AF6A165E9BA0C2EB702E7C] - 20/10/2013 - 08:27:10 ---A- . (.Microsoft Corporation - XACT Engine API.) -- C:\WINDOWS\system32\xactengine3_7.dll [239960] O44 - LFC:[MD5.8A4CEBF34370D689E198E6673C1F2C40] - 20/10/2013 - 08:27:11 ---A- . (.Microsoft Corporation - Audio Effect Library.) -- C:\WINDOWS\system32\XAPOFX1_5.dll [74072] O44 - LFC:[MD5.81DFDDFB401D663BA7E6AD1C80364216] - 20/10/2013 - 08:27:11 ---A- . (.Microsoft Corporation - XAudio2 Game Audio API.) -- C:\WINDOWS\system32\XAudio2_7.dll [527192] O44 - LFC:[MD5.80D127A09093916E9E53E12E18965373] - 20/10/2013 - 18:51:22 R--A- . (.Lake Technology Limited, http://www.lake.co - Dolby Headphone Engine.) -- C:\WINDOWS\system32\DolbyHph.dll [671744] O44 - LFC:[MD5.5FEFD614BBD3FFA3712B172F70B1FDE2] - 20/10/2013 - 18:51:22 R--A- . (.Microsoft Corporation - XML Resources.) -- C:\WINDOWS\system32\msxml3a.dll [24576] O44 - LFC:[MD5.2A1B6868631063D6C5B4C670E9644C72] - 21/10/2013 - 14:58:50 ---A- . (...) -- C:\WINDOWS\system32\nvModes.dat [16] O44 - LFC:[MD5.1B2CE85F36F5BB6DEC7AE685978DB825] - 22/10/2013 - 06:51:15 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\WINDOWS\Launcher.exe [32328] O44 - LFC:[MD5.1E478A9C9C9275097F06C5BF682DEE8B] - 25/10/2013 - 10:42:08 ---A- . (...) -- C:\WINDOWS\WORDPAD.INI [754] O44 - LFC:[MD5.9373ECAB76CD68B232972E0749369335] - 25/10/2013 - 10:44:29 ---A- . (...) -- C:\trace.ini [11] O44 - LFC:[MD5.515E4684008E955DE0C81E6A7AEA1C2A] - 26/10/2013 - 16:04:16 ---A- . (.InstallShield Software Corporation - InstallShield® unInstaller.) -- C:\WINDOWS\IsUninst.exe [306688] O44 - LFC:[MD5.45ADC884F83A5D7D2F19672825D72F9E] - 26/10/2013 - 16:09:30 ---A- . (...) -- C:\WINDOWS\system32\InstallUtil.InstallLog [830] O44 - LFC:[MD5.38FE831D9C5BA480D5AFB8DE93AE6F4A] - 27/10/2013 - 08:20:31 R--A- . (...) -- C:\WINDOWS\SET143.tmp [1014836] O44 - LFC:[MD5.5051529BF3627996CFE4A3B14AD67E78] - 27/10/2013 - 08:20:33 R--A- . (...) -- C:\WINDOWS\SET146.tmp [1086058] O44 - LFC:[MD5.3E6967FEB3E18473D8C2627AA0C49AD3] - 27/10/2013 - 08:20:37 R--A- . (...) -- C:\WINDOWS\SET152.tmp [14043] O44 - LFC:[MD5.CDBC160D6A3062D2D4C9CEF5BBD6A2B7] - 27/10/2013 - 08:47:15 ---A- . (.Microsoft Corporation - Windows Media Player Applet Support DLL.) -- C:\WINDOWS\system32\wmpns.dll [221184] O44 - LFC:[MD5.CEB361644345056B409791D165A64AEB] - 27/10/2013 - 08:47:46 R--A- . (.Pas de propriétaire - a3dx5.) -- C:\WINDOWS\system32\OLD434.tmp [65536] O44 - LFC:[MD5.22BD3E9BDBE7EE1DC460F3C102257304] - 27/10/2013 - 09:10:38 ---A- . (...) -- C:\WINDOWS\setupapi.old [571186] O44 - LFC:[MD5.38FE831D9C5BA480D5AFB8DE93AE6F4A] - 27/10/2013 - 10:03:27 R--A- . (...) -- C:\WINDOWS\SET43.tmp [1014836] O44 - LFC:[MD5.5051529BF3627996CFE4A3B14AD67E78] - 27/10/2013 - 10:03:28 R--A- . (...) -- C:\WINDOWS\SET46.tmp [1086058] O44 - LFC:[MD5.3E6967FEB3E18473D8C2627AA0C49AD3] - 27/10/2013 - 10:03:31 R--A- . (...) -- C:\WINDOWS\SET52.tmp [14043] O44 - LFC:[MD5.A6011889A0F23EA2BFC9CCDEC11DF553] - 27/10/2013 - 10:04:03 ---A- . (.Microsoft Corporation - Co-installateur de classe Infrarouge.) -- C:\WINDOWS\system32\irclass.dll [13312] O44 - LFC:[MD5.FA511331A48B582A7D584FC2408E8C1A] - 27/10/2013 - 10:04:03 ---A- . (.Perle Systems Ltd. - Specialix MPS NT Upgrade CoInstaller.) -- C:\WINDOWS\system32\spxcoins.dll [24661] O44 - LFC:[MD5.97CABAC651FDCDA55957CCB08FFA7B0A] - 27/10/2013 - 10:14:37 ---A- . (...) -- C:\WINDOWS\system32\emptyregdb.dat [23704] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/10/2013 - 10:15:37 R-HA- . (...) -- C:\WINDOWS\WindowsShell.Manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/10/2013 - 10:15:37 R-HA- . (...) -- C:\WINDOWS\system32\cdplayer.exe.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/10/2013 - 10:15:37 R-HA- . (...) -- C:\WINDOWS\system32\ncpa.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/10/2013 - 10:15:37 R-HA- . (...) -- C:\WINDOWS\system32\nwc.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/10/2013 - 10:15:37 R-HA- . (...) -- C:\WINDOWS\system32\sapi.cpl.manifest [749] O44 - LFC:[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - 27/10/2013 - 10:15:37 R-HA- . (...) -- C:\WINDOWS\system32\wuaucpl.cpl.manifest [749] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 27/10/2013 - 10:15:42 R-HA- . (...) -- C:\WINDOWS\system32\WindowsLogon.manifest [488] O44 - LFC:[MD5.5D76C3FB736514E1D7C88791E7322784] - 27/10/2013 - 10:15:42 R-HA- . (...) -- C:\WINDOWS\system32\logonui.exe.manifest [488] O44 - LFC:[MD5.2B9C717D21A1331BA3731886E3EE87BB] - 27/10/2013 - 10:16:21 ---A- . (...) -- C:\WINDOWS\ODBCINST.INI [4205] O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 27/10/2013 - 10:16:32 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832] O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 27/10/2013 - 10:16:32 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392] O44 - LFC:[MD5.E0B89DA047F2E849389D44CCC53C81C1] - 27/10/2013 - 10:20:40 ---A- . (...) -- C:\WINDOWS\system32\$winnt$.inf [288] O44 - LFC:[MD5.61186A992352C331BC996B7CB20855C5] - 27/10/2013 - 12:08:05 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/10/2013 - 11:13:18 ----- . (...) -- C:\WINDOWS\Sti_Trace.log [0] O44 - LFC:[MD5.A7ADE4B196445E5D962A2E04C7E05C3F] - 28/10/2013 - 13:03:17 ---A- . (...) -- C:\TDSSKiller.2.8.16.0_28.10.2013_12.55.05_log.txt [270182] O44 - LFC:[MD5.E6665D153D40E14E397F972E5936D93A] - 28/10/2013 - 13:25:13 ---A- . (...) -- C:\TDSSKiller.2.8.16.0_28.10.2013_13.25.00_log.txt [354] O44 - LFC:[MD5.0C5DEF0C1478637EEE79157126E01051] - 28/10/2013 - 13:25:36 ---A- . (...) -- C:\TDSSKiller.2.8.16.0_28.10.2013_13.25.21_log.txt [5516] O44 - LFC:[MD5.ED76635CB1E497B5341846BF12506B4F] - 28/10/2013 - 15:14:38 ---A- . (...) -- C:\WINDOWS\system32\PerfStringBackup.INI [1308422] O44 - LFC:[MD5.F51F312B049780008FD0A68BA1700021] - 28/10/2013 - 15:14:38 ---A- . (...) -- C:\WINDOWS\system32\perfc009.dat [90356] O44 - LFC:[MD5.CD28DF7746145D77BE641F75B64939A3] - 28/10/2013 - 15:14:38 ---A- . (...) -- C:\WINDOWS\system32\perfc00C.dat [107586] O44 - LFC:[MD5.4BB509C758F1BF4EDBA32F403D06A75E] - 28/10/2013 - 15:14:38 ---A- . (...) -- C:\WINDOWS\system32\perfh009.dat [509044] O44 - LFC:[MD5.A5F8F8EED406E527418DA15FB1EA553A] - 28/10/2013 - 15:14:38 ---A- . (...) -- C:\WINDOWS\system32\perfh00C.dat [583076] O44 - LFC:[MD5.3201F273ADCACCBA2D134D62AABA71A3] - 28/10/2013 - 16:22:35 ---A- . (...) -- C:\WINDOWS\epplauncher.mif [1919] O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 28/10/2013 - 18:52:12 ---A- . (...) -- C:\WINDOWS\system.ini [227] O44 - LFC:[MD5.C45FB1426D1DF69A29BCF21C54D6F61A] - 28/10/2013 - 18:52:13 ---A- . (...) -- C:\WINDOWS\win.ini [603] O44 - LFC:[MD5.775E188DD15C9AC9E735A556FB95578E] - 28/10/2013 - 18:52:13 -SH-- . (...) -- C:\boot.ini [212] O44 - LFC:[MD5.805C6F337968C7271F0421D0A386C8EE] - 29/10/2013 - 05:48:17 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\system32\Drivers\mbamchameleon.sys [47064] O44 - LFC:[MD5.5C47D60938E77822A2C8D25102C63CE2] - 29/10/2013 - 05:49:15 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\system32\Drivers\mbamswissarmy.sys [105176] O44 - LFC:[MD5.82496E1BFD2E66065AE07511B085E83E] - 29/10/2013 - 06:24:46 ---A- . (...) -- C:\WINDOWS\system32\d3d9caps.dat [1324] O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 29/10/2013 - 06:45:07 ---A- . (...) -- C:\WINDOWS\003350_.tmp [19569] O44 - LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] - 29/10/2013 - 06:58:35 ---A- . (...) -- C:\WINDOWS\system32\spupdwxp.log [90] O44 - LFC:[MD5.A9A7C0596B42982DD75EE82ADAB21D9F] - 29/10/2013 - 07:22:29 ---A- . (...) -- C:\WINDOWS\system32\FNTCACHE.DAT [275760] O44 - LFC:[MD5.A3AA53AA90619A73E24746F08DDE1C83] - 29/10/2013 - 07:22:35 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2206] O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 29/10/2013 - 07:23:01 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640] O44 - LFC:[MD5.4BB016B1B0FB23B159AAFB332D573003] - 29/10/2013 - 07:31:44 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb1.bin [1125668] O44 - LFC:[MD5.5580C1CB8E907E5A30BC4FBFF8C164AA] - 29/10/2013 - 07:31:48 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb0.bin [1125668] O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 29/10/2013 - 07:31:48 ---A- . (...) -- C:\WINDOWS\system32\nvdrssel.bin [1] O44 - LFC:[MD5.687AF6BB383885FF6A64071B189A7F3E] - 29/10/2013 - 13:34:47 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\WINDOWS\system32\Drivers\dtsoftbus01.sys [242240] O44 - LFC:[MD5.2915B676A1D751F1BDBC2BF7DA66D7A8] - 29/10/2013 - 16:15:31 ---A- . (...) -- C:\WINDOWS\wmsetup10.log [560] O44 - LFC:[MD5.DBF740195B7B6D3D9F02138C4E626A8B] - 29/10/2013 - 16:15:50 ---A- . (...) -- C:\WINDOWS\wmsetup.log [3525] O44 - LFC:[MD5.D494267BC169604FAC5E3679B9A97FED] - 29/10/2013 - 16:24:26 ---A- . (.Creative Labs - OpenAL32.) -- C:\WINDOWS\system32\wrap_oal.dll [444952] O44 - LFC:[MD5.235355A8DD26903E75D5E812ECF50E53] - 29/10/2013 - 16:24:26 ---A- . (.Portions (C) Creative Labs Inc. and NVIDIA - Standard OpenAL(TM) Implementation.) -- C:\WINDOWS\system32\OpenAL32.dll [109080] O44 - LFC:[MD5.33AA0F4A702317A0AAFD1568EE9EB739] - 29/10/2013 - 16:57:18 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32424] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 29/10/2013 - 16:58:19 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.E474FA227DE72DA6F662C208AFC70D7F] - 29/10/2013 - 16:58:35 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.1045A69D459ECFAE7A1487DA16E1605A] - 29/10/2013 - 16:58:38 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [175845] O44 - LFC:[MD5.91FA606F53AD53E3443301E24CB5B477] - 29/10/2013 - 16:58:38 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/10/2013 - 16:58:44 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.65E44C2A15150F07FA3DAA743A5CBDB4] - 29/10/2013 - 16:59:53 ---A- . (...) -- C:\WINDOWS\system32\nvAppTimestamps [8564] ~ Files: 181 Scanned in 01mn 54s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.32C3138653C24B6107710D8702A0DAF3] - 29/10/2013 - 06:59:37 ---A- - C:\WINDOWS\Prefetch\BLASTCLN.EXE-32F30471.pf O45 - LFCP:[MD5.18302408CA7F5F8620D72C47F9B18C82] - 29/10/2013 - 06:59:37 ---A- - C:\WINDOWS\Prefetch\MOFCOMP.EXE-266B2314.pf O45 - LFCP:[MD5.3204FA8810B822F6F894418D2DEE1A93] - 29/10/2013 - 06:59:37 ---A- - C:\WINDOWS\Prefetch\MSDTC.EXE-1D9D8668.pf O45 - LFCP:[MD5.6F12BAE97BAD238C4773A5433F2FFB24] - 29/10/2013 - 06:59:37 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6A09524A.pf O45 - LFCP:[MD5.029386E2458D463F9AD7F78C8061DC9E] - 29/10/2013 - 06:59:38 ---A- - C:\WINDOWS\Prefetch\LOGAGENT.EXE-2BE87CC2.pf O45 - LFCP:[MD5.48C5A4218A4E055D1D04415ACC5209EE] - 29/10/2013 - 06:59:38 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3E892D9E.pf O45 - LFCP:[MD5.2941D2ACFDE5B37B2F61FF467DF1FCA1] - 29/10/2013 - 07:12:40 ---A- - C:\WINDOWS\Prefetch\Layout.ini O45 - LFCP:[MD5.76812FE2BE0CA68FB9B8146FE80167FD] - 29/10/2013 - 07:12:51 ---A- - C:\WINDOWS\Prefetch\DEFRAG.EXE-2858C7E2.pf O45 - LFCP:[MD5.821F1A7C88A71C56A04B11B63C608F7C] - 29/10/2013 - 07:12:51 ---A- - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-38C3807C.pf O45 - LFCP:[MD5.E6A0CF9E8793273CD6BFE6BD67DA4D75] - 29/10/2013 - 07:24:00 ---A- - C:\WINDOWS\Prefetch\JUSCHED.EXE-0E6FA1F7.pf O45 - LFCP:[MD5.B086F5F0ED958054A309AD22CDD956B2] - 29/10/2013 - 07:24:00 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-400A25DF.pf O45 - LFCP:[MD5.2099A6454DADBD18CAC06D841AF33C7D] - 29/10/2013 - 07:24:00 ---A- - C:\WINDOWS\Prefetch\SHMGRATE.EXE-2DD3E4D8.pf O45 - LFCP:[MD5.F5C04CCBEF2D5AAFF111956432591651] - 29/10/2013 - 07:24:00 ---A- - C:\WINDOWS\Prefetch\UNLOCKERASSISTANT.EXE-30E0AA94.pf O45 - LFCP:[MD5.D59750879D841156F77DD647870D6D84] - 29/10/2013 - 07:24:01 ---A- - C:\WINDOWS\Prefetch\HPQSRMON.EXE-20155C56.pf O45 - LFCP:[MD5.FCC59F2AEE458B4114DBC2D25C640BB0] - 29/10/2013 - 07:24:01 ---A- - C:\WINDOWS\Prefetch\HPWUSCHD2.EXE-162EFF4C.pf O45 - LFCP:[MD5.4FAAB76E7296BE74FA4A8DF3E03FB7F2] - 29/10/2013 - 07:24:01 ---A- - C:\WINDOWS\Prefetch\RTHDCPL.EXE-005A6E31.pf O45 - LFCP:[MD5.B402880DADEEABCD8989BD0884907BDD] - 29/10/2013 - 07:24:01 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CAE7316.pf O45 - LFCP:[MD5.CBBB038BBDF64901D3C4D5D4E04FA52E] - 29/10/2013 - 07:24:01 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6ACD0C83.pf O45 - LFCP:[MD5.18C6DDDDC330C06DF9E1403AA9FB9D19] - 29/10/2013 - 07:24:03 ---A- - C:\WINDOWS\Prefetch\DVDUPGRD.EXE-079FD01E.pf O45 - LFCP:[MD5.FD9968F7474B87D2F41AA56802335033] - 29/10/2013 - 07:24:04 ---A- - C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf O45 - LFCP:[MD5.4E5105A338BDC48F64BD4C17D1B92424] - 29/10/2013 - 07:29:29 ---A- - C:\WINDOWS\Prefetch\331.58-DESKTOP-WINXP-32BIT-IN-028C9ECF.pf O45 - LFCP:[MD5.46CC9FD088300903DDB14F6B26E5B426] - 29/10/2013 - 07:30:20 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-3B3DE48F.pf O45 - LFCP:[MD5.0D7DC98BADFA2F509B5B95BA4DC134FA] - 29/10/2013 - 07:30:29 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4EBC2B7A.pf O45 - LFCP:[MD5.2BC5453C619E2339EEC3E767A7293AB4] - 29/10/2013 - 07:31:48 ---A- - C:\WINDOWS\Prefetch\DBINSTALLER.EXE-193F2BAF.pf O45 - LFCP:[MD5.555D43F77BDBB24FB5249267233D3285] - 29/10/2013 - 07:31:50 ---A- - C:\WINDOWS\Prefetch\NVCPLSETUPINT.EXE-3027E1BA.pf O45 - LFCP:[MD5.567BE16C81E73BEFDF522B945C9A8635] - 29/10/2013 - 07:32:09 ---A- - C:\WINDOWS\Prefetch\SETUP.EXE-088BC124.pf O45 - LFCP:[MD5.01797F4889B0970B52FC0CF270285BCE] - 29/10/2013 - 07:33:30 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-514B4D69.pf O45 - LFCP:[MD5.BA77445F2C1E9169D990AB2692EBF860] - 29/10/2013 - 07:33:41 ---A- - C:\WINDOWS\Prefetch\NVSVC32.EXE-0756FC6B.pf O45 - LFCP:[MD5.89C1B8349AD44B536122B0E372E660C3] - 29/10/2013 - 07:33:52 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-428C309F.pf O45 - LFCP:[MD5.F12F0222E64289F483BF8BCB19F42B3B] - 29/10/2013 - 07:34:07 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-691A693B.pf O45 - LFCP:[MD5.4954553517110B05DB288004B209B9E9] - 29/10/2013 - 07:34:10 ---A- - C:\WINDOWS\Prefetch\NVTMRU.EXE-1D46603C.pf O45 - LFCP:[MD5.48CB867CB1FBAC2404E26C14AFF67862] - 29/10/2013 - 07:34:17 ---A- - C:\WINDOWS\Prefetch\DAEMONU.EXE-1DAEDD66.pf O45 - LFCP:[MD5.69614F9555D3F4324A0C77126540ABB8] - 29/10/2013 - 07:34:20 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4D27C15B.pf O45 - LFCP:[MD5.F949E06E8A7EB046F177EC26994DB37F] - 29/10/2013 - 07:34:20 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5A19FC45.pf O45 - LFCP:[MD5.EFBEC3AE5E0DC32B77A3531CD2CFABA4] - 29/10/2013 - 07:34:27 ---A- - C:\WINDOWS\Prefetch\MSCORSVW.EXE-2864EEEB.pf O45 - LFCP:[MD5.380D5C091478D1D87777A017D8AD5EC9] - 29/10/2013 - 07:34:30 ---A- - C:\WINDOWS\Prefetch\NGEN.EXE-20BDC4FB.pf O45 - LFCP:[MD5.51454605C4C7F7DECED40BE26D77DB83] - 29/10/2013 - 07:34:37 ---A- - C:\WINDOWS\Prefetch\GFEXPERIENCE.EXE-21BD3633.pf O45 - LFCP:[MD5.6678FCE3826385A71DBDADED2F18FBE9] - 29/10/2013 - 07:34:45 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5931032A.pf O45 - LFCP:[MD5.A63645FFFC32631F560D8A612F478275] - 29/10/2013 - 07:37:16 ---A- - C:\WINDOWS\Prefetch\CTFMON.EXE-05E57A5E.pf O45 - LFCP:[MD5.B80BBB87EAE83D6E03EA8B2426A9DEB5] - 29/10/2013 - 07:37:16 ---A- - C:\WINDOWS\Prefetch\READER_SL.EXE-32E04A96.pf O45 - LFCP:[MD5.36EAED76B60C0721FAF68591D39D3972] - 29/10/2013 - 07:38:28 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3DE4948B.pf O45 - LFCP:[MD5.C9328CAD66D75745BA77651645BCACFF] - 29/10/2013 - 07:38:31 ---A- - C:\WINDOWS\Prefetch\MMC.EXE-6F71AB1B.pf O45 - LFCP:[MD5.8DDC00F488444AA0DB5D169391BDC285] - 29/10/2013 - 07:48:28 ---A- - C:\WINDOWS\Prefetch\WINDOWSUPDATEAGENT30-X86.EXE-1DF0FBF9.pf O45 - LFCP:[MD5.E88C905CB03A26ABAEC85276574FFAF1] - 29/10/2013 - 07:48:34 ---A- - C:\WINDOWS\Prefetch\WUSETUP.EXE-12C888C2.pf O45 - LFCP:[MD5.C665D135F5F1862CFEBE0F1E9922FEEE] - 29/10/2013 - 07:54:11 ---A- - C:\WINDOWS\Prefetch\MSSECES.EXE-314A90C6.pf O45 - LFCP:[MD5.5CDB19F0A89AC4051003DFF4760320BF] - 29/10/2013 - 07:58:26 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-753F1DF3.pf O45 - LFCP:[MD5.93610C8FED5F804988C8859B7800E2E3] - 29/10/2013 - 07:58:27 ---A- - C:\WINDOWS\Prefetch\WUPDMGR.EXE-08F70643.pf O45 - LFCP:[MD5.B847BFB5E1D791E238D8F056C79D1DF2] - 29/10/2013 - 07:59:02 ---A- - C:\WINDOWS\Prefetch\MATSBOOT.EXE-20A7B3AE.pf O45 - LFCP:[MD5.B9D5C5E52A6D634CD7308B5F3F1AF701] - 29/10/2013 - 07:59:02 ---A- - C:\WINDOWS\Prefetch\MICROSOFTFIXIT.WU.MATSKB.RUN.-0F90A7FB.pf O45 - LFCP:[MD5.5D3856C7F99621437CE7287D9D99DF45] - 29/10/2013 - 07:59:24 ---A- - C:\WINDOWS\Prefetch\MATSWIZ.EXE-220E07B4.pf O45 - LFCP:[MD5.9B3444F677523B83DC4663D9E75F62BB] - 29/10/2013 - 07:59:30 ---A- - C:\WINDOWS\Prefetch\MATSHOST.EXE-35B35D41.pf O45 - LFCP:[MD5.D76FC33DE1571E216453F3F1E1B6B122] - 29/10/2013 - 07:59:34 ---A- - C:\WINDOWS\Prefetch\NET.EXE-151FD66D.pf O45 - LFCP:[MD5.72DAE66A37A37767F8F3B54E4A4D3325] - 29/10/2013 - 07:59:34 ---A- - C:\WINDOWS\Prefetch\NET1.EXE-02C3403D.pf O45 - LFCP:[MD5.855587D6F0E5203A3938DDB5BA6B1356] - 29/10/2013 - 07:59:52 ---A- - C:\WINDOWS\Prefetch\SFC.EXE-2FD11AB0.pf O45 - LFCP:[MD5.644CE00A91336A89B65CE26838CF4F69] - 29/10/2013 - 07:59:56 ---A- - C:\WINDOWS\Prefetch\SC.EXE-28F2B663.pf O45 - LFCP:[MD5.E3CF034AEC71DFF0AC526F7059EBF371] - 29/10/2013 - 08:00:00 ---A- - C:\WINDOWS\Prefetch\REGSVR32.EXE-396DEA2C.pf O45 - LFCP:[MD5.D8758F978FD1D96CFE197CDCB2F98707] - 29/10/2013 - 08:00:01 ---A- - C:\WINDOWS\Prefetch\NETSH.EXE-23AED181.pf O45 - LFCP:[MD5.611A14694A733918D4602FC93A93DE99] - 29/10/2013 - 08:00:01 ---A- - C:\WINDOWS\Prefetch\PROXYCFG.EXE-16712670.pf O45 - LFCP:[MD5.836D5EB4CD12F023CBC8E5D7051E4A93] - 29/10/2013 - 08:01:03 ---A- - C:\WINDOWS\Prefetch\SDBINST.EXE-36D5D12C.pf O45 - LFCP:[MD5.F98CA5109144869EB340D2D122FED4B4] - 29/10/2013 - 08:02:51 ---A- - C:\WINDOWS\Prefetch\XPNETDIAG.EXE-1BD7AA5A.pf O45 - LFCP:[MD5.EF19111CB1A1EBB56DD7A3CFA497D75F] - 29/10/2013 - 08:03:05 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-702ECB4E.pf O45 - LFCP:[MD5.A07E8B97D31F90EA12B84C892FC70F9A] - 29/10/2013 - 11:37:45 ---A- - C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-265451E6.pf O45 - LFCP:[MD5.5ACA8BC5845D582A93F78C1D9C648981] - 29/10/2013 - 11:44:42 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4FF9832D.pf O45 - LFCP:[MD5.FA3D4AA77962BDEBE73BAAC6808A79F7] - 29/10/2013 - 11:52:09 ---A- - C:\WINDOWS\Prefetch\DUMPREP.EXE-0AF2BF67.pf O45 - LFCP:[MD5.F82E0D403FD5B223843CB32E14500132] - 29/10/2013 - 11:52:14 ---A- - C:\WINDOWS\Prefetch\DWWIN.EXE-2C373FB7.pf O45 - LFCP:[MD5.F8C7354E77D9D2E173599B5DF1D72332] - 29/10/2013 - 12:10:12 ---A- - C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf O45 - LFCP:[MD5.E6C8F2DC8D39ABD4F19586E3517D4445] - 29/10/2013 - 13:26:15 ---A- - C:\WINDOWS\Prefetch\RECOCONFIG.EXE-19738777.pf O45 - LFCP:[MD5.5A4175420549D8C2C332EAADA3761F0A] - 29/10/2013 - 13:30:09 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-41FB74E5.pf O45 - LFCP:[MD5.29310951F27D4E12AF283A539FD025C0] - 29/10/2013 - 13:30:19 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6BFCBCA8.pf O45 - LFCP:[MD5.7D2353A7E66CBEAE24676FF295A074EF] - 29/10/2013 - 13:32:02 ---A- - C:\WINDOWS\Prefetch\LAUNCHSCREEN.EXE-17131EF4.pf O45 - LFCP:[MD5.4A1E520FADE59DB8DC89055E637022E5] - 29/10/2013 - 13:32:51 ---A- - C:\WINDOWS\Prefetch\UNINST.EXE-09C858F2.pf O45 - LFCP:[MD5.6F5696D51A46B3A7A20983D2822B627A] - 29/10/2013 - 13:32:56 ---A- - C:\WINDOWS\Prefetch\AU_.EXE-3589B5F1.pf O45 - LFCP:[MD5.DC4E42ACD6BC22FE3D532B2537B9B9BA] - 29/10/2013 - 13:33:43 ---A- - C:\WINDOWS\Prefetch\DTLITE4461-0327.EXE-3B338F05.pf O45 - LFCP:[MD5.5B649B37A86D585D8F4E479EDBB57A1E] - 29/10/2013 - 13:33:49 ---A- - C:\WINDOWS\Prefetch\DTSETUPHELPER.EXE-3A560062.pf O45 - LFCP:[MD5.1D1ED1811FEF3B9C796F1419164BB7E1] - 29/10/2013 - 13:34:10 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B51E3B1.pf O45 - LFCP:[MD5.1A6B872B45D8E77E6658B50C6E367FF4] - 29/10/2013 - 13:34:10 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-55430DF5.pf O45 - LFCP:[MD5.EB792617C67B77A0A556212B3BDCC27D] - 29/10/2013 - 13:34:48 ---A- - C:\WINDOWS\Prefetch\LATESTDLMGR.EXE-1F243B76.pf =>Adware.OpenCandy O45 - LFCP:[MD5.F1E87016E7AF178899B5B700ADDC902E] - 29/10/2013 - 13:34:50 ---A- - C:\WINDOWS\Prefetch\RUNONCE.EXE-01CA3A2F.pf O45 - LFCP:[MD5.C6E15B327166368258236C5F174EB5CF] - 29/10/2013 - 13:34:59 ---A- - C:\WINDOWS\Prefetch\SNAPDO_RBCB_P3V9.EXE-3262EE06.pf O45 - LFCP:[MD5.8CB8C608B04FA195B684E4A1CDE0EC3A] - 29/10/2013 - 13:35:02 ---A- - C:\WINDOWS\Prefetch\TSKILL.EXE-202D2F81.pf O45 - LFCP:[MD5.7629252B257F91A5535E72914633EE60] - 29/10/2013 - 13:35:03 ---A- - C:\WINDOWS\Prefetch\INSTALLER.EXE-1BF0FA5F.pf O45 - LFCP:[MD5.8D676D883245B63660234D601750E477] - 29/10/2013 - 13:35:04 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-40112FB2.pf O45 - LFCP:[MD5.D27912E16216D716AB28CA60A5A57A4B] - 29/10/2013 - 13:35:16 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-42BAAF28.pf O45 - LFCP:[MD5.9A2AA93656B043D8B8F60DCD00953D64] - 29/10/2013 - 13:35:19 ---A- - C:\WINDOWS\Prefetch\MSIEXEC.EXE-330626DC.pf O45 - LFCP:[MD5.7DFF8FC0EB393358DD539C9F433F5ECF] - 29/10/2013 - 13:36:02 ---A- - C:\WINDOWS\Prefetch\DTLITE.EXE-2145742D.pf O45 - LFCP:[MD5.18A669706A8B601A19B8416E75C13B5B] - 29/10/2013 - 13:39:47 ---A- - C:\WINDOWS\Prefetch\ADOBEARM.EXE-2D5CF26D.pf O45 - LFCP:[MD5.B03FC689A02EAAD7878BE82469306988] - 29/10/2013 - 13:57:20 ---A- - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf O45 - LFCP:[MD5.C8914561FBA45629A6876910A5DB11BC] - 29/10/2013 - 14:15:10 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3EF170D1.pf O45 - LFCP:[MD5.FB2FBFF86D8E5DE904A857F4B0BFC086] - 29/10/2013 - 14:15:13 ---A- - C:\WINDOWS\Prefetch\FLASHPLAYERAPP.EXE-0CE15341.pf O45 - LFCP:[MD5.E750CB6CB0493091E270303BF68D769B] - 29/10/2013 - 14:24:40 ---A- - C:\WINDOWS\Prefetch\STARTLAUNCH.EXE-2212C848.pf O45 - LFCP:[MD5.C974A587437C05194E1114FC01D163A2] - 29/10/2013 - 14:27:14 ---A- - C:\WINDOWS\Prefetch\ACRORD32.EXE-1DA60E8C.pf O45 - LFCP:[MD5.DCD9B12CB59F28B4E7E617ADA6626C5F] - 29/10/2013 - 14:31:28 ---A- - C:\WINDOWS\Prefetch\IEXPLORE.EXE-2D97EBE6.pf O45 - LFCP:[MD5.E5FA87DD6A551E9BCBEC444AF598E0F1] - 29/10/2013 - 14:33:37 ---A- - C:\WINDOWS\Prefetch\KEEPASS.EXE-132B4519.pf O45 - LFCP:[MD5.553C80767305A9FC0C0772FCABFF73E0] - 29/10/2013 - 14:43:11 ---A- - C:\WINDOWS\Prefetch\FIREFOX.EXE-06188867.pf O45 - LFCP:[MD5.73E673B91E80C54F459D1FC1B245CCD6] - 29/10/2013 - 14:43:14 ---A- - C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-0EB365FC.pf O45 - LFCP:[MD5.4A4B02A042365D12F0CB9565E54EF58B] - 29/10/2013 - 14:43:32 ---A- - C:\WINDOWS\Prefetch\MSIMN.EXE-183B59AF.pf O45 - LFCP:[MD5.F6BB64FE401A451E0157B18AECC63F2E] - 29/10/2013 - 14:43:32 ---A- - C:\WINDOWS\Prefetch\MSMSGS.EXE-0620E8B3.pf O45 - LFCP:[MD5.A4152126C32B978F701A665AFAAEBEB1] - 29/10/2013 - 14:49:06 ---A- - C:\WINDOWS\Prefetch\CCLEANER.EXE-09CFC2BC.pf =>Piriform Ltd O45 - LFCP:[MD5.A8AA0B1732AB63D79B7BABEA2E305367] - 29/10/2013 - 16:10:57 ---A- - C:\WINDOWS\Prefetch\COMUPDATUS.EXE-159F8EB7.pf O45 - LFCP:[MD5.EC227D871E97DD4BDDD499329833F821] - 29/10/2013 - 16:10:57 ---A- - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf O45 - LFCP:[MD5.E4EC133B6093F7F28B755EBC730C80EC] - 29/10/2013 - 16:10:57 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F872CE5.pf O45 - LFCP:[MD5.51E94AF2F91EF8D435AE3804EF22FA0E] - 29/10/2013 - 16:10:57 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5F120771.pf O45 - LFCP:[MD5.8610956A5EF43445AFEB6FB0CE01DAAB] - 29/10/2013 - 16:10:58 ---A- - C:\WINDOWS\Prefetch\CSC.EXE-08AD7008.pf O45 - LFCP:[MD5.397AD0CF30A9BFE499C945DDA7892EBD] - 29/10/2013 - 16:10:58 ---A- - C:\WINDOWS\Prefetch\CVTRES.EXE-1404C725.pf O45 - LFCP:[MD5.A252800CFD0D4E2D8DD426D6ACE2B344] - 29/10/2013 - 16:10:58 ---A- - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf O45 - LFCP:[MD5.4794197FA581028784E9883D8679343F] - 29/10/2013 - 16:15:50 ---A- - C:\WINDOWS\Prefetch\UNREGMP2.EXE-0CFB0619.pf O45 - LFCP:[MD5.68B1171E09B8E6A436FD4EFF86B880F6] - 29/10/2013 - 16:21:53 ---A- - C:\WINDOWS\Prefetch\EXCEL.EXE-1FF53647.pf O45 - LFCP:[MD5.96201D3C4A89AEF5F86BF824E8AB2332] - 29/10/2013 - 16:27:58 ---A- - C:\WINDOWS\Prefetch\FSX.EXE-2CDF0B03.pf O45 - LFCP:[MD5.87AF4CAA1553AC5A4B61E32C21035AD8] - 29/10/2013 - 16:31:16 ---A- - C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-07D84788.pf O45 - LFCP:[MD5.0C31E8FA74342E55CA9F949B860C17FE] - 29/10/2013 - 16:44:26 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6DF739B2.pf O45 - LFCP:[MD5.75622978386C749D7833DBCA961EFCF2] - 29/10/2013 - 16:47:21 ---A- - C:\WINDOWS\Prefetch\VERCLSID.EXE-28F52AD2.pf O45 - LFCP:[MD5.BF19E3F18A5F1476EF227FE8A033BE4A] - 29/10/2013 - 16:52:09 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-020A59F9.pf O45 - LFCP:[MD5.285EBD16607B3FD8745B0FE93A6CE981] - 29/10/2013 - 16:53:07 ---A- - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-0C30FE8A.pf O45 - LFCP:[MD5.0F6E2F3B3402E34C966AEED159CAEA53] - 29/10/2013 - 16:54:53 ---A- - C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf O45 - LFCP:[MD5.2C8622DF1F96262952E5FD10FA3D5DD2] - 29/10/2013 - 16:55:21 ---A- - C:\WINDOWS\Prefetch\LOGONUI.EXE-312BE1BF.pf O45 - LFCP:[MD5.79683BD3880CAEC567628C1BF4F69253] - 29/10/2013 - 16:59:32 ---A- - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf O45 - LFCP:[MD5.A5B3EA66F517334E0C8E0A4C64A1D423] - 29/10/2013 - 16:59:32 ---A- - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.693AA53ACEEB8384D791E31C86180402] - 29/10/2013 - 16:59:32 ---A- - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6E8D4657.pf O45 - LFCP:[MD5.F0AC28B63052596982A0783D72C43BC1] - 29/10/2013 - 16:59:32 ---A- - C:\WINDOWS\Prefetch\WMIAPSRV.EXE-02740A4B.pf O45 - LFCP:[MD5.B8562541927F5992DC22773E079FA6B2] - 29/10/2013 - 16:59:32 ---A- - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf O45 - LFCP:[MD5.E5A3DF56A28D2E5DD6F0965661470E33] - 29/10/2013 - 16:59:32 ---A- - C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf O45 - LFCP:[MD5.2472046580D12EDA0E139B972FF28853] - 29/10/2013 - 16:59:51 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-27BFA2FF.pf O45 - LFCP:[MD5.E964E03164E1805BE8F538F3004A0A39] - 29/10/2013 - 16:59:56 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-4FDECD8E.pf O45 - LFCP:[MD5.A0A55BD81359F5CA9DFA3E93B95A9864] - 29/10/2013 - 17:00:00 ---A- - C:\WINDOWS\Prefetch\CHROME.EXE-58BF504A.pf O45 - LFCP:[MD5.9E29FDBAEB8D91E4A382E535EDAD6AA4] - 29/10/2013 - 17:02:37 ---A- - C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf O45 - LFCP:[MD5.F915CB65115606386CCA05BDDC580100] - 29/10/2013 - 17:03:49 ---A- - C:\WINDOWS\Prefetch\HELPCTR.EXE-0BD5B31B.pf O45 - LFCP:[MD5.0B6DB95FD2C479E815B149B388695330] - 29/10/2013 - 17:04:40 ---A- - C:\WINDOWS\Prefetch\DWTRIG20.EXE-05D8A0C7.pf O45 - LFCP:[MD5.C637171AAE7FEB5D325DEF316CCED42C] - 29/10/2013 - 17:04:41 ---A- - C:\WINDOWS\Prefetch\MOBSYNC.EXE-0EFADB79.pf O45 - LFCP:[MD5.B8021F5EC94B97F73AA21766F656267A] - 29/10/2013 - 17:05:32 ---A- - C:\WINDOWS\Prefetch\MPCMDRUN.EXE-0BE4462E.pf O45 - LFCP:[MD5.689FEE68F26E1CED7A0ABA2CB3E1059B] - 29/10/2013 - 17:06:02 ---A- - C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf ~ Prefetcher: 130 Scanned in 00mn 04s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" [Enabled] .(.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O47 - AAKE:Key Export SP - "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [Enabled] .(.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O47 - AAKE:Key Export SP - "C:\Program Files\Mozilla Firefox\firefox.exe" [Enabled] .(.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\explorer.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\explorer.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [Enabled] .(.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O47 - AAKE:Key Export SP - "D:\Program Files\Flight simulator X\fsx.exe" [Enabled] .(.Microsoft Corp..) -- D:\Program Files\Flight simulator X\fsx.exe O47 - AAKE:Key Export SP - "C:\Program Files\FSFDT\FWInn\FWINN.exe" [Enabled] .(..) -- C:\Program Files\FSFDT\FWInn\FWINN.exe O47 - AAKE:Key Export SP - "C:\Program Files\FSFDT\Control Panel\FSFDTCP.exe" [Enabled] .(.FS - French Dev Team.) -- C:\Program Files\FSFDT\Control Panel\FSFDTCP.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe ~ Keys Export: 12 Scanned in 00mn 01s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll ~ LSA: 6 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys . (...) -- C:\WINDOWS\system32\Drivers\nm.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) ~ CSB: 22 Scanned in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{1a6fd86e-500a-11e2-ab39-001d600d94f9}\AutoRun\command. (...) -- I:\AurLaunch\LaunchScreen.exe (.not file.) O51 - MPSK:{21d87ba7-8275-11e2-ac0d-001d600d94f9}\AutoRun\command. (...) -- H:\AurLaunch\LaunchScreen.exe O51 - MPSK:{22232926-4095-11e3-acc2-001d600d94f9}\AutoRun\command. (...) -- H:\AurLaunch\LaunchScreen.exe O51 - MPSK:{9a77f4d4-2803-11e3-ac0d-001d600d94f9}\AutoRun\command. (...) -- H:\AurLaunch\LaunchScreen.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech(TM) DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm ~ TDSD: 12 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll ~ MSCP: 6 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ~ MWPS: 5 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 ~ MWPE Keys: 2 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.267FC636801EDC5AB28E14036349E3BE] - 18/11/2009 - 06:16:00 ---A- . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\system32\Drivers\Ambfilt.sys [1691480] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 28/09/2001 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] ~ Drivers: 5 Scanned in 00mn 01s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 26/10/2013 - 17:08:50 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Help\WinHlp32.BMK [63] O61 - LFC: 26/10/2013 - 17:08:53 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\12236C41CDDF9E40BA5606CDF086B821 [148605] O61 - LFC: 26/10/2013 - 17:08:53 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\1F356F4D07FE8C483E769E4586569404 [52552] O61 - LFC: 26/10/2013 - 17:08:53 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\3B6E683A7A45CC59BF035C9BA8C7AB9D [494] O61 - LFC: 26/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\431AD00056ACA261FC3A3727DD6E53C5 [1293] O61 - LFC: 26/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\445D2A562929E59ED544CBBF32A5191A [1257] O61 - LFC: 26/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\50B10292153912D05A7D970B383AACC4 [1628] O61 - LFC: 26/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\616AD1AB067CFD351D6C0EF6F3E12F40 [535] O61 - LFC: 26/10/2013 - 17:08:55 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\678F9D319FF4D0257A34339D2BFE3CC5 [1151] O61 - LFC: 26/10/2013 - 17:08:55 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\8A9510437CB4EEB09F4B3AC2BC980E19 [2838] O61 - LFC: 26/10/2013 - 17:08:55 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\8EDCF682921FE94F4A02A43CD1A28E6B [500] O61 - LFC: 26/10/2013 - 17:08:56 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30 [96159] O61 - LFC: 26/10/2013 - 17:08:56 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\B1279483C1393E991DEBB976D8C54379 [1285] O61 - LFC: 26/10/2013 - 17:08:57 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\C27229390F3F6926292942FB717A1F0F [6882] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\12236C41CDDF9E40BA5606CDF086B821 [114] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\1F356F4D07FE8C483E769E4586569404 [126] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\3B6E683A7A45CC59BF035C9BA8C7AB9D [132] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\431AD00056ACA261FC3A3727DD6E53C5 [164] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\445D2A562929E59ED544CBBF32A5191A [114] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\50B10292153912D05A7D970B383AACC4 [144] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\616AD1AB067CFD351D6C0EF6F3E12F40 [134] O61 - LFC: 26/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\678F9D319FF4D0257A34339D2BFE3CC5 [120] O61 - LFC: 26/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\8A9510437CB4EEB09F4B3AC2BC980E19 [120] O61 - LFC: 26/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\8EDCF682921FE94F4A02A43CD1A28E6B [100] O61 - LFC: 26/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30 [124] O61 - LFC: 26/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\B1279483C1393E991DEBB976D8C54379 [126] O61 - LFC: 26/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\C27229390F3F6926292942FB717A1F0F [120] O61 - LFC: 26/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\SimObjects\Airbus_A320-200_EasyJet\state.CFG [80] O61 - LFC: 26/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\SimObjects\Airbus_A321\state.CFG [78] O61 - LFC: 26/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\SimObjects\C172\state.CFG [39] O61 - LFC: 26/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2318] O61 - LFC: 26/10/2013 - 17:09:02 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\bookmarkbackups\bookmarks-2013-10-26.json [67868] O61 - LFC: 26/10/2013 - 17:09:16 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\Game commander.txt [75] O61 - LFC: 26/10/2013 - 17:09:16 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\Google Chrome.lnk [2300] O61 - LFC: 26/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Cookies\MP6GDNHC.txt [670] O61 - LFC: 26/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Favoris\Liens\Google Chrome a été désinstallé. - Centre d'aide Google Chrome.url [299] O61 - LFC: 26/10/2013 - 17:09:34 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\30.0.1599.101\Installer\setup.exe [1185744] O61 - LFC: 26/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\First Run [0] O61 - LFC: 26/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\VisualElementsManifest.xml [399] O61 - LFC: 26/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Certificate Revocation Lists [260408] O61 - LFC: 26/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOCK [0] O61 - LFC: 26/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eemcgdkfndhakfknompkggombfjjjeno_0.localstorage [3072] O61 - LFC: 26/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data [16384] O61 - LFC: 26/10/2013 - 17:09:59 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler.exe [237960] O61 - LFC: 26/10/2013 - 17:09:59 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleCrashHandler64.exe [319880] O61 - LFC: 26/10/2013 - 17:09:59 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdate.exe [116648] O61 - LFC: 26/10/2013 - 17:09:59 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateBroker.exe [59784] O61 - LFC: 26/10/2013 - 17:09:59 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateHelper.msi [26112] O61 - LFC: 26/10/2013 - 17:09:59 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe [59784] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\GoogleUpdateSetup.exe [818968] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdate.dll [869256] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_am.dll [858504] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ar.dll [859528] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_bg.dll [863112] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_bn.dll [862088] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ca.dll [862600] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_cs.dll [862088] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_da.dll [862088] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_de.dll [864136] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_el.dll [864136] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_en-GB.dll [861064] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_en.dll [861064] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_es-419.dll [862088] O61 - LFC: 26/10/2013 - 17:10:00 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_es.dll [864136] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ko.dll [856456] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_et.dll [861064] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_fa.dll [860552] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_fi.dll [862088] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_fil.dll [863112] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_fr.dll [863624] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_gu.dll [862088] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_hi.dll [862088] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_hr.dll [862600] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_hu.dll [863112] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_id.dll [861576] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_is.dll [861576] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_it.dll [863624] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_iw.dll [859016] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ja.dll [857480] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_kn.dll [862600] O61 - LFC: 26/10/2013 - 17:10:01 ---A- . (.„Google Inc.“.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_lt.dll [861576] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_lv.dll [863112] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ml.dll [865160] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_mr.dll [862088] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ms.dll [861576] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_nl.dll [863624] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_no.dll [862600] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_pl.dll [863112] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_pt-BR.dll [862088] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_pt-PT.dll [862600] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ro.dll [863112] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ru.dll [861576] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_sk.dll [862600] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_sl.dll [862600] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_sr.dll [862088] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_sv.dll [862088] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_sw.dll [862600] O61 - LFC: 26/10/2013 - 17:10:02 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ta.dll [863112] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_te.dll [862600] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_th.dll [860552] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_tr.dll [862088] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_uk.dll [861576] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_ur.dll [861576] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_vi.dll [861576] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_zh-CN.dll [854408] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\goopdateres_zh-TW.dll [854920] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll [597896] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\psmachine.dll [163720] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\1.3.21.165\psuser.dll [163720] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\Download\{492EE2A8-EB6C-40C9-942D-95DCB5B3ECC9}\GoogleUpdateSetup.exe [818968] O61 - LFC: 26/10/2013 - 17:10:03 ---A- . (.Google Inc..) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [133104] O61 - LFC: 26/10/2013 - 17:10:04 ----- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{CD9886AB-23ED-4411-8143-6CA9B1E2F73D}\Microsoft\Outlook Express\Folders.dbx [74720] =>.Microsoft Corporation O61 - LFC: 26/10/2013 - 17:10:04 ----- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{CD9886AB-23ED-4411-8143-6CA9B1E2F73D}\Microsoft\Outlook Express\Offline.dbx [9656] =>.Microsoft Corporation O61 - LFC: 26/10/2013 - 17:10:04 ----- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{CD9886AB-23ED-4411-8143-6CA9B1E2F73D}\Microsoft\Outlook Express\Pop3uidl.dbx [9404] =>.Microsoft Corporation O61 - LFC: 26/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{CD9886AB-23ED-4411-8143-6CA9B1E2F73D}\Microsoft\Outlook Express\Boîte d'envoi.dbx [1043156] =>.Microsoft Corporation O61 - LFC: 26/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{CD9886AB-23ED-4411-8143-6CA9B1E2F73D}\Microsoft\Outlook Express\Boîte de réception.dbx [48892528] =>.Microsoft Corporation O61 - LFC: 26/10/2013 - 17:10:22 ---A- . (.Firseria·sl.) -- C:\Documents and Settings\Patrick\Local Settings\Temp\ins46\ins46.exe [263680] =>PUP.Firseria O61 - LFC: 26/10/2013 - 17:10:22 ---A- . (.Firseria·sl.) -- C:\Documents and Settings\Patrick\Local Settings\Temp\ins5229\ins5229.exe [263680] =>PUP.Firseria O61 - LFC: 26/10/2013 - 17:10:23 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\MicCal.bin [75392] O61 - LFC: 26/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\test.wav [512056] O61 - LFC: 26/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Accessoires\Outils système\Internet Explorer (Aucun module complémentaire).lnk [833] O61 - LFC: 26/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Google Chrome\Google Chrome.lnk [2312] O61 - LFC: 27/10/2013 - 17:08:52 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\008C56320A656ABF9A43EEC6337A4C52 [1032] O61 - LFC: 27/10/2013 - 17:08:52 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\0DD03BADB31E24A399F7D99EEB3AA477 [1171] O61 - LFC: 27/10/2013 - 17:08:53 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\1F657678CDAD5400251B323D207EA54F [1472] O61 - LFC: 27/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\4E29C7E9E83048EFCCC5C3D57B6818DB [985] O61 - LFC: 27/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\540054EBACA80880CD6BCE6E58760C7D [989] O61 - LFC: 27/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\587D952D56107B1ABA443D05498D64BC [1550] O61 - LFC: 27/10/2013 - 17:08:56 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\B4D5429757BEF5DE32F124B0897C9968 [2186] O61 - LFC: 27/10/2013 - 17:08:57 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\D1D88DE21ADA9AD70F84C0C44CF3BFE4 [1520] O61 - LFC: 27/10/2013 - 17:08:57 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\E0368BD38F9E8E14978A5E6E94D1ECDF [1512] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\F1C855F22DF0DAE61534ED3C04DC4B58 [1191] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\F6DEB9C1F3251400F7D6EB743CB14FB4 [1250] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\F90F18257CBB4D84216AC1E1F3BB2C76 [550] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\008C56320A656ABF9A43EEC6337A4C52 [92] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\0DD03BADB31E24A399F7D99EEB3AA477 [112] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\1F657678CDAD5400251B323D207EA54F [154] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\4E29C7E9E83048EFCCC5C3D57B6818DB [120] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\540054EBACA80880CD6BCE6E58760C7D [108] O61 - LFC: 27/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\587D952D56107B1ABA443D05498D64BC [120] O61 - LFC: 27/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\B4D5429757BEF5DE32F124B0897C9968 [176] O61 - LFC: 27/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\D1D88DE21ADA9AD70F84C0C44CF3BFE4 [134] O61 - LFC: 27/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\E0368BD38F9E8E14978A5E6E94D1ECDF [128] O61 - LFC: 27/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\F1C855F22DF0DAE61534ED3C04DC4B58 [116] O61 - LFC: 27/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\F6DEB9C1F3251400F7D6EB743CB14FB4 [154] O61 - LFC: 27/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\F90F18257CBB4D84216AC1E1F3BB2C76 [164] O61 - LFC: 27/10/2013 - 17:09:01 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Office\Word12.pip [1720] O61 - LFC: 27/10/2013 - 17:09:01 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Crash Reports\InstallTime20130910160258 [10] O61 - LFC: 27/10/2013 - 17:09:02 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\bookmarkbackups\bookmarks-2013-10-27.json [67868] O61 - LFC: 27/10/2013 - 17:09:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\extensions\WTB_GLOBAL.sqlite [65536] O61 - LFC: 27/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\ZHP\ZHPDiag.txt [211120] =>.Nicolas Coolman O61 - LFC: 27/10/2013 - 17:09:14 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\FLIGHT3\FSCDbManager.lnk [2365] O61 - LFC: 27/10/2013 - 17:09:27 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Patrick\Bureau\MicrosoftFixit.wu.MATSKB.Run.exe [347304] O61 - LFC: 27/10/2013 - 17:09:32 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Patrick\Bureau\ZHPDiag2.exe [6840758] =>.Nicolas Coolman O61 - LFC: 27/10/2013 - 17:09:32 -SH-- . (...) -- C:\Documents and Settings\Patrick\IETldCache\index.dat [262144] O61 - LFC: 27/10/2013 - 17:09:32 -SHA- . (...) -- C:\Documents and Settings\Patrick\IECompatCache\index.dat [65536] O61 - LFC: 27/10/2013 - 17:09:33 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [72784] O61 - LFC: 27/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\Dictionaries\fr-FR-3-0.bdic [1074744] O61 - LFC: 27/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOG.old [145] O61 - LFC: 27/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\PnaclTranslationCache\data_1 [270336] O61 - LFC: 27/10/2013 - 17:10:16 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Internet Explorer\brndlog.txt [113] O61 - LFC: 27/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\active-update.xml [57] O61 - LFC: 27/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Mozilla Firefox\updates.xml [1202] O61 - LFC: 27/10/2013 - 17:10:21 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\IMT23B.xml [2026] O61 - LFC: 27/10/2013 - 17:10:21 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\IMT23C.xml [426] O61 - LFC: 27/10/2013 - 17:10:21 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\apptorun.exe [5848088] O61 - LFC: 27/10/2013 - 17:10:22 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\IMT23D.xml [805416] O61 - LFC: 27/10/2013 - 17:10:22 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\IMT4.xml [2026] O61 - LFC: 27/10/2013 - 17:10:22 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\IMT5.xml [426] O61 - LFC: 27/10/2013 - 17:10:22 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\IMT6.xml [805416] O61 - LFC: 27/10/2013 - 17:10:23 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\MSI10569.LOG [686] O61 - LFC: 27/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk [603] O61 - LFC: 27/10/2013 - 17:10:26 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Aerosoft\PFE\FS2000\PF2000\PF2000.cfg [20] O61 - LFC: 27/10/2013 - 17:10:32 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe [347304] O61 - LFC: 27/10/2013 - 17:10:32 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\mseinstall.exe [11256656] O61 - LFC: 27/10/2013 - 17:10:38 ---A- . (.Nicolas Coolman.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\ZHPDiag2.exe [6840758] =>.Nicolas Coolman O61 - LFC: 27/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\SendTo\Bureau (créer un raccourci).DeskLink [0] O61 - LFC: 27/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\SendTo\Destinataire.MAPIMail [0] O61 - LFC: 27/10/2014 - 17:08:53 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 [18] O61 - LFC: 27/10/2014 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 [216] O61 - LFC: 28/10/2013 - 17:08:54 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6 [111930] O61 - LFC: 28/10/2013 - 17:08:55 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 [27046] O61 - LFC: 28/10/2013 - 17:08:56 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\B8CC409ACDBF2A2FE04C56F2875B1FD6 [561] O61 - LFC: 28/10/2013 - 17:08:57 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\E48DDEA3BF68DF580551FA0F27950B54 [573] O61 - LFC: 28/10/2013 - 17:08:58 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 [124] O61 - LFC: 28/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 [124] O61 - LFC: 28/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\B8CC409ACDBF2A2FE04C56F2875B1FD6 [134] O61 - LFC: 28/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\E48DDEA3BF68DF580551FA0F27950B54 [232] O61 - LFC: 28/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\HTML Help\hh.dat [9822] O61 - LFC: 28/10/2013 - 17:09:00 -SHA- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Internet Explorer\Desktop.htt [2128] O61 - LFC: 28/10/2013 - 17:09:02 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\addons.sqlite [524288] O61 - LFC: 28/10/2013 - 17:09:02 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\bookmarkbackups\bookmarks-2013-10-28.json [67868] O61 - LFC: 28/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\healthreport.sqlite [1146880] O61 - LFC: 28/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\healthreport\state.json [123] O61 - LFC: 28/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\indexedDB\chrome\.metadata [0] O61 - LFC: 28/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\indexedDB\chrome\idb\2588645841ssegtnti.sqlite [524288] O61 - LFC: 28/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\webappsstore.sqlite [163840] O61 - LFC: 28/10/2013 - 17:09:19 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar\mbar-log-2013-10-28 (18-25-42).txt [2062] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\HKEY_LOCAL_MACHINE_Software_Microsoft_Windows_CurrentVersion_Explorer_HideDesktopIcons_NewStartPanel_{20D04FE0-0.reg [408] =>Adware.ADON O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\HKEY_LOCAL_MACHINE_System_ControlSet001_Services_0.reg [1604] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\HKEY_LOCAL_MACHINE_System_ControlSet002_Services_0.reg [1604] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\HKEY_LOCAL_MACHINE_System_ControlSet003_Services_0.reg [1604] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\PhysicalDrive0_User.dat [512] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\PhysicalDrive1_User.dat [512] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\PhysicalDrive2_User.dat [512] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RK_Quarantine\QuarantineReport.txt [4679] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RKreport[0]_D_10282013_153033.txt [7733] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RKreport[0]_S_10282013_151422.txt [7374] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RKreport[0]_S_10282013_153210.txt [2497] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\RogueKiller.exe [3538944] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar-log-2013-10-28 (14-02-10).txt [2090] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar-log-2013-10-28 (14-03-11).txt [15014] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar-log-2013-10-28 (18-25-42).txt [2062] O61 - LFC: 28/10/2013 - 17:09:27 ---A- . (.Malwarebytes Corp..) -- C:\Documents and Settings\Patrick\Bureau\mbar-1.07.0.1007.exe [12576792] O61 - LFC: 28/10/2013 - 17:09:30 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\TDSSKiller.2.8.16.0_28.10.2013_12.55.05_log.txt [270098] O61 - LFC: 28/10/2013 - 17:09:32 ---A- . (.Kaspersky Lab ZAO.) -- C:\Documents and Settings\Patrick\Bureau\tdsskiller.exe [2237968] O61 - LFC: 28/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\libEGL.dll [112128] O61 - LFC: 28/10/2013 - 17:09:44 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\libGLESv2.dll [4591616] O61 - LFC: 28/10/2013 - 17:09:44 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\manifest.fingerprint [9] O61 - LFC: 28/10/2013 - 17:09:44 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.5.0\manifest.json [202] O61 - LFC: 28/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\OfflineCache\index.sqlite [262144] O61 - LFC: 28/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\goog-malware-shavar.cache [140] O61 - LFC: 28/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\goog-malware-shavar.pset [481562] O61 - LFC: 28/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\goog-malware-shavar.sbstore [1215928] O61 - LFC: 28/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\goog-phish-shavar.cache [12] O61 - LFC: 28/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\goog-phish-shavar.pset [460800] O61 - LFC: 28/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\goog-phish-shavar.sbstore [322666] O61 - LFC: 28/10/2013 - 17:10:32 ---A- . (.Malwarebytes Corp..) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\mbar-1.07.0.1007.exe [12576792] O61 - LFC: 28/10/2013 - 17:10:33 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\RKreport[0]_S_10282013_151422.txt [7374] O61 - LFC: 28/10/2013 - 17:10:33 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\RogueKiller.exe [3538944] O61 - LFC: 28/10/2013 - 17:10:35 ---A- . (.Kaspersky Lab ZAO.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\tdsskiller.exe [2237968] O61 - LFC: 28/10/2013 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\windowsupdateagent30-x86.exe [6216032] O61 - LFC: 28/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Voisinage réseau\Mathilde Transfer sur ordinateur de bureau (Pcfixe)\target.lnk [635] O61 - LFC: 28/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Voisinage réseau\Mathilde1 sur ordinateur de bureau (Pcfixe)\target.lnk [603] O61 - LFC: 28/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Voisinage réseau\Users sur Pc portable (Portable1)\target.lnk [602] O61 - LFC: 28/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Voisinage réseau\budget sur ordinateur de bureau (Pcfixe)\target.lnk [502] O61 - LFC: 28/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Voisinage réseau\panel sur Pc portable (Portable1)\target.lnk [506] O61 - LFC: 28/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Voisinage réseau\sauv.fsx sur ordinateur de bureau (Pcfixe)\target.lnk [599] O61 - LFC: 29/10/2013 - 17:08:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Adobe\Acrobat\11.0\ReaderMessages [25600] O61 - LFC: 29/10/2013 - 17:08:44 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Audacity\audacity.cfg [3178] O61 - LFC: 29/10/2013 - 17:08:46 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\DAEMON Tools Lite\ImgList.dat [90] =>.DT Soft Ltd O61 - LFC: 29/10/2013 - 17:08:51 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\IVAO\IvAp\config\pilot.cfg [279] O61 - LFC: 29/10/2013 - 17:08:51 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\IVAO\IvAp\data\servers.dat [302] O61 - LFC: 29/10/2013 - 17:08:51 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\KeePass\KeePass.config.xml [4437] O61 - LFC: 29/10/2013 - 17:08:51 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol [506] O61 - LFC: 29/10/2013 - 17:08:52 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CLR Security Config\v2.0.50727.42\security.config.cch [566896] O61 - LFC: 29/10/2013 - 17:08:56 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\A1377F7115F1F126A15360369B165211 [597] O61 - LFC: 29/10/2013 - 17:08:56 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\Content\B69D763EB21649DA26F20618312DEE70 [75433] O61 - LFC: 29/10/2013 - 17:08:59 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\Controls\Standard.XML [39174] O61 - LFC: 29/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\A1377F7115F1F126A15360369B165211 [142] O61 - LFC: 29/10/2013 - 17:08:59 -S-A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\CryptnetUrlCache\MetaData\B69D763EB21649DA26F20618312DEE70 [128] O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\SimObjects\Aircreation_582SL\state.CFG [39] O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\SimObjects\PA318 Unpainted (Air France)\state.CFG [78] O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\SimObjects\PA320FD_IAE\state.CFG [78] O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\fsx.CFG [10004] O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\FSX\wxstationlist.BIN [26148] O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk [779] O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Internet Explorer\Quick Launch\Lecteur Windows Media.lnk [804] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:09:00 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Media Player\0080E3BA.wpl [437] O61 - LFC: 29/10/2013 - 17:09:00 R--A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Installer\{7E09412E-7A0E-4C61-B304-888C760F61D4}\icon.ico [32038] O61 - LFC: 29/10/2013 - 17:09:01 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Office\Excel12.pip [1560] O61 - LFC: 29/10/2013 - 17:09:01 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Office\PowerP12.pip [1472] O61 - LFC: 29/10/2013 - 17:09:01 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Office\Recent\PASSWORD.xlsx.LNK [459] O61 - LFC: 29/10/2013 - 17:09:01 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Office\Recent\Program Files.LNK [367] O61 - LFC: 29/10/2013 - 17:09:01 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Windows\Themes\Custom.theme [7767] O61 - LFC: 29/10/2013 - 17:09:01 --H-- . (...) -- C:\Documents and Settings\Patrick\Application Data\Microsoft\Office\Recent\index.dat [61] O61 - LFC: 29/10/2013 - 17:09:02 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\blocklist.xml [81840] O61 - LFC: 29/10/2013 - 17:09:02 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\bookmarkbackups\bookmarks-2013-10-29.json [65776] O61 - LFC: 29/10/2013 - 17:09:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\cert8.db [98304] O61 - LFC: 29/10/2013 - 17:09:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\cookies.sqlite [524288] O61 - LFC: 29/10/2013 - 17:09:05 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\extensions\{18d58922-b052-65fa-0e41-9af98f749f17}\install.rdf [985] O61 - LFC: 29/10/2013 - 17:09:06 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\extensions\{4ca8c1be-c30f-49bf-9ac8-f3e63f49665d}\wtb_ff.bin [7475] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\extensions.sqlite [458752] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\key3.db [16384] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\localstore.rdf [6076] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\parent.lock [0] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\permissions.sqlite [65536] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\places.sqlite [10485760] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\pluginreg.dat [6072] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\prefs.js [10238] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\search.json [14157] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\urlclassifierkey3.txt [154] O61 - LFC: 29/10/2013 - 17:09:07 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\webapps\webapps.json [2] O61 - LFC: 29/10/2013 - 17:09:08 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\NVIDIA\GLCache\df89b497ebd35be411dd49d0e173ecc1\46ec295fa1356e51\ca22f3d83e779ff8.bin [1573] O61 - LFC: 29/10/2013 - 17:09:08 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\NVIDIA\GLCache\df89b497ebd35be411dd49d0e173ecc1\46ec295fa1356e51\ca22f3d83e779ff8.toc [164] O61 - LFC: 29/10/2013 - 17:09:10 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\teamspeak2\TeamSpeak.Conf [34290] O61 - LFC: 29/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\ZHP\Log.txt [139369] =>.Nicolas Coolman O61 - LFC: 29/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Application Data\ZHP\TestsZHPDiag.txt [3298] =>.Nicolas Coolman O61 - LFC: 29/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\AdwCleaner[S7].txt [4321] O61 - LFC: 29/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\Audacity.lnk [682] O61 - LFC: 29/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\Dolomynum.lnk [677] O61 - LFC: 29/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\Explorateur Windows.lnk [1475] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:09:12 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\adwcleaner.exe [1060070] O61 - LFC: 29/10/2013 - 17:09:15 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\FLIGHT3\FSC_FSX.lnk [2129] O61 - LFC: 29/10/2013 - 17:09:16 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\FLIGHT3\Shortcut to Plan-Gv3.lnk [2363] O61 - LFC: 29/10/2013 - 17:09:18 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar\Data\Configuration\database.conf [854] O61 - LFC: 29/10/2013 - 17:09:18 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar\Data\Configuration\local.conf [759] O61 - LFC: 29/10/2013 - 17:09:18 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar\Data\rules.ref [6765722] O61 - LFC: 29/10/2013 - 17:09:18 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar\Data\swissarmy.ref [20949] O61 - LFC: 29/10/2013 - 17:09:19 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar\mbar-log-2013-10-29 (05-49-24).txt [2062] O61 - LFC: 29/10/2013 - 17:09:24 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar\system-log.txt [111488] O61 - LFC: 29/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\Nouveau Document texte.txt [1814] O61 - LFC: 29/10/2013 - 17:09:27 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\mbar-log-2013-10-29 (05-49-24).txt [2062] O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\Tower! 2011.lnk [818] O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\ZHPDiag.lnk [1523] =>.Nicolas Coolman O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\ZHPFix.lnk [1628] =>.Nicolas Coolman O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Bureau\vroute.info premium.appref-ms [354] O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Cookies\index.dat [32768] O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Cookies\patrick@msn[1].txt [101] O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Adobe\Acrobat\11.0\AdobeCMapFnt11.lst [512] O61 - LFC: 29/10/2013 - 17:09:32 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Patrick\Bureau\WindowsXP-KB936929-SP3-x86-FRA.exe [324222504] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History [57344] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Archived History-journal [512] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks [92505] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Bookmarks.bak [92505] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies [412672] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies-journal [9800] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Tabs [20769] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\CURRENT [16] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG [151] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\LOG.old [151] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-003080 [2225] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\CURRENT [16] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG [151] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\LOG.old [151] O61 - LFC: 29/10/2013 - 17:09:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Extension State\MANIFEST-006519 [722] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons [3780608] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Favicons-journal [14904] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\CURRENT [16] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\LOG [145] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000020 [198] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\History [913408] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\History Provider Cache [16774] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Last Session [55397] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Managed Mode Settings [8] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor [16384] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Network Action Predictor-journal [3608] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs [22528] O61 - LFC: 29/10/2013 - 17:09:41 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Origin Bound Certs-journal [4640] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\N5LE8N3B\macromedia.com\support\flashplayer\sys\#static.anonymousdmp.com\settings.sol [93] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\N5LE8N3B\macromedia.com\support\flashplayer\sys\settings.sol [473] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\N5LE8N3B\static.anonymousdmp.com\pus.sol [68] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [89694] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\QuotaManager [20480] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG [274] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\LOG.old [276] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Session Storage\MANIFEST-009250 [329] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Shortcuts [20480] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites [20480] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Top Sites-journal [12824] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\TransportSecurity [634] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data [100352] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data.temp [100352] O61 - LFC: 29/10/2013 - 17:09:42 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Local State [55558] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom [6301768] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1450782] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Csd Whitelist [135184] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download [908956] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Download Whitelist [18884] O61 - LFC: 29/10/2013 - 17:09:43 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing Extension Blacklist [6660] O61 - LFC: 29/10/2013 - 17:10:03 --HA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\IconCache.db [4316754] O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{7F0A2C36-5D47-426C-85D6-66262D876AD1}\Microsoft\Outlook Express\Boîte d'envoi.dbx [60116] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{7F0A2C36-5D47-426C-85D6-66262D876AD1}\Microsoft\Outlook Express\Boîte de réception.dbx [54898672] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{7F0A2C36-5D47-426C-85D6-66262D876AD1}\Microsoft\Outlook Express\Folders.dbx [74720] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{7F0A2C36-5D47-426C-85D6-66262D876AD1}\Microsoft\Outlook Express\Offline.dbx [9656] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{7F0A2C36-5D47-426C-85D6-66262D876AD1}\Microsoft\Outlook Express\Pop3uidl.dbx [9404] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Identities\{7F0A2C36-5D47-426C-85D6-66262D876AD1}\Microsoft\Outlook Express\Éléments supprimés.dbx [150226288] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\IsolatedStorage\g5rlrlf3.mz1\ifzoyyxh.1zw\Url.ccxw1gydh3mhcsj4cjepugnylpzsgtwv\StrongName.rvvrseyal4dsx02ykcfzlpikr2x3n0za\identity.dat [513] O61 - LFC: 29/10/2013 - 17:10:04 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\IsolatedStorage\g5rlrlf3.mz1\ifzoyyxh.1zw\Url.ccxw1gydh3mhcsj4cjepugnylpzsgtwv\identity.dat [1293] O61 - LFC: 29/10/2013 - 17:10:04 -SH-- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat [16384] O61 - LFC: 29/10/2013 - 17:10:16 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb [786432] O61 - LFC: 29/10/2013 - 17:10:16 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Media Player\wmpfolders.wmdb [3296] O61 - LFC: 29/10/2013 - 17:10:16 -SHA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat [32768] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD [498] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML [12787] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\_CACHE_CLEAN_ [1] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\test-malware-simple.cache [44] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\test-malware-simple.pset [16] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\test-malware-simple.sbstore [232] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\test-phish-simple.cache [44] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\test-phish-simple.pset [16] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\safebrowsing\test-phish-simple.sbstore [232] O61 - LFC: 29/10/2013 - 17:10:17 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\startupCache\startupCache.4.little [1167720] O61 - LFC: 29/10/2013 - 17:10:20 ----- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Historique\History.IE5\index.dat [163840] O61 - LFC: 29/10/2013 - 17:10:20 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Historique\History.IE5\MSHist012013102920131030\index.dat [32768] O61 - LFC: 29/10/2013 - 17:10:20 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\acrord32_sbx\Cookies\index.dat [16384] O61 - LFC: 29/10/2013 - 17:10:20 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\acrord32_sbx\Historique\History.IE5\index.dat [16384] O61 - LFC: 29/10/2013 - 17:10:21 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\Cookies\index.dat [16384] O61 - LFC: 29/10/2013 - 17:10:21 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\Historique\History.IE5\index.dat [32768] O61 - LFC: 29/10/2013 - 17:10:21 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\control.xml [12818] O61 - LFC: 29/10/2013 - 17:10:22 ---A- . (.Solid State Networks.) -- C:\Documents and Settings\Patrick\Local Settings\Temp\install_flashplayer11x32_mssd_aaa_aih.exe [1070944] O61 - LFC: 29/10/2013 - 17:10:22 ---A- . (.Solid State Networks.) -- C:\Documents and Settings\Patrick\Local Settings\Temp\install_flashplayer11x32_mssd_aaa_aih_1.exe [1070944] O61 - LFC: 29/10/2013 - 17:10:23 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\MATS-Temp\Results\Windows Update_result.cab [18655] O61 - LFC: 29/10/2013 - 17:10:23 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131029_162432265.html [42780] O61 - LFC: 29/10/2013 - 17:10:23 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\MicrosoftFixit50687\Register.bat [237] O61 - LFC: 29/10/2013 - 17:10:23 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\preferences [0] O61 - LFC: 29/10/2013 - 17:10:23 ---A- . (.Solid State Networks.) -- C:\Documents and Settings\Patrick\Local Settings\Temp\install_flashplayer11x32_mssd_aaa_aih_2.exe [1070944] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\WUDiagTempFolder\outputBITS.txt [14] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\WUDiagTempFolder\outputreport.txt [452] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\WindowsUpdateTroubleShooter [50] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\WindowsUpdateTroubleShooterRC_Param.xml.txt [6] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\WindowsUpdateTroubleShooterRC_VF.xml.txt [70] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\WindowsUpdateTroubleShooter_resolverRan [80] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wuZipFilePaths [314] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wurunSeq.txt [302] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\{6204169E-0405-4C68-B9A8-91E56CB13645} [0] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk [804] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Dolomynum.lnk [1549] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\License.lnk [1572] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Manual (English).lnk [1588] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Manual (French).lnk [1588] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Tools\Colour Theme Editor.lnk [1685] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Tools\Sector Converter.lnk [1646] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Tools\Sector Viewer.lnk [1685] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Tools\Settings Editor.lnk [1671] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Dolomynum\Uninstall.lnk [1409] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\Airfield Editor.lnk [847] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\Airplane Editor.lnk [946] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\KLAX - Los Angeles Airport.lnk [1102] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\KMIA - Miami Airport.lnk [1060] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\TIST - St. Thomas Airport.lnk [1088] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\TIST - St. Thomas PALCO6 SID.lnk [1120] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\Tower! 2011 Manual - Standard Edition.lnk [1070] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\Tower! 2011.lnk [818] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\FeelThere\Tower! 2011\Uninstall Tower! 2011.lnk [887] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Internet Explorer.lnk [767] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\Lecteur Windows Media.lnk [792] =>.Microsoft Corporation O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\vroute\vroute.info premium online support.url [165] O61 - LFC: 29/10/2013 - 17:10:25 ---A- . (...) -- C:\Documents and Settings\Patrick\Menu Démarrer\Programmes\vroute\vroute.info premium.appref-ms [354] O61 - LFC: 29/10/2013 - 17:10:25 --HA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wmplog00.sqm [400] O61 - LFC: 29/10/2013 - 17:10:25 --HA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wmplog01.sqm [400] O61 - LFC: 29/10/2013 - 17:10:25 --HA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wmplog02.sqm [400] O61 - LFC: 29/10/2013 - 17:10:25 --HA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wmplog03.sqm [400] O61 - LFC: 29/10/2013 - 17:10:25 --HA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wmplog04.sqm [400] O61 - LFC: 29/10/2013 - 17:10:25 --HA- . (...) -- C:\Documents and Settings\Patrick\Local Settings\Temp\wmplog05.sqm [400] O61 - LFC: 29/10/2013 - 17:10:29 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\adwcleaner.exe [1060070] O61 - LFC: 29/10/2013 - 17:10:29 ---A- . (.Solid State Networks.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe [1070944] O61 - LFC: 29/10/2013 - 17:10:32 ---A- . (.Microsoft Corporation ?.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\MicrosoftFixit50687.msi [677376] O61 - LFC: 29/10/2013 - 17:10:35 ---A- . (.Microsoft Corporation.) -- C:\Documents and Settings\Patrick\Mes documents\Downloads\WindowsXP-KB936929-SP3-x86-FRA.exe [324222504] O61 - LFC: 29/10/2013 - 17:10:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Fichiers Flight Simulator X\Logbook.BIN [5190] O61 - LFC: 29/10/2013 - 17:10:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Fichiers Flight Simulator X\Previous Flight.FLT [10831] O61 - LFC: 29/10/2013 - 17:10:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Fichiers Flight Simulator X\Previous Flight.FSSAVE [223272] O61 - LFC: 29/10/2013 - 17:10:38 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Fichiers Flight Simulator X\Previous Flight.WX [1477716] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\Data\PlanG3_FS9.sdf [413696] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\Data\PlanG3_FSX.sdf [161435648] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\Data\PlanG3_XPX.sdf [413696] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\Data\UserWpts3.sdf [413696] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\Plan-G_Log.txt [2626] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\WX\Metar14Z.TXT [1616993] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\WX\Metar15Z.TXT [1708002] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\WX\lTAF06Z.TXT [1695596] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\WX\lTAF12Z.TXT [1757184] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\WX\sTAF06Z.TXT [292534] O61 - LFC: 29/10/2013 - 17:10:57 ---A- . (...) -- C:\Documents and Settings\Patrick\Mes documents\Plan-G Files\WX\sTAF12Z.TXT [263436] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\AdwCleaner[S7].txt.lnk [424] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\AlbumArt_{8316AFF9-23F3-4CE2-8B0C-CAC2514F1D5C}_Large.jpg.lnk [987] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\Antoine et Mathilde.lnk [567] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\Deuces Wild.lnk [657] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\Folder.jpg.lnk [566] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\Nouveau Document texte (4).txt.lnk [574] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\PASSWORD.xlsx.lnk [493] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\Program Files.lnk [367] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\divers_01_05_1010 039.jpg.lnk [805] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Recent\musique.lnk [435] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\UserData\index.dat [32768] O61 - LFC: 29/10/2013 - 17:11:03 ---A- . (...) -- C:\Documents and Settings\Patrick\Voisinage réseau\Entretient véhicule sur Pc portable (Portable1)\target.lnk [760] ~ 39 Fichiers temporaires (Temporary files) ~ 5 Fichiers cookies (Cookies files) ~ Files: 471 Scanned in 02mn 22s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\arp1394.sys (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394 O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (AudioSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_AUDIOSRV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - 05/12/2012 - C:\Program Files\Cobian Backup 11\cbVSCService11.exe (cbVSCService11) .(.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) - LEGACY_CBVSCSERVICE11 O64 - Services: CurCS - 13/12/1999 - C:\WINDOWS\system32\CTsvcCDA.exe (Creative Service for CDROM Access) .(.Creative Technology Ltd - Creative Service for CDROM Access.) - LEGACY_CREATIVE_SERVICE_FOR_CDROM_ACCESS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (Dhcp) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DHCP O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (dmserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DMSERVER O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (ERSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_ERSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (EventSystem) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_EVENTSYSTEM O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (FastUserSwitchingCompatibility) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_FASTUSERSWITCHINGCOMPATIBILITY O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (helpsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HELPSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipnat.sys (IpNat) .(.Microsoft Corporation - IP Network Address Translator.) - LEGACY_IPNAT O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - 08/10/2013 - C:\Program Files\Java\jre7\bin\jqs.exe (JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (lanmanserver) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANSERVER O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (LanmanWorkstation) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LANMANWORKSTATION O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Mount Manager.) - LEGACY_MOUNTMGR O64 - Services: CurCS - 18/06/2013 - C:\WINDOWS\system32\DRIVERS\MpFilter.sys (MpFilter) .(.Microsoft Corporation - Microsoft antimalware file system filter dr.) - LEGACY_MPFILTER O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - 12/08/2013 - c:\Program Files\Microsoft Security Client\MsMpEng.exe (MsMpSvc) .(.Microsoft Corporation - Antimalware Service Executable.) - LEGACY_MSMPSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\Mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider driver.) - LEGACY_MUP O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\NDIS.sys (NDIS) .(.Microsoft Corporation - NDIS 5.1 wrapper driver.) - LEGACY_NDIS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NdisTapi) .(.Microsoft Corporation - NDIS 3.0 connection wrapper driver.) - LEGACY_NDISTAPI O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\ndisuio.sys (Ndisuio) .(.Microsoft Corporation - NDIS User mode I/O Driver.) - LEGACY_NDISUIO O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (Netman) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NETMAN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (Nla) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_NLA O64 - Services: CurCS - 15/10/2013 - C:\WINDOWS\system32\nvsvc32.exe (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 331.5.) - LEGACY_NVSVC O64 - Services: CurCS - 19/09/2013 - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (nvUpdatusService) .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) - LEGACY_NVUPDATUSSERVICE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\Drivers\PartMgr.sys (PartMgr) .(.Microsoft Corporation - Partition Manager.) - LEGACY_PARTMGR O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (RasMan) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_RASMAN O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - 28/09/2001 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (RemoteRegistry) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_REMOTEREGISTRY O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\lsass.exe (SamSs) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_SAMSS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (Schedule) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SCHEDULE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (seclogon) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SECLOGON O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (SENS) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SENS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (SharedAccess) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHAREDACCESS O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (TapiSrv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TAPISRV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - 22/03/2013 - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTomHOMEService) .(.TomTom - Windows Service for TomTom HOME.) - LEGACY_TOMTOMHOMESERVICE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (TrkWks) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_TRKWKS O64 - Services: CurCS - 04/07/2010 - C:\Program Files\Unlocker\UnlockerDriver5.sys (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5 O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (W32Time) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_W32TIME O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (WebClient) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WEBCLIENT O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (winmgmt) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WINMGMT O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\wbem\wmiapsrv.exe (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (wscsvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WSCSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (wuauserv) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUAUSERV O64 - Services: CurCS - 28/09/2006 - C:\WINDOWS\system32\DRIVERS\WudfPf.sys (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (WudfSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WUDFSVC O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\svchost.exe (WZCSVC) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_WZCSVC ~ Legacy: 150 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ FASS Keys: 17 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com O69 - SBI: SearchScopes [HKUS\S-1-5-19] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar O69 - SBI: SearchScopes [HKUS\S-1-5-20] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar ~ Keys: Scanned in 00mn 00s ---\\ Recherche dans la clé de registre Feature Controls (IFC) (O81) O81 - IFC: Internet Feature Controls [HKCU] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe =>Rootkit.TDSS ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\WINDOWS\system32\appmgmts.dll [176640] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77824] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - Pas de description.) -- C:\WINDOWS\system32\es.dll [246272] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [96768] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll [247808] =>.Microsoft Corporation O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\system32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\system32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\WINDOWS\system32\advapi32.dll [685568] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440] ~ Services: 39 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.2271E9C085BFF7D968C28358ECB286E6] [SPRF][28/11/2011] (...) -- C:\Documents and Settings\Patrick\Local Settings\Application Data\fusioncache.dat [130] [MD5.8C27D71B2F6719136407C525ECF18D51] [SPRF][29/10/2013] (...) -- C:\Documents and Settings\Patrick\Bureau\adwcleaner.exe [1060070] [MD5.4503803B9BEF66A375A44029E8BC6725] [SPRF][28/10/2013] (.Malwarebytes Corp. - Malwarebytes Anti-Rootkit Utility.) -- C:\Documents and Settings\Patrick\Bureau\mbar-1.07.0.1007.exe [12576792] [MD5.8BBE63DF6DF1B042E8EFA88E3B358FC8] [SPRF][27/10/2013] (.Microsoft Corporation - Microsoft® Fix it.) -- C:\Documents and Settings\Patrick\Bureau\MicrosoftFixit.wu.MATSKB.Run.exe [347304] [MD5.3F3A9A67A4954ECE200E949CD5F1BA33] [SPRF][28/10/2013] (...) -- C:\Documents and Settings\Patrick\Bureau\RogueKiller.exe [3538944] [MD5.178A34E5554DCE485E1262DDF027960C] [SPRF][28/10/2013] (.Kaspersky Lab ZAO - TDSS rootkit removing tool.) -- C:\Documents and Settings\Patrick\Bureau\tdsskiller.exe [2237968] [MD5.A9A9A86E7330BFFAF64AE2ACFB73D959] [SPRF][29/10/2013] (.Microsoft Corporation - Auto-extraction de fichier CAB.) -- C:\Documents and Settings\Patrick\Bureau\WindowsXP-KB936929-SP3-x86-FRA.exe [324222504] [MD5.57173A539EE8FB76991E75BF31472227] [SPRF][27/10/2013] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Documents and Settings\Patrick\Bureau\ZHPDiag2.exe [6840758] ~ Files: 8 Scanned in 00mn 06s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "0CB8AE65157339B4CBD96615CC635EAA" . (.MSXML 6 Service Pack 2 (KB973686).) -- C:\WINDOWS\Installer\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}\ARPIco O90 - PUC: "16B3DA692EAE2E11E9278BCAF689CC3E" . (.Google Earth.) -- C:\WINDOWS\Installer\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}\ARPPRODUCTICON.exe =>.Google Inc O90 - PUC: "509A2BBC1FF95124DB2AD06F491F0D32" . (.Service Pack 2 de Flight Simulator X de Microsoft.) -- C:\WINDOWS\Installer\{CBB2A905-9FF1-4215-BDA2-0DF694F1D023}\ProductIcon O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.05) - Français.) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico O90 - PUC: "7162C8DB916336543B0F50677E0C0F3C" . (.Plan-G v3.) -- C:\WINDOWS\Installer\{BD8C2617-3619-4563-B3F0-0576E7C0F0C3}\_853F67D554F05449430E7E.exe O90 - PUC: "7E31197DC472B074DB64101B2091FDA6" . (.HPPhotosmartEssential.) -- C:\WINDOWS\Installer\{D79113E7-274C-470B-BD46-01B10219DF6A}\ARPPRODUCTICON.exe O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\WINDOWS\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico O90 - PUC: "B1C4F5CE838F7BC45816F808296924B8" . (.TomTom HOME.) -- C:\WINDOWS\Installer\{EC5F4C1B-F838-4CB7-8561-8F809296428B}\ARPPRODUCTICON.exe O90 - PUC: "D30CF9A3586C138449FCE4FD3D474979" . (.Microsoft SQL Server Compact 3.5 SP2 ENU.) -- C:\WINDOWS\Installer\{3A9FC03D-C685-4831-94CF-4EDFD3749497}\ProductIcon O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "E76AA5B70AEFBB04AB5BAC6546A585C9" . (.NVIDIA PhysX.) -- C:\WINDOWS\Installer\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}\icon.ico O90 - PUC: "EBF68479CF3A3874D855AE739E1D17CC" . (.HP Update.) -- C:\WINDOWS\Installer\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}\ARPPRODUCTICON.exe O90 - PUC: "FC2B535FBB9C26140BA3206D79F123CC" . (.Microsoft Flight Simulator X.) -- C:\WINDOWS\Installer\{F535B2CF-C9BB-4162-B03A-02D6971F32CC}\ARPPRODUCTICON.exe ~ Update Products: 75 Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} ~ MNS: 1 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.373E69BC4A5A8878E27AA57AFA8936E7] [WIS][29/10/2013] (.ReSoft Ltd. - Snap.Do.) -- C:\Windows\Installer\13485e.msi [1613312] =>Hijacker.SmartBar [MD5.8AE4C909FDE274F8F9BF35084F5F1BBD] [WIS][19/10/2012] (.Sascha W. Felix - Volker Heine - Navigational Tool for Flight Simulator 2004® - FSX® - Prepar3D®.) -- C:\Windows\Installer\41da9.msi [3052544] [MD5.EDA3FF0650CFA3AC9552BC94BFC60EEB] [WIS][29/01/2013] (.roddy2000@hotbox.ru - DVD Decoder Pak for Windows XP.) -- C:\Windows\Installer\87878.msi [220160] [MD5.16327630A8DBFB1DA1A343B05F9A27C7] [WIS][10/11/2011] (.HP - HP.) -- C:\Windows\Installer\badc6.msi [2188288] [MD5.C143AA185CBE529736BD034890501F9D] [WIS][10/11/2011] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\badf4.msi [459264] ~ WIS: 78 Scanned in 00mn 06s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 09/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 05/12/2012 67584 | (cbVSCService11) . (.CobianSoft, Luis Cobian.) - C:\Program Files\Cobian Backup 11\cbVSCService11.exe SS - | Auto 05/12/2012 1131008 | (CobianBackup11) . (.Luis Cobian, CobianSoft.) - C:\Program Files\Cobian Backup 11\cbService.exe SR - | Auto 13/12/1999 44032 | (Creative Service for CDROM Access) . (.Creative Technology Ltd.) - C:\WINDOWS\system32\CTsvcCDA.exe SS - | Demand 13/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SS - | Demand 13/04/2008 14336 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\WINDOWS\system32\svchost.exe SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 08/10/2013 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe SS - | Demand 26/10/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 15/10/2013 156960 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SR - | Auto 19/09/2013 2155296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ~ Services: Scanned in 00mn 07s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Patrick at 29/10/2013 17:14:36 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 1 ntkrnlpa!IofCallDriver[0x804EF196] >> \Device\Harddisk0\DR0[0x8B33CAB8] 3 CLASSPNP[0xB8118FD7] >> ntkrnlpa!IofCallDriver[0x804EF196] >> \Device\0000006b[0x8B2DEF18] 5 ACPI[0xB7F7E620] >> ntkrnlpa!IofCallDriver[0x804EF196] >> \Device\Ide\IdeDeviceP0T0L0-3[0x8B359940] kernel: MBR read successfully user & kernel MBR OK ~ MBR: 13 Scanned in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Patrick at 29/10/2013 17:14:38 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite =>.DT Soft Ltd ~ Emulateurs: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 12960 - (28/10/2013) Clés trouvées (Keys found) : 1 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 4 Fichiers trouvés (Files found) : 1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7E09412E-7A0E-4C61-B304-888C760F61D4}] =>Hijacker.SmartBar^ C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\{18d58922-b052-65fa-0e41-9af98f749f17} =>Hijacker.SmartBar^ C:\Documents and Settings\Patrick\Application Data\Mozilla\Firefox\Profiles\x7d2xg82.default\{4ca8c1be-c30f-49bf-9ac8-f3e63f49665d} =>PUP.CertifiedToolbar^ C:\Documents and Settings\Patrick\Local Settings\Application Data\Software =>Adware.Boxore^ C:\Documents and Settings\Patrick\Local Settings\Application Data\Temp\Iminent =>Adware.IMBooster C:\Windows\Installer\13485e.msi =>Hijacker.SmartBar^ ~ Additionnel Scan: 230363 Items scanned in 00mn 21s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar ~ http://nicolascoolman.webs.com/apps/blog/show/28040039-pup-certifiedtoolbar =>PUP.CertifiedToolbar ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy ~ http://nicolascoolman.webs.com/apps/blog/show/34458822-pup-firseria =>PUP.Firseria ~ http://nicolascoolman.webs.com/apps/blog/show/27154930-adware-adon =>Adware.ADON ~ http://nicolascoolman.webs.com/apps/blog/show/26611908-rootkit-tdss =>Rootkit.TDSS ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ MSI: 8 link(s) detected in 00mn 21s End of the scan (2074 lines in 09mn 10s)(0)