Rapport de ZHPDiag v1.3.5.113 par Nicolas Coolman, Update du 21/02/2013 Run by bantuman at 22/02/2013 21:33:54 State : Version à jour. High Elevated Privileges : OK UAC : Activate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 16.0.2 v16.0.2 GCIE: Google Chrome v24.0.1312.57 (Defaut) OBIE: Wacom WebTabletPlugin for Internet Explorer and Netscape v2.0.0.1 OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.10 ---\\ Windows Product Information ~ Langage: Français Windows 7 Home Premium Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, RETAIL channel Windows ID Activation : OK ~ Windows Partial Key : 8CCYG ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3326 MB (42% free) System Restore: Activé (Enable) System drive C: has 30 GB (44%) free of 67 GB ---\\ Logged in mode ~ Computer Name: BANTUTEAM02 ~ User Name: bantuman ~ All Users Names: bantuman, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\bantuman\AppData\Roaming\ ~ %Desktop% : C:\Users\bantuman\Desktop\ ~ %Favorites% : C:\Users\bantuman\Favorites\ ~ %LocalAppData% : C:\Users\bantuman\AppData\Local\ ~ %StartMenu% : C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 30 Go of 67 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 51 Go of 65 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 39 Go of 79 Go) Y:\ CD-ROM drive (Free 0 Go of 6 Go) Z:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.5553611E2F9EA6F613079177F1233068] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.31/10/2012 - 03:14:07.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes musiques (My Musics) : 1/13 ~ Mes Favoris (My Favorites) : 1/27 ~ Mes Documents (My Documents) : 1/1570 ~ Mon Bureau (My Desktop) : 4/38 ~ Menu demarrer (Programs) : 1/48 ~ Scan Hidden Files in 00mn 01s ---\\ Processus lancés [MD5.F74737E0EF87295E82EBD0A4B040539A] - (.Microsoft Corporation - Composant de saisie tactile ou avec stylet.) -- C:\Windows\SYSTEM32\WISPTIS.exe [334336] [PID.1372] [MD5.21E01FD4147EA1B952E4CD9928B879B8] - (.Microsoft Corporation - Tablet PC Input Panel Accessory.) -- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [181760] [PID.3664] [MD5.770EE6E2B697E02F0AF51A09C665D5EF] - (.Wacom Technology, Corp. - Tablet user module for consumer driver.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe [1485176] [PID.3992] [MD5.2E70185C865D49B8726CC47EA0563D4D] - (.Wacom Technology, Corp. - Touch User Mode Driver.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe [3281272] [PID.4064] [MD5.7A4E9D47EE7148A0810FF977D45913BD] - (.DisplayLink Corp. - DisplayLinkUI Sys-Tray Application.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe [1149400] [PID.2224] [MD5.18CFBFB1C097F2B127897129CEBB8BF1] - (.Avid Technology, Inc. - M-Audio Task Bar Icon Applet.) -- C:\Windows\System32\M-AudioTaskBarIcon.exe [644104] [PID.780] [MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- D:\OUTILS\Avast\AvastUI.exe [4297136] [PID.892] [MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2328] [MD5.A3FEAA70F199D543E4F6B026C34DFBB6] - (.Binary Fortress Software - DisplayFusion.) -- D:\OUTILS\DisplayFusion\DisplayFusion.exe [4032968] [PID.4080] [MD5.2C2273E3C3A49E119509D768E2E579D0] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3541008] [PID.3480] [MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18705664] [PID.4012] [MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [268248] [PID.3660] [MD5.7D685AE28E6876EE5057DA51958F3CA7] - (.Microsoft Corporation - Serveur de personnalisation d’entrée.) -- C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [294400] [PID.4720] [MD5.F95FB090B54F423994214162D03D4969] - (.Adobe Systems Incorporated - AAM Updates Notifier Application.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [312184] [PID.2912] [MD5.0654E4C1F597FC07D6FC7443D4F94840] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [1248208] [PID.5104] [MD5.F18E51E0C244E50B43036012900A3C57] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5693440] [PID.4924] ~ Scan Processes Running in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [User Data\Default][HomePage] http://www.google.com G0 - GCSP: Preference [User Data\Default] http://www.google.com G1 - GCS: Preference [User Data\Default] None ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M2 - MFEP: prefs.js [bantuman - ffbedbr0.default\{1018e4d6-728f-4b20-ad56-37578a4de76b}] [] Flagfox v4.2.5 (.Dave Garrett.) P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- D:\BUREAUTIQUE\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.9.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@microsoft.com/GENUINE] - (.Microsoft Corporation - Windows Activation Technologies Plugin for Mozilla.) -- C:\Windows\system32\Wat\npWatWeb.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- D:\BUREAUTIQUE\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.4] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- D:\COMMUNICATION\VLC\npvlc.dll P2 - FPN: [HKLM] [@wacom.com/wacom-plugin,version=1.1.0.10] - (.Wacom, Inc. - Wacom Dynamic Link Library.) -- C:\Program Files\TabletPlugins\npwacom.dll P2 - FPN: [HKLM] [@wacom.com/wtPlugin,version=2.0.0.1] - (.Wacom - Plugin for Wacom tablets..) -- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products (Canada) Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- D:\BUREAUTIQUE\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll P2 - FPN: [HKCU] [wacom.com/WacomTabletPlugin] - (.Wacom - Plugin for Wacom tablets..) -- C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Wacom - Plugin for Wacom tablets..) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 23 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- D:\OUTILS\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- D:\OUTILS\Avast\aswWebRepIE.dll O3 - Toolbar: LEC - [HKLM]{1DBAB667-A486-421e-AFE4-CF07DD0088E5} . (.Language Engineering Corporation, LLC - LEC IE Translation Extension.dll.) -- D:\BUREAUTIQUE\Power Translator 15\Applications\LEC IE Translation Extension.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [M-Audio Taskbar Icon] . (.Avid Technology, Inc. - M-Audio Task Bar Icon Applet.) -- C:\Windows\system32\M-AudioTaskBarIcon.exe O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- D:\OUTILS\Avast\avastUI.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [ToolboxFX] . (.Hewlett-Packard Company - HPTLBXFX.) -- C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [DisplayFusion] . (.Binary Fortress Software - DisplayFusion.) -- D:\OUTILS\DisplayFusion\DisplayFusion.exe O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-2308923893-957624501-1129651293-1000\..\Run: [DisplayFusion] . (.Binary Fortress Software - DisplayFusion.) -- D:\OUTILS\DisplayFusion\DisplayFusion.exe O4 - HKUS\S-1-5-21-2308923893-957624501-1129651293-1000\..\Run: [AdobeBridge] Clé orpheline O4 - HKUS\S-1-5-21-2308923893-957624501-1129651293-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-2308923893-957624501-1129651293-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Anime Studio Pro.lnk . (.Smith Micro Software, Inc..) -- D:\STUDIO\Anime Studio Pro 8\Anime Studio Pro.exe O4 - Global Startup: C:\Users\bantuman\Desktop\DisplayFusion.lnk . (.Binary Fortress Software.) -- D:\OUTILS\DisplayFusion\DisplayFusion.exe O4 - Global Startup: C:\Users\bantuman\Desktop\dvdarchitectpro52.lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\MULTIMEDIA INFOR\dvdarchitectpro52_qsg_fra.pdf O4 - Global Startup: C:\Users\bantuman\Desktop\Focal Press 2011 - Google SketchUp Workshop.lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\MULTIMEDIA INFOR\Focal Press 2011 - Google SketchUp Workshop.pdf O4 - Global Startup: C:\Users\bantuman\Desktop\Hugin.lnk . (...) -- D:\STUDIO\Hugin\bin\hugin.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Inkscape efficace réussir ses dessins vectoriels.lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\MULTIMEDIA INFOR\Inkscape efficace réussir ses dessins vectoriels - Eyrolles.pdf O4 - Global Startup: C:\Users\bantuman\Desktop\Kerkythea 2008.lnk . (...) -- D:\STUDIO\Kerkythea Rendering System\Kerkythea.exe O4 - Global Startup: C:\Users\bantuman\Desktop\La_3D_libre_avec_Blender.lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\MULTIMEDIA INFOR\La_3D_libre_avec_Blender_.pdf O4 - Global Startup: C:\Users\bantuman\Desktop\Microsoft Office Access 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Microsoft Office InfoPath 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Microsoft Office PowerPoint 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe O4 - Global Startup: C:\Users\bantuman\Desktop\MyPaint.lnk . (...) -- D:\STUDIO\MyPaint\mypaint.exe O4 - Global Startup: C:\Users\bantuman\Desktop\PDF-Viewer.lnk . (.Tracker Software Products (Canada) Ltd..) -- D:\BUREAUTIQUE\Tracker Software\PDF Viewer\PDFXCview.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Savoir Revivre - Jacques Massacrier [Manuel de decroissance, simplicite volontaire, ecologie].lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\ENTREPRENARIAT\[Livre Complet - 191 pages] Savoir Revivre - O4 - Global Startup: C:\Users\bantuman\Desktop\SONAR 8.5 Guide de l'utilisateur.lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\MULTIMEDIA INFOR\SONAR 8.5 Guide de l'utilisateur.pdf O4 - Global Startup: C:\Users\bantuman\Desktop\soundforgepro10_manual.lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\MULTIMEDIA INFOR\soundforgepro10_manual_enu.pdf O4 - Global Startup: C:\Users\bantuman\Desktop\Synfig Studio.lnk . (...) -- D:\STUDIO\Synfig\bin\synfigstudio.exe O4 - Global Startup: C:\Users\bantuman\Desktop\Task Coach.lnk . (...) -- D:\BUREAUTIQUE\TaskCoach\taskcoach.exe O4 - Global Startup: C:\Users\bantuman\Desktop\UndeletePlus.lnk . (.Copyright © 2008 Phoenix Technologies • All.) -- C:\Program Files\TouchStoneSoftware\UndeletePlus\undelete_plus.exe O4 - Global Startup: C:\Users\bantuman\Desktop\vegaspro11_manuel.lnk . (...) -- E:\Calibre2\BIBLIOTHEQUE NON CALIBRE\MULTIMEDIA INFOR\vegaspro11_qsg-fra.pdf O4 - Global Startup: C:\Users\bantuman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\bantuman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Inkscape.lnk . (.inkscape.org.) -- D:\STUDIO\Inkscape\inkscape.exe O4 - Global Startup: C:\Users\bantuman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\bantuman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Plus de 200 000 Cliparts et Photos.lnk . (.Hemera Technologies Inc. www.hemera.com.) -- C:\Program Files\Micro Application\Plus de 200 000 Cliparts et Photo ~ Scan Global Startup in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ Scan IE Control Panel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- D:\BUREAUTIQUE\Microsoft Office\Office12\REFBARH.ICO ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{628BECF0-2859-4E53-A08B-953446FBD18E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{628BECF0-2859-4E53-A08B-953446FBD18E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{628BECF0-2859-4E53-A08B-953446FBD18E}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - D:\OUTILS\Avast\AvastSvc.exe O23 - Service: DisplayLinkManager (DisplayLinkService) . (.DisplayLink Corp. - DisplayLinkManager Application.) - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP LaserJet Service (HP LaserJet Service) . (.HP - HP LaserJet Service.) - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: LEC TranslateDotNet Server (LEC TranslateDotNet Server) . (.Language Engineering Corporation, LLC - LogoMedia TranslateDotNet Server.exe.) - D:\BUREAUTIQUE\Power Translator 15\LogoMedia TranslateDotNet Server.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TabletServicePen (TabletServicePen) . (.Wacom Technology, Corp. - Tablet Service for consumer driver.) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe O23 - Service: Wacom Consumer Touch Service (TouchServicePen) . (.Wacom Technology, Corp. - Touch Service.) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe ~ Scan Services in 00mn 05s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.EC807244904FA170C299AB06D87FBDBE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.393F021E2A9FA19AC94BA4482E32FC6C] [APT] [AdobeAAMUpdater-1.0-bantuteam02-bantuman] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [MD5.7F19838AC317C34FCED020BE529AF71E] [APT] [avast! Emergency Update] (.AVAST Software.) -- D:\OUTILS\Avast\AvastEmUpdate.exe [MD5.9CE3B11704038F711481ACD6BD9A9A5A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.6E17843E1E65F8DE34861692667CD3FC] [APT] [HPLJCustParticipation] (.Hewlett Packard.) -- C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe ~ Scan Scheduled Task in 00mn 01s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Google Chrome - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r12.) -- C:\Windows\system32\Macromed\Flash\Flash10a.ocx ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {0360D8F0-626A-4E87-8A16-938BD0BEBCC5} O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2} O42 - Logiciel: 7-Zip 9.20 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB} O42 - Logiciel: Adobe Audition CS5.5 - (.Adobe Systems Incorporated.) [HKLM] -- {D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57} O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- {3521BDBD-D453-5D9F-AA55-44B75D214629} O42 - Logiciel: Adobe Content Viewer - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.dmp.contentviewer O42 - Logiciel: Adobe Content Viewer - (.Adobe Systems Incorporated.) [HKLM] -- {4E33D05D-76CF-5D3C-4D5D-7727530FA161} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe InDesign CS5.5 - (.Adobe Systems Incorporated.) [HKLM] -- {857CC5F0-040E-1016-A173-D55ADD80C260} O42 - Logiciel: Adobe Photoshop CS5.1 - (.Adobe Systems Incorporated.) [HKLM] -- {9158FF30-78D7-40EF-B83E-451AC5334640} O42 - Logiciel: Anime Studio Pro 8.0 - (.Smith Micro Software, Inc..) [HKLM] -- ASP800_is1 O42 - Logiciel: Bamboo - (.Wacom Technology Corp..) [HKLM] -- Pen Tablet Driver O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM] -- Blender O42 - Logiciel: C3D - (.Corel Corporation.) [HKLM] -- {777705B9-E6F6-44B4-BAA1-48E70ACE1740} O42 - Logiciel: C3DHelp - (.Corel Corporation.) [HKLM] -- {BBEB33B4-4F84-460E-9441-A18104F01C68} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{761B6C00-A23A-4F17-9D23-CB7E48307314} O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- {761B6C00-A23A-4F17-9D23-CB7E48307314} O42 - Logiciel: Corel MotionStudio 3D 1.0 - (.Corel Corporation.) [HKLM] -- _{CC9512A6-8BF7-4FD5-BCCF-05F6FCD19961} O42 - Logiciel: CorelDRAW Graphics Suite X6 - (.Corel Corporation.) [HKLM] -- _{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822} O42 - Logiciel: CorelDRAW Graphics Suite X6 - IPM - (.Corel Corporation.) [HKLM] -- {0084B0C3-F376-42E3-804A-885D249282BD} O42 - Logiciel: CorelDRAW Graphics Suite X6 - Writing Tools - (. Corel Corporation.) [HKLM] -- {318FF3D7-0C40-483B-AF92-AF36416B0AC6} O42 - Logiciel: DVD Architect Pro 5.2 - (.Sony.) [HKLM] -- {C62F6040-C275-11DF-8C16-0013D3D69929} O42 - Logiciel: DisplayFusion 4.3 - (.Binary Fortress Software.) [HKLM] -- B076073A-5527-4f4f-B46B-B10692277DA2_is1 O42 - Logiciel: DisplayLink Core Software - (.DisplayLink Corp..) [HKLM] -- {AFDC3394-C3F2-4B10-A2C9-9795991BB4DA} O42 - Logiciel: DreamStation DXi2 - (.Pas de propriétaire.) [HKLM] -- DreamStation DXi2 O42 - Logiciel: E-MU USB-MIDI Windows Drivers - (.Pas de propriétaire.) [HKLM] -- E-MU USB MIDI Windows Drivers Hotfix O42 - Logiciel: Freeplane - (.Open source.) [HKLM] -- {D3941722-C4DD-4509-88C4-0E87F675A859}_is1 O42 - Logiciel: GIMP 2.8.2 - (.The GIMP Team.) [HKLM] -- GIMP-2_is1 O42 - Logiciel: GPL Ghostscript - (.Artifex Software Inc..) [HKLM] -- GPL Ghostscript 9.05 O42 - Logiciel: Ghostscript GPL 8.64 (Msi Setup) - (.Corel Corporation.) [HKLM] -- _{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} O42 - Logiciel: Ghostscript GPL 8.64 (Msi Setup) - (.Corel Corporation.) [HKLM] -- {06CD45E6-FF5E-4D8E-BC01-B276A90DADF2} O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: Google SketchUp Pro 8 - (.Google, Inc..) [HKLM] -- {56BE7155-0EBE-454A-BF96-E28C6741F3BB} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HP FWUpdateEDO3 - (.Hewlett-Packard Company.) [HKLM] -- {A82D0C46-EBDF-4B27-A731-D06EF2056E81} O42 - Logiciel: HP LaserJet Professional CP1520 Series - (.Hewlett-Packard.) [HKLM] -- {5C069542-CA13-4f1b-B90C-28C6430F4992} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} O42 - Logiciel: HPLaserJetHelp_LearnCenter - (.Hewlett-Packard.) [HKLM] -- {265EFF49-93D4-45F6-A728-FAFA462D9BCB} O42 - Logiciel: Hugin 2011.4.0 - (.The Hugin Development Team.) [HKLM] -- Hugin O42 - Logiciel: Hydrogen 0.9.6 preview release for windows - (.hydrogen-music.org.) [HKLM] -- {B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1 O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM] -- {CC9512A6-8BF7-4FD5-BCCF-05F6FCD19961} O42 - Logiciel: IPM_C3D - (.Corel Corporation.) [HKLM] -- {7777A2E0-3F99-4F4A-8BF1-507C04C45CD6} O42 - Logiciel: Inkscape 0.48.2 - (.Pas de propriétaire.) [HKLM] -- Inkscape O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager O42 - Logiciel: Jack v1.9.6 - (.Pas de propriétaire.) [HKLM] -- Jack v1.9.6 O42 - Logiciel: K-Lite Codec Pack 9.5.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: LEC Translate - (.Nom de votre société.) [HKLM] -- {B593248E-8CD9-4C54-AD3C-F6848C6A4209} O42 - Logiciel: M-Audio FastTrackPro Driver 6.0.7 (x86) - (.M-Audio.) [HKLM] -- {6D55C2B4-023C-11E0-9D76-1DA1DFD72085} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM] -- {147894EE-5ED4-11E1-A8FF-F04DA23A5C58} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM] -- {1E76EB6E-E390-11DF-95DB-005056C00008} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM] -- {229B6751-774A-11E0-BCAE-0013D3D69929} O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM] -- {CA5207DE-C275-11DF-AC9F-0013D3D69929} O42 - Logiciel: Mozilla Firefox 16.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 16.0.2 (x86 fr) O42 - Logiciel: Mozilla Firefox 18.0.1 (x86 fr) - (.Mozilla.) [HKCU] -- Mozilla Firefox 18.0.1 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: MyPaint 1.0.0 - (.Martin Renold & MyPaint Development Team.) [HKCU] -- MyPaint O42 - Logiciel: Native Instruments Guitar Rig 3 - (.Native Instruments.) [HKLM] -- Native Instruments Guitar Rig 3 O42 - Logiciel: Native Instruments Guitar Rig 3 - (.Native Instruments.) [HKLM] -- {33691AFF-9ABF-4278-BDB6-902EE07D9237} O42 - Logiciel: Native Instruments Service Center - (.Native Instruments.) [HKLM] -- Native Instruments Service Center O42 - Logiciel: Native Instruments Service Center - (.Native Instruments.) [HKLM] -- {0B8565BA-BAD5-4732-B122-5FD78EFC50A9} O42 - Logiciel: Noise Reduction Plug-in 2.0i - (.Sony.) [HKLM] -- {DC35AABA-EA0A-41C1-8462-F60A201DFF9B} O42 - Logiciel: OpenProj - (.Serena Software Inc..) [HKLM] -- {13702021-43FB-480C-912F-D9B74A538288} O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392} O42 - Logiciel: PDF-Viewer - (.Tracker Software Products Ltd.) [HKLM] -- {A278382D-4F1B-4D47-9885-8523F7261E8D}_is1 O42 - Logiciel: Plus de 200 000 Cliparts et Photos - (.Hemera.) [HKLM] -- InstallShield_{D01940CE-8BD3-4258-B4E2-42F185AE1968} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {8DC42D05-680B-41B0-8878-6C14D24602DB} O42 - Logiciel: SONAR 8.0 Producer Edition - (.Cakewalk Music Software.) [HKLM] -- SONAR8Producer_is1 O42 - Logiciel: SONAR 8.5 Producer - (.Cakewalk Music Software.) [HKLM] -- SONAR85Producer_is1 O42 - Logiciel: Scribus 1.4.1 - (.The Scribus Team.) [HKLM] -- Scribus 1.4.1 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Setup - (.Corel Corporation.) [HKLM] -- {C500336C-6EEA-49BF-8614-CCFF12E5628F} O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120} O42 - Logiciel: Skype™ 6.1 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} O42 - Logiciel: Sound Forge Pro 10.0 - (.Sony.) [HKLM] -- {9660B18F-EC12-11DF-B006-0013D3D69929} O42 - Logiciel: Speech Support - (.LEC.) [HKLM] -- Speech Support O42 - Logiciel: Synfig Studio - (.Pas de propriétaire.) [HKLM] -- synfigstudio O42 - Logiciel: Task Coach 1.3.20 - (.Frank Niessink, Jerome Laheurte, and Aaron Wolf.) [HKLM] -- Task Coach_is1 O42 - Logiciel: Undelete Plus 2.98 - (.Copyright © 2008 Phoenix Technologies • All Rights Reserved.) [HKLM] -- UndeletePlus_is1 O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Vegas Pro 10.0 - (.Sony.) [HKLM] -- {1CA31551-774A-11E0-AFC6-0013D3D69929} O42 - Logiciel: WebTablet FB Plugin - (.Wacom Technology Corp..) [HKLM] -- Wacom WebTabletPlugin for Internet Explorer and Netscape O42 - Logiciel: WebTablet IE Plugin - (.Wacom Technology Corp..) [HKLM] -- Wacom WebTabletPlugin for IE O42 - Logiciel: WebTablet Netscape Plugin - (.Wacom Technology Corp..) [HKLM] -- Wacom WebTabletPlugin for Netscape O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9 O42 - Logiciel: avast! Free Antivirus v7.0.1474.0 - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: calibre - (.Kovid Goyal.) [HKLM] -- {09E46892-D189-410F-AE52-72D620247182} ---\\ HKCU & HKLM Software Keys [HKCU\Software\4Front] [HKCU\Software\7-Zip] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Audio Simulation] [HKCU\Software\Avast Software] [HKCU\Software\Binary Fortress Software] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\Cakewalk Music Software] [HKCU\Software\Cakewalk] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Common] [HKCU\Software\Corel] [HKCU\Software\DirectShow] [HKCU\Software\DisplayLink] [HKCU\Software\DownloadManager] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hemera Technologies Inc.] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Icaros] [HKCU\Software\Jack v1.9.6] [HKCU\Software\JavaSoft] [HKCU\Software\Kerkythea Rendering System] [HKCU\Software\LEC] [HKCU\Software\LogoMedia] [HKCU\Software\M-Audio] [HKCU\Software\MCAFEE] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\MediaInfo] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Native Instruments] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OSPI] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\SkypeRS] [HKCU\Software\Skype] [HKCU\Software\Sony Creative Software] [HKCU\Software\Sony Media Software] [HKCU\Software\TouchStoneSoftware] [HKCU\Software\Tracker Software] [HKCU\Software\Trolltech] [HKCU\Software\Ulead Systems] [HKCU\Software\Usbfix] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\hugin] [HKCU\Software\madFlac] [HKCU\Software\madshi] [HKLM\Software\AMD] [HKLM\Software\ASIO] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\Adobe] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Artifex] [HKLM\Software\Bitstream] [HKLM\Software\BlenderFoundation] [HKLM\Software\CDDB] [HKLM\Software\Cakewalk Music Software] [HKLM\Software\Caphyon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Corel] [HKLM\Software\Creative Tech] [HKLM\Software\DisplayLink] [HKLM\Software\Edirol] [HKLM\Software\GNU] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hemera Technologies Inc.] [HKLM\Software\Hewlett-Packard] [HKLM\Software\HighCriteria] [HKLM\Software\IM Providers] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\L&H] [HKLM\Software\LAV] [HKLM\Software\LEC] [HKLM\Software\LogoMedia] [HKLM\Software\M-Audio] [HKLM\Software\Macromedia] [HKLM\Software\McAfee.com] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Native Instruments] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Protexis] [HKLM\Software\RegisteredApplications] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\Sony Creative Software] [HKLM\Software\Sony Media Software] [HKLM\Software\Tracker Software] [HKLM\Software\Ulead Systems] [HKLM\Software\VST] [HKLM\Software\VideoLAN] [HKLM\Software\Voice] [HKLM\Software\Wacom] [HKLM\Software\WinRAR] [HKLM\Software\Wise Solutions] [HKLM\Software\Wow6432Node] [HKLM\Software\calibre] [HKLM\Software\mozilla.org] [HKLM\Software\rgc:audio Software] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 29/10/2012 - 17:08:47 - [27,794] ----D C:\Program Files\Adobe O43 - CFD: 07/02/2013 - 20:37:08 - [5,070] ----D C:\Program Files\CCleaner O43 - CFD: 28/01/2013 - 23:45:00 - [1298,652] ----D C:\Program Files\Common Files O43 - CFD: 30/10/2012 - 00:26:18 - [21,100] ----D C:\Program Files\DisplayLink Core Software O43 - CFD: 31/10/2012 - 20:14:34 - [79,371] ----D C:\Program Files\DVD Maker O43 - CFD: 29/10/2012 - 11:40:33 - [0] ----D C:\Program Files\Fichiers communs O43 - CFD: 29/10/2012 - 14:56:16 - [333,072] ----D C:\Program Files\Google O43 - CFD: 17/11/2012 - 02:37:38 - [22,196] ----D C:\Program Files\gs O43 - CFD: 28/11/2012 - 21:16:20 - [81,635] ----D C:\Program Files\HP O43 - CFD: 02/01/2013 - 23:01:32 - [0,288] ----D C:\Program Files\InstallShield Installation Information O43 - CFD: 15/01/2013 - 01:08:13 - [10,046] ----D C:\Program Files\Internet Download Manager O43 - CFD: 31/10/2012 - 20:14:34 - [5,957] ----D C:\Program Files\Internet Explorer O43 - CFD: 29/10/2012 - 14:10:57 - [0,163] ----D C:\Program Files\M-Audio O43 - CFD: 02/01/2013 - 23:00:19 - [6,638] ----D C:\Program Files\Micro Application O43 - CFD: 31/10/2012 - 18:41:56 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 14/07/2009 - 10:00:58 - [140,966] ----D C:\Program Files\Microsoft Games O43 - CFD: 07/11/2012 - 11:09:20 - [7,950] ----D C:\Program Files\Microsoft Office O43 - CFD: 17/11/2012 - 02:38:00 - [0,235] ----D C:\Program Files\Microsoft SDKs O43 - CFD: 30/10/2012 - 01:02:16 - [0,014] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 30/10/2012 - 01:00:13 - [64,367] ----D C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 17/11/2012 - 02:40:34 - [82,596] ----D C:\Program Files\Microsoft Visual Studio 9.0 O43 - CFD: 31/10/2012 - 18:37:43 - [3,554] ----D C:\Program Files\Microsoft Works O43 - CFD: 05/11/2012 - 21:01:25 - [7,816] ----D C:\Program Files\Microsoft.NET O43 - CFD: 29/10/2012 - 13:24:28 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service O43 - CFD: 30/10/2012 - 01:02:22 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 30/10/2012 - 00:21:32 - [91,170] ----D C:\Program Files\Native Instruments O43 - CFD: 30/10/2012 - 18:49:46 - [73,635] ----D C:\Program Files\QuickTime O43 - CFD: 14/07/2009 - 05:52:30 - [83,170] ----D C:\Program Files\Reference Assemblies O43 - CFD: 28/01/2013 - 23:45:00 - [38,336] R---D C:\Program Files\Skype O43 - CFD: 29/10/2012 - 17:21:54 - [78,886] ----D C:\Program Files\Sony O43 - CFD: 10/11/2012 - 00:42:46 - [32,807] ----D C:\Program Files\Tablet O43 - CFD: 10/11/2012 - 00:42:44 - [2,984] ----D C:\Program Files\TabletPlugins O43 - CFD: 07/02/2013 - 15:04:58 - [1,296] ----D C:\Program Files\TouchStoneSoftware O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 31/10/2012 - 20:14:33 - [2,909] ----D C:\Program Files\Windows Defender O43 - CFD: 31/10/2012 - 20:14:34 - [6,689] ----D C:\Program Files\Windows Journal O43 - CFD: 31/10/2012 - 20:14:34 - [5,895] ----D C:\Program Files\Windows Mail O43 - CFD: 30/10/2012 - 18:48:39 - [13,553] ----D C:\Program Files\Windows Media Components O43 - CFD: 31/10/2012 - 20:14:34 - [6,298] ----D C:\Program Files\Windows Media Player O43 - CFD: 29/10/2012 - 11:40:33 - [11,632] ----D C:\Program Files\Windows NT O43 - CFD: 31/10/2012 - 20:14:34 - [4,213] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 31/10/2012 - 20:14:34 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 31/10/2012 - 20:14:34 - [6,558] ----D C:\Program Files\Windows Sidebar O43 - CFD: 05/12/2012 - 20:56:45 - [4,131] ----D C:\Program Files\WinRAR O43 - CFD: 22/02/2013 - 21:34:10 - [15,136] ----D C:\Program Files\ZHPDiag O43 - CFD: 29/10/2012 - 17:11:53 - [812,809] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 29/10/2012 - 16:37:05 - [20,800] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 30/10/2012 - 18:49:34 - [13,242] ----D C:\Program Files\Common Files\Apple O43 - CFD: 17/11/2012 - 02:37:03 - [1,702] ----D C:\Program Files\Common Files\Corel O43 - CFD: 30/10/2012 - 01:02:15 - [0,089] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 30/10/2012 - 00:21:33 - [23,045] ----D C:\Program Files\Common Files\Digidesign O43 - CFD: 02/01/2013 - 22:59:47 - [3,461] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 17/11/2012 - 02:38:18 - [332,285] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 30/10/2012 - 00:21:32 - [6,015] ----D C:\Program Files\Common Files\Native Instruments O43 - CFD: 30/10/2012 - 19:05:34 - [1,620] ----D C:\Program Files\Common Files\Protexis O43 - CFD: 14/07/2009 - 03:37:05 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 28/01/2013 - 23:45:00 - [2,056] ----D C:\Program Files\Common Files\Skype O43 - CFD: 14/07/2009 - 03:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 03/11/2012 - 02:21:43 - [42,254] ----D C:\Program Files\Common Files\System O43 - CFD: 23/12/2012 - 04:19:23 - [392,278] ----D C:\ProgramData\Adobe O43 - CFD: 30/10/2012 - 18:49:31 - [31,841] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Application Data O43 - CFD: 29/10/2012 - 14:13:44 - [102,960] ----D C:\ProgramData\AVAST Software O43 - CFD: 29/10/2012 - 11:40:33 - [0] --H-D C:\ProgramData\Bureau O43 - CFD: 30/10/2012 - 00:18:23 - [1257,196] ----D C:\ProgramData\Cakewalk O43 - CFD: 04/12/2012 - 15:10:17 - [24,176] ----D C:\ProgramData\Corel O43 - CFD: 29/12/2012 - 02:37:08 - [0] ----D C:\ProgramData\CorelDRAW Graphics Suite X6 O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Documents O43 - CFD: 29/10/2012 - 11:40:33 - [0] --H-D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Favorites O43 - CFD: 29/10/2012 - 15:01:21 - [7,028] ----D C:\ProgramData\Google O43 - CFD: 13/12/2012 - 23:24:41 - [0,547] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 13/12/2012 - 23:24:29 - [0,014] ----D C:\ProgramData\HP O43 - CFD: 29/10/2012 - 23:27:43 - [0] ----D C:\ProgramData\Identities O43 - CFD: 23/12/2012 - 04:07:19 - [0] ----D C:\ProgramData\McAfee O43 - CFD: 29/10/2012 - 11:40:33 - [0] --H-D C:\ProgramData\Menu Démarrer O43 - CFD: 07/02/2013 - 20:28:30 - [306,042] -S--D C:\ProgramData\Microsoft O43 - CFD: 18/02/2013 - 21:10:38 - [0,069] ----D C:\ProgramData\Microsoft Help O43 - CFD: 29/10/2012 - 11:40:33 - [0] --H-D C:\ProgramData\Modèles O43 - CFD: 29/10/2012 - 13:24:27 - [0,000] ----D C:\ProgramData\Mozilla O43 - CFD: 30/10/2012 - 19:08:50 - [0,005] ----D C:\ProgramData\Protexis O43 - CFD: 29/10/2012 - 17:13:37 - [0,007] ----D C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 28/01/2013 - 23:45:06 - [52,452] ----D C:\ProgramData\Skype O43 - CFD: 29/10/2012 - 16:11:47 - [0,001] ----D C:\ProgramData\Smith Micro O43 - CFD: 09/11/2012 - 22:30:59 - [0,004] ----D C:\ProgramData\Sony O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Start Menu O43 - CFD: 13/11/2012 - 15:06:37 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Templates O43 - CFD: 30/10/2012 - 00:21:28 - [6,834] --H-D C:\ProgramData\{902029B2-957E-4066-85FA-30DA31731718} O43 - CFD: 30/10/2012 - 00:21:38 - [29,268] --H-D C:\ProgramData\{E0C041D8-7EFB-4E8C-A20F-651F5AD0B7C1} O43 - CFD: 31/10/2012 - 03:42:38 - [0,494] ----D C:\Users\bantuman\AppData\Roaming\.krita O43 - CFD: 16/01/2013 - 20:43:16 - [12,900] ----D C:\Users\bantuman\AppData\Roaming\Adobe O43 - CFD: 12/11/2012 - 19:26:48 - [0,000] ----D C:\Users\bantuman\AppData\Roaming\Adobe Mini Bridge CS5.1 O43 - CFD: 30/10/2012 - 21:05:41 - [0,347] ----D C:\Users\bantuman\AppData\Roaming\Blender Foundation O43 - CFD: 30/10/2012 - 00:22:21 - [362,387] ----D C:\Users\bantuman\AppData\Roaming\Cakewalk O43 - CFD: 30/10/2012 - 21:56:01 - [0,038] ----D C:\Users\bantuman\AppData\Roaming\calibre O43 - CFD: 29/10/2012 - 17:16:08 - [0,001] ----D C:\Users\bantuman\AppData\Roaming\com.adobe.dmp.contentviewer O43 - CFD: 30/10/2012 - 19:19:20 - [0,000] -SH-D C:\Users\bantuman\AppData\Roaming\Common O43 - CFD: 13/02/2013 - 23:37:20 - [26,711] ----D C:\Users\bantuman\AppData\Roaming\Corel O43 - CFD: 01/12/2012 - 15:23:16 - [0,210] ----D C:\Users\bantuman\AppData\Roaming\DisplayFusion O43 - CFD: 22/02/2013 - 20:51:59 - [0] ----D C:\Users\bantuman\AppData\Roaming\DMCache O43 - CFD: 16/11/2012 - 13:40:40 - [0] ----D C:\Users\bantuman\AppData\Roaming\dvdcss O43 - CFD: 13/11/2012 - 15:06:44 - [0,018] ----D C:\Users\bantuman\AppData\Roaming\Freeplane O43 - CFD: 29/10/2012 - 15:05:01 - [0,517] ----D C:\Users\bantuman\AppData\Roaming\Google O43 - CFD: 02/01/2013 - 23:01:36 - [269,299] ----D C:\Users\bantuman\AppData\Roaming\Hemera O43 - CFD: 31/10/2012 - 18:19:36 - [0,000] ----D C:\Users\bantuman\AppData\Roaming\Hewlett-Packard Company O43 - CFD: 06/12/2012 - 00:20:50 - [0,006] ----D C:\Users\bantuman\AppData\Roaming\HpUpdate O43 - CFD: 29/10/2012 - 11:40:50 - [0] ----D C:\Users\bantuman\AppData\Roaming\Identities O43 - CFD: 14/02/2013 - 14:27:56 - [6,091] ----D C:\Users\bantuman\AppData\Roaming\IDM O43 - CFD: 15/02/2013 - 18:24:46 - [0,029] ----D C:\Users\bantuman\AppData\Roaming\inkscape O43 - CFD: 29/10/2012 - 14:48:24 - [26,774] ----D C:\Users\bantuman\AppData\Roaming\LEC O43 - CFD: 29/10/2012 - 15:01:51 - [0,001] ----D C:\Users\bantuman\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - 10:00:22 - [0] ----D C:\Users\bantuman\AppData\Roaming\Media Center Programs O43 - CFD: 13/02/2013 - 21:23:51 - [0] ----D C:\Users\bantuman\AppData\Roaming\Media Player Classic O43 - CFD: 13/02/2013 - 16:07:23 - [2,113] -S--D C:\Users\bantuman\AppData\Roaming\Microsoft O43 - CFD: 29/10/2012 - 13:24:37 - [16,802] ----D C:\Users\bantuman\AppData\Roaming\Mozilla O43 - CFD: 29/10/2012 - 17:30:59 - [0] ----D C:\Users\bantuman\AppData\Roaming\Publish Providers O43 - CFD: 30/10/2012 - 21:00:37 - [0,151] ----D C:\Users\bantuman\AppData\Roaming\Scribus O43 - CFD: 22/02/2013 - 20:58:15 - [4,354] ----D C:\Users\bantuman\AppData\Roaming\Skype O43 - CFD: 29/10/2012 - 16:11:35 - [0,008] ----D C:\Users\bantuman\AppData\Roaming\Smith Micro O43 - CFD: 26/11/2012 - 15:19:41 - [93,657] ----D C:\Users\bantuman\AppData\Roaming\Sony O43 - CFD: 29/10/2012 - 22:58:24 - [0] ----D C:\Users\bantuman\AppData\Roaming\Sony Creative Software O43 - CFD: 29/10/2012 - 22:46:09 - [0,000] ----D C:\Users\bantuman\AppData\Roaming\Sony Creative Software Inc O43 - CFD: 12/11/2012 - 19:26:48 - [0] ----D C:\Users\bantuman\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 O43 - CFD: 13/11/2012 - 01:13:17 - [0,011] ----D C:\Users\bantuman\AppData\Roaming\TaskCoach O43 - CFD: 30/10/2012 - 19:06:37 - [1,508] ----D C:\Users\bantuman\AppData\Roaming\Ulead Systems O43 - CFD: 24/12/2012 - 20:15:00 - [0,079] ----D C:\Users\bantuman\AppData\Roaming\vlc O43 - CFD: 06/12/2012 - 12:31:53 - [0,000] ----D C:\Users\bantuman\AppData\Roaming\WinRAR O43 - CFD: 10/11/2012 - 00:42:56 - [0,058] ----D C:\Users\bantuman\AppData\Roaming\WTablet O43 - CFD: 12/11/2012 - 19:07:08 - [18,508] ----D C:\Users\bantuman\AppData\Local\Adobe O43 - CFD: 29/10/2012 - 11:40:43 - [0] ----D C:\Users\bantuman\AppData\Local\Application Data O43 - CFD: 30/10/2012 - 00:23:29 - [0,000] ----D C:\Users\bantuman\AppData\Local\Cakewalk O43 - CFD: 21/02/2013 - 16:20:28 - [31,151] ----D C:\Users\bantuman\AppData\Local\CrashDumps O43 - CFD: 21/02/2013 - 18:18:35 - [0] ----D C:\Users\bantuman\AppData\Local\Diagnostics O43 - CFD: 24/01/2013 - 13:01:45 - [0] ----D C:\Users\bantuman\AppData\Local\ElevatedDiagnostics O43 - CFD: 18/01/2013 - 17:54:02 - [0,058] ----D C:\Users\bantuman\AppData\Local\Facebook O43 - CFD: 07/11/2012 - 14:09:22 - [1,747] ----D C:\Users\bantuman\AppData\Local\fontconfig O43 - CFD: 07/11/2012 - 14:09:20 - [0,001] ----D C:\Users\bantuman\AppData\Local\gegl-0.2 O43 - CFD: 29/10/2012 - 14:57:00 - [393,929] ----D C:\Users\bantuman\AppData\Local\Google O43 - CFD: 29/10/2012 - 11:40:43 - [0] ----D C:\Users\bantuman\AppData\Local\Historique O43 - CFD: 23/12/2012 - 17:36:32 - [0] ----D C:\Users\bantuman\AppData\Local\Macromedia O43 - CFD: 20/01/2013 - 20:12:14 - [67,928] ----D C:\Users\bantuman\AppData\Local\Microsoft O43 - CFD: 30/10/2012 - 00:59:48 - [0] ----D C:\Users\bantuman\AppData\Local\Microsoft Help O43 - CFD: 29/10/2012 - 13:24:32 - [68,147] ----D C:\Users\bantuman\AppData\Local\Mozilla O43 - CFD: 05/11/2012 - 21:37:02 - [0,850] ----D C:\Users\bantuman\AppData\Local\mypaint O43 - CFD: 25/11/2012 - 18:05:03 - [0,875] ----D C:\Users\bantuman\AppData\Local\Preset Shuffler O43 - CFD: 30/10/2012 - 19:18:41 - [0] ----D C:\Users\bantuman\AppData\Local\Programs O43 - CFD: 29/10/2012 - 22:52:20 - [2,230] ----D C:\Users\bantuman\AppData\Local\Sony O43 - CFD: 22/02/2013 - 21:33:28 - [52,381] ----D C:\Users\bantuman\AppData\Local\Temp O43 - CFD: 29/10/2012 - 11:40:43 - [0] ----D C:\Users\bantuman\AppData\Local\Temporary Internet Files O43 - CFD: 07/02/2013 - 15:04:59 - [0,029] ----D C:\Users\bantuman\AppData\Local\TouchStoneSoftware O43 - CFD: 15/02/2013 - 18:54:39 - [1,391] ----D C:\Users\bantuman\AppData\Local\VirtualStore O43 - CFD: 14/07/2009 - 05:42:04 - [0,014] R---D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 31/10/2012 - 20:31:42 - [0,000] R---D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 31/10/2012 - 18:18:10 - [0,001] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 31/10/2012 - 03:27:37 - [0,007] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin O43 - CFD: 15/01/2013 - 01:08:10 - [0,006] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 03/11/2012 - 12:11:31 - [0,004] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jack v1.9.6 O43 - CFD: 03/11/2012 - 13:40:44 - [0] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kerkythea Rendering System O43 - CFD: 14/07/2009 - 05:37:42 - [0,001] R---D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 31/10/2012 - 03:09:22 - [0] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPaint O43 - CFD: 29/10/2012 - 23:32:13 - [0] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments O43 - CFD: 31/10/2012 - 20:31:42 - [0,000] R---D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 05/12/2012 - 20:56:45 - [0,003] ----D C:\Users\bantuman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Scan Program Folder in 00mn 04s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.015606E5AC07A79FC1A26B3C25FABA74] - 22/02/2013 - 21:07:49 ---A- . (...) -- C:\PhysicalMBR.bin [512] O44 - LFC:[MD5.A137982BA26A9E2D450185E6953557D0] - 22/02/2013 - 18:12:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1514114] O44 - LFC:[MD5.330ADB62DE7CAE631F779F3F6357F153] - 21/02/2013 - 12:41:35 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.C7BEB4AAF084CF0776B87BFB961F840A] - 21/02/2013 - 12:41:35 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106190] O44 - LFC:[MD5.59073A054E1286E848A744F5D3C0F3AC] - 21/02/2013 - 12:41:35 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [130548] O44 - LFC:[MD5.102F723EC787BBFD824211A547080DBC] - 21/02/2013 - 12:41:35 ---A- . (...) -- C:\Windows\System32\perfh009.dat [615810] O44 - LFC:[MD5.EF3EB929527CFD6A7CB9FCABE35F1BD8] - 21/02/2013 - 12:41:35 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [704242] O44 - LFC:[MD5.EFB8AE2881F3A1CEA83F04863587E5F8] - 21/02/2013 - 12:36:42 ---A- . (...) -- C:\Windows\setupact.log [2688] O44 - LFC:[MD5.DED7C61D8CE44C8E1A44B37D178E33B6] - 21/02/2013 - 12:36:42 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.2C2E00FF8EAD2E4351A15C75681B0F52] - 18/02/2013 - 21:23:30 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [3950992] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/02/2013 - 17:47:01 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.6280A479148CAEAD59E17A0CC3789161] - 09/02/2013 - 20:37:37 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [697712] O44 - LFC:[MD5.3E5633C0E3B4FE04E6EBFFA597227617] - 09/02/2013 - 20:37:37 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [74096] O44 - LFC:[MD5.7C305E15C13ABCDE5B79CC288453F111] - 08/02/2013 - 23:58:38 ---A- . (...) -- C:\UsbFix [Clean 4] BANTUTEAM02.txt [11092] O44 - LFC:[MD5.E95E4458865F7B958FBA9484871E2E5D] - 08/02/2013 - 14:28:36 ----- . (...) -- C:\UsbFix [Clean 3] BANTUTEAM02.txt [11127] O44 - LFC:[MD5.C0216EB86BE76EE68C17A9B8F237B5F1] - 08/02/2013 - 14:00:43 ----- . (...) -- C:\UsbFix [Clean 2] BANTUTEAM02.txt [8484] O44 - LFC:[MD5.763663F9FC5B1786FEF7562F9C658EF2] - 26/11/2012 - 12:57:41 ----- . (...) -- C:\usbfix2.zip [792963] ~ Scan Files in 00mn 03s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.BD74354A1B38C0E2CF578420865DFC4A] - 14/02/2013 - 17:51:40 ---A- - C:\Windows\Prefetch\AgCx_SC4.db O45 - LFCP:[MD5.2B9EE2DE117BAB042FD986FCE44E9B2C] - 15/02/2013 - 22:00:07 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-E2CE6542.pf O45 - LFCP:[MD5.295B19011FDFC0FE85F55F5C73EFC665] - 15/02/2013 - 23:25:15 ---A- - C:\Windows\Prefetch\GOOGLEUPDATESETUP.EXE-36A0E49C.pf O45 - LFCP:[MD5.FE2A7838D3E5EF7CC8B0FA005055F588] - 15/02/2013 - 23:25:27 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-D5E1C093.pf O45 - LFCP:[MD5.3EDFD83D3F2EE6BCF8CD0CFE17235344] - 15/02/2013 - 23:25:40 ---A- - C:\Windows\Prefetch\UI0DETECT.EXE-B742F20E.pf O45 - LFCP:[MD5.7AF1C20FE8A6CD36B5F76DEE0CA1A109] - 16/02/2013 - 21:16:26 ---A- - C:\Windows\Prefetch\SKETCHUP.EXE-ADC8AE96.pf O45 - LFCP:[MD5.593E2CB6E05CE221953B40100C31BEE7] - 18/02/2013 - 14:00:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A90C83A5.pf O45 - LFCP:[MD5.F92920B9791F79522BAE99E6E3EBB24C] - 18/02/2013 - 14:05:09 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0587949C.pf O45 - LFCP:[MD5.0292CF37ECC3FB195EB8AD06580311CB] - 18/02/2013 - 14:05:10 ---A- - C:\Windows\Prefetch\NEWDEV.EXE-D28C9120.pf O45 - LFCP:[MD5.8BD2CBB5D679012B2974A586F8D20D30] - 18/02/2013 - 14:06:33 ---A- - C:\Windows\Prefetch\DC3DX86.EXE-1A68284E.pf O45 - LFCP:[MD5.91099597CDDCC3B587F4E2FB8D748F23] - 18/02/2013 - 16:06:47 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FEF6B417.pf O45 - LFCP:[MD5.60A5D131159C512922DCE91A2E8A6D51] - 18/02/2013 - 16:15:15 ---A- - C:\Windows\Prefetch\DINOTIFY.EXE-06EB7C61.pf O45 - LFCP:[MD5.BBD2DD5711866F4FB7F905494874FAB5] - 18/02/2013 - 16:15:15 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1BFE23E2.pf O45 - LFCP:[MD5.61391C8B22FEF9983E504C59C6FE4BC1] - 18/02/2013 - 17:40:39 ---A- - C:\Windows\Prefetch\CONTROL.EXE-9459D5A0.pf O45 - LFCP:[MD5.26BE08A9B11930B6279407DF3A398FE4] - 18/02/2013 - 20:03:02 ---A- - C:\Windows\Prefetch\CALIBRE.EXE-0C53B266.pf O45 - LFCP:[MD5.BA216021249BC1F64AE33FCFBD709736] - 18/02/2013 - 20:48:44 ---A- - C:\Windows\Prefetch\WINWORD.EXE-2958387E.pf O45 - LFCP:[MD5.7FCB11DFDC8AE8C2FAED48A1C04EDDBD] - 18/02/2013 - 21:04:48 ---A- - C:\Windows\Prefetch\MSIPATCHREGFIX-X86.EXE-3CF612F8.pf O45 - LFCP:[MD5.0AAB517DB5CFBC17F589CA53507C710F] - 18/02/2013 - 21:05:02 ---A- - C:\Windows\Prefetch\NDP40-KB2789642-X86.EXE-7C0403A0.pf O45 - LFCP:[MD5.C21F870C88F2884305F01252D652242C] - 18/02/2013 - 21:05:07 ---A- - C:\Windows\Prefetch\SETUP.EXE-5E828609.pf O45 - LFCP:[MD5.909D839812DB445CC9CDB945F8514E9A] - 18/02/2013 - 21:05:23 ---A- - C:\Windows\Prefetch\UNLODCTR.EXE-2462BF52.pf O45 - LFCP:[MD5.3CA6A4924E738269D4E04B3A53366F0D] - 18/02/2013 - 21:05:41 ---A- - C:\Windows\Prefetch\REGTLIBV12.EXE-F8E3DF6E.pf O45 - LFCP:[MD5.F9C988BDD0D7DC67BCC94090B36F10BD] - 18/02/2013 - 21:05:45 ---A- - C:\Windows\Prefetch\MOFCOMP.EXE-CDA1E783.pf O45 - LFCP:[MD5.74A4D862C577BD2CCD245B1F3C3AA7D2] - 18/02/2013 - 21:06:19 ---A- - C:\Windows\Prefetch\NGEN.EXE-8DF18334.pf O45 - LFCP:[MD5.C2E9BC4759E56AD4EE29E5A22828D11D] - 18/02/2013 - 21:06:30 ---A- - C:\Windows\Prefetch\LODCTR.EXE-8DBE540B.pf O45 - LFCP:[MD5.FFFFAEC5E84236A89C9705FDB4597D7B] - 18/02/2013 - 21:08:15 ---A- - C:\Windows\Prefetch\MPSYSCHK.EXE-D196764D.pf O45 - LFCP:[MD5.164DEAA013C729F3433F4E013966F880] - 18/02/2013 - 21:09:28 ---A- - C:\Windows\Prefetch\MSOHTMED.EXE-235CC2F9.pf O45 - LFCP:[MD5.EADE4C26A3BD92F5DAF5A745301B739B] - 18/02/2013 - 21:10:38 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf O45 - LFCP:[MD5.3AA38BAD4EB3CAE791B59163CAAD5D60] - 18/02/2013 - 21:10:51 ---A- - C:\Windows\Prefetch\MRTSTUB.EXE-9DBC3C69.pf O45 - LFCP:[MD5.50C559E7BC9EB13DA69F3D6149763C6F] - 18/02/2013 - 21:10:58 ---A- - C:\Windows\Prefetch\WINDOWS-KB890830-V4.17-DELTA.-AFB2249C.pf O45 - LFCP:[MD5.8233108B14B5E4C0152244AC45628631] - 18/02/2013 - 21:11:01 ---A- - C:\Windows\Prefetch\MRT.EXE-C3C3D3DA.pf O45 - LFCP:[MD5.CC8425A8DD2ADF0309A7E491762F4A50] - 18/02/2013 - 21:20:39 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-830BCC14.pf O45 - LFCP:[MD5.922DAABA8A47721CB651DFCD1A3CA813] - 18/02/2013 - 21:20:51 ---A- - C:\Windows\Prefetch\POQEXEC.EXE-7C336EAC.pf O45 - LFCP:[MD5.4BB097DB512BAB72A763ADDDC4DDB67B] - 18/02/2013 - 21:22:37 ---A- - C:\Windows\Prefetch\C2C_SERVICE.EXE-96DB3E07.pf O45 - LFCP:[MD5.B45A2E6084466057CA43F39B5B9B365D] - 18/02/2013 - 21:22:37 ---A- - C:\Windows\Prefetch\MDM.EXE-243FEBC7.pf O45 - LFCP:[MD5.C094E850FBEEB46205E182F9C2F99849] - 18/02/2013 - 21:22:37 ---A- - C:\Windows\Prefetch\PSISERVICE_2.EXE-3A9CDBA5.pf O45 - LFCP:[MD5.FA7C7FAC09A54F74F94E64B79B66270A] - 18/02/2013 - 21:22:37 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-F0782E95.pf O45 - LFCP:[MD5.774442EE306AF50228C8E611EC7EF19E] - 18/02/2013 - 21:22:37 ---A- - C:\Windows\Prefetch\UPDATER.EXE-4F2CB8F3.pf O45 - LFCP:[MD5.04699351C72BBC1786C156CC477AFBFC] - 18/02/2013 - 21:25:52 ---A- - C:\Windows\Prefetch\SC.EXE-BC6DAF49.pf O45 - LFCP:[MD5.33F03BA8032DD60492F88C06B927E0C0] - 19/02/2013 - 10:19:13 ---A- - C:\Windows\Prefetch\MAKECAB.EXE-21F14B27.pf O45 - LFCP:[MD5.2CECF04438CCDD443CC984B11FA4A80E] - 19/02/2013 - 10:56:50 ---A- - C:\Windows\Prefetch\DRVINST.EXE-5F8E77CD.pf O45 - LFCP:[MD5.79D684E30CDD22E2617348AA2A59DB48] - 19/02/2013 - 11:01:29 ---A- - C:\Windows\Prefetch\TABTIP.EXE-13F8016C.pf O45 - LFCP:[MD5.E339782E11916D3A3498C2F93AEE5C55] - 19/02/2013 - 11:01:29 ---A- - C:\Windows\Prefetch\WISPTIS.EXE-6C347CFA.pf O45 - LFCP:[MD5.610E82C94208DC912EE35D68596B5287] - 19/02/2013 - 11:06:42 ---A- - C:\Windows\Prefetch\HPWUCLI.EXE-373855A7.pf O45 - LFCP:[MD5.4F149B06807DBDB19290EE9854995988] - 19/02/2013 - 12:19:53 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DAB0F3F4.pf O45 - LFCP:[MD5.F83ADBD4EDCC9005E0ACD4C83A318331] - 19/02/2013 - 12:31:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6FB278A1.pf O45 - LFCP:[MD5.EF6DB3B038DB5A504545804A49520B1A] - 19/02/2013 - 12:39:22 ---A- - C:\Windows\Prefetch\MYPAINT.EXE-5AB6A7DB.pf O45 - LFCP:[MD5.5B5F289A2DE62D31FD1551C6DAF04EE3] - 20/02/2013 - 00:28:50 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-41856FD3.pf O45 - LFCP:[MD5.E2F76B3808C9132F72BCC8A23759FE22] - 20/02/2013 - 06:43:25 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-738093E8.pf O45 - LFCP:[MD5.EE39B352BA3A1E752901AE7B7E412C47] - 20/02/2013 - 15:38:37 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AFD98684.pf O45 - LFCP:[MD5.D024073C565461C75CBC339E20B5188B] - 21/02/2013 - 02:25:32 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf O45 - LFCP:[MD5.258B6E966480BDA455C85A93CDBDF929] - 21/02/2013 - 02:25:37 ---A- - C:\Windows\Prefetch\DISPLAYLINKMANAGER.EXE-DBDA40E4.pf O45 - LFCP:[MD5.5351F8F00E32555BF372264553BBE3E2] - 21/02/2013 - 02:25:42 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.4B3D0C4A8346ABFB8289FE9E69BB626E] - 21/02/2013 - 12:37:51 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.88F02F084AF218EC31806EB5E4E253BD] - 21/02/2013 - 12:37:59 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-CBE91656.pf O45 - LFCP:[MD5.42895328968502331B2C53A5F891DC2C] - 21/02/2013 - 12:38:00 ---A- - C:\Windows\Prefetch\PEN_TABLETUSER.EXE-83ADCB99.pf O45 - LFCP:[MD5.D78CBD9BF9904A76DAB1B6ED6B821DC2] - 21/02/2013 - 12:38:00 ---A- - C:\Windows\Prefetch\PEN_TOUCHUSER.EXE-F8354074.pf O45 - LFCP:[MD5.15EFEDC97893BA022698C715155CB86C] - 21/02/2013 - 12:38:01 ---A- - C:\Windows\Prefetch\DISPLAYLINKUI.EXE-70773ADB.pf O45 - LFCP:[MD5.57C33E0A0F936920415595B8573796DF] - 21/02/2013 - 12:38:01 ---A- - C:\Windows\Prefetch\DISPLAYLINKUSERAGENT.EXE-4CD7946B.pf O45 - LFCP:[MD5.87482F841A19DE35DE2C23A57C764DBF] - 21/02/2013 - 12:38:11 ---A- - C:\Windows\Prefetch\UPDATERSTARTUPUTILITY.EXE-4E353C23.pf O45 - LFCP:[MD5.3CED21A3662EB5867F4D939D2AFADFE6] - 21/02/2013 - 12:38:12 ---A- - C:\Windows\Prefetch\USERINIT.EXE-F39AB672.pf O45 - LFCP:[MD5.B3302627D91D8907E387257B79FF927D] - 21/02/2013 - 12:38:15 ---A- - C:\Windows\Prefetch\DWM.EXE-AEABE78B.pf O45 - LFCP:[MD5.0F7256CD0E815908DB59D7D825210559] - 21/02/2013 - 12:38:18 ---A- - C:\Windows\Prefetch\SWITCHBOARD.EXE-7E935F90.pf O45 - LFCP:[MD5.4F818E1FDA67CCF8E385F44DCA8E9DE8] - 21/02/2013 - 12:38:20 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-494AD0F3.pf O45 - LFCP:[MD5.74018D776DAD0A74AEADECD148FA62A8] - 21/02/2013 - 12:38:20 ---A- - C:\Windows\Prefetch\M-AUDIOTASKBARICON.EXE-EFC89994.pf O45 - LFCP:[MD5.74722684981A0E0FFD575B8AD189CE79] - 21/02/2013 - 12:38:23 ---A- - C:\Windows\Prefetch\HPWUSCHD2.EXE-2BAFD0AB.pf O45 - LFCP:[MD5.B99A5A06892FA4B491A20A5B3F673D29] - 21/02/2013 - 12:38:28 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf O45 - LFCP:[MD5.323A04BF5DD94BEB8723C16F8F646795] - 21/02/2013 - 12:38:30 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-77D27BAC.pf O45 - LFCP:[MD5.45098043DE9246D5F674C77C22840A3B] - 21/02/2013 - 12:38:31 ---A- - C:\Windows\Prefetch\DISPLAYFUSION.EXE-F8B31D83.pf O45 - LFCP:[MD5.040629CA1204F564A0B53A1AAD362F20] - 21/02/2013 - 12:38:33 ---A- - C:\Windows\Prefetch\SKYPE.EXE-40964AC7.pf O45 - LFCP:[MD5.2B79BC511DDDAC20637FF8C170F19FA0] - 21/02/2013 - 12:38:34 ---A- - C:\Windows\Prefetch\IDMAN.EXE-06DE2322.pf O45 - LFCP:[MD5.7B3A0000FA49F05BC43615D3F8B38E1E] - 21/02/2013 - 12:38:37 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-BD0344CA.pf O45 - LFCP:[MD5.531E166251EFA1D49FEEB49745106F7B] - 21/02/2013 - 12:38:40 ---A- - C:\Windows\Prefetch\IEMONITOR.EXE-D9401E2B.pf O45 - LFCP:[MD5.3052E0DAB0C21466B75B0B1E89629E95] - 21/02/2013 - 12:39:12 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-FAA88858.pf O45 - LFCP:[MD5.8546D84BF0EECC6FA66D4D8A131F0F87] - 21/02/2013 - 12:39:23 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-18D06B2E.pf O45 - LFCP:[MD5.4161A83711E185C01307B205086689B6] - 21/02/2013 - 12:39:52 ---A- - C:\Windows\Prefetch\AVASTEMUPDATE.EXE-86DAEADE.pf O45 - LFCP:[MD5.9E0EAE46628392FEEA6D447AB9BB8ADC] - 21/02/2013 - 12:41:21 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf O45 - LFCP:[MD5.4E2680A8B54B6777609072CDB5D8D49D] - 21/02/2013 - 12:49:10 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-9DE758AE.pf O45 - LFCP:[MD5.F1B3472B2F328ADFC7B89AAA621EDE80] - 21/02/2013 - 12:50:50 ---A- - C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf O45 - LFCP:[MD5.63846CE5EFA51D67A84F9FE956B1A820] - 21/02/2013 - 12:51:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-752665EB.pf O45 - LFCP:[MD5.2F9DC00413CE2F19D0FEC4FBCB1D4A9D] - 21/02/2013 - 15:57:36 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-25399471.pf O45 - LFCP:[MD5.419F9133A37A903BEF9508C2FD6E5330] - 21/02/2013 - 16:02:20 ---A- - C:\Windows\Prefetch\PHOTOSHOP.EXE-9BB85AF3.pf O45 - LFCP:[MD5.1587FD12977E48FF5FB4DF3689B81AF3] - 21/02/2013 - 16:02:38 ---A- - C:\Windows\Prefetch\CS5.5SERVICEMANAGER.EXE-CDF94EA0.pf O45 - LFCP:[MD5.22F0382618E9DB75C028D60B84DD8235] - 21/02/2013 - 16:08:15 ---A- - C:\Windows\Prefetch\HYDROGEN.EXE-F0BE4CF7.pf O45 - LFCP:[MD5.88AA5E5A6993365F787F07B8EA542F40] - 21/02/2013 - 16:20:28 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf O45 - LFCP:[MD5.D944BA55F7A8A32A2044C9104487CD8A] - 21/02/2013 - 16:21:07 ---A- - C:\Windows\Prefetch\SONARPDR.EXE-3FDC4879.pf O45 - LFCP:[MD5.14B032E0ADF67D51FDD02BE1C733A0F5] - 21/02/2013 - 16:21:22 ---A- - C:\Windows\Prefetch\VSTSCAN.EXE-0129C573.pf O45 - LFCP:[MD5.517FBCFF198782A918C7E824582272B3] - 21/02/2013 - 18:11:24 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8DA0BAAD.pf O45 - LFCP:[MD5.E35792FD4E0E0D0ECD4A0F82BF58B4FD] - 21/02/2013 - 18:18:18 ---A- - C:\Windows\Prefetch\CSC.EXE-4EF173D0.pf O45 - LFCP:[MD5.914A52D040D0D6345BFDA6E86A1B372E] - 21/02/2013 - 18:18:18 ---A- - C:\Windows\Prefetch\CVTRES.EXE-419E4E46.pf O45 - LFCP:[MD5.FB64F5E8536EC162D190C8EAC7C94F92] - 21/02/2013 - 18:18:23 ---A- - C:\Windows\Prefetch\SDIAGNHOST.EXE-67CD1457.pf O45 - LFCP:[MD5.0A57A012A10B7CC42EE93E69E981A17F] - 21/02/2013 - 18:18:25 ---A- - C:\Windows\Prefetch\W32TM.EXE-5D2265F4.pf O45 - LFCP:[MD5.AF7F656CD38BB654AC8D6C5B3C7E6D0E] - 21/02/2013 - 18:18:34 ---A- - C:\Windows\Prefetch\PING.EXE-B29F6629.pf O45 - LFCP:[MD5.1D290C658E8DC25D67D5AACB52D6F866] - 22/02/2013 - 00:30:02 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-125D4518.pf O45 - LFCP:[MD5.D829349F7C83F060E796D87EE3735515] - 22/02/2013 - 07:21:32 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf O45 - LFCP:[MD5.97AADC70C1B4F81E6F30079CBFC2757D] - 22/02/2013 - 12:25:59 ---A- - C:\Windows\Prefetch\CORELDRW.EXE-2C8B5CB0.pf O45 - LFCP:[MD5.B73DA3C508C480A1A2158A60C3B84611] - 22/02/2013 - 15:38:44 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf O45 - LFCP:[MD5.0E9C7FCA23ADC3523418CBBAA67611C2] - 22/02/2013 - 15:38:45 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-2D2EC75A.pf O45 - LFCP:[MD5.B5A401CB12109D6487ECB5D4300138C9] - 22/02/2013 - 15:41:12 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6202E8F2.pf O45 - LFCP:[MD5.5AFECFF6281CE4AE90F7BDE51F915B44] - 22/02/2013 - 15:41:46 ---A- - C:\Windows\Prefetch\INKSCAPE.EXE-768767A3.pf O45 - LFCP:[MD5.DAC7EA07743FD7F62BAA70A5F5D2C7A4] - 22/02/2013 - 15:42:27 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf O45 - LFCP:[MD5.F3DE2518D556F539D219A88B5A5F3557] - 22/02/2013 - 15:42:46 ---A- - C:\Windows\Prefetch\PDFXCVIEW.EXE-854898CE.pf O45 - LFCP:[MD5.C30DF50154584B884C2AF5B876B5D443] - 22/02/2013 - 16:08:04 ---A- - C:\Windows\Prefetch\IELOWUTIL.EXE-79D45B69.pf O45 - LFCP:[MD5.B556C0BEEA3E6D3327AB3EDFB9D063D4] - 22/02/2013 - 16:24:30 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.25A56A71EBD24BDE459C430D47DB41EF] - 22/02/2013 - 20:14:41 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2308923893-957624501-1129651293-1000.db O45 - LFCP:[MD5.FE2EEB567C333A26D09CFA3056B596AF] - 22/02/2013 - 20:14:41 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2308923893-957624501-1129651293-1000.db O45 - LFCP:[MD5.50BC4259BB36161F1A4D76E64D0EA322] - 22/02/2013 - 20:35:00 ---A- - C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-0CF170F4.pf O45 - LFCP:[MD5.89AF1D53580738EA371A67C64C8B84CC] - 22/02/2013 - 20:46:45 ---A- - C:\Windows\Prefetch\AVAST.SETUP-C9BC9A61.pf O45 - LFCP:[MD5.7C1C269A2A446F2649304652C8488895] - 22/02/2013 - 20:48:42 ---A- - C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf O45 - LFCP:[MD5.777A305FF75F32B6CDB2AC0A0DEABF10] - 22/02/2013 - 20:52:49 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-5AC08D80.pf O45 - LFCP:[MD5.1D09BFC1642ADDE02FDFD52EDB4B4F17] - 22/02/2013 - 20:54:05 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-E447C111.pf O45 - LFCP:[MD5.69A23D869CAE55F2D93843C13CFFDD10] - 22/02/2013 - 20:54:19 ---A- - C:\Windows\Prefetch\USBFIX.EXE-775B059D.pf O45 - LFCP:[MD5.6216DB0E1B618F6DF544DA57044BE4A3] - 22/02/2013 - 20:54:59 ---A- - C:\Windows\Prefetch\UN-USBFIX.EXE-2D227F78.pf O45 - LFCP:[MD5.4068A05EC3860F768EAB7928359D1641] - 22/02/2013 - 20:55:24 ---A- - C:\Windows\Prefetch\GO.EXE-759C3391.pf O45 - LFCP:[MD5.FD2DFD3962A84DCA45775848B329E492] - 22/02/2013 - 21:04:49 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-437C05A8.pf O45 - LFCP:[MD5.B5A044D0BC127968756359B875F16854] - 22/02/2013 - 21:04:58 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-BB72ED6F.pf O45 - LFCP:[MD5.4D50045BE7678C0BE3D02BDD8CC175CB] - 22/02/2013 - 21:08:00 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf O45 - LFCP:[MD5.EAFC15754EA60AB49CEA9E1A023889D5] - 22/02/2013 - 21:08:00 ---A- - C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf O45 - LFCP:[MD5.E96EC26AE59AB0469E67B4039E114A6A] - 22/02/2013 - 21:10:29 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.084088AC3F10F9DCD02275D0B0706C3B] - 22/02/2013 - 21:10:31 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.DB066023FF3F48078BA6EC0341AAEBB5] - 22/02/2013 - 21:10:31 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.DBDA91F071974D6A6A8D834E087F8F51] - 22/02/2013 - 21:10:31 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.4F807A0B61328E39E59766F6D7A8D84D] - 22/02/2013 - 21:15:20 ---A- - C:\Windows\Prefetch\CHROME.EXE-0548EF22.pf O45 - LFCP:[MD5.08EC152983CB8FBA23EFA5A3E1FEA1AA] - 22/02/2013 - 21:16:42 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-93CEEE07.pf O45 - LFCP:[MD5.0DF6B42EC337F083C80AFDA6CFA9DDF1] - 22/02/2013 - 21:16:53 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-D0D776AC.pf O45 - LFCP:[MD5.8D79380F01651938BFA61AD5E0888D62] - 22/02/2013 - 21:19:41 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf O45 - LFCP:[MD5.EA4B9397184B35E5CDE0388A7007CECB] - 22/02/2013 - 21:23:00 ---A- - C:\Windows\Prefetch\SLUI.EXE-A65918C4.pf O45 - LFCP:[MD5.17B3C3A1107DC9D6BF6286A4904A46AD] - 22/02/2013 - 21:30:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-8973CEDD.pf O45 - LFCP:[MD5.241F86D7283BAA58191C4DF5AD541ADD] - 22/02/2013 - 21:30:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf O45 - LFCP:[MD5.C7767DFCF4B8229D24BBDB45E9449AF3] - 22/02/2013 - 21:31:53 ---A- - C:\Windows\Prefetch\ROUTE.EXE-AA5DBD7E.pf O45 - LFCP:[MD5.E6456AC03467C4A1AF8B950365595D2F] - 22/02/2013 - 21:32:01 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf O45 - LFCP:[MD5.B90AF7AE29B9248D852A74F619048CC8] - 22/02/2013 - 21:32:05 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf O45 - LFCP:[MD5.CED487E6586C44CE06A853B95F0DCD86] - 22/02/2013 - 21:32:05 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf O45 - LFCP:[MD5.68110A0FC20DFCB266E25020D3408338] - 22/02/2013 - 21:32:44 ---A- - C:\Windows\Prefetch\CONSENT.EXE-65F6206D.pf O45 - LFCP:[MD5.05F1E68750A94E7BAC70A44FD28B3136] - 22/02/2013 - 21:32:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf O45 - LFCP:[MD5.E3B956BBFFA21FEA277C0B4D97BB3F04] - 22/02/2013 - 21:34:04 ---A- - C:\Windows\Prefetch\CONHOST.EXE-3218E401.pf O45 - LFCP:[MD5.A222D86E3F80C8019588FE16E4B0E608] - 22/02/2013 - 21:34:05 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf O45 - LFCP:[MD5.8CDDAB343BE5EB42A0E9F153A62D9110] - 22/02/2013 - 21:34:12 ---A- - C:\Windows\Prefetch\CMD.EXE-89305D47.pf ~ Scan Prefetcher in 00mn 02s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) (None) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) (None) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Scan Drivers in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 19/02/2013 - 11:07:21 ---A- C:\Users\bantuman\AppData\Local\CrashDumps\hpwucli.exe.2608.dmp [1986005] O61 - LFC:Last File Created 19/02/2013 - 12:24:38 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache1\Workflow\WorkflowMessages.xml [27434] O61 - LFC:Last File Created 19/02/2013 - 12:25:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache1\Workflow\WorkflowMessages.xml [36291] O61 - LFC:Last File Created 19/02/2013 - 12:25:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache1\Messages\Messages.xml [45032] O61 - LFC:Last File Created 19/02/2013 - 12:26:28 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extension State\000565.sst [207] O61 - LFC:Last File Created 19/02/2013 - 12:26:44 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jmolcgpienlcieaajfkkdamlngancncm\000221.sst [129] O61 - LFC:Last File Created 19/02/2013 - 12:38:59 ---A- C:\Users\bantuman\AppData\Local\Temp\PCULog3.txt [4621] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\accelmap.conf [8885] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\devbrush_WACOM+Tablet+Eraser++.myb [1542] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\devbrush_WACOM+Tablet+Eraser++_prev.png [9695] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\devbrush_WACOM+Tablet+Pressure+Stylus.myb [1620] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\devbrush_WACOM+Tablet+Pressure+Stylus_prev.png [9701] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_0.myb [1353] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_0_prev.png [13198] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_1.myb [1291] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_1_prev.png [26614] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_2.myb [1138] O61 - LFC:Last File Created 19/02/2013 - 13:15:00 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_2_prev.png [25181] O61 - LFC:Last File Created 19/02/2013 - 13:15:01 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_3.myb [1249] O61 - LFC:Last File Created 19/02/2013 - 13:15:01 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_3_prev.png [18520] O61 - LFC:Last File Created 19/02/2013 - 13:15:01 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_4.myb [1273] O61 - LFC:Last File Created 19/02/2013 - 13:15:01 ---A- C:\Users\bantuman\AppData\Local\mypaint\brushes\history_4_prev.png [22142] O61 - LFC:Last File Created 19/02/2013 - 13:15:01 ---A- C:\Users\bantuman\AppData\Local\mypaint\scratchpads\autosave.ora [1480] O61 - LFC:Last File Created 19/02/2013 - 13:15:01 ---A- C:\Users\bantuman\AppData\Local\mypaint\settings.json [3408] O61 - LFC:Last File Created 19/02/2013 - 13:15:01 ---A- C:\Users\bantuman\AppData\Local\recently-used.xbel [17234] O61 - LFC:Last File Created 19/02/2013 - 16:46:23 ---A- C:\Users\bantuman\AppData\Local\Temp\x1361288783 [3344] O61 - LFC:Last File Created 19/02/2013 - 16:46:23 ---A- C:\Users\bantuman\AppData\Local\Temp\x1361288784 [3592] O61 - LFC:Last File Created 19/02/2013 - 17:34:16 ---A- C:\Users\bantuman\dessin.svg [17311] O61 - LFC:Last File Created 19/02/2013 - 17:46:03 ---A- C:\Users\bantuman\AppData\Local\Temp\x1361292363 [3344] O61 - LFC:Last File Created 19/02/2013 - 17:46:03 ---A- C:\Users\bantuman\AppData\Local\Temp\x1361292364 [3592] O61 - LFC:Last File Created 19/02/2013 - 17:52:49 ---A- C:\Users\bantuman\dessin.pdf [5752] O61 - LFC:Last File Created 19/02/2013 - 17:54:13 ---A- C:\Users\bantuman\AppData\Local\CrashDumps\explorer.exe.496.dmp [6240287] O61 - LFC:Last File Created 20/02/2013 - 14:43:45 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.pagesblanches.be_0.localstorage [3072] O61 - LFC:Last File Created 20/02/2013 - 14:43:45 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.pagesblanches.be_0.localstorage-journal [3608] O61 - LFC:Last File Created 20/02/2013 - 23:53:40 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Shortcuts [28672] O61 - LFC:Last File Created 20/02/2013 - 23:53:40 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal [12824] O61 - LFC:Last File Created 21/02/2013 - 00:50:40 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [6510] O61 - LFC:Last File Created 21/02/2013 - 02:08:28 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\Z5NGCYLS\s.ytimg.com\videostats.sol [275] O61 - LFC:Last File Created 21/02/2013 - 02:25:15 ---A- C:\Users\bantuman\AppData\Local\Temp\c1d7b7e1-a977-4433-9020-2f91444b25b0.dmp [71148] O61 - LFC:Last File Created 21/02/2013 - 02:25:16 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage [48128] O61 - LFC:Last File Created 21/02/2013 - 02:25:16 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube.com_0.localstorage-journal [16384] O61 - LFC:Last File Created 21/02/2013 - 02:25:23 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\httpfe\cookies.dat [2] O61 - LFC:Last File Created 21/02/2013 - 12:37:55 ---A- C:\Users\bantuman\AppData\Roaming\WTablet\PenTouch.xml [4006] O61 - LFC:Last File Created 21/02/2013 - 12:37:55 ---A- C:\Users\bantuman\AppData\Roaming\WTablet\Pen_Tablet.dat [56629] O61 - LFC:Last File Created 21/02/2013 - 12:38:23 ---A- C:\Users\bantuman\AppData\Roaming\Hewlett-Packard Company\HPTLBXFX\6.15.1163.0\handle.dat [153] O61 - LFC:Last File Created 21/02/2013 - 12:38:25 ---A- C:\Users\bantuman\AppData\Roaming\IDM\defextmap.dat [2176] O61 - LFC:Last File Created 21/02/2013 - 12:38:25 ---A- C:\Users\bantuman\AppData\Roaming\IDM\urlexclist.dat [2242] O61 - LFC:Last File Created 21/02/2013 - 12:38:30 ---A- C:\Users\bantuman\AppData\Roaming\Skype\shared_dynco\dc.db [1802240] O61 - LFC:Last File Created 21/02/2013 - 12:38:30 ---A- C:\Users\bantuman\AppData\Roaming\Skype\shared_dynco\dc.db-journal [1120904] O61 - LFC:Last File Created 21/02/2013 - 12:38:34 ---A- C:\Users\bantuman\AppData\Roaming\Skype\DbTemp\temp-5m52U06zv201lfOBxL7RMIhT [20480] O61 - LFC:Last File Created 21/02/2013 - 12:38:36 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\eas.db [53248] O61 - LFC:Last File Created 21/02/2013 - 12:38:36 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\eas.db-journal [41552] O61 - LFC:Last File Created 21/02/2013 - 12:39:08 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor [21504] O61 - LFC:Last File Created 21/02/2013 - 12:39:08 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal [15992] O61 - LFC:Last File Created 21/02/2013 - 12:39:36 ---A- C:\Users\bantuman\AppData\Roaming\Skype\DbTemp\temp-x8kSac1g6udfZagH9Ktbv7oI [8720] O61 - LFC:Last File Created 21/02/2013 - 12:40:02 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Login Data [16384] O61 - LFC:Last File Created 21/02/2013 - 12:40:02 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal [4624] O61 - LFC:Last File Created 21/02/2013 - 16:02:21 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Color\ACEConfigCache2.lst [420] O61 - LFC:Last File Created 21/02/2013 - 16:02:23 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\LaunchEndFlag.psp [11] O61 - LFC:Last File Created 21/02/2013 - 16:03:07 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\Actions Palette.psp [23176] O61 - LFC:Last File Created 21/02/2013 - 16:03:07 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\Adobe Photoshop CS5.1 Prefs.psp [208559] O61 - LFC:Last File Created 21/02/2013 - 16:03:07 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\Color Settings.csf [559960] O61 - LFC:Last File Created 21/02/2013 - 16:03:07 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\Materials.psp [10] O61 - LFC:Last File Created 21/02/2013 - 16:03:07 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\RepoussePresets.psp [10] O61 - LFC:Last File Created 21/02/2013 - 16:03:07 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\WorkSpaces (Modified)\Design [20968] O61 - LFC:Last File Created 21/02/2013 - 16:03:07 ---A- C:\Users\bantuman\AppData\Roaming\Adobe\Adobe Photoshop CS5.1\Adobe Photoshop CS5.1 Settings\Workspace Prefs.psp [21145] O61 - LFC:Last File Created 21/02/2013 - 16:08:06 ---A- C:\Users\bantuman\.hydrogen\hydrogen.conf [5317] O61 - LFC:Last File Created 21/02/2013 - 16:20:28 ---A- C:\Users\bantuman\AppData\Local\CrashDumps\Hydrogen.exe.5956.dmp [10710371] O61 - LFC:Last File Created 21/02/2013 - 16:20:36 ---A- C:\Users\bantuman\AppData\Local\Temp\wmplog00.sqm [1522] O61 - LFC:Last File Created 21/02/2013 - 16:38:37 ---A- C:\Users\bantuman\AppData\Roaming\Cakewalk\SONAR 8.5 Producer\AUD.INI [3697] O61 - LFC:Last File Created 21/02/2013 - 16:38:37 ---A- C:\Users\bantuman\AppData\Roaming\Cakewalk\SONAR 8.5 Producer\ctrlsurface.dat [7087] O61 - LFC:Last File Created 22/02/2013 - 12:17:54 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache2\Messages\1344452956667\body.htm [2443] O61 - LFC:Last File Created 22/02/2013 - 12:17:54 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache2\Messages\1344452956667\detail.htm [3191] O61 - LFC:Last File Created 22/02/2013 - 12:17:54 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache2\Messages\1349990349855\body.htm [2555] O61 - LFC:Last File Created 22/02/2013 - 12:17:54 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache2\Messages\1349990349855\detail.htm [4273] O61 - LFC:Last File Created 22/02/2013 - 12:18:25 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache2\Workflow\WorkflowMessages.xml [27434] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\1329331408301\body.htm [11543] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\1337697446368\body.htm [5505] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\1337697446398\body.htm [5881] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\1337697447401\body.htm [6100] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\1337697447430\body.htm [6112] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\1337697447459\body.htm [6046] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\1337697447488\body.htm [6058] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540227504_017002\fr\MessageCache2\Workflow\WorkflowMessages.xml [36301] O61 - LFC:Last File Created 22/02/2013 - 12:19:15 ---A- C:\Users\bantuman\AppData\Roaming\Corel\Messages\540240626_017002\fr\MessageCache2\Messages\Messages.xml [45032] O61 - LFC:Last File Created 22/02/2013 - 12:25:14 ---A- C:\Users\bantuman\AppData\Local\Temp\PCULog0.txt [18692] O61 - LFC:Last File Created 22/02/2013 - 12:38:52 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\keyval.db [40960] O61 - LFC:Last File Created 22/02/2013 - 12:38:52 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\keyval.db-journal [33344] O61 - LFC:Last File Created 22/02/2013 - 14:18:34 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\bistats.db [69632] O61 - LFC:Last File Created 22/02/2013 - 14:18:34 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\bistats.db-journal [33344] O61 - LFC:Last File Created 22/02/2013 - 15:38:50 ---A- C:\Users\bantuman\AppData\Roaming\Corel\CorelDRAW Graphics Suite X6\Config\CORELGFX.INI [296] O61 - LFC:Last File Created 22/02/2013 - 15:39:08 ---A- C:\Users\bantuman\AppData\Roaming\Corel\CorelDRAW Graphics Suite X6\Config\PaperTypes.xml [12893] O61 - LFC:Last File Created 22/02/2013 - 15:39:08 ---A- C:\Users\bantuman\AppData\Roaming\Corel\CorelDRAW Graphics Suite X6\Custom Data\QCorrectReplace.xml [32329] O61 - LFC:Last File Created 22/02/2013 - 15:39:08 ---A- C:\Users\bantuman\AppData\Roaming\Corel\CorelDRAW Graphics Suite X6\Draw\Object Data\ObjectData.xml [1040] O61 - LFC:Last File Created 22/02/2013 - 15:39:08 ---A- C:\Users\bantuman\AppData\Roaming\Corel\CorelDRAW Graphics Suite X6\Draw\Workspace\_default\DRAWUIConfig.xml [166611] O61 - LFC:Last File Created 22/02/2013 - 15:39:11 ---A- C:\Users\bantuman\AppData\Local\Temp\PCULog1.txt [2744] O61 - LFC:Last File Created 22/02/2013 - 15:42:18 ---A- C:\Users\bantuman\.recently-used.xbel [6199] O61 - LFC:Last File Created 22/02/2013 - 15:42:18 ---A- C:\Users\bantuman\AppData\Roaming\inkscape\preferences.xml [27188] O61 - LFC:Last File Created 22/02/2013 - 15:45:58 ---A- C:\Users\bantuman\Downloads\15333668-abstrait-modele-de-carte-de-visite-artistique.jpg [18307] O61 - LFC:Last File Created 22/02/2013 - 15:49:19 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [264352] O61 - LFC:Last File Created 22/02/2013 - 15:49:19 ---A- C:\Users\bantuman\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set [1292] O61 - LFC:Last File Created 22/02/2013 - 15:49:19 ---A- C:\Users\bantuman\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json [34] O61 - LFC:Last File Created 22/02/2013 - 16:09:32 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage [3072] O61 - LFC:Last File Created 22/02/2013 - 16:09:32 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mediacdn.disqus.com_0.localstorage-journal [3608] O61 - LFC:Last File Created 22/02/2013 - 19:57:11 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\msn.db [53248] O61 - LFC:Last File Created 22/02/2013 - 19:57:11 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\msn.db-journal [33344] O61 - LFC:Last File Created 22/02/2013 - 20:01:45 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\chatsync\ea\ea224279efbf3828.dat [65479] O61 - LFC:Last File Created 22/02/2013 - 20:24:36 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old [267] O61 - LFC:Last File Created 22/02/2013 - 20:24:36 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jmolcgpienlcieaajfkkdamlngancncm\LOG.old [148] O61 - LFC:Last File Created 22/02/2013 - 20:24:36 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000758.sst [243] O61 - LFC:Last File Created 22/02/2013 - 20:30:55 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000760.sst [4417667] O61 - LFC:Last File Created 22/02/2013 - 20:30:58 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG.old [1003] O61 - LFC:Last File Created 22/02/2013 - 20:35:33 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\Z5NGCYLS\broadcast.piximedia.fr\footerJS\v3\lib\so.swf\PmUI.sol [67] O61 - LFC:Last File Created 22/02/2013 - 20:35:33 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\Z5NGCYLS\macromedia.com\support\flashplayer\sys\#broadcast.piximedia.fr\settings.sol [92] O61 - LFC:Last File Created 22/02/2013 - 20:35:33 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\Z5NGCYLS\macromedia.com\support\flashplayer\sys\settings.sol [1195] O61 - LFC:Last File Created 22/02/2013 - 20:38:50 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\config.xml [7685] O61 - LFC:Last File Created 22/02/2013 - 20:48:04 ---A- C:\Users\bantuman\Downloads\Programs\sp52211.exe [6351400] O61 - LFC:Last File Created 22/02/2013 - 20:51:59 ---A- C:\Users\bantuman\AppData\Roaming\DMCache\settings.bak [0] O61 - LFC:Last File Created 22/02/2013 - 20:52:39 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Last Session [1015847] O61 - LFC:Last File Created 22/02/2013 - 20:52:39 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [274665] O61 - LFC:Last File Created 22/02/2013 - 20:52:39 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072] O61 - LFC:Last File Created 22/02/2013 - 20:54:17 ---A- C:\Users\bantuman\AppData\Local\Temp\~nsu.tmp\Au_.exe [105540] O61 - LFC:Last File Created 22/02/2013 - 20:55:43 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT [16] O61 - LFC:Last File Created 22/02/2013 - 20:55:43 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000594 [709] O61 - LFC:Last File Created 22/02/2013 - 20:55:43 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [123468] O61 - LFC:Last File Created 22/02/2013 - 20:55:44 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG [0] O61 - LFC:Last File Created 22/02/2013 - 20:55:44 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jmolcgpienlcieaajfkkdamlngancncm\CURRENT [16] O61 - LFC:Last File Created 22/02/2013 - 20:55:44 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jmolcgpienlcieaajfkkdamlngancncm\MANIFEST-000241 [163] O61 - LFC:Last File Created 22/02/2013 - 20:55:48 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jmolcgpienlcieaajfkkdamlngancncm\LOG [0] O61 - LFC:Last File Created 22/02/2013 - 20:55:53 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings [8] O61 - LFC:Last File Created 22/02/2013 - 20:56:43 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000762.sst [3273977] O61 - LFC:Last File Created 22/02/2013 - 20:56:43 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT [16] O61 - LFC:Last File Created 22/02/2013 - 20:56:43 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000761 [211] O61 - LFC:Last File Created 22/02/2013 - 20:56:44 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG [0] O61 - LFC:Last File Created 22/02/2013 - 20:58:15 ---A- C:\Users\bantuman\AppData\Roaming\Skype\shared.xml [70900] O61 - LFC:Last File Created 22/02/2013 - 21:00:10 ---A- C:\Users\bantuman\Downloads\OTL.exe [602112] O61 - LFC:Last File Created 22/02/2013 - 21:09:53 ---A- C:\Users\bantuman\AppData\Roaming\IDM\foldresHistory.txt [278] O61 - LFC:Last File Created 22/02/2013 - 21:10:29 ---A- C:\Users\bantuman\AppData\Roaming\IDM\Scheduler\q_1.dt [0] O61 - LFC:Last File Created 22/02/2013 - 21:11:09 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\IDMGCExt.dll [91880] O61 - LFC:Last File Created 22/02/2013 - 21:11:09 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\background.html [153] O61 - LFC:Last File Created 22/02/2013 - 21:11:09 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\background.js [575] O61 - LFC:Last File Created 22/02/2013 - 21:11:09 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\contentscript.js [1614] O61 - LFC:Last File Created 22/02/2013 - 21:11:09 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\images\dwnlAll.png [929] O61 - LFC:Last File Created 22/02/2013 - 21:11:09 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\images\headBkgd.gif [909] O61 - LFC:Last File Created 22/02/2013 - 21:11:09 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\images\headTitle.gif [15554] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\_locales\en\messages.json [763] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\images\dwnlLink.png [853] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\images\logoBig.png [20003] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\images\logoSmall.png [4616] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\images\logoTonec.gif [1406] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\manifest.json [1313] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\welcome.html [3584] O61 - LFC:Last File Created 22/02/2013 - 21:11:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.3_0\welcome.js [1928] O61 - LFC:Last File Created 22/02/2013 - 21:12:29 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [6805] O61 - LFC:Last File Created 22/02/2013 - 21:13:26 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_chrome.google.com_0.localstorage [3072] O61 - LFC:Last File Created 22/02/2013 - 21:13:26 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_chrome.google.com_0.localstorage-journal [3608] O61 - LFC:Last File Created 22/02/2013 - 21:13:42 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Web Data [108544] O61 - LFC:Last File Created 22/02/2013 - 21:13:42 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [14904] O61 - LFC:Last File Created 22/02/2013 - 21:13:50 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity [831] O61 - LFC:Last File Created 22/02/2013 - 21:18:17 ---A- C:\Users\bantuman\Downloads\OTL.Txt [127486] O61 - LFC:Last File Created 22/02/2013 - 21:19:30 ---A- C:\Users\bantuman\Downloads\Extras.Txt [59832] O61 - LFC:Last File Created 22/02/2013 - 21:19:40 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Favicons [2621440] O61 - LFC:Last File Created 22/02/2013 - 21:19:40 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [16384] O61 - LFC:Last File Created 22/02/2013 - 21:23:01 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\main.db [716800] O61 - LFC:Last File Created 22/02/2013 - 21:23:01 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\main.db-journal [148256] O61 - LFC:Last File Created 22/02/2013 - 21:28:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_icmlaeflemplmjndnaapfdbbnpncnbda_0.localstorage [2789376] O61 - LFC:Last File Created 22/02/2013 - 21:28:11 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_icmlaeflemplmjndnaapfdbbnpncnbda_0.localstorage-journal [16384] O61 - LFC:Last File Created 22/02/2013 - 21:28:19 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\History [3747840] O61 - LFC:Last File Created 22/02/2013 - 21:28:19 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-02 [2957312] O61 - LFC:Last File Created 22/02/2013 - 21:28:19 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\History Index 2013-02-journal [16384] O61 - LFC:Last File Created 22/02/2013 - 21:29:44 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\History-journal [16384] O61 - LFC:Last File Created 22/02/2013 - 21:29:57 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [1682540] O61 - LFC:Last File Created 22/02/2013 - 21:29:58 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [8131312] O61 - LFC:Last File Created 22/02/2013 - 21:29:58 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set [1493196] O61 - LFC:Last File Created 22/02/2013 - 21:29:58 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [134512] O61 - LFC:Last File Created 22/02/2013 - 21:29:58 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist [19840] O61 - LFC:Last File Created 22/02/2013 - 21:30:25 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies [6144] O61 - LFC:Last File Created 22/02/2013 - 21:30:26 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal [2576] O61 - LFC:Last File Created 22/02/2013 - 21:32:00 ---A- C:\Users\bantuman\AppData\Roaming\Skype\tah.mombo\dc.db [81920] O61 - LFC:Last File Created 22/02/2013 - 21:33:47 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eu1.badoo.com_0.localstorage [28672] O61 - LFC:Last File Created 22/02/2013 - 21:33:47 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eu1.badoo.com_0.localstorage-journal [16384] O61 - LFC:Last File Created 22/02/2013 - 21:33:59 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Cookies [573440] O61 - LFC:Last File Created 22/02/2013 - 21:33:59 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal [16384] O61 - LFC:Last File Created 22/02/2013 - 21:34:01 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Preferences [84318] O61 - LFC:Last File Created 22/02/2013 - 21:34:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage [3072] O61 - LFC:Last File Created 22/02/2013 - 21:34:10 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_plus.google.com_0.localstorage-journal [3608] O61 - LFC:Last File Created 22/02/2013 - 21:34:17 ---A- C:\Users\bantuman\AppData\Local\Google\Chrome\User Data\Local State [23054] ~ Scan Files in 01mn 40s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - SosVirus.org.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK O64 - Services: CurCS - 30/10/2012 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 15/10/2012 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP O64 - Services: CurCS - 30/10/2012 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI O64 - Services: CurCS - 30/07/2012 - C:\Windows\system32\drivers\dlkmd.sys (dlkmd) .(.DisplayLink Corp. - DisplayLink WDDM KMD.) - LEGACY_DLKMD O64 - Services: CurCS - 30/07/2012 - C:\Windows\System32\drivers\dlkmdldr.sys (dlkmdldr) .(.DisplayLink Corp. - DisplayLink WDDM KMD Loader.) - LEGACY_DLKMDLDR O64 - Services: CurCS - 22/11/2012 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV ~ Scan Services in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- D:\COMMUNICATION\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Scan Keys in 00mn 00s ---\\ Crack & Keygen Files (O82) C:\UsbFix_Upload_Me\E\keygen.exe.vir C:\UsbFix_Upload_Me\E\keygen.exe.vir E:\DIVERS\Keygen VEGAS SONY.exe E:\DIVERS\Keygen.exe ~ Scan Files in 05mn 43s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] ~ Scan Services in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.0BA3F31E2B4D8D99DF8DD19E81155374] [SPRF][31/10/2012] (.Microsoft Corporation - Navigateur Internet.) -- C:\Users\bantuman\AppData\Local\Temp\ieframe.dll [9738240] [MD5.90A57CA422923286838AAC7DE2D41B92] [SPRF][31/10/2012] (.Microsoft Corporation - Internet Explorer Peer Objects.) -- C:\Users\bantuman\AppData\Local\Temp\iepeers.dll [118784] [MD5.1158607D1FD5C2CBCE09E6ABB72A47D5] [SPRF][18/02/2013] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\bantuman\AppData\Local\Temp\MouseKeyboardCenterx86_1036.exe [29360128] [MD5.29E9794708DF51DB5DC89FB2E903A0F6] [SPRF][09/06/2012] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Users\bantuman\AppData\Local\Temp\shell32.dll [12873728] [MD5.374CCDDAFC6E2C305BB46CB795AD2D77] [SPRF][22/02/2013] (.El Desaparecido - UsbFix - Remove malware from yours drive!.) -- C:\Users\bantuman\Desktop\UsbFix.exe [1014758] [MD5.C22845E7509B3AF5DAC84DD3234A1812] [SPRF][22/02/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\bantuman\Desktop\ZHPDiag2.exe [5401301] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "TCP Query User{AD46E4CF-4977-4C52-9680-B19637811B27}D:\studio\anime studio pro 8\anime studio pro.exe" | In - Private - P6 - TRUE | .(.Smith Micro Software, Inc..) -- D:\studio\anime studio pro 8\anime studio pro.exe O87 - FAEL: "UDP Query User{61E1DF74-E9E2-4965-B8EB-7D1864063930}D:\studio\anime studio pro 8\anime studio pro.exe" | In - Private - P17 - TRUE | .(.Smith Micro Software, Inc..) -- D:\studio\anime studio pro 8\anime studio pro.exe O87 - FAEL: "{32AC2FE4-2D2F-493E-9B04-4D074B89025D}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "TCP Query User{9D73A3EB-4BD2-4E7F-B895-6249A977F7AF}C:\program files\hp\hp software update\hpwucli.exe" | In - Private - P6 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\program files\hp\hp software update\hpwucli.exe O87 - FAEL: "UDP Query User{CE45D3B6-A3DB-4CFC-ABEE-FB5E4C2C9DCD}C:\program files\hp\hp software update\hpwucli.exe" | In - Private - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\program files\hp\hp software update\hpwucli.exe ~ Scan Firewall in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : v2.10828 - (21/02/2013) Clés trouvées (Keys found) : 8 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing ~ Scan Additionnel in 00mn 17s ---\\ Recherche détournement de DNS routeur (O89) (None) ---\\ Product Upgrade Codes (O90) O90 - PUC: "00C6B167A32A71F4D932BCE784033741" . (.Corel Graphics - Windows Shell Extension.) -- C:\Windows\Installer\{761B6C00-A23A-4F17-9D23-CB7E48307314}\ARPPRODUCTICON.exe O90 - PUC: "0406F26C572CFD11C86100313D6D9992" . (.DVD Architect Pro 5.2.) -- C:\Windows\Installer\{C62F6040-C275-11DF-8C16-0013D3D69929}\dvdarch.ico O90 - PUC: "058AC9753C2B3F343A6FA3A04EE22852" . (.CorelDRAW Graphics Suite X6 - FontNav.) -- C:\Windows\Installer\{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}\ARPPRODUCTICON.exe O90 - PUC: "0642E9789F812F847B63E418A4965940" . (.CorelDRAW Graphics Suite X6 - VBA.) -- C:\Windows\Installer\{879E2460-18F9-48F2-B736-4E814A699504}\ARPPRODUCTICON.exe O90 - PUC: "0756C3061AB26CF47853E7AFD6F1F616" . (.CorelDRAW Graphics Suite X6 - Custom Data.) -- C:\Windows\Installer\{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}\ARPPRODUCTICON.exe O90 - PUC: "09683D6BE55704F43AA5328FCBB268CA" . (.Microsoft_VC90_MFCLOC_x86.) -- C:\Windows\Installer\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}\ARPPRODUCTICON.exe O90 - PUC: "0D00C83EB86A81348A6A7F4D5B1BFDE0" . (.Windows Media Encoder 9 Series.) -- C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon O90 - PUC: "0E2A777799F3A4F4B81F05C7404CC56D" . (.IPM_C3D.) -- c:\Windows\Installer\{7777A2E0-3F99-4F4A-8BF1-507C04C45CD6}\ARPPRODUCTICON.exe O90 - PUC: "12020731BF34C08419F29D7BA4352888" . (.OpenProj.) -- C:\Windows\Installer\{13702021-43FB-480C-912F-D9B74A538288}\controlPanelIcon.exe O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe O90 - PUC: "13D71A4DB7F22864DA75640712549290" . (.CorelDRAW Graphics Suite X6 - Photozoom Plugin.) -- C:\Windows\Installer\{D4A17D31-2F7B-4682-AD57-467021452909}\ARPPRODUCTICON.exe O90 - PUC: "15513AC1A4770E11FA6C00313D6D9992" . (.Vegas Pro 10.0.) -- C:\Windows\Installer\{1CA31551-774A-11E0-AFC6-0013D3D69929}\vegas.ico O90 - PUC: "1F49AF476659252439277EAEFFFE2E90" . (.CorelDRAW Graphics Suite X6 - Capture.) -- C:\Windows\Installer\{74FA94F1-9566-4252-9372-E7EAFFEFE209}\ARPPRODUCTICON.exe O90 - PUC: "20B91A1DE71869244AB57058F37DD475" . (.Microsoft_VC80_MFC_x86.) -- C:\Windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe O90 - PUC: "233FF2A76F4E78D4E9DBDEFF216194F0" . (.CorelDRAW Graphics Suite X6 - Filters.) -- C:\Windows\Installer\{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}\ARPPRODUCTICON.exe O90 - PUC: "25BBB29DFF28DE24A8C3E460F249A47B" . (.Microsoft_VC80_MFCLOC_x86.) -- C:\Windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe O90 - PUC: "29864E90981DF014EA25276D02421728" . (.calibre.) -- C:\Windows\Installer\{09E46892-D189-410F-AE52-72D620247182}\main_icon O90 - PUC: "305BEFDD266D4224289C735A96F8CD52" . (.CorelDRAW Graphics Suite X6 - VideoBrowser.) -- C:\Windows\Installer\{DDFEB503-D662-4224-82C9-37A5698FDC25}\ARPPRODUCTICON.exe O90 - PUC: "3C0B4800673F3E2408A488D5422928DB" . (.CorelDRAW Graphics Suite X6 - IPM.) -- C:\Windows\Installer\{0084B0C3-F376-42E3-804A-885D249282BD}\ARPPRODUCTICON.exe O90 - PUC: "41DC4153C9F69C93495F6644AC1D22FC" . (.Microsoft Visual Studio Tools for Applications 2.0 Language Pack - FRA.) -- C:\Windows\Installer\{3514CD14-6F9C-39C9-94F5-6644CAD122CF}\VSTA_ARP_Icon O90 - PUC: "441CEB2692074FB43B2FAF32F19B8FB4" . (.CorelDRAW Graphics Suite X6 - Redist.) -- C:\Windows\Installer\{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}\ARPPRODUCTICON.exe O90 - PUC: "4686F9F7BAC8C044FA4430D0105366D6" . (.CorelDRAW Graphics Suite X6.) -- C:\Windows\Installer\{7F9F6864-8CAB-440C-AF44-030D0135666D}\ARPPRODUCTICON.exe O90 - PUC: "4933CDFA2F3C01B42A9C795999B14BAD" . (.DisplayLink Core Software.) -- C:\Windows\Installer\{AFDC3394-C3F2-4B10-A2C9-9795991BB4DA}\controlPanelIcon.exe O90 - PUC: "4B33BEBB48F4E06449141A18400FC186" . (.C3DHelp.) -- c:\Windows\Installer\{BBEB33B4-4F84-460E-9441-A18104F01C68}\ARPPRODUCTICON.exe O90 - PUC: "50D24CD8B0860B148887C6412D6420BD" . (.QuickTime.) -- C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\Installer.ico O90 - PUC: "6722625C5700B8948BF0D79947284EBD" . (.CorelDRAW Graphics Suite X6 - Draw.) -- C:\Windows\Installer\{C5262276-0075-498B-B80F-7D997482E4DB}\ARPPRODUCTICON.exe O90 - PUC: "6A2159CC7FB85DF4CBFC506FCF1D9916" . (.ICA.) -- c:\Windows\Installer\{CC9512A6-8BF7-4FD5-BCCF-05F6FCD19961}\ARPPRODUCTICON.exe O90 - PUC: "6E54DC60E5FFE8D4CB102B679AD0DA2F" . (.Ghostscript GPL 8.64 (Msi Setup).) -- C:\Windows\Installer\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}\ARPPRODUCTICON.exe O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco O90 - PUC: "7B6CFE4D5AD3D0046928B92E785A44E0" . (.CorelDRAW Graphics Suite X6 - Connect.) -- C:\Windows\Installer\{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}\ARPPRODUCTICON.exe O90 - PUC: "7D3FF81304C0B384FA29FA6314B6A06C" . (.CorelDRAW Graphics Suite X6 - Writing Tools.) -- C:\Windows\Installer\{318FF3D7-0C40-483B-AF92-AF36416B0AC6}\ARPPRODUCTICON.exe O90 - PUC: "86BF35F60266E3247BDC8B0265554B12" . (.CorelDRAW Graphics Suite X6 - PHOTO-PAINT.) -- C:\Windows\Installer\{6F53FB68-6620-423E-B7CD-B8205655B421}\ARPPRODUCTICON.exe O90 - PUC: "8F7463F0D15ECCF48826A9D8C0A5FC52" . (.Microsoft_VC80_ATL_x86.) -- C:\Windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe O90 - PUC: "94FFE5624D396F547A82AFAF64D2B9BC" . (.HPLaserJetHelp_LearnCenter.) -- C:\Windows\Installer\{265EFF49-93D4-45F6-A728-FAFA462D9BCB}\ARPPRODUCTICON.exe O90 - PUC: "9B5077776F6E4B44AB1A847EA0EC7104" . (.C3D.) -- c:\Windows\Installer\{777705B9-E6F6-44B4-BAA1-48E70ACE1740}\ARPPRODUCTICON.exe O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico O90 - PUC: "ABAA53CDA0AE1C1448266FA002D1FFB9" . (.Noise Reduction Plug-in 2.0i.) -- C:\Windows\Installer\{DC35AABA-EA0A-41C1-8462-F60A201DFF9B}\sfnrpack.ico O90 - PUC: "AE6BEB54AD4E6974E8F38D710CBAD9D1" . (.CorelDRAW Graphics Suite X6 - FR.) -- C:\Windows\Installer\{45BEB6EA-E4DA-4796-8E3F-D817C0AB9D1D}\ARPPRODUCTICON.exe O90 - PUC: "AE7ED11586AAA7D42A3EE0B715688B22" . (.CorelDRAW Graphics Suite X6 - Setup Files.) -- c:\Windows\Installer\{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}\ARPPRODUCTICON.exe O90 - PUC: "B5DEF536D6C2EB94786EA7F6DC22CBA5" . (.Microsoft_VC90_MFC_x86.) -- C:\Windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe O90 - PUC: "B9E0F8A89CF404C3A9BFA9EEEF186D7A" . (.Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - FRA.) -- C:\Windows\Installer\{8A8F0E9B-4FC9-3C40-9AFB-9AEEFE81D6A7}\VSTA_ARP_Icon O90 - PUC: "C2B4A4AA56408FC3AB67720A728DCABA" . (.Microsoft Visual Studio Tools for Applications 2.0 - ENU.) -- C:\Windows\Installer\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}\VSTA_ARP_Icon O90 - PUC: "C4E4AFE2F5B77F841A0CA18A287B9A3C" . (.HP Update.) -- C:\Windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe O90 - PUC: "C633005CAEE6FB946841CCFF215E26F8" . (.Setup.) -- c:\Windows\Installer\{C500336C-6EEA-49BF-8614-CCFF12E5628F}\ARPPRODUCTICON.exe O90 - PUC: "DB57DCC782551EF4092D93D266A1B21F" . (.CorelDRAW Graphics Suite X6 - VSTA.) -- C:\Windows\Installer\{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}\ARPPRODUCTICON.exe O90 - PUC: "E7FF67E4ABEA78C47B88DC745E24B5D9" . (.Skype™ 6.1.) -- C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O90 - PUC: "E873E3303DA65DA4DBBEBC6DB91340C6" . (.Microsoft_VC90_ATL_x86.) -- C:\Windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe O90 - PUC: "EC04910D3DB885244B2E241F58EA9186" . (.Plus de 200 000 Cliparts et Photos.) -- C:\Windows\Installer\{D01940CE-8BD3-4258-B4E2-42F185AE1968}\ARPPRODUCTICON.exe O90 - PUC: "EEC96D522EE3DF74A9E0053142E09C35" . (.CorelDRAW Graphics Suite X6 - Common.) -- C:\Windows\Installer\{25D69CEE-3EE2-47FD-9A0E-5013240EC953}\ARPPRODUCTICON.exe O90 - PUC: "F81B066921CEFD110B6000313D6D9992" . (.Sound Forge Pro 10.0.) -- C:\Windows\Installer\{9660B18F-EC12-11DF-B006-0013D3D69929}\forge.ico ~ Scan Files in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 09/02/2013 251248 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 18/08/2009 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - D:\OUTILS\Avast\AvastSvc.exe SR - | Auto 30/07/2012 6956504 | (DisplayLinkService) . (.DisplayLink Corp..) - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe SS - | Auto 29/10/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 29/10/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 25/10/2010 145920 | (HP LaserJet Service) . (.HP.) - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe SR - | Auto 05/07/2011 1955520 | (LEC TranslateDotNet Server) . (.Language Engineering Corporation, LLC.) - D:\BUREAUTIQUE\Power Translator 15\LogoMedia TranslateDotNet Server.exe SS - | Demand 24/10/2012 115168 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SR - | Auto 08/09/2011 5554552 | (TabletServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe SR - | Auto 08/09/2011 451960 | (TouchServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Scan Services in 00mn 00s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by bantuman at 22/02/2013 21:42:25 device: opened successfully user: MBR read successfully Disk trace: kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by bantuman at 22/02/2013 21:42:27 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 04s End of the scan (1499 lines in 08mn 32s)(4)